UNCLASSIFIED - NO CUI

Skip to content

Update chart templates for each package to support vpcCidr value

This issue is for updating the chart templates for each package to support setting the vpcCidr value for NetworkPolicy config. In our Bigbang global values we allow setting the following values below. With the enforcement of network policies on our EKS clusters we updated our packages to support vpcCidr for egress networkpolicies. To allow us to set this value globally on our deployment configs we need to update each package template.

networkPolicies:
  controlPlaneCidr: 
  vpcCidr:

Example Velero value update

current

networkPolicies:
  enabled: {{ .Values.networkPolicies.enabled }}
  istioNamespaceSelector:
  {{ include "istioNamespaceSelector" . | nindent 4 }}
  controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}

change

networkPolicies:
  enabled: {{ .Values.networkPolicies.enabled }}
  istioNamespaceSelector:
  {{ include "istioNamespaceSelector" . | nindent 4 }}
  controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}
  vpcCidr: {{ .Values.networkPolicies.vpcCidr }}
Bigbang Global NetworkPolicy config

Screenshot_2025-11-13_at_7.04.41_AM

Acceptance Criteria

  • Istio CRDs
  • Argo CD
  • Istiod
  • Backstage
  • Istio gateway
  • Auth service
  • Kiali
  • Gitlab
  • Gatekeeper
  • Gitlab runner
  • Kyverno
  • SonarQube
  • Kyverno policies
  • HAproxy
  • Kyverno reporter
  • Keycloak
  • Elasticsearch Kibana
  • Mattermost
  • Eck Operator
  • Mattermost operator
  • Fluent bit
  • Metrics server
  • Promtail
  • Minio
  • Loki
  • Minio operator
  • Neuvector
  • Mimir
  • Tempo
  • Nexus repository manager
  • Prometheus operator CRDs
  • Vault
  • Monitoring
  • Velero
  • Grafana
  • Harbor
  • Twistlock
  • Thanos
  • BBctl
  • External secrets Opeator
  • Alloy
  • Anchore enterprise
  • Fortify
  • Headlamp
Edited by Julian Hair

UNCLASSIFIED - NO CUI