diff --git a/chart/templates/vault/gitrepository.yaml b/chart/templates/vault/gitrepository.yaml
index f65f3ea3472925b6bf2a2c5869e1b3cae61b51e3..5080999e5d77aec217a71f4c7ebabb90b6e3ae54 100644
--- a/chart/templates/vault/gitrepository.yaml
+++ b/chart/templates/vault/gitrepository.yaml
@@ -1,4 +1,4 @@
-{{- if and (not .Values.offline) .Values.vault.enabled }}
+{{- if and (not .Values.offline) .Values.addons.vault.enabled }}
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: GitRepository
metadata:
@@ -10,9 +10,9 @@ metadata:
{{- include "commonLabels" . | nindent 4}}
spec:
interval: {{ .Values.flux.interval }}
- url: {{ .Values.vault.git.repo }}
+ url: {{ .Values.addons.vault.git.repo }}
ref:
- {{- include "validRef" .Values.vault.git | nindent 4 }}
+ {{- include "validRef" .Values.addons.vault.git | nindent 4 }}
{{ include "gitIgnore" . }}
{{- include "gitCreds" . | nindent 2 }}
{{- end }}
diff --git a/chart/templates/vault/imagepullsecret.yaml b/chart/templates/vault/imagepullsecret.yaml
index f6a067c6805cd9f5ab2923aa0d855aaf7ec3a90b..a12c41fd3cbd8e6631cc60ff22578f1a14ef43b2 100644
--- a/chart/templates/vault/imagepullsecret.yaml
+++ b/chart/templates/vault/imagepullsecret.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.vault.enabled }}
+{{- if .Values.addons.vault.enabled }}
{{- if ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
diff --git a/chart/templates/vault/values.yaml b/chart/templates/vault/values.yaml
index 3d7fd817c9bba7096716cefb6daba9058e2eb3cf..0ef7b43cc7a3517a58688e1508b199a4664e3a43 100644
--- a/chart/templates/vault/values.yaml
+++ b/chart/templates/vault/values.yaml
@@ -1,5 +1,5 @@
-{{- if .Values.vault.enabled }}
-{{- include "values-secret" (dict "root" $ "package" .Values.vault "name" "vault" "defaults" (include "bigbang.defaults.vault" .)) }}
+{{- if .Values.addons.vault.enabled }}
+{{- include "values-secret" (dict "root" $ "package" .Values.addons.vault "name" "vault" "defaults" (include "bigbang.defaults.vault" .)) }}
{{- end }}
{{- define "bigbang.defaults.vault" -}}
@@ -17,18 +17,11 @@ prometheus:
imagePullSecrets:
- name: private-registry
-networkPolicies:
- enabled: {{ .Values.networkPolicies.enabled }}
- ingressLabels:
- {{- $gateway := default "public" .Values.twistlock.ingress.gateway }}
- {{- $default := dict "app" (dig "gateways" $gateway "ingressGateway" nil .Values.istio) "istio" nil }}
- {{- toYaml (dig "values" "gateways" $gateway "selector" $default .Values.istio) | nindent 4 }}
- nodeCidr: {{ .Values.networkPolicies.nodeCidr }}
+
istio:
enabled: {{ .Values.istio.enabled }}
console:
gateways:
- - istio-system/{{ default "public" .Values.vault.ingress.gateway }}
-
+ - istio-system/public
{{- end -}}
diff --git a/chart/templates/vault/twistlock-helmrelease.yaml b/chart/templates/vault/vault-helmrelease.yaml
similarity index 86%
rename from chart/templates/vault/twistlock-helmrelease.yaml
rename to chart/templates/vault/vault-helmrelease.yaml
index 14e476fc10595935352c30b82d1207dc0397f1ff..901f3c13d58047e691e123414363feca723c64ba 100644
--- a/chart/templates/vault/twistlock-helmrelease.yaml
+++ b/chart/templates/vault/vault-helmrelease.yaml
@@ -1,5 +1,5 @@
-{{- $fluxSettingsVault := merge .Values.vault.flux .Values.flux -}}
-{{- if .Values.vault.enabled }}
+{{- $fluxSettingsVault := merge .Values.addons.vault.flux .Values.flux -}}
+{{- if .Values.addons.vault.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
@@ -13,7 +13,7 @@ spec:
targetNamespace: vault
chart:
spec:
- chart: {{ .Values.vault.git.path }}
+ chart: {{ .Values.addons.vault.git.path }}
interval: 5m
sourceRef:
kind: GitRepository
@@ -22,7 +22,7 @@ spec:
{{- toYaml $fluxSettingsVault | nindent 2 }}
- {{- if .Values.vault.postRenderers }}
+ {{- if .Values.addons.vault.postRenderers }}
postRenderers:
{{ toYaml .Values.vault.postRenderers | nindent 4 }}
{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index e9dc397c5b1c5bb3f035139a3fa77b3a49c2e550..d59c46d11e9fc1dea951c2cb1e7300dfc75e31ef 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -486,6 +486,21 @@ twistlock:
# ----------------------------------------------------------------------------------------------------------------------
#
addons:
+ vault:
+ # -- Toggle deployment of Vault.
+ enabled: true
+ git:
+ repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git
+ path: "./chart"
+ branch: "deploy-vault"
+ # -- Flux reconciliation overrides specifically for the Twistlock Package
+ flux: {}
+ ingress:
+ gateway: ""
+ values: {}
+ postRenderers: []
+
+
argocd:
# -- Toggle deployment of ArgoCD.
enabled: false
@@ -550,18 +565,6 @@ addons:
# -- Additional authservice chain configurations.
chains: {}
- # ----------------------------------------------------------------------------------------------------------------------
- # Vault
- #
- vault:
- # -- Toggle deployment of vault.
- enabled: true
- git:
- repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git
- path: "./chart"
- branch: "deploy-vault"
- # ----------------------------------------------------------------------------------------------------------------------
-
# ----------------------------------------------------------------------------------------------------------------------
# Minio Operator and Instance
#
diff --git a/tests/test-values.yaml b/tests/test-values.yaml
index 1e7216c778dba39aed10827ff19cc84527f33dbc..1691f4e0ca553f51ec30b4c0954f28441bc65f6f 100644
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
@@ -360,6 +360,8 @@ twistlock:
# Addons are toggled based on labels in CI
addons:
+ vault:
+ enabled: true
argocd:
enabled: false
sso: