UNCLASSIFIED - NO CUI

Create platform wide values ConfigMap for consumption by maintained packages

Each package we create within Big Bang creates a secret that houses the Big Bang adjusted values that we pass into the Helm charts.

The keys created are: common, defaults, and overlays and they are layered into the package in that order.

During some of the investigation in integrating bb-common with maintained packages we determined we could leverage that value hierarchy to overlay some big bang configuration via bb-common standard configuration to more easily orchestrate configuration options.

Some obvious things that could be globally applied:

  • network policies definitions
  • istio configuration (legacy hardened detection)
  • bigbang package detection (is monitoring enabled?)

Example platform-values-configmap

apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ .Release.Name }}-platform-values
  namespace: {{ .Release.Namespace }}
data:
  common.yaml: |
    global:
      domain: {{ .Values.domain }}
      monitoring:
        enabled: {{ .Values.monitoring.enabled }}
    bb-common:
      istio:
        enabled: {{ $istioEnabled }}
        hardened:
          enabled: {{ $istioHardened }}
        sidecar:
          enabled: {{ $istioHardened }}
        authorizationPolicies:
          enabled: {{ $istioHardened }}
          generateFromNetpol: {{ $istioHardened }}
      networkPolicies:
        {{- .Values.networkPolicies | toYaml | nindent 8 }}

Big Bang packages HelmRelease would then be updated to include valuesFrom that includes a global bigbang-platform-values:

valuesFrom:
  - name: {{ $.Release.Name }}-platform-values
    kind: ConfigMap
    valuesKey: common.yaml
  - name: {{ $pkg }}-values
    kind: Secret

UNCLASSIFIED - NO CUI