UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Select Git revision
  • update-gitlab-tag-8.10.1-bb.0
  • update-nexus-tag-77.1.0-bb.0
  • update-elasticsearch-kibana-tag-1.28.0-bb.2
  • 2623-remove-holocron-from-bb-packages
  • update-fortify-tag-1.1.2320154-bb.23
  • update-elasticsearch-kibana-tag-1.28.0-bb.1
  • update-fortify-tag-1.1.2320154-bb.24
  • update-thanos-tag-15.9.1-bb.3
  • update-mimir-tag-5.5.1-bb.11
  • update-kyverno-reporter-tag-3.0.3-bb.1
  • update-velero-tag-8.4.0-bb.1
  • master default protected
  • update-twistlock-tag-0.19.0-bb.5
  • update-grafana-tag-8.10.4-bb.1
  • update-fluentbit-tag-0.48.9-bb.0
  • update-kiali-tag-2.6.0-bb.1
  • test-nexus
  • TEST-ONLY-DO-NOT_MERGE-Kyvern0-test
  • update-nexus-tag-77.1.0-bb.1
  • update-elasticsearch-kibana-tag-1.28.0-bb.0
  • 2.49.0 protected
  • 2.49.0-rc.2 protected
  • 2.49.0-rc.1 protected
  • 2.49.0-rc.0 protected
  • 2.48.0 protected
  • 2.48.0-rc.4 protected
  • 2.48.0-rc.3 protected
  • 2.48.0-rc.2 protected
  • 2.48.0-rc.1 protected
  • 2.47.0 protected
  • 2.47.0-rc.2 protected
  • 2.47.0-rc.1 protected
  • 2.47.0-rc.0 protected
  • 2.46.0 protected
  • 2.46.0-rc.0 protected
  • 2.45.1 protected
  • 2.45.1-rc.0 protected
  • 2.45.0 protected
  • 2.45.0-rc.0 protected
  • 2.44.0 protected
40 results
Blame Permalink
1
values.yaml 4.64 KiB 
{{- $monitoringInjection := dig "istio" "injection" "enabled" .Values.monitoring }}
{{- if and .Values.istio.enabled .Values.monitoring.sso.enabled (eq $monitoringInjection "disabled") }}
{{- include "values-secret" (dict "root" $ "package" .Values.addons.haproxy "name" "haproxy-sso" "defaults" (include "bigbang.defaults.haproxy-sso" .)) }}
{{- end }}

{{- define "bigbang.defaults.haproxy-sso" -}}
# hostname is deprecated and replaced with domain. But if hostname exists then use it.
{{- $domainName := default .Values.domain .Values.hostname }}
hostname: {{ $domainName }}
domain: {{ $domainName }}

istio:
  gateway: {{ default "public" .Values.addons.haproxy.ingress.gateway }}

{{- $haproxyAuthserviceKey := (dig "selector" "key" "protect" .Values.addons.authservice.values) }}
{{- $haproxyAuthserviceValue := (dig "selector" "value" "keycloak" .Values.addons.authservice.values) }}
podLabels:
  {{ $haproxyAuthserviceKey }}: {{ $haproxyAuthserviceValue }}
config: |
  global
    maxconn 1024
    daemon
    log stdout format raw local0 info
  defaults
    log global
    mode http
    option httplog
    timeout client 60s
    timeout connect 60s
    timeout server 60s
  frontend fe_main
    # Create custom headers as temporary holding places for info
    http-request set-header X-Scheme http if !{ ssl_fc }
    http-request set-header X-Scheme https if { ssl_fc }
    http-request set-header X-TraceId %[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]
    http-request set-header X-SegmentId0 %[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]
    http-request set-header X-SegmentId1 %[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]
    http-request set-header X-SegmentId2 %[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]
    http-request set-header X-SegmentId3 %[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]
    http-request set-header X-SegmentId4 %[rand,hex,bytes(8,8),lower]%[rand,hex,bytes(8,8),lower]

    # Declare capture slots for logging headers
    declare capture request len 512
    http-request capture req.fhdr(User-Agent) id 0

    declare capture request len 5
    http-request capture req.hdr(X-Scheme) id 1

    declare capture request len 512
    http-request capture req.hdr(Host) id 2

    declare capture request len 24
    http-request capture req.hdr(X-TraceId) id 3

    declare capture request len 16
    http-request capture req.hdr(X-SegmentId0) id 4

    declare capture request len 16
    http-request capture req.hdr(X-SegmentId1) id 5

    declare capture request len 16
    http-request capture req.hdr(X-SegmentId2) id 6

    declare capture request len 16
    http-request capture req.hdr(X-SegmentId3) id 7

    declare capture request len 16
    http-request capture req.hdr(X-SegmentId4) id 8

    declare capture response len 8

UNCLASSIFIED - NO CUI