updating values.yaml

8ba53222 · Ronnie Webb · 244b5d74 · 8ba53222
Commit 8ba53222 authored 3 years ago by Ronnie Webb
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -74,8 +74,9 @@ sso:
  # -- OIDC auth URL template string (to be used as default)
  auth_url: "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/auth"

-  # -- ./templates/{application}/secret.ca.yaml secretName
+  # -- Kubernetes Secret containing the sso.certificate_authority value for SSO enabled application namespaces
  secretName: "tls-ca-sso"
+
 # -- (Advanced) Flux reconciliation parameters.
 # The default values provided will be sufficient for the majority of workloads.
 flux:
@@ -103,6 +104,10 @@ networkPolicies:
  # Must be an IP CIDR range (x.x.x.x/x - ideally with /32 for the specific IP of a single endpoint, broader range for multiple masters/endpoints)
  # Used by package NetworkPolicies to allow Kube API access
  controlPlaneCidr: 0.0.0.0/0
+  # -- Node CIDR, defaults to allowing "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16" "100.64.0.0/10" networks.
+  # use `kubectl get nodes -owide` and review the `INTERNAL-IP` column to derive CIDR range.
+  # Must be an IP CIDR range (x.x.x.x/x - ideally a /16 or /24 to include multiple IPs)
+  nodeCidr: ""

 # ----------------------------------------------------------------------------------------------------------------------
 # Istio
@@ -113,7 +118,7 @@ istio:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git
    path: "./chart"
-    tag: "1.10.4-bb.0"
+    tag: "1.10.4-bb.3"

  # Ingress gateways are created based on the key name.  Adding more keys will add ingress gateways.
  # Ingress gateways are setup in a Horizontal Pod Autoscaler with 1 to 5 replicas
@@ -227,7 +232,7 @@ kiali:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/kiali.git
    path: "./chart"
-    tag: "1.39.0-bb.0"
+    tag: "1.39.0-bb.2"

  # -- Flux reconciliation overrides specifically for the Kiali Package
  flux: {}
@@ -322,7 +327,7 @@ logging:
  sso:
    # -- Toggle OIDC SSO for Kibana/Elasticsearch on and off.
    # Enabling this option will auto-create any required secrets.
-    enabled: true
+    enabled: false

    # -- Elasticsearch/Kibana OIDC client ID
    client_id: ""
@@ -399,7 +404,7 @@ monitoring:

  sso:
    # -- Toggle SSO for monitoring components on and off
-    enabled: true
+    enabled: false
    prometheus:
      # -- Prometheus OIDC client ID
      client_id: ""
@@ -445,10 +450,7 @@ twistlock:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git
    path: "./chart"
-    tag: "0.0.8-bb.1"
-  sso:
-    enabled: true
-    client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-twistlock
+    tag: "0.0.9-bb.0"

  # -- Flux reconciliation overrides specifically for the Twistlock Package
  flux: {}
@@ -473,7 +475,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd.git
      path: "./chart"
-      tag: "3.6.8-bb.7"
+      tag: "3.6.8-bb.8"

    # -- Flux reconciliation overrides specifically for the ArgoCD Package
    flux: {}
@@ -517,7 +519,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice.git
      path: "./chart"
-      tag: "0.4.0-bb.15"
+      tag: "0.4.0-bb.17"

    # -- Flux reconciliation overrides specifically for the Authservice Package
    flux: {}
@@ -540,7 +542,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git
      path: "./chart"
-      tag: "4.1.2-bb.3"
+      tag: "4.2.3-bb.1"

    # -- Flux reconciliation overrides specifically for the Minio Operator Package
    flux: {}
@@ -557,7 +559,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio.git
      path: "./chart"
-      tag: "4.1.2-bb.6"
+      tag: "4.2.3-bb.1"

    # -- Flux reconciliation overrides specifically for the Minio Package
    flux: {}
@@ -741,7 +743,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/sonarqube.git
      path: "./chart"
-      tag: "9.6.3-bb.0"
+      tag: "9.6.3-bb.1"

    # -- Flux reconciliation overrides specifically for the Sonarqube Package
    flux: {}
@@ -929,7 +931,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/collaboration-tools/mattermost.git
      path: "./chart"
-      tag: "0.2.0-bb.1"
+      tag: "0.2.0-bb.2"

    # -- Flux reconciliation overrides specifically for the Mattermost Package
    flux: {}
@@ -1056,7 +1058,7 @@ addons:
    git:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak.git
      path: "./chart"
-      tag: "11.0.1-bb.2"
+      tag: "11.0.1-bb.6"

    database:
      # -- Hostname of a pre-existing database to use for Keycloak.