diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 22ef5791f656b26e61cb3b2f7598113f741eb9a3..a5fcd7d036d997505fdded26f5152464f753dbf4 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -71,9 +71,9 @@ Follow the [Big Bang documentation](./docs) for testing a full deployment of Big
## DNS
-To ease with local development, the TLD `bigbang.dev` is maintained by the Big Bang team with the CNAME record:
+To ease with local development, the TLD `dev.bigbang.mil` is maintained by the Platform One team with the CNAME record:
-`CNAME: *.bigbang.dev -> 127.0.0.1`
+`CNAME: *.dev.bigbang.mil -> cluster.local`
All routable endpoints BigBang deploys will use the TLD of `bigbang.dev` by default. It is expected that consumers modify this appropriately for their environment.
diff --git a/chart/ingress-certs.yaml b/chart/ingress-certs.yaml
index a22b585e0079d47841701f6931c0c74b4f9b1ba0..5d3b5f2bd515ad66fa470ad45af9c5bf6e122184 100644
--- a/chart/ingress-certs.yaml
+++ b/chart/ingress-certs.yaml
@@ -4,62 +4,35 @@ istio:
tls:
key: |
-----BEGIN PRIVATE KEY-----
- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDA7Om8ugAzABBV
- kJGcxmDBv66V1h5BuOyDXK8MAGg92My5W1eEUGjVnUlvU95u5F8XZi9K2BxAdh+T
- nAiK6xVIy4TE0CNXbgxTLqHAfhEkYE+MjrMfcJwLGv2nR8mk7ue/+39UzB/Q+oml
- vScwP2clLmg9JvfvRgKkMPOZotbPQ4Tjl094qB3jcbjoEwOzfVgnX4J0r1w1YguB
- l+RnbUYN59WAmhwYCEgeV7iGXgo7Ut+wfBODxK/dLeR8xyZ9dSp60hWB6GxrUVla
- /NBdJlXNHVs5HetZ3djDA+q73fOGX4UdielsIKLGcG8Luzbn1mDAcHNi31q8jwNg
- lHN8Jf8pAgMBAAECggEAPMAdljVH7MdfXWJJyAFb5IbUlhA3tOBjcbYU1QWnzZng
- VZnixCKB8Io33pudVnQJUZf22m2U7+OCa/vdYMlICYU0yLj1+AkKToNHohLQmRDO
- 2+bvlr3iFUkpiKx9XbdxOK4cWXpxpl/OSmd22KWOeFHVtzP3LNxx5nwXqVByrg77
- s60QdggaQaK3k+sYwP6WR9DSSKy6b4+ZQZfpU4cnJp02aP89VPghq0NPiak2s9vF
- bLIsOFv3tAbXlH53EoAA0H9yInIEFAThYGbJ/H6WTfRK6K+BYNPbV+fG6EruaMcE
- TvfiJZTo+Yrr+EDOlSkVabeMjgTZ/lKxJypLWrJpdQKBgQDq2MwCaZopdMGQIOoU
- ig8Cvw22nw4Yhf3skTbRWFQvrT45J2H4acu4i8HjVlZONIK+uHARn/wUhJk8EwXk
- MwGAlSKCsdxqcYT+aNpFk8JC0NuL1lm/1GymDPymg7JLRJODhh4KOqOyauzf2rXT
- po5QSBNJsvgUydhFE3bdWX3l6wKBgQDSTXkw9ePvkqmk4ZLwLYuRjcsgmnuzcyCt
- ezmnFMxd+BwIhETGoPt9O7bIXH4Sn9WCTe5ZKgFlTEStCTT9W3ISaiq/D/SBny5T
- A/71xoStPvzwlOOte7np3CjZUCa2He3VVLrwdIX//pPgugxi2JaXuSroPoR+KjrM
- 0RX2ohuGOwKBgCxgiyxpiBgNWAZEMfdvnyaFs7GunJtFtpXdWt50MnRP6FIkfv7R
- /w0AW8L5rZVZltszPvoVoSy/YbVYYuScPsxtYfgQY/Y5PUhVx+kd4rd9f/8Moij9
- mwpFqfhNKoPOkZFo5oRIUGaGjfw+99zmvD2vYPWsO/Sxr4xeATgSkRfBAoGAFsRq
- ZWGJbqtLEF2XYcccgAKAxiPTVocVN5LKmAsJYPb2Wfmv1G0jLNilHiXdRDjnjXbQ
- YfjJM+VA3hbMFM2smM/DlvGsP8gy5KvfE06NmI/kJEuKJoLpiqbaCUTDHB47XEgT
- AOssgp1V9xNNOfpGu2BBg+kYwOvjd77/CLdeEXcCgYB/EFT+uvX1caBhQG+xuI00
- nlIP5D0Umiq1GqZHkhPx80r7Y+ZT/6Uo+c0hXTV3o/lYtf9cNG5eq8/CExlx9xHu
- +DN8cT9RroSV72HrCmdddG+ioNLVpATmt+9LN7+xoam9eNhI7U3Lj+IEZpb0+bY+
- JNa/SznHzX4gm2ZF+Uk1Jg==
+ MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgz8nZaiDQFEfC4xQS
+ 1iKZsz/reXaurmjl+GJ81E76RvihRANCAATBRdcjcSCOAjbwVdgoJn/zcpbcHjH3
+ lL7R2T87HPPBSgJJ5wEOZb7fmBo1VH0mXyoMUjlS5HrCcHTx8nja7i6E
-----END PRIVATE KEY-----
cert: |
-----BEGIN CERTIFICATE-----
- MIIE5zCCA8+gAwIBAgISBPd2SMj8TcULWhpYktwvKvAzMA0GCSqGSIb3DQEBCwUA
+ MIIEJDCCAwygAwIBAgISA9IlqPptjA+A2LGpmxYnbG+3MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
- EwJSMzAeFw0yNDAyMDgxNjQ1MjZaFw0yNDA1MDgxNjQ1MjVaMBgxFjAUBgNVBAMM
- DSouYmlnYmFuZy5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA
- 7Om8ugAzABBVkJGcxmDBv66V1h5BuOyDXK8MAGg92My5W1eEUGjVnUlvU95u5F8X
- Zi9K2BxAdh+TnAiK6xVIy4TE0CNXbgxTLqHAfhEkYE+MjrMfcJwLGv2nR8mk7ue/
- +39UzB/Q+omlvScwP2clLmg9JvfvRgKkMPOZotbPQ4Tjl094qB3jcbjoEwOzfVgn
- X4J0r1w1YguBl+RnbUYN59WAmhwYCEgeV7iGXgo7Ut+wfBODxK/dLeR8xyZ9dSp6
- 0hWB6GxrUVla/NBdJlXNHVs5HetZ3djDA+q73fOGX4UdielsIKLGcG8Luzbn1mDA
- cHNi31q8jwNglHN8Jf8pAgMBAAGjggIPMIICCzAOBgNVHQ8BAf8EBAMCBaAwHQYD
- VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
- BBYEFAxRbbf++CwbYE+BsSAVhn1G20bKMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
- QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
- Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
- MBgGA1UdEQQRMA+CDSouYmlnYmFuZy5kZXYwEwYDVR0gBAwwCjAIBgZngQwBAgEw
- ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwCi4r/WHt4vLweg1k5tN6fcZUOwxrUu
- otq3iviabfUX2AAAAY2J0w+hAAAEAwBIMEYCIQCvSrRYk6SImhm8lGtVrjk9eoMz
- 6AMzpF5Dr3CtPc1PugIhAJ4327ZUxTNxazy69l/dKrDyPa6Ah34LG/SbPCk+iCTl
- AHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGNidMPowAABAMA
- RjBEAiBJ2yogCWBVkYTeFDeb0Db97n60ryK64LKIXSkaZybnpQIgb6WTvjlhup7A
- 99uVtvhOLvQbTt07jpKwMuXuwZdTHHYwDQYJKoZIhvcNAQELBQADggEBAIIm9MaG
- FIhtylh+ZgsLPsPqsC8bja5eMASw1Xg/D6Vp3moht2YugXHd/Y5lk4nRDsuEyFem
- dDGLVt8S63sbOGjeiwsOSVaWgifW8tfg4yeutFHjlL1VFnQ9TVy7VVblVV89qAVa
- bUDINkdk7zD3l3CG6vuK51aqlQDRW5f2zKKekmWRjVL7KsGPQk6i4imhKI7LVddp
- CuY7mZ2e/yYhhAAb7o7OKg7aN9ppL4KJpCfSSNVwwaJOJ4NN8Atu1PqVpDy0Czp9
- vqo67CeR2q6J3LZqF8zDR40ZGExEsHrMIlUYTSNgUZW71KWte2nHd1mkY84Bork8
- IDY1ZhhEAgxUqM4=
+ EwJSMzAeFw0yNDAzMTIxNDQ0MjlaFw0yNDA2MTAxNDQ0MjhaMBwxGjAYBgNVBAMM
+ ESouZGV2LmJpZ2JhbmcubWlsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwUXX
+ I3EgjgI28FXYKCZ/83KW3B4x95S+0dk/OxzzwUoCSecBDmW+35gaNVR9Jl8qDFI5
+ UuR6wnB08fJ42u4uhKOCAhMwggIPMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+ BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsr3x
+ kbt/5r9w+J64V5XtjtHVPhEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
+ wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
+ ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHAYDVR0R
+ BBUwE4IRKi5kZXYuYmlnYmFuZy5taWwwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEE
+ BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3
+ iviabfUX2AAAAY4zVixWAAAEAwBHMEUCIQC8pCmi3Si/6U0fdo6AOuPsKpvH+MQQ
+ 9sOTmaYR83oLOwIgHPHwXmBOi9HaB8fqih4F+WGc+UG/q1qxHJ5zoqNI42AAdgB2
+ /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY4zViyNAAAEAwBHMEUC
+ IFhzx0NxSyc10PAc0XxqrMdgRx67SxIf/b4t3gATdVoHAiEA8ZMJ4TlrX/3wauBE
+ LVsj48aVuMwoGrt4pXiDaZcNVQIwDQYJKoZIhvcNAQELBQADggEBAIvsZv5zwrPu
+ JufHVboNsomdEqEZPm/JZRZXUQZgIjwDwCYMEv5/BJwt5DPl+2P2+LIirL4c2DYg
+ X4aOV3iIIW/Sx+GsxmDZBa9YyBpIezhU90EyL5aI4eX0P0uTyxlwIdG2H9DSLcxe
+ gZlhfJP+oA4IYBktR+BRZKy1enQvxSpRC9iLxekCVzQxbIJYSJDQ7QSoNqnk1AT5
+ mvWv0sGV4QeVLmQlVCtG8GMEX0H08zt4I7DCcB6CF1PX+ds8ILlDa7D8MQ+1e0L0
+ Y5yCj/xRzeVQYiyjD2xbLfMMFSU2Ft+RIBU29cHqrfZbuv13UwWPyOMrgPLyPr/K
+ +gMOWCwSfRo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
@@ -91,99 +64,41 @@ istio:
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
- -----BEGIN CERTIFICATE-----
- MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
- MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
- DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
- TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
- cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
- AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
- ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
- wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
- LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
- 4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
- bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
- sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
- Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
- FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
- SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
- PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
- TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
- SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
- c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
- +tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
- ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
- b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
- U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
- MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
- 5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
- 9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
- WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
- he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
- Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
- -----END CERTIFICATE-----
addons:
keycloak:
ingress:
key: |
-----BEGIN PRIVATE KEY-----
- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDA7Om8ugAzABBV
- kJGcxmDBv66V1h5BuOyDXK8MAGg92My5W1eEUGjVnUlvU95u5F8XZi9K2BxAdh+T
- nAiK6xVIy4TE0CNXbgxTLqHAfhEkYE+MjrMfcJwLGv2nR8mk7ue/+39UzB/Q+oml
- vScwP2clLmg9JvfvRgKkMPOZotbPQ4Tjl094qB3jcbjoEwOzfVgnX4J0r1w1YguB
- l+RnbUYN59WAmhwYCEgeV7iGXgo7Ut+wfBODxK/dLeR8xyZ9dSp60hWB6GxrUVla
- /NBdJlXNHVs5HetZ3djDA+q73fOGX4UdielsIKLGcG8Luzbn1mDAcHNi31q8jwNg
- lHN8Jf8pAgMBAAECggEAPMAdljVH7MdfXWJJyAFb5IbUlhA3tOBjcbYU1QWnzZng
- VZnixCKB8Io33pudVnQJUZf22m2U7+OCa/vdYMlICYU0yLj1+AkKToNHohLQmRDO
- 2+bvlr3iFUkpiKx9XbdxOK4cWXpxpl/OSmd22KWOeFHVtzP3LNxx5nwXqVByrg77
- s60QdggaQaK3k+sYwP6WR9DSSKy6b4+ZQZfpU4cnJp02aP89VPghq0NPiak2s9vF
- bLIsOFv3tAbXlH53EoAA0H9yInIEFAThYGbJ/H6WTfRK6K+BYNPbV+fG6EruaMcE
- TvfiJZTo+Yrr+EDOlSkVabeMjgTZ/lKxJypLWrJpdQKBgQDq2MwCaZopdMGQIOoU
- ig8Cvw22nw4Yhf3skTbRWFQvrT45J2H4acu4i8HjVlZONIK+uHARn/wUhJk8EwXk
- MwGAlSKCsdxqcYT+aNpFk8JC0NuL1lm/1GymDPymg7JLRJODhh4KOqOyauzf2rXT
- po5QSBNJsvgUydhFE3bdWX3l6wKBgQDSTXkw9ePvkqmk4ZLwLYuRjcsgmnuzcyCt
- ezmnFMxd+BwIhETGoPt9O7bIXH4Sn9WCTe5ZKgFlTEStCTT9W3ISaiq/D/SBny5T
- A/71xoStPvzwlOOte7np3CjZUCa2He3VVLrwdIX//pPgugxi2JaXuSroPoR+KjrM
- 0RX2ohuGOwKBgCxgiyxpiBgNWAZEMfdvnyaFs7GunJtFtpXdWt50MnRP6FIkfv7R
- /w0AW8L5rZVZltszPvoVoSy/YbVYYuScPsxtYfgQY/Y5PUhVx+kd4rd9f/8Moij9
- mwpFqfhNKoPOkZFo5oRIUGaGjfw+99zmvD2vYPWsO/Sxr4xeATgSkRfBAoGAFsRq
- ZWGJbqtLEF2XYcccgAKAxiPTVocVN5LKmAsJYPb2Wfmv1G0jLNilHiXdRDjnjXbQ
- YfjJM+VA3hbMFM2smM/DlvGsP8gy5KvfE06NmI/kJEuKJoLpiqbaCUTDHB47XEgT
- AOssgp1V9xNNOfpGu2BBg+kYwOvjd77/CLdeEXcCgYB/EFT+uvX1caBhQG+xuI00
- nlIP5D0Umiq1GqZHkhPx80r7Y+ZT/6Uo+c0hXTV3o/lYtf9cNG5eq8/CExlx9xHu
- +DN8cT9RroSV72HrCmdddG+ioNLVpATmt+9LN7+xoam9eNhI7U3Lj+IEZpb0+bY+
- JNa/SznHzX4gm2ZF+Uk1Jg==
+ MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgz8nZaiDQFEfC4xQS
+ 1iKZsz/reXaurmjl+GJ81E76RvihRANCAATBRdcjcSCOAjbwVdgoJn/zcpbcHjH3
+ lL7R2T87HPPBSgJJ5wEOZb7fmBo1VH0mXyoMUjlS5HrCcHTx8nja7i6E
-----END PRIVATE KEY-----
cert: |
-----BEGIN CERTIFICATE-----
- MIIE5zCCA8+gAwIBAgISBPd2SMj8TcULWhpYktwvKvAzMA0GCSqGSIb3DQEBCwUA
+ MIIEJDCCAwygAwIBAgISA9IlqPptjA+A2LGpmxYnbG+3MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
- EwJSMzAeFw0yNDAyMDgxNjQ1MjZaFw0yNDA1MDgxNjQ1MjVaMBgxFjAUBgNVBAMM
- DSouYmlnYmFuZy5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA
- 7Om8ugAzABBVkJGcxmDBv66V1h5BuOyDXK8MAGg92My5W1eEUGjVnUlvU95u5F8X
- Zi9K2BxAdh+TnAiK6xVIy4TE0CNXbgxTLqHAfhEkYE+MjrMfcJwLGv2nR8mk7ue/
- +39UzB/Q+omlvScwP2clLmg9JvfvRgKkMPOZotbPQ4Tjl094qB3jcbjoEwOzfVgn
- X4J0r1w1YguBl+RnbUYN59WAmhwYCEgeV7iGXgo7Ut+wfBODxK/dLeR8xyZ9dSp6
- 0hWB6GxrUVla/NBdJlXNHVs5HetZ3djDA+q73fOGX4UdielsIKLGcG8Luzbn1mDA
- cHNi31q8jwNglHN8Jf8pAgMBAAGjggIPMIICCzAOBgNVHQ8BAf8EBAMCBaAwHQYD
- VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
- BBYEFAxRbbf++CwbYE+BsSAVhn1G20bKMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
- QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
- Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
- MBgGA1UdEQQRMA+CDSouYmlnYmFuZy5kZXYwEwYDVR0gBAwwCjAIBgZngQwBAgEw
- ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwCi4r/WHt4vLweg1k5tN6fcZUOwxrUu
- otq3iviabfUX2AAAAY2J0w+hAAAEAwBIMEYCIQCvSrRYk6SImhm8lGtVrjk9eoMz
- 6AMzpF5Dr3CtPc1PugIhAJ4327ZUxTNxazy69l/dKrDyPa6Ah34LG/SbPCk+iCTl
- AHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGNidMPowAABAMA
- RjBEAiBJ2yogCWBVkYTeFDeb0Db97n60ryK64LKIXSkaZybnpQIgb6WTvjlhup7A
- 99uVtvhOLvQbTt07jpKwMuXuwZdTHHYwDQYJKoZIhvcNAQELBQADggEBAIIm9MaG
- FIhtylh+ZgsLPsPqsC8bja5eMASw1Xg/D6Vp3moht2YugXHd/Y5lk4nRDsuEyFem
- dDGLVt8S63sbOGjeiwsOSVaWgifW8tfg4yeutFHjlL1VFnQ9TVy7VVblVV89qAVa
- bUDINkdk7zD3l3CG6vuK51aqlQDRW5f2zKKekmWRjVL7KsGPQk6i4imhKI7LVddp
- CuY7mZ2e/yYhhAAb7o7OKg7aN9ppL4KJpCfSSNVwwaJOJ4NN8Atu1PqVpDy0Czp9
- vqo67CeR2q6J3LZqF8zDR40ZGExEsHrMIlUYTSNgUZW71KWte2nHd1mkY84Bork8
- IDY1ZhhEAgxUqM4=
+ EwJSMzAeFw0yNDAzMTIxNDQ0MjlaFw0yNDA2MTAxNDQ0MjhaMBwxGjAYBgNVBAMM
+ ESouZGV2LmJpZ2JhbmcubWlsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwUXX
+ I3EgjgI28FXYKCZ/83KW3B4x95S+0dk/OxzzwUoCSecBDmW+35gaNVR9Jl8qDFI5
+ UuR6wnB08fJ42u4uhKOCAhMwggIPMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+ BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsr3x
+ kbt/5r9w+J64V5XtjtHVPhEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
+ wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
+ ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHAYDVR0R
+ BBUwE4IRKi5kZXYuYmlnYmFuZy5taWwwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEE
+ BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3
+ iviabfUX2AAAAY4zVixWAAAEAwBHMEUCIQC8pCmi3Si/6U0fdo6AOuPsKpvH+MQQ
+ 9sOTmaYR83oLOwIgHPHwXmBOi9HaB8fqih4F+WGc+UG/q1qxHJ5zoqNI42AAdgB2
+ /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY4zViyNAAAEAwBHMEUC
+ IFhzx0NxSyc10PAc0XxqrMdgRx67SxIf/b4t3gATdVoHAiEA8ZMJ4TlrX/3wauBE
+ LVsj48aVuMwoGrt4pXiDaZcNVQIwDQYJKoZIhvcNAQELBQADggEBAIvsZv5zwrPu
+ JufHVboNsomdEqEZPm/JZRZXUQZgIjwDwCYMEv5/BJwt5DPl+2P2+LIirL4c2DYg
+ X4aOV3iIIW/Sx+GsxmDZBa9YyBpIezhU90EyL5aI4eX0P0uTyxlwIdG2H9DSLcxe
+ gZlhfJP+oA4IYBktR+BRZKy1enQvxSpRC9iLxekCVzQxbIJYSJDQ7QSoNqnk1AT5
+ mvWv0sGV4QeVLmQlVCtG8GMEX0H08zt4I7DCcB6CF1PX+ds8ILlDa7D8MQ+1e0L0
+ Y5yCj/xRzeVQYiyjD2xbLfMMFSU2Ft+RIBU29cHqrfZbuv13UwWPyOMrgPLyPr/K
+ +gMOWCwSfRo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
@@ -215,97 +130,39 @@ addons:
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
- -----BEGIN CERTIFICATE-----
- MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
- MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
- DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
- TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
- cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
- AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
- ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
- wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
- LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
- 4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
- bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
- sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
- Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
- FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
- SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
- PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
- TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
- SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
- c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
- +tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
- ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
- b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
- U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
- MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
- 5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
- 9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
- WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
- he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
- Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
- -----END CERTIFICATE-----
vault:
ingress:
key: |
-----BEGIN PRIVATE KEY-----
- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDA7Om8ugAzABBV
- kJGcxmDBv66V1h5BuOyDXK8MAGg92My5W1eEUGjVnUlvU95u5F8XZi9K2BxAdh+T
- nAiK6xVIy4TE0CNXbgxTLqHAfhEkYE+MjrMfcJwLGv2nR8mk7ue/+39UzB/Q+oml
- vScwP2clLmg9JvfvRgKkMPOZotbPQ4Tjl094qB3jcbjoEwOzfVgnX4J0r1w1YguB
- l+RnbUYN59WAmhwYCEgeV7iGXgo7Ut+wfBODxK/dLeR8xyZ9dSp60hWB6GxrUVla
- /NBdJlXNHVs5HetZ3djDA+q73fOGX4UdielsIKLGcG8Luzbn1mDAcHNi31q8jwNg
- lHN8Jf8pAgMBAAECggEAPMAdljVH7MdfXWJJyAFb5IbUlhA3tOBjcbYU1QWnzZng
- VZnixCKB8Io33pudVnQJUZf22m2U7+OCa/vdYMlICYU0yLj1+AkKToNHohLQmRDO
- 2+bvlr3iFUkpiKx9XbdxOK4cWXpxpl/OSmd22KWOeFHVtzP3LNxx5nwXqVByrg77
- s60QdggaQaK3k+sYwP6WR9DSSKy6b4+ZQZfpU4cnJp02aP89VPghq0NPiak2s9vF
- bLIsOFv3tAbXlH53EoAA0H9yInIEFAThYGbJ/H6WTfRK6K+BYNPbV+fG6EruaMcE
- TvfiJZTo+Yrr+EDOlSkVabeMjgTZ/lKxJypLWrJpdQKBgQDq2MwCaZopdMGQIOoU
- ig8Cvw22nw4Yhf3skTbRWFQvrT45J2H4acu4i8HjVlZONIK+uHARn/wUhJk8EwXk
- MwGAlSKCsdxqcYT+aNpFk8JC0NuL1lm/1GymDPymg7JLRJODhh4KOqOyauzf2rXT
- po5QSBNJsvgUydhFE3bdWX3l6wKBgQDSTXkw9ePvkqmk4ZLwLYuRjcsgmnuzcyCt
- ezmnFMxd+BwIhETGoPt9O7bIXH4Sn9WCTe5ZKgFlTEStCTT9W3ISaiq/D/SBny5T
- A/71xoStPvzwlOOte7np3CjZUCa2He3VVLrwdIX//pPgugxi2JaXuSroPoR+KjrM
- 0RX2ohuGOwKBgCxgiyxpiBgNWAZEMfdvnyaFs7GunJtFtpXdWt50MnRP6FIkfv7R
- /w0AW8L5rZVZltszPvoVoSy/YbVYYuScPsxtYfgQY/Y5PUhVx+kd4rd9f/8Moij9
- mwpFqfhNKoPOkZFo5oRIUGaGjfw+99zmvD2vYPWsO/Sxr4xeATgSkRfBAoGAFsRq
- ZWGJbqtLEF2XYcccgAKAxiPTVocVN5LKmAsJYPb2Wfmv1G0jLNilHiXdRDjnjXbQ
- YfjJM+VA3hbMFM2smM/DlvGsP8gy5KvfE06NmI/kJEuKJoLpiqbaCUTDHB47XEgT
- AOssgp1V9xNNOfpGu2BBg+kYwOvjd77/CLdeEXcCgYB/EFT+uvX1caBhQG+xuI00
- nlIP5D0Umiq1GqZHkhPx80r7Y+ZT/6Uo+c0hXTV3o/lYtf9cNG5eq8/CExlx9xHu
- +DN8cT9RroSV72HrCmdddG+ioNLVpATmt+9LN7+xoam9eNhI7U3Lj+IEZpb0+bY+
- JNa/SznHzX4gm2ZF+Uk1Jg==
+ MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgz8nZaiDQFEfC4xQS
+ 1iKZsz/reXaurmjl+GJ81E76RvihRANCAATBRdcjcSCOAjbwVdgoJn/zcpbcHjH3
+ lL7R2T87HPPBSgJJ5wEOZb7fmBo1VH0mXyoMUjlS5HrCcHTx8nja7i6E
-----END PRIVATE KEY-----
cert: |
-----BEGIN CERTIFICATE-----
- MIIE5zCCA8+gAwIBAgISBPd2SMj8TcULWhpYktwvKvAzMA0GCSqGSIb3DQEBCwUA
+ MIIEJDCCAwygAwIBAgISA9IlqPptjA+A2LGpmxYnbG+3MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
- EwJSMzAeFw0yNDAyMDgxNjQ1MjZaFw0yNDA1MDgxNjQ1MjVaMBgxFjAUBgNVBAMM
- DSouYmlnYmFuZy5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA
- 7Om8ugAzABBVkJGcxmDBv66V1h5BuOyDXK8MAGg92My5W1eEUGjVnUlvU95u5F8X
- Zi9K2BxAdh+TnAiK6xVIy4TE0CNXbgxTLqHAfhEkYE+MjrMfcJwLGv2nR8mk7ue/
- +39UzB/Q+omlvScwP2clLmg9JvfvRgKkMPOZotbPQ4Tjl094qB3jcbjoEwOzfVgn
- X4J0r1w1YguBl+RnbUYN59WAmhwYCEgeV7iGXgo7Ut+wfBODxK/dLeR8xyZ9dSp6
- 0hWB6GxrUVla/NBdJlXNHVs5HetZ3djDA+q73fOGX4UdielsIKLGcG8Luzbn1mDA
- cHNi31q8jwNglHN8Jf8pAgMBAAGjggIPMIICCzAOBgNVHQ8BAf8EBAMCBaAwHQYD
- VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
- BBYEFAxRbbf++CwbYE+BsSAVhn1G20bKMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
- QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
- Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
- MBgGA1UdEQQRMA+CDSouYmlnYmFuZy5kZXYwEwYDVR0gBAwwCjAIBgZngQwBAgEw
- ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwCi4r/WHt4vLweg1k5tN6fcZUOwxrUu
- otq3iviabfUX2AAAAY2J0w+hAAAEAwBIMEYCIQCvSrRYk6SImhm8lGtVrjk9eoMz
- 6AMzpF5Dr3CtPc1PugIhAJ4327ZUxTNxazy69l/dKrDyPa6Ah34LG/SbPCk+iCTl
- AHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGNidMPowAABAMA
- RjBEAiBJ2yogCWBVkYTeFDeb0Db97n60ryK64LKIXSkaZybnpQIgb6WTvjlhup7A
- 99uVtvhOLvQbTt07jpKwMuXuwZdTHHYwDQYJKoZIhvcNAQELBQADggEBAIIm9MaG
- FIhtylh+ZgsLPsPqsC8bja5eMASw1Xg/D6Vp3moht2YugXHd/Y5lk4nRDsuEyFem
- dDGLVt8S63sbOGjeiwsOSVaWgifW8tfg4yeutFHjlL1VFnQ9TVy7VVblVV89qAVa
- bUDINkdk7zD3l3CG6vuK51aqlQDRW5f2zKKekmWRjVL7KsGPQk6i4imhKI7LVddp
- CuY7mZ2e/yYhhAAb7o7OKg7aN9ppL4KJpCfSSNVwwaJOJ4NN8Atu1PqVpDy0Czp9
- vqo67CeR2q6J3LZqF8zDR40ZGExEsHrMIlUYTSNgUZW71KWte2nHd1mkY84Bork8
- IDY1ZhhEAgxUqM4=
+ EwJSMzAeFw0yNDAzMTIxNDQ0MjlaFw0yNDA2MTAxNDQ0MjhaMBwxGjAYBgNVBAMM
+ ESouZGV2LmJpZ2JhbmcubWlsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwUXX
+ I3EgjgI28FXYKCZ/83KW3B4x95S+0dk/OxzzwUoCSecBDmW+35gaNVR9Jl8qDFI5
+ UuR6wnB08fJ42u4uhKOCAhMwggIPMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+ BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsr3x
+ kbt/5r9w+J64V5XtjtHVPhEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
+ wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
+ ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHAYDVR0R
+ BBUwE4IRKi5kZXYuYmlnYmFuZy5taWwwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEE
+ BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3
+ iviabfUX2AAAAY4zVixWAAAEAwBHMEUCIQC8pCmi3Si/6U0fdo6AOuPsKpvH+MQQ
+ 9sOTmaYR83oLOwIgHPHwXmBOi9HaB8fqih4F+WGc+UG/q1qxHJ5zoqNI42AAdgB2
+ /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY4zViyNAAAEAwBHMEUC
+ IFhzx0NxSyc10PAc0XxqrMdgRx67SxIf/b4t3gATdVoHAiEA8ZMJ4TlrX/3wauBE
+ LVsj48aVuMwoGrt4pXiDaZcNVQIwDQYJKoZIhvcNAQELBQADggEBAIvsZv5zwrPu
+ JufHVboNsomdEqEZPm/JZRZXUQZgIjwDwCYMEv5/BJwt5DPl+2P2+LIirL4c2DYg
+ X4aOV3iIIW/Sx+GsxmDZBa9YyBpIezhU90EyL5aI4eX0P0uTyxlwIdG2H9DSLcxe
+ gZlhfJP+oA4IYBktR+BRZKy1enQvxSpRC9iLxekCVzQxbIJYSJDQ7QSoNqnk1AT5
+ mvWv0sGV4QeVLmQlVCtG8GMEX0H08zt4I7DCcB6CF1PX+ds8ILlDa7D8MQ+1e0L0
+ Y5yCj/xRzeVQYiyjD2xbLfMMFSU2Ft+RIBU29cHqrfZbuv13UwWPyOMrgPLyPr/K
+ +gMOWCwSfRo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
@@ -336,35 +193,4 @@ addons:
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
- -----END CERTIFICATE-----
- -----BEGIN CERTIFICATE-----
- MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
- MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
- DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
- TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
- cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
- AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
- ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
- wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
- LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
- 4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
- bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
- sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
- Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
- FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
- SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
- PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
- TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
- SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
- c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
- +tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
- ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
- b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
- U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
- MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
- 5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
- 9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
- WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
- he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
- Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
- -----END CERTIFICATE-----
+ -----END CERTIFICATE-----
\ No newline at end of file
diff --git a/chart/templates/minio-operator/values.yaml b/chart/templates/minio-operator/values.yaml
index 5829aded596173feb67b1377c03dc837e42a068f..90f90eb03404d9b42ad3922cb9569e2f6343b9b3 100644
--- a/chart/templates/minio-operator/values.yaml
+++ b/chart/templates/minio-operator/values.yaml
@@ -3,6 +3,11 @@
{{- end }}
{{- define "bigbang.defaults.minio-operator" -}}
+# hostname is deprecated and replaced with domain. But if hostname exists then use it.
+{{- $domainName := default .Values.domain .Values.hostname }}
+hostname: {{ $domainName }}
+domain: {{ $domainName }}
+
podAnnotations:
sidecar.istio.io/inject: "true"
traffic.sidecar.istio.io/includeInboundPorts: "*"
diff --git a/chart/values.yaml b/chart/values.yaml
index 16ec8744d4ae2aac76629a546c8306ed56a70376..9da6dd4090d8922f165c7278b0702e4bbe6bb833 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -1,5 +1,5 @@
# -- Domain used for BigBang created exposed services, can be overridden by individual packages.
-domain: bigbang.dev
+domain: dev.bigbang.mil
# -- (experimental) Toggle sourcing from external repos.
# All this does right now is toggle GitRepositories, it is _not_ fully functional
@@ -1767,11 +1767,11 @@ addons:
git:
repo: https://repo1.dso.mil/big-bang/product/packages/keycloak.git
path: "./chart"
- tag: "23.0.7-bb.1"
+ tag: "23.0.7-bb.2"
helmRepo:
repoName: "registry1"
chartName: "keycloak"
- tag: "23.0.7-bb.1"
+ tag: "23.0.7-bb.2"
database:
# -- Hostname of a pre-existing database to use for Keycloak.
diff --git a/docs/assets/configs/example/dev-sso-values.yaml b/docs/assets/configs/example/dev-sso-values.yaml
index 81625153e073ef70d3ff5d636a887088a1cb8d8c..4c15e337e946d4c0fb045fdb94974ae919af510f 100644
--- a/docs/assets/configs/example/dev-sso-values.yaml
+++ b/docs/assets/configs/example/dev-sso-values.yaml
@@ -1,113 +1,100 @@
-# Enables and configures sso for all packages using the test bigbang.dev clients:
+# Enables and configures sso for all packages using the test dev.bigbang.mil clients:
sso:
name: P1 SSO
# Entrust certificate authority for login.dso.mil
# do not use this CA with a Keycloak deployed with a different certificate authority
- # For example *.bigbang.dev because that certificate is issued by a different CA
+ # For example *.dev.bigbang.mil because that certificate is issued by a different CA
certificateAuthority:
cert: |
-----BEGIN CERTIFICATE-----
- MIIH0zCCBrugAwIBAgIQHeg1retyhPnWuzryBJeBvTANBgkqhkiG9w0BAQsFADCB
- ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
- H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
- MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
- A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
- MDEyMTUwMzE1MDJaFw0yMjAxMTQwMzE1MDJaMHMxCzAJBgNVBAYTAlVTMREwDwYD
- VQQIEwhDb2xvcmFkbzEZMBcGA1UEBxMQQ29sb3JhZG8gU3ByaW5nczEeMBwGA1UE
- ChMVRGVwYXJ0bWVudCBvZiBEZWZlbnNlMRYwFAYDVQQDEw1sb2dpbi5kc28ubWls
- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAymUXk7STDlepS5HJu0ca
- B57S5dfLp7zxYmcsGjo10YkHy3m9LASQCTyiioDrlwo2b+n8oZ7esGLv3RgggMwf
- xvLVyx1+lZDswxdQoXmjArTdbqpcSoq3Y1rvVp33/jGb3slBjQtcMt2QvaFv3fxy
- cwwINvJFEqsQS7zGUgpolJ3smKdcVpUSGZmzpYposuDlPUGeOJaQRMAACW5arWiT
- VkDhJD+OVOYEHW8uCQfghD3JJXu6Xp9SwlWe6UNOdxo9cq3s/XE4ZwEgffdLXP2A
- wuJF/7B7CFdZjIMptmOODyCeatC344iyubU0MiGCOm4W4wn0pQ0XJtAzWeYFKATL
- 9BquNOzPUR6pMSFMvIEiS96zbVFuOYt2XKgPryWEYji3Oky082WWYOcXt0NnqnCj
- SafVU+2fQi4jQ0att5YXagEEPz83lQZdSKb2+grDeFg78VrEZAe+Y0mVu4/G93he
- UOqfZ9jdCnFXq8sEMG9bJJFKeOXkb1Da8Y0amfOw4hFd4UslrbvC5ZCUZNh6roOk
- 8kast9QWtWFIGPC3f+Uq3gvx3GBHzIG9QPOq1CjSSAF3tWKuMTxK4zaS33mriJo0
- Dv1CMX3FCmjT/qG3422guBL02hbGHveDSWk0/saY7ZWFifxnvKEdOi4ItnpMuQhE
- zx6/+t7FWuzBTPAeVqV1l2sCAwEAAaOCAxkwggMVMAwGA1UdEwEB/wQCMAAwHQYD
- VR0OBBYEFCLwpnkje7QKLWok+nWIeBEnIGfmMB8GA1UdIwQYMBaAFIKicHTdvFM/
- z3vU981/p2DGCky/MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDov
- L29jc3AuZW50cnVzdC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVz
- dC5uZXQvbDFrLWNoYWluMjU2LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8v
- Y3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMCcGA1UdEQQgMB6CDWxvZ2luLmRz
- by5taWyCDWxvZ2luLmRzb3AuaW8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
- CCsGAQUFBwMBBggrBgEFBQcDAjBMBgNVHSAERTBDMDcGCmCGSAGG+mwKAQUwKTAn
- BggrBgEFBQcCARYbaHR0cHM6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAEC
- AjCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUAVhQGmi/XwuzT9eG9RLI+x0Z2
- ubyZEVzA75SYVdaJ0N0AAAF2ZGTpIwAABAMARjBEAiAK+W9ukx92DJPFV87LexEg
- /qDFTjtkiLh/z+mLmDtOwQIgUD4YrMuo22sV9MeJ8JmzraCQVdUUIprw4K4HN+eO
- 6W0AdwDfpV6raIJPH2yt7rhfTj5a6s2iEqRqXo47EsAgRFwqcwAAAXZkZOlKAAAE
- AwBIMEYCIQDRpvbR/GroWSGlCIh1q0RUITb8RfI4skqqBa/FeU811AIhAPlRY4lv
- DC2u9MFSEiCVeaFYJRU0xvAwmHQMtrl+IE4iAHYARqVV63X6kSAwtaKJafTzfREs
- QXS+/Um4havy/HD+bUcAAAF2ZGTrYAAABAMARzBFAiEAifP8Y0nXFBykaTyzpWpv
- E3FDi8NCQeJFRMJqD7loTjMCIHVDio7r+zANTbIdRLRRzHoNzo//xfJ0JUqejNRA
- aCpZMA0GCSqGSIb3DQEBCwUAA4IBAQB/wtYjDQiPLe99tZq98IyxOSJCli2mtlV9
- gSC67aj4rgW6g+C8P1bSoB5PamMq6rON5q0SXL3CQiQ7vegxCQnleDh0LWeKPFS2
- jjSIl3CvrYfBlNBzw4H1uAa/yw+enr0So8oX8kdSTBFGnU4KoK646lFZRXSifFIU
- zzQ9QYYedmiP0iKs5LDYGAOsB/w/O94+zv6qGKXA1fVzBXAD54MddqGk9mHZTSyL
- 6nsSTx4r8vCGQir7d2QuIGLD48zaYQz0TFcGKnBV3/9CB27RxJkRdMwUbMvNdp3C
- V+C2+jdR8xA/0qCnvSxHc1lTZgXxVkcu/wpqIBn3af5Ha8ddd0DU
+ MIIEJDCCAwygAwIBAgISA9IlqPptjA+A2LGpmxYnbG+3MA0GCSqGSIb3DQEBCwUA
+ MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
+ EwJSMzAeFw0yNDAzMTIxNDQ0MjlaFw0yNDA2MTAxNDQ0MjhaMBwxGjAYBgNVBAMM
+ ESouZGV2LmJpZ2JhbmcubWlsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwUXX
+ I3EgjgI28FXYKCZ/83KW3B4x95S+0dk/OxzzwUoCSecBDmW+35gaNVR9Jl8qDFI5
+ UuR6wnB08fJ42u4uhKOCAhMwggIPMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+ BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsr3x
+ kbt/5r9w+J64V5XtjtHVPhEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
+ wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
+ ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wHAYDVR0R
+ BBUwE4IRKi5kZXYuYmlnYmFuZy5taWwwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEE
+ BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3
+ iviabfUX2AAAAY4zVixWAAAEAwBHMEUCIQC8pCmi3Si/6U0fdo6AOuPsKpvH+MQQ
+ 9sOTmaYR83oLOwIgHPHwXmBOi9HaB8fqih4F+WGc+UG/q1qxHJ5zoqNI42AAdgB2
+ /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY4zViyNAAAEAwBHMEUC
+ IFhzx0NxSyc10PAc0XxqrMdgRx67SxIf/b4t3gATdVoHAiEA8ZMJ4TlrX/3wauBE
+ LVsj48aVuMwoGrt4pXiDaZcNVQIwDQYJKoZIhvcNAQELBQADggEBAIvsZv5zwrPu
+ JufHVboNsomdEqEZPm/JZRZXUQZgIjwDwCYMEv5/BJwt5DPl+2P2+LIirL4c2DYg
+ X4aOV3iIIW/Sx+GsxmDZBa9YyBpIezhU90EyL5aI4eX0P0uTyxlwIdG2H9DSLcxe
+ gZlhfJP+oA4IYBktR+BRZKy1enQvxSpRC9iLxekCVzQxbIJYSJDQ7QSoNqnk1AT5
+ mvWv0sGV4QeVLmQlVCtG8GMEX0H08zt4I7DCcB6CF1PX+ds8ILlDa7D8MQ+1e0L0
+ Y5yCj/xRzeVQYiyjD2xbLfMMFSU2Ft+RIBU29cHqrfZbuv13UwWPyOMrgPLyPr/K
+ +gMOWCwSfRo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
- MIIFDjCCA/agAwIBAgIMDulMwwAAAABR03eFMA0GCSqGSIb3DQEBCwUAMIG+MQsw
- CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl
- IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg
- RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD
- EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x
- NTEwMDUxOTEzNTZaFw0zMDEyMDUxOTQzNTZaMIG6MQswCQYDVQQGEwJVUzEWMBQG
- A1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5l
- dC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAt
- IGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRp
- ZmljYXRpb24gQXV0aG9yaXR5IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
- MIIBCgKCAQEA2j+W0E25L0Tn2zlem1DuXKVh2kFnUwmqAJqOV38pa9vH4SEkqjrQ
- jUcj0u1yFvCRIdJdt7hLqIOPt5EyaM/OJZMssn2XyP7BtBe6CZ4DkJN7fEmDImiK
- m95HwzGYei59QAvS7z7Tsoyqj0ip/wDoKVgG97aTWpRzJiatWA7lQrjV6nN5ZGhT
- JbiEz5R6rgZFDKNrTdDGvuoYpDbwkrK6HIiPOlJ/915tgxyd8B/lw9bdpXiSPbBt
- LOrJz5RBGXFEaLpHPATpXbo+8DX3Fbae8i4VHj9HyMg4p3NFXU2wO7GOFyk36t0F
- ASK7lDYqjVs1/lMZLwhGwSqzGmIdTivZGwIDAQABo4IBDDCCAQgwDgYDVR0PAQH/
- BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsG
- AQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBgNVHR8EKTAnMCWgI6Ah
- hh9odHRwOi8vY3JsLmVudHJ1c3QubmV0L2cyY2EuY3JsMDsGA1UdIAQ0MDIwMAYE
- VR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAd
- BgNVHQ4EFgQUgqJwdN28Uz/Pe9T3zX+nYMYKTL8wHwYDVR0jBBgwFoAUanImetAe
- 733nO2lR1GyNn5ASZqswDQYJKoZIhvcNAQELBQADggEBADnVjpiDYcgsY9NwHRkw
- y/YJrMxp1cncN0HyMg/vdMNY9ngnCTQIlZIv19+4o/0OgemknNM/TWgrFTEKFcxS
- BJPok1DD2bHi4Wi3Ogl08TRYCj93mEC45mj/XeTIRsXsgdfJghhcg85x2Ly/rJkC
- k9uUmITSnKa1/ly78EqvIazCP0kkZ9Yujs+szGQVGHLlbHfTUqi53Y2sAEo1GdRv
- c6N172tkw+CNgxKhiucOhk3YtCAbvmqljEtoZuMrx1gL+1YQ1JH7HdMxWBCMRON1
- exCdtTix9qrKgWRs6PLigVWXUX/hwidQosk8WwBD9lu51aX8/wdQQGcHsFXwt35u
- Lcw=
+ MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+ TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+ cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
+ WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+ RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+ AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
+ R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
+ sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
+ NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
+ Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
+ /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
+ AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
+ Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
+ FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
+ AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
+ Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
+ gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
+ PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
+ ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
+ CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
+ lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
+ avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
+ yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
+ yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
+ hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
+ MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
+ nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
- MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
- VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
- cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs
- IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz
- dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy
- NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu
- dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt
- dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0
- aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj
- YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
- AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T
- RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN
- cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW
- wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1
- U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0
- jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP
- BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN
- BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/
- jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ
- Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
- 1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
- nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
- VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
+ MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
+ TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+ cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
+ WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
+ ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
+ MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
+ h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
+ 0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
+ A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
+ T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
+ B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
+ B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
+ KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
+ OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
+ jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
+ qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
+ rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
+ HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
+ hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
+ ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
+ 3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
+ NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
+ ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
+ TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
+ jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
+ oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
+ 4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
+ mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
+ emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----
- # # LetsEncrypt certificate authority for keycloak.bigbang.dev
- # # Use this CA if you deployed Keycloak with *.bigbang.dev certificate using docs/assets/configs/example/keycloak-dev-values.yaml
+ # # LetsEncrypt certificate authority for keycloak.dev.bigbang.mil
+ # # Use this CA if you deployed Keycloak with *.dev.bigbang.mil certificate using docs/assets/configs/example/keycloak-dev-values.yaml
# certificate_authority: |
# -----BEGIN CERTIFICATE-----
# MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
@@ -165,7 +152,7 @@ tempo:
sso:
enabled: true
client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-jaeger
- # If deploying both Jaeger and Tempo you will need the tempo specific client below (matches the `tempo.bigbang.dev` VS)
+ # If deploying both Jaeger and Tempo you will need the tempo specific client below (matches the `tempo.dev.bigbang.mil` VS)
# client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-tempo
monitoring:
@@ -248,7 +235,7 @@ addons:
nexusRepositoryManager:
# Nexus requires manual configuration in Keycloak client and cannot be tested with login.dso.mil
- # you must test with your own dev deployment. Example: keycloak.bigbang.dev
+ # you must test with your own dev deployment. Example: keycloak.dev.bigbang.mil
# See more info in Nexus Package docs /docs/keycloak.md
# Nexus SSO is behind a paywall. You must have a valid license to enable SSO
# -- Base64 encoded license file.
@@ -258,7 +245,7 @@ addons:
# -- https://support.sonatype.com/hc/en-us/articles/1500000976522-SAML-integration-for-Nexus-Repository-Manager-Pro-3-and-Nexus-IQ-Server-with-Keycloak#h_01EV7CWCYH3YKAPMAHG8XMQ599
enabled: true
idp_data:
- entityId: "https://nexus.bigbang.dev/service/rest/v1/security/saml/metadata"
+ entityId: "https://nexus.dev.bigbang.mil/service/rest/v1/security/saml/metadata"
# -- IdP Field Mappings
# -- NXRM username attribute
username: "username"
@@ -282,7 +269,7 @@ addons:
- "nx-admin"
# NexusNotes: |
# get nexus x509 cert from Nexus Admin UI
- # https://nexus.bigbang.dev/service/rest/v1/security/saml/metadata
+ # https://nexus.dev.bigbang.mil/service/rest/v1/security/saml/metadata
# copy and paste the nexus single line cert into a text file and save it
# vi nexus-x509.txt
# -----BEGIN CERTIFICATE-----
diff --git a/docs/assets/configs/example/keycloak-dev-values.yaml b/docs/assets/configs/example/keycloak-dev-values.yaml
index 1972826494556d30062ac36356554248cd13f110..2d602e4541a13275a67245e71e55684e03e1a93b 100644
--- a/docs/assets/configs/example/keycloak-dev-values.yaml
+++ b/docs/assets/configs/example/keycloak-dev-values.yaml
@@ -1,7 +1,7 @@
comments: |
This example values override file is provided FOR DEVELOPMENT/DEMO/TEST PURPOSES ONLY
-domain: bigbang.dev
+domain: dev.bigbang.mil
flux:
interval: 1m
@@ -28,7 +28,7 @@ addons:
ingress:
gateway: "passthrough"
- # For development include the *.bigbang.dev cert from ./chart/ingress-certs.yaml
+ # For development include the *.dev.bigbang.mil cert from ./chart/ingress-certs.yaml
# key: |
# -----BEGIN PRIVATE KEY-----
# INSERT KEY HERE
@@ -67,7 +67,7 @@ addons:
- name: KC_HTTP_RELATIVE_PATH
value: /auth
- name: KC_HOSTNAME
- value: keycloak.bigbang.dev
+ value: keycloak.dev.bigbang.mil
- name: KC_HOSTNAME_STRICT
value: "true"
- name: KC_HOSTNAME_STRICT_HTTPS
diff --git a/docs/assets/configs/example/keycloak-prod-values.yaml b/docs/assets/configs/example/keycloak-prod-values.yaml
index bb9e6c59a3627b12d319a64c16b1ba7f4a0e3ca1..a1d4076190fe29bedf1215a164230f6a5a4eea8f 100644
--- a/docs/assets/configs/example/keycloak-prod-values.yaml
+++ b/docs/assets/configs/example/keycloak-prod-values.yaml
@@ -8,16 +8,16 @@ comments: |
Here are some of the URL paths that are available in Keycloak
Admin UI. Default credentials for development are admin:password
- https://keycloak.bigbang.dev/auth/admin
+ https://keycloak.dev.bigbang.mil/auth/admin
User registration and/or account page
- https://keycloak.bigbang.dev/
+ https://keycloak.dev.bigbang.mil/
For an example "baby-yoda" keycloak realm file that already has sso clients configured see
https://repo1.dso.mil/big-bang/product/packages/keycloak/-/blob/main/chart/resources/dev/baby-yoda.json
Within the Keycloak Admin Console UI import your custom realm.json file.
-domain: bigbang.dev
+domain: dev.bigbang.mil
flux:
interval: 1m
@@ -87,7 +87,7 @@ addons:
- name: KC_HTTP_RELATIVE_PATH
value: /auth
- name: KC_HOSTNAME
- value: keycloak.bigbang.dev
+ value: keycloak.dev.bigbang.mil
- name: KC_HOSTNAME_STRICT
value: "true"
- name: KC_HOSTNAME_STRICT_HTTPS
diff --git a/docs/assets/configs/example/vault-production-values.yaml b/docs/assets/configs/example/vault-production-values.yaml
index a1eb3eb5270fe09842c658e35da82e8595fdbec0..bd174873af1dbdb51036d2b410b1b702ab64a50b 100644
--- a/docs/assets/configs/example/vault-production-values.yaml
+++ b/docs/assets/configs/example/vault-production-values.yaml
@@ -69,7 +69,7 @@ addons:
# tell the deployments where our Vault API endpoint is
# see https://github.com/hashicorp/vault-helm/issues/789
- apiAddr: "https://vault.bigbang.dev"
+ apiAddr: "https://vault.dev.bigbang.mil"
# raft is the license free most simple solution for a distributed filesystem
raft:
@@ -95,21 +95,21 @@ addons:
leader_api_addr = "https://vault-vault-0.vault-vault-internal:8200"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
- leader_tls_servername = "vault.bigbang.dev"
+ leader_tls_servername = "vault.dev.bigbang.mil"
}
retry_join {
leader_api_addr = "https://vault-vault-1.vault-vault-internal:8200"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
- leader_tls_servername = "vault.bigbang.dev"
+ leader_tls_servername = "vault.dev.bigbang.mil"
}
retry_join {
leader_api_addr = "https://vault-vault-2.vault-vault-internal:8200"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
- leader_tls_servername = "vault.bigbang.dev"
+ leader_tls_servername = "vault.dev.bigbang.mil"
}
}
diff --git a/docs/assets/scripts/developer/k3d-dev.sh b/docs/assets/scripts/developer/k3d-dev.sh
index 4fc58eebc4f28f55a379802deae9a06d5ec76728..73bbdf6e5319632b2639fce5c64be691fad2ca63 100755
--- a/docs/assets/scripts/developer/k3d-dev.sh
+++ b/docs/assets/scripts/developer/k3d-dev.sh
@@ -831,26 +831,26 @@ if [[ "$METAL_LB" == true ]]; then
run <<- 'ENDSSH'
# run this command on remote
# fix /etc/hosts for new cluster
- sudo sed -i '/bigbang.dev/d' /etc/hosts
- sudo bash -c "echo '## begin bigbang.dev section (METAL_LB)' >> /etc/hosts"
- sudo bash -c "echo 172.20.1.240 keycloak.bigbang.dev vault.bigbang.dev >> /etc/hosts"
- sudo bash -c "echo 172.20.1.241 anchore-api.bigbang.dev anchore.bigbang.dev argocd.bigbang.dev gitlab.bigbang.dev registry.bigbang.dev tracing.bigbang.dev kiali.bigbang.dev kibana.bigbang.dev chat.bigbang.dev minio.bigbang.dev minio-api.bigbang.dev alertmanager.bigbang.dev grafana.bigbang.dev prometheus.bigbang.dev nexus.bigbang.dev sonarqube.bigbang.dev tempo.bigbang.dev twistlock.bigbang.dev >> /etc/hosts"
- sudo bash -c "echo '## end bigbang.dev section' >> /etc/hosts"
+ sudo sed -i '/dev.bigbang.mil/d' /etc/hosts
+ sudo bash -c "echo '## begin dev.bigbang.mil section (METAL_LB)' >> /etc/hosts"
+ sudo bash -c "echo 172.20.1.240 keycloak.dev.bigbang.mil vault.dev.bigbang.mil >> /etc/hosts"
+ sudo bash -c "echo 172.20.1.241 anchore-api.dev.bigbang.mil anchore.dev.bigbang.mil argocd.dev.bigbang.mil gitlab.dev.bigbang.mil registry.dev.bigbang.mil tracing.dev.bigbang.mil kiali.dev.bigbang.mil kibana.dev.bigbang.mil chat.dev.bigbang.mil minio.dev.bigbang.mil minio-api.dev.bigbang.mil alertmanager.dev.bigbang.mil grafana.dev.bigbang.mil prometheus.dev.bigbang.mil nexus.dev.bigbang.mil sonarqube.dev.bigbang.mil tempo.dev.bigbang.mil twistlock.dev.bigbang.mil >> /etc/hosts"
+ sudo bash -c "echo '## end dev.bigbang.mil section' >> /etc/hosts"
# run kubectl to add keycloak and vault's hostname/IP to the configmap for coredns, restart coredns
- kubectl get configmap -n kube-system coredns -o yaml | sed '/^ 172.20.0.1 host.k3d.internal$/a\ \ \ \ 172.20.1.240 keycloak.bigbang.dev vault.bigbang.dev' | kubectl apply -f -
+ kubectl get configmap -n kube-system coredns -o yaml | sed '/^ 172.20.0.1 host.k3d.internal$/a\ \ \ \ 172.20.1.240 keycloak.dev.bigbang.mil vault.dev.bigbang.mil' | kubectl apply -f -
kubectl delete pod -n kube-system -l k8s-app=kube-dns
ENDSSH
elif [[ "$ATTACH_SECONDARY_IP" == true ]]; then
run <<ENDSSH
# run this command on remote
# fix /etc/hosts for new cluster
- sudo sed -i '/bigbang.dev/d' /etc/hosts
- sudo bash -c "echo '## begin bigbang.dev section (ATTACH_SECONDARY_IP)' >> /etc/hosts"
- sudo bash -c "echo $PrivateIP2 keycloak.bigbang.dev vault.bigbang.dev >> /etc/hosts"
- sudo bash -c "echo $PrivateIP anchore-api.bigbang.dev anchore.bigbang.dev argocd.bigbang.dev gitlab.bigbang.dev registry.bigbang.dev tracing.bigbang.dev kiali.bigbang.dev kibana.bigbang.dev chat.bigbang.dev minio.bigbang.dev minio-api.bigbang.dev alertmanager.bigbang.dev grafana.bigbang.dev prometheus.bigbang.dev nexus.bigbang.dev sonarqube.bigbang.dev tempo.bigbang.dev twistlock.bigbang.dev >> /etc/hosts"
- sudo bash -c "echo '## end bigbang.dev section' >> /etc/hosts"
+ sudo sed -i '/dev.bigbang.mil/d' /etc/hosts
+ sudo bash -c "echo '## begin dev.bigbang.mil section (ATTACH_SECONDARY_IP)' >> /etc/hosts"
+ sudo bash -c "echo $PrivateIP2 keycloak.dev.bigbang.mil vault.dev.bigbang.mil >> /etc/hosts"
+ sudo bash -c "echo $PrivateIP anchore-api.dev.bigbang.mil anchore.dev.bigbang.mil argocd.dev.bigbang.mil gitlab.dev.bigbang.mil registry.dev.bigbang.mil tracing.dev.bigbang.mil kiali.dev.bigbang.mil kibana.dev.bigbang.mil chat.dev.bigbang.mil minio.dev.bigbang.mil minio-api.dev.bigbang.mil alertmanager.dev.bigbang.mil grafana.dev.bigbang.mil prometheus.dev.bigbang.mil nexus.dev.bigbang.mil sonarqube.dev.bigbang.mil tempo.dev.bigbang.mil twistlock.dev.bigbang.mil >> /etc/hosts"
+ sudo bash -c "echo '## end dev.bigbang.mil section' >> /etc/hosts"
# run kubectl to add keycloak and vault's hostname/IP to the configmap for coredns, restart coredns
- kubectl get configmap -n kube-system coredns -o yaml | sed '/^ .* host.k3d.internal$/a\ \ \ \ $PrivateIP2 keycloak.bigbang.dev vault.bigbang.dev' | kubectl apply -f -
+ kubectl get configmap -n kube-system coredns -o yaml | sed '/^ .* host.k3d.internal$/a\ \ \ \ $PrivateIP2 keycloak.dev.bigbang.mil vault.dev.bigbang.mil' | kubectl apply -f -
kubectl delete pod -n kube-system -l k8s-app=kube-dns
ENDSSH
fi
@@ -904,8 +904,8 @@ if [[ "$METAL_LB" == true ]]; then # using MetalLB
echo "Edit your workstation /etc/hosts to add the LOADBALANCER EXTERNAL-IPs from the istio-system services with application hostnames."
echo "Here is an example. You might have to change this depending on the number of gateways you configure for k8s cluster."
echo " # METALLB ISTIO INGRESS IPs"
- echo " 172.20.1.240 keycloak.bigbang.dev vault.bigbang.dev"
- echo " 172.20.1.241 sonarqube.bigbang.dev prometheus.bigbang.dev nexus.bigbang.dev gitlab.bigbang.dev"
+ echo " 172.20.1.240 keycloak.dev.bigbang.mil vault.dev.bigbang.mil"
+ echo " 172.20.1.241 sonarqube.dev.bigbang.mil prometheus.dev.bigbang.mil nexus.dev.bigbang.mil gitlab.dev.bigbang.mil"
fi
elif [[ "$PRIVATE_IP" == true ]]; then # not using MetalLB
# Not using MetalLB and using private IP
@@ -913,16 +913,16 @@ elif [[ "$PRIVATE_IP" == true ]]; then # not using MetalLB
echo " sshuttle --dns -vr ubuntu@${PublicIP} 172.31.0.0/16 --ssh-cmd 'ssh -i ~/.ssh/${KeyName}.pem'"
echo
echo "To access apps from a browser edit your /etc/hosts to add the private IP of your EC2 instance with application hostnames. Example:"
- echo " ${PrivateIP} gitlab.bigbang.dev prometheus.bigbang.dev kibana.bigbang.dev"
+ echo " ${PrivateIP} gitlab.dev.bigbang.mil prometheus.dev.bigbang.mil kibana.dev.bigbang.mil"
echo
else # Not using MetalLB and using public IP. This is the default
echo "To access apps from a browser edit your /etc/hosts to add the public IP of your EC2 instance with application hostnames."
echo "Example:"
- echo " ${PublicIP} gitlab.bigbang.dev prometheus.bigbang.dev kibana.bigbang.dev"
+ echo " ${PublicIP} gitlab.dev.bigbang.mil prometheus.dev.bigbang.mil kibana.dev.bigbang.mil"
echo
if [[ $SecondaryIP ]]; then
echo "A secondary IP is available for use if you wish to have a passthrough ingress for Istio along with a public Ingress Gateway, this maybe useful for Keycloak x509 mTLS authentication."
- echo " $SecondaryIP keycloak.bigbang.dev"
+ echo " $SecondaryIP keycloak.dev.bigbang.mil"
fi
fi
diff --git a/tests/test-values.yaml b/tests/test-values.yaml
index a9371a1cfe190442a06e8e0efa92679044c0435e..32ad08ac9970cb508df6f37bfed48db111200265 100644
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
@@ -1,7 +1,7 @@
-domain: bigbang.dev
+domain: dev.bigbang.mil
sso:
- url: https://keycloak.bigbang.dev/auth/realms/baby-yoda
+ url: https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda
# LetsEncrypt certificate authority
certificateAuthority:
@@ -39,7 +39,7 @@ sso:
-----END CERTIFICATE-----
saml:
# Retrieve from {{ .Values.sso.url }}/protocol/saml/descriptor
- metadata: <md:EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://keycloak.bigbang.dev/auth/realms/baby-yoda"><md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:KeyName>4CK69bW66HE2wph9VuBs0fTc1MaETSTpU1iflEkBHR4</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICoTCCAYkCBgF/iYn0azANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAliYWJ5LXlvZGEwHhcNMjIwMzE0MTc0NDUzWhcNMzIwMzE0MTc0NjMzWjAUMRIwEAYDVQQDDAliYWJ5LXlvZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoCX4G1TCnZlWXvCLH/z6m5y/6NMrUv1AYVVbTaQ9iUWLR+uD44v1exIHUywkgQV+cMhn+my+9ZihmRWfOJuBWV8CM5BfIh685YulKVQrcGlYWcB877SjJBZKxyXITz7GnNOJ8vvlK9tK8OncldUFrhR2BXaqw2zvG733CKlDtyujaWmd7kQge/p4okx4bV4VBLYMmsjrJ004uvMcU4DekCFlGmEh3p3FhZorMf+1xHfi5DaCD4iCYZqRgsWEb8/Zmsx0+qi56P9YWhz1j2GUfHw0At8Dq5h7hoMJtYJMvVXWxkmPNVHtaJMOHt8iiBO7/a6SkI6ddf9Jotp2i6XEvAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJwSLJ0eybbeBYPvXnawqpy6JSXJ/MnnRvSGN9tXJ2+d/QXMOEPwJaAaOrvFtpUQxyPELJ8nU/Ukf7AL2zWltsCLiwtTrJkC+BpbZYkb1UsByveBS5wTPfiNkFzHeGg+MxBjiju2y04P4kEngXhQh4ZIUdi+WJjew721nJa/tjrMfnuEsMjxY/tWnzkk8xkGgaApZpGyaj1tOmVH4GR6CeBU6459m/GXmGH5TCGwT3EyfpZ189te+xV73WZR/r2nDlGuuy//w/P4JGHh4lcCwLfPcOOH30otcPAgctyX9Takk4MkVjva+b9S88sGaWPg075bxA2sysmkuqEOULjdXjU=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml/resolve" index="0"></md:ArtifactResolutionService><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleLogoutService><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleLogoutService><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleLogoutService><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://keycloak.bigbang.dev/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService></md:IDPSSODescriptor></md:EntityDescriptor>
+ metadata: <md:EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda"><md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:KeyName>4CK69bW66HE2wph9VuBs0fTc1MaETSTpU1iflEkBHR4</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICoTCCAYkCBgF/iYn0azANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAliYWJ5LXlvZGEwHhcNMjIwMzE0MTc0NDUzWhcNMzIwMzE0MTc0NjMzWjAUMRIwEAYDVQQDDAliYWJ5LXlvZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoCX4G1TCnZlWXvCLH/z6m5y/6NMrUv1AYVVbTaQ9iUWLR+uD44v1exIHUywkgQV+cMhn+my+9ZihmRWfOJuBWV8CM5BfIh685YulKVQrcGlYWcB877SjJBZKxyXITz7GnNOJ8vvlK9tK8OncldUFrhR2BXaqw2zvG733CKlDtyujaWmd7kQge/p4okx4bV4VBLYMmsjrJ004uvMcU4DekCFlGmEh3p3FhZorMf+1xHfi5DaCD4iCYZqRgsWEb8/Zmsx0+qi56P9YWhz1j2GUfHw0At8Dq5h7hoMJtYJMvVXWxkmPNVHtaJMOHt8iiBO7/a6SkI6ddf9Jotp2i6XEvAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJwSLJ0eybbeBYPvXnawqpy6JSXJ/MnnRvSGN9tXJ2+d/QXMOEPwJaAaOrvFtpUQxyPELJ8nU/Ukf7AL2zWltsCLiwtTrJkC+BpbZYkb1UsByveBS5wTPfiNkFzHeGg+MxBjiju2y04P4kEngXhQh4ZIUdi+WJjew721nJa/tjrMfnuEsMjxY/tWnzkk8xkGgaApZpGyaj1tOmVH4GR6CeBU6459m/GXmGH5TCGwT3EyfpZ189te+xV73WZR/r2nDlGuuy//w/P4JGHh4lcCwLfPcOOH30otcPAgctyX9Takk4MkVjva+b9S88sGaWPg075bxA2sysmkuqEOULjdXjU=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml/resolve" index="0"></md:ArtifactResolutionService><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleLogoutService><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleLogoutService><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleLogoutService><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://keycloak.dev.bigbang.mil/auth/realms/baby-yoda/protocol/saml"></md:SingleSignOnService></md:IDPSSODescriptor></md:EntityDescriptor>
flux:
timeout: 20m
@@ -87,7 +87,7 @@ jaeger:
enabled: true
cypress:
envs:
- cypress_url: "https://tracing.bigbang.dev"
+ cypress_url: "https://tracing.dev.bigbang.mil"
# uncomment following variables for sso keycloak testing in bb
# cypress_tnr_username: "cypress"
# cypress_tnr_password: "tnr_w!G33ZyAt@C8"
@@ -107,7 +107,7 @@ kiali:
enabled: true
spec:
hosts:
- - 'kiali.bigbang.dev'
+ - 'kiali.dev.bigbang.mil'
location: MESH_EXTERNAL
ports:
- number: 443
@@ -151,7 +151,7 @@ kiali:
enabled: true
cypress:
envs:
- cypress_url: 'https://kiali.bigbang.dev'
+ cypress_url: 'https://kiali.dev.bigbang.mil'
cypress_check_data: 'true'
# uncomment these next 3 lines if enabling the keycloak SSO integration test
#cypress_keycloak_test_enable: "true"
@@ -178,9 +178,9 @@ clusterAuditor:
enabled: true
cypress:
envs:
- cypress_grafana_url: 'https://grafana.bigbang.dev'
- cypress_prometheus_url: 'https://prometheus.bigbang.dev'
- cypress_url: 'https://grafana.bigbang.dev/d/YBgRZG6Mz/opa-violations?orgId=1'
+ cypress_grafana_url: 'https://grafana.dev.bigbang.mil'
+ cypress_prometheus_url: 'https://prometheus.dev.bigbang.mil'
+ cypress_url: 'https://grafana.dev.bigbang.mil/d/YBgRZG6Mz/opa-violations?orgId=1'
gatekeeper:
enabled: false
@@ -415,8 +415,8 @@ kyvernoReporter:
enabled: true
cypress:
envs:
- cypress_grafana_url: https://grafana.bigbang.dev
- cypress_prometheus_url: https://prometheus.bigbang.dev
+ cypress_grafana_url: https://grafana.dev.bigbang.mil
+ cypress_prometheus_url: https://prometheus.dev.bigbang.mil
cypress_check_datasource: 'true'
resources:
requests:
@@ -832,7 +832,7 @@ elasticsearchKibana:
artifacts: true
envs:
cypress_expect_logs: "true"
- cypress_kibana_url: "https://kibana.bigbang.dev"
+ cypress_kibana_url: "https://kibana.dev.bigbang.mil"
fluentbit:
enabled: false
@@ -907,7 +907,7 @@ loki:
enabled: true
spec:
hosts:
- - 'grafana.bigbang.dev'
+ - 'grafana.dev.bigbang.mil'
location: MESH_EXTERNAL
ports:
- number: 443
@@ -955,7 +955,7 @@ loki:
cypress:
envs:
cypress_check_datasource: 'true'
- cypress_grafana_url: 'https://grafana.bigbang.dev'
+ cypress_grafana_url: 'https://grafana.dev.bigbang.mil'
scripts:
envs:
LOKI_URL: 'http://logging-loki-write.logging.svc:3100'
@@ -980,10 +980,10 @@ tempo:
cypress:
artifacts: true
envs:
- cypress_url: 'https://tempo.bigbang.dev'
+ cypress_url: 'https://tempo.dev.bigbang.mil'
cypress_tempo_datasource: 'http://tempo-tempo.tempo.svc:3100'
cypress_check_datasource: 'true'
- cypress_grafana_url: 'https://grafana.bigbang.dev'
+ cypress_grafana_url: 'https://grafana.dev.bigbang.mil'
# uncomment following variables for sso keycloak testing in bb
#cypress_tnr_username: "cypress"
#cypress_tnr_password: "tnr_w!G33ZyAt@C8"
@@ -1060,9 +1060,9 @@ monitoring:
cypress:
envs:
cypress_bigbang_integration: 'true'
- cypress_prometheus_url: 'https://prometheus.bigbang.dev'
- cypress_grafana_url: 'https://grafana.bigbang.dev'
- cypress_alertmanager_url: 'https://alertmanager.bigbang.dev'
+ cypress_prometheus_url: 'https://prometheus.dev.bigbang.mil'
+ cypress_grafana_url: 'https://grafana.dev.bigbang.mil'
+ cypress_alertmanager_url: 'https://alertmanager.dev.bigbang.mil'
cypress_check_istio_dashboards: 'true'
cypress_keycloak_test_enable: 'false'
cypress_tnr_username: "cypress"
@@ -1146,7 +1146,7 @@ grafana:
cypress:
artifacts: true
envs:
- cypress_grafana_url: 'https://grafana.bigbang.dev'
+ cypress_grafana_url: 'https://grafana.dev.bigbang.mil'
neuvector:
values:
@@ -1197,7 +1197,7 @@ neuvector:
cypress:
artifacts: true
envs:
- cypress_url: https://neuvector.bigbang.dev
+ cypress_url: https://neuvector.dev.bigbang.mil
resources:
requests:
cpu: "2"
@@ -1266,7 +1266,7 @@ twistlock:
enabled: true
scripts:
envs:
- twistlock_host: "https://twistlock.bigbang.dev"
+ twistlock_host: "https://twistlock.dev.bigbang.mil"
# Addons are toggled based on labels in CI
addons:
@@ -1333,7 +1333,7 @@ addons:
enabled: true
cypress:
envs:
- cypress_url: "https://argocd.bigbang.dev"
+ cypress_url: "https://argocd.dev.bigbang.mil"
resources:
requests:
cpu: 2
@@ -1352,7 +1352,7 @@ addons:
enabled: false
chains:
minimal:
- callback_uri: "https://minimal.bigbang.dev"
+ callback_uri: "https://minimal.dev.bigbang.mil"
values:
istio:
hardened:
@@ -1449,7 +1449,7 @@ addons:
enabled: true
cypress: # note `cypress:*`` is different than in the fortify chart test-values.yaml
envs:
- cypress_url: "https://fortify.bigbang.dev"
+ cypress_url: "https://fortify.dev.bigbang.mil"
haproxy:
values:
@@ -1548,12 +1548,12 @@ addons:
cypress:
artifacts: true
envs:
- cypress_url: https://gitlab.bigbang.dev
+ cypress_url: https://gitlab.dev.bigbang.mil
scripts:
envs:
- GITLAB_REPOSITORY: https://gitlab.bigbang.dev
- GITLAB_ORIGIN: https://testuser:Password123h56a78@gitlab.bigbang.dev
- GITLAB_REGISTRY: registry.bigbang.dev
+ GITLAB_REPOSITORY: https://gitlab.dev.bigbang.mil
+ GITLAB_ORIGIN: https://testuser:Password123h56a78@gitlab.dev.bigbang.mil
+ GITLAB_REGISTRY: registry.dev.bigbang.mil
gitlabRunner:
enabled: false
@@ -1581,10 +1581,10 @@ addons:
cypress:
artifacts: true
envs:
- cypress_url: "https://gitlab.bigbang.dev"
+ cypress_url: "https://gitlab.dev.bigbang.mil"
cypress_gitlab_first_name: "testrunner"
cypress_gitlab_last_name: "userrunner"
- cypress_gitlab_email: "gitlab@bigbang.dev"
+ cypress_gitlab_email: "gitlab@dev.bigbang.mil"
cypress_gitlab_username: "gitlabrunner_user"
cypress_gitlab_password: "Runner_PaSsw0rd123"
cypress_gitlab_project: "runner-hello-world"
@@ -1726,7 +1726,7 @@ addons:
enabled: true
scripts:
envs:
- ANCHORE_CLI_URL: "https://anchore-api.bigbang.dev/v1"
+ ANCHORE_CLI_URL: "https://anchore-api.dev.bigbang.mil/v1"
sonarqube:
enabled: false
@@ -1761,8 +1761,8 @@ addons:
enabled: true
cypress:
envs:
- cypress_url: "https://sonarqube.bigbang.dev"
- cypress_url_setup: "https://sonarqube.bigbang.dev/setup"
+ cypress_url: "https://sonarqube.dev.bigbang.mil"
+ cypress_url_setup: "https://sonarqube.dev.bigbang.mil/setup"
account:
adminPassword: new_admin_password
currentAdminPassword: admin
@@ -1771,6 +1771,9 @@ addons:
minioOperator:
enabled: true # Minio Operator is required for Loki in default core
values:
+ istio:
+ console:
+ enabled: false
console:
enabled: true
bbtests:
@@ -1807,11 +1810,11 @@ addons:
enabled: true
cypress:
envs:
- cypress_url: 'https://minio.bigbang.dev/login'
+ cypress_url: 'https://minio.dev.bigbang.mil/login'
scripts:
envs:
MINIO_PORT: ''
- MINIO_HOST: 'https://minio-api.bigbang.dev'
+ MINIO_HOST: 'https://minio-api.dev.bigbang.mil'
istio:
enabled: true
hardened:
@@ -1890,12 +1893,12 @@ addons:
enabled: true
cypress:
envs:
- cypress_url: https://chat.bigbang.dev
+ cypress_url: https://chat.dev.bigbang.mil
nexusRepositoryManager:
enabled: false
# Nexus requires manual configuration in Keycloak client and cannot be tested with
- # you must test with your own dev deployment. Example: keycloak.bigbang.dev
+ # you must test with your own dev deployment. Example: keycloak.dev.bigbang.mil
# See more info in Nexus Package docs /docs/keycloak.md
# Nexus SSO is behind a paywall. You must have a valid license to enable SSO
# -- Base64 encoded license file.
@@ -1905,7 +1908,7 @@ addons:
# -- https://support.sonatype.com/hc/en-us/articles/1500000976522-SAML-integration-for-Nexus-Repository-Manager-Pro-3-and-Nexus-IQ-Server-with-Keycloak#h_01EV7CWCYH3YKAPMAHG8XMQ599
enabled: false
idp_data:
- entityId: "https://nexus.bigbang.dev/service/rest/v1/security/saml/metadata"
+ entityId: "https://nexus.dev.bigbang.mil/service/rest/v1/security/saml/metadata"
# -- IdP Field Mappings
# -- NXRM username attribute
username: "username"
@@ -1929,7 +1932,7 @@ addons:
- "nx-admin"
# NexusNotes: |
# Login to Nexus Admin UI and then get the x509 certificate from this path
- # https://nexus.bigbang.dev/service/rest/v1/security/saml/metadata
+ # https://nexus.dev.bigbang.mil/service/rest/v1/security/saml/metadata
# copy and paste the nexus single line certificate into a text file and save it
# vi nexus-x509.txt
# -----BEGIN CERTIFICATE-----
@@ -1956,7 +1959,7 @@ addons:
docker:
enabled: true
registries:
- - host: containers.bigbang.dev
+ - host: containers.dev.bigbang.mil
port: 5000
repository:
enabled: true
@@ -1985,10 +1988,10 @@ addons:
cypress:
artifacts: true
envs:
- cypress_nexus_url: "https://nexus.bigbang.dev"
+ cypress_nexus_url: "https://nexus.dev.bigbang.mil"
scripts:
envs:
- docker_host: "containers.bigbang.dev"
+ docker_host: "containers.dev.bigbang.mil"
velero:
enabled: false
@@ -2006,7 +2009,7 @@ addons:
config:
region: velero
s3ForcePathStyle: "true"
- s3Url: https://minio-api.bigbang.dev
+ s3Url: https://minio-api.dev.bigbang.mil
volumeSnapshotLocation:
- name: default
provider: aws
@@ -2024,7 +2027,7 @@ addons:
enabled: true
scripts:
envs:
- MINIO_HOST: https://minio-api.bigbang.dev
+ MINIO_HOST: https://minio-api.dev.bigbang.mil
keycloak:
enabled: false
@@ -2043,7 +2046,7 @@ addons:
enabled: true
cypress:
envs:
- cypress_url: "https://keycloak.bigbang.dev"
+ cypress_url: "https://keycloak.dev.bigbang.mil"
command:
- "/opt/keycloak/bin/kc.sh"
args:
@@ -2067,7 +2070,7 @@ addons:
- name: KC_HTTPS_TRUST_STORE_PASSWORD
value: password
- name: KC_HOSTNAME
- value: keycloak.bigbang.dev
+ value: keycloak.dev.bigbang.mil
- name: KC_HOSTNAME_STRICT
value: "true"
- name: KC_HOSTNAME_STRICT_HTTPS
@@ -2187,7 +2190,7 @@ addons:
ha:
enabled: true
replicas: 1
- apiAddr: "https://vault.bigbang.dev"
+ apiAddr: "https://vault.dev.bigbang.mil"
raft:
enabled: true
config: |
@@ -2211,7 +2214,7 @@ addons:
leader_api_addr = "https://vault-vault-0.vault-vault-internal:8200"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
- leader_tls_servername = "vault.bigbang.dev"
+ leader_tls_servername = "vault.dev.bigbang.mil"
}
}
@@ -2236,7 +2239,7 @@ addons:
cypress:
artifacts: true
envs:
- cypress_vault_url: "https://vault.bigbang.dev"
+ cypress_vault_url: "https://vault.dev.bigbang.mil"
metricsServer:
enabled: false
@@ -2263,7 +2266,7 @@ addons:
enabled: false
internalTLS:
enabled: false
- externalURL: https://harbor.bigbang.dev
+ externalURL: https://harbor.dev.bigbang.mil
nginx:
resources:
requests:
@@ -2396,11 +2399,11 @@ addons:
cypress:
artifacts: true
envs:
- cypress_url: "https://harbor.bigbang.dev"
+ cypress_url: "https://harbor.dev.bigbang.mil"
scripts:
image: "registry1.dso.mil/bigbang-ci/gitlab-tester:0.0.4"
envs:
- HARBOR_REGISTRY: "harbor.bigbang.dev"
+ HARBOR_REGISTRY: "harbor.dev.bigbang.mil"
# ----------------------------------------------------------------------------------------------------------------------
# Thanos
@@ -2442,13 +2445,13 @@ addons:
cypress:
artifacts: true
envs:
- cypress_url: "https://thanos.bigbang.dev"
+ cypress_url: "https://thanos.dev.bigbang.mil"
cypress_prometheus_integration_enabled: "true"
cypress_objstorage_integration_enabled: "true"
scripts:
image: "registry1.dso.mil/bigbang-ci/gitlab-tester:0.0.4"
envs:
- THANOS_REGISTRY: "thanos.bigbang.dev"
+ THANOS_REGISTRY: "thanos.dev.bigbang.mil"
objstoreConfig: |-
type: s3
config: