Skip to content

neuvector values.yamlπŸ“œ

openshiftπŸ“œ

Type: bool

Default value
false

registryπŸ“œ

Type: string

Default value
"registry1.dso.mil"

tagπŸ“œ

Type: string

Default value
"5.2.2"

oemπŸ“œ

Type: string

Default value
nil

imagePullSecretsπŸ“œ

Type: string

Default value
"private-registry"

pspπŸ“œ

Type: bool

Default value
false

rbacπŸ“œ

Type: bool

Default value
true

serviceAccountπŸ“œ

Type: string

Default value
"default"

leastPrivilegeπŸ“œ

Type: bool

Default value
false

global.cattle.urlπŸ“œ

Type: string

Default value
nil

global.azure.enabledπŸ“œ

Type: bool

Default value
false

global.azure.identity.clientIdπŸ“œ

Type: string

Default value
"DONOTMODIFY"

global.azure.marketplace.planIdπŸ“œ

Type: string

Default value
"DONOTMODIFY"

global.azure.extension.resourceIdπŸ“œ

Type: string

Default value
"DONOTMODIFY"

global.azure.serviceAccountπŸ“œ

Type: string

Default value
"csp"

global.azure.imagePullSecretsπŸ“œ

Type: string

Default value
nil

global.azure.images.neuvector_csp_pod.digestπŸ“œ

Type: string

Default value
nil

global.azure.images.neuvector_csp_pod.imageπŸ“œ

Type: string

Default value
"neuvector-billing-azure-by-suse-llc"

global.azure.images.neuvector_csp_pod.registryπŸ“œ

Type: string

Default value
"susellcforazuremarketplace.azurecr.io"

global.azure.images.neuvector_csp_pod.imagePullPolicyπŸ“œ

Type: string

Default value
"IfNotPresent"

global.azure.images.controller.digestπŸ“œ

Type: string

Default value
""

global.azure.images.controller.imageπŸ“œ

Type: string

Default value
"neuvector/controller"

global.azure.images.controller.registryπŸ“œ

Type: string

Default value
"docker.io"

global.azure.images.manager.digestπŸ“œ

Type: string

Default value
""

global.azure.images.manager.imageπŸ“œ

Type: string

Default value
"neuvector/manager"

global.azure.images.manager.registryπŸ“œ

Type: string

Default value
"docker.io"

global.azure.images.scanner.digestπŸ“œ

Type: string

Default value
""

global.azure.images.scanner.imageπŸ“œ

Type: string

Default value
"neuvector/scanner"

global.azure.images.scanner.registryπŸ“œ

Type: string

Default value
"docker.io"

global.azure.images.enforcer.digestπŸ“œ

Type: string

Default value
""

global.azure.images.enforcer.imageπŸ“œ

Type: string

Default value
"neuvector/enforcer"

global.azure.images.enforcer.registryπŸ“œ

Type: string

Default value
"docker.io"

global.aws.enabledπŸ“œ

Type: bool

Default value
false

global.aws.accountNumberπŸ“œ

Type: string

Default value
""

global.aws.roleNameπŸ“œ

Type: string

Default value
""

global.aws.serviceAccountπŸ“œ

Type: string

Default value
"csp"

global.aws.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

global.aws.imagePullSecretsπŸ“œ

Type: string

Default value
nil

global.aws.image.digestπŸ“œ

Type: string

Default value
nil

global.aws.image.repositoryπŸ“œ

Type: string

Default value
"neuvector/neuvector-csp-adapter"

global.aws.image.tagπŸ“œ

Type: string

Default value
"latest"

global.aws.image.imagePullPolicyπŸ“œ

Type: string

Default value
"IfNotPresent"

autoGenerateCertπŸ“œ

Type: bool

Default value
true

defaultValidityPeriodπŸ“œ

Type: int

Default value
365

internal.certmanager.enabledπŸ“œ

Type: bool

Default value
false

internal.certmanager.secretnameπŸ“œ

Type: string

Default value
"neuvector-internal"

controller.enabledπŸ“œ

Type: bool

Default value
true

controller.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.strategy.typeπŸ“œ

Type: string

Default value
"RollingUpdate"

controller.strategy.rollingUpdate.maxSurgeπŸ“œ

Type: int

Default value
1

controller.strategy.rollingUpdate.maxUnavailableπŸ“œ

Type: int

Default value
0

controller.image.repositoryπŸ“œ

Type: string

Default value
"ironbank/neuvector/neuvector/controller"

controller.image.hashπŸ“œ

Type: string

Default value
nil

controller.replicasπŸ“œ

Type: int

Default value
3

controller.disruptionbudgetπŸ“œ

Type: int

Default value
0

controller.schedulerNameπŸ“œ

Type: string

Default value
nil

controller.priorityClassNameπŸ“œ

Type: string

Default value
nil

controller.podLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.containerSecurityContext.privilegedπŸ“œ

Type: bool

Default value
true

controller.containerSecurityContext.runAsUserπŸ“œ

Type: int

Default value
1000

controller.containerSecurityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

controller.containerSecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

controller.envπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].weightπŸ“œ

Type: int

Default value
100

controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].keyπŸ“œ

Type: string

Default value
"app"

controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].operatorπŸ“œ

Type: string

Default value
"In"

controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].values[0]πŸ“œ

Type: string

Default value
"neuvector-controller-pod"

controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.topologyKeyπŸ“œ

Type: string

Default value
"kubernetes.io/hostname"

controller.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

controller.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.apisvc.typeπŸ“œ

Type: string

Default value
nil

controller.apisvc.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.apisvc.route.enabledπŸ“œ

Type: bool

Default value
false

controller.apisvc.route.terminationπŸ“œ

Type: string

Default value
"passthrough"

controller.apisvc.route.hostπŸ“œ

Type: string

Default value
nil

controller.apisvc.route.tlsπŸ“œ

Type: string

Default value
nil

controller.ranchersso.enabledπŸ“œ

Type: bool

Default value
false

controller.sso.certificateAuthority.secretNameπŸ“œ

Type: string

Default value
""

controller.pvc.enabledπŸ“œ

Type: bool

Default value
false

controller.pvc.existingClaimπŸ“œ

Type: bool

Default value
false

controller.pvc.accessModes[0]πŸ“œ

Type: string

Default value
"ReadWriteMany"

controller.pvc.storageClassπŸ“œ

Type: string

Default value
nil

controller.pvc.capacityπŸ“œ

Type: string

Default value
nil

controller.azureFileShare.enabledπŸ“œ

Type: bool

Default value
false

controller.azureFileShare.secretNameπŸ“œ

Type: string

Default value
nil

controller.azureFileShare.shareNameπŸ“œ

Type: string

Default value
nil

controller.certificate.secretπŸ“œ

Type: string

Default value
nil

controller.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

controller.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.pem"

controller.internal.certificate.secretπŸ“œ

Type: string

Default value
"neuvector-internal"

controller.internal.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

controller.internal.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.crt"

controller.internal.certificate.caFileπŸ“œ

Type: string

Default value
"ca.crt"

controller.federation.mastersvc.typeπŸ“œ

Type: string

Default value
nil

controller.federation.mastersvc.ingress.enabledπŸ“œ

Type: bool

Default value
false

controller.federation.mastersvc.ingress.hostπŸ“œ

Type: string

Default value
nil

controller.federation.mastersvc.ingress.ingressClassNameπŸ“œ

Type: string

Default value
""

controller.federation.mastersvc.ingress.pathπŸ“œ

Type: string

Default value
"/"

controller.federation.mastersvc.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”πŸ“œ

Type: string

Default value
"HTTPS"

controller.federation.mastersvc.ingress.tlsπŸ“œ

Type: bool

Default value
false

controller.federation.mastersvc.ingress.secretNameπŸ“œ

Type: string

Default value
nil

controller.federation.mastersvc.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.federation.mastersvc.route.enabledπŸ“œ

Type: bool

Default value
false

controller.federation.mastersvc.route.terminationπŸ“œ

Type: string

Default value
"passthrough"

controller.federation.mastersvc.route.hostπŸ“œ

Type: string

Default value
nil

controller.federation.mastersvc.route.tlsπŸ“œ

Type: string

Default value
nil

controller.federation.managedsvc.typeπŸ“œ

Type: string

Default value
nil

controller.federation.managedsvc.ingress.enabledπŸ“œ

Type: bool

Default value
false

controller.federation.managedsvc.ingress.hostπŸ“œ

Type: string

Default value
nil

controller.federation.managedsvc.ingress.ingressClassNameπŸ“œ

Type: string

Default value
""

controller.federation.managedsvc.ingress.pathπŸ“œ

Type: string

Default value
"/"

controller.federation.managedsvc.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”πŸ“œ

Type: string

Default value
"HTTPS"

controller.federation.managedsvc.ingress.tlsπŸ“œ

Type: bool

Default value
false

controller.federation.managedsvc.ingress.secretNameπŸ“œ

Type: string

Default value
nil

controller.federation.managedsvc.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.federation.managedsvc.route.enabledπŸ“œ

Type: bool

Default value
false

controller.federation.managedsvc.route.terminationπŸ“œ

Type: string

Default value
"passthrough"

controller.federation.managedsvc.route.hostπŸ“œ

Type: string

Default value
nil

controller.federation.managedsvc.route.tlsπŸ“œ

Type: string

Default value
nil

controller.ingress.enabledπŸ“œ

Type: bool

Default value
false

controller.ingress.hostπŸ“œ

Type: string

Default value
nil

controller.ingress.ingressClassNameπŸ“œ

Type: string

Default value
""

controller.ingress.pathπŸ“œ

Type: string

Default value
"/"

controller.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”πŸ“œ

Type: string

Default value
"HTTPS"

controller.ingress.tlsπŸ“œ

Type: bool

Default value
false

controller.ingress.secretNameπŸ“œ

Type: string

Default value
nil

controller.resourcesπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

controller.configmap.enabledπŸ“œ

Type: bool

Default value
false

controller.configmap.dataπŸ“œ

Type: string

Default value
nil

controller.secret.enabledπŸ“œ

Type: bool

Default value
false

controller.secret.data.”userinitcfg.yaml”.users[0].FullnameπŸ“œ

Type: string

Default value
"admin"

controller.secret.data.”userinitcfg.yaml”.users[0].PasswordπŸ“œ

Type: string

Default value
nil

controller.secret.data.”userinitcfg.yaml”.users[0].RoleπŸ“œ

Type: string

Default value
"admin"

enforcer.enabledπŸ“œ

Type: bool

Default value
true

enforcer.image.repositoryπŸ“œ

Type: string

Default value
"ironbank/neuvector/neuvector/enforcer"

enforcer.image.hashπŸ“œ

Type: string

Default value
nil

enforcer.updateStrategy.typeπŸ“œ

Type: string

Default value
"RollingUpdate"

enforcer.priorityClassNameπŸ“œ

Type: string

Default value
nil

enforcer.podLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

enforcer.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

enforcer.containerSecurityContext.privilegedπŸ“œ

Type: bool

Default value
true

enforcer.containerSecurityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

enforcer.containerSecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

enforcer.envπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

enforcer.tolerations[0].effectπŸ“œ

Type: string

Default value
"NoSchedule"

enforcer.tolerations[0].keyπŸ“œ

Type: string

Default value
"node-role.kubernetes.io/master"

enforcer.tolerations[1].effectπŸ“œ

Type: string

Default value
"NoSchedule"

enforcer.tolerations[1].keyπŸ“œ

Type: string

Default value
"node-role.kubernetes.io/control-plane"

enforcer.resourcesπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

enforcer.internal.certificate.secretπŸ“œ

Type: string

Default value
"neuvector-internal"

enforcer.internal.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

enforcer.internal.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.crt"

enforcer.internal.certificate.caFileπŸ“œ

Type: string

Default value
"ca.crt"

manager.enabledπŸ“œ

Type: bool

Default value
true

manager.image.repositoryπŸ“œ

Type: string

Default value
"ironbank/neuvector/neuvector/manager"

manager.image.hashπŸ“œ

Type: string

Default value
nil

manager.priorityClassNameπŸ“œ

Type: string

Default value
nil

manager.env.sslπŸ“œ

Type: bool

Default value
false

manager.env.envs[0].nameπŸ“œ

Type: string

Default value
"JDK_JAVA_OPTIONS"

manager.env.envs[0].valueπŸ“œ

Type: string

Default value
"-Dcom.redhat.fips=false"

manager.svc.typeπŸ“œ

Type: string

Default value
"ClusterIP"

manager.svc.loadBalancerIPπŸ“œ

Type: string

Default value
nil

manager.svc.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

manager.route.enabledπŸ“œ

Type: bool

Default value
true

manager.route.terminationπŸ“œ

Type: string

Default value
"passthrough"

manager.route.hostπŸ“œ

Type: string

Default value
nil

manager.route.tlsπŸ“œ

Type: string

Default value
nil

manager.certificate.secretπŸ“œ

Type: string

Default value
nil

manager.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

manager.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.pem"

manager.ingress.enabledπŸ“œ

Type: bool

Default value
false

manager.ingress.hostπŸ“œ

Type: string

Default value
nil

manager.ingress.ingressClassNameπŸ“œ

Type: string

Default value
""

manager.ingress.pathπŸ“œ

Type: string

Default value
"/"

manager.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”πŸ“œ

Type: string

Default value
"HTTPS"

manager.ingress.tlsπŸ“œ

Type: bool

Default value
false

manager.ingress.secretNameπŸ“œ

Type: string

Default value
nil

manager.resourcesπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

manager.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

manager.podLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

manager.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

manager.containerSecurityContext.runAsUserπŸ“œ

Type: int

Default value
1000

manager.containerSecurityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

manager.containerSecurityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

manager.containerSecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

manager.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

manager.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

manager.securityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

manager.securityContext.runAsUserπŸ“œ

Type: int

Default value
1000

manager.securityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

manager.securityContext.fsGroupπŸ“œ

Type: int

Default value
1000

cve.adapter.enabledπŸ“œ

Type: bool

Default value
false

cve.adapter.image.repositoryπŸ“œ

Type: string

Default value
"neuvector/registry-adapter"

cve.adapter.image.tagπŸ“œ

Type: string

Default value
"0.1.0"

cve.adapter.image.hashπŸ“œ

Type: string

Default value
nil

cve.adapter.priorityClassNameπŸ“œ

Type: string

Default value
nil

cve.adapter.resourcesπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.adapter.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.adapter.podLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.adapter.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.adapter.envπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

cve.adapter.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

cve.adapter.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.adapter.runAsUserπŸ“œ

Type: string

Default value
nil

cve.adapter.certificate.secretπŸ“œ

Type: string

Default value
nil

cve.adapter.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

cve.adapter.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.pem"

cve.adapter.harbor.protocolπŸ“œ

Type: string

Default value
"https"

cve.adapter.harbor.secretNameπŸ“œ

Type: string

Default value
nil

cve.adapter.svc.typeπŸ“œ

Type: string

Default value
"NodePort"

cve.adapter.svc.loadBalancerIPπŸ“œ

Type: string

Default value
nil

cve.adapter.svc.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.adapter.route.enabledπŸ“œ

Type: bool

Default value
true

cve.adapter.route.terminationπŸ“œ

Type: string

Default value
"passthrough"

cve.adapter.route.hostπŸ“œ

Type: string

Default value
nil

cve.adapter.route.tlsπŸ“œ

Type: string

Default value
nil

cve.adapter.ingress.enabledπŸ“œ

Type: bool

Default value
false

cve.adapter.ingress.hostπŸ“œ

Type: string

Default value
nil

cve.adapter.ingress.ingressClassNameπŸ“œ

Type: string

Default value
""

cve.adapter.ingress.pathπŸ“œ

Type: string

Default value
"/"

cve.adapter.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”πŸ“œ

Type: string

Default value
"HTTPS"

cve.adapter.ingress.tlsπŸ“œ

Type: bool

Default value
false

cve.adapter.ingress.secretNameπŸ“œ

Type: string

Default value
nil

cve.adapter.internal.certificate.secretπŸ“œ

Type: string

Default value
"neuvector-internal"

cve.adapter.internal.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

cve.adapter.internal.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.crt"

cve.adapter.internal.certificate.caFileπŸ“œ

Type: string

Default value
"ca.crt"

cve.updater.enabledπŸ“œ

Type: bool

Default value
true

cve.updater.secureπŸ“œ

Type: bool

Default value
false

cve.updater.cacertπŸ“œ

Type: string

Default value
"/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"

cve.updater.image.repositoryπŸ“œ

Type: string

Default value
"ironbank/big-bang/base"

cve.updater.image.tagπŸ“œ

Type: string

Default value
"2.1.0"

cve.updater.image.hashπŸ“œ

Type: string

Default value
nil

cve.updater.scheduleπŸ“œ

Type: string

Default value
"0 0 * * *"

cve.updater.priorityClassNameπŸ“œ

Type: string

Default value
nil

cve.updater.podLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.updater.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.updater.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.updater.securityContext.runAsUserπŸ“œ

Type: int

Default value
1000

cve.updater.securityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

cve.updater.securityContext.fsGroupπŸ“œ

Type: int

Default value
1000

cve.updater.securityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

cve.updater.containerSecurityContext.runAsUserπŸ“œ

Type: int

Default value
1000

cve.updater.containerSecurityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

cve.updater.containerSecurityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

cve.updater.containerSecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

cve.scanner.enabledπŸ“œ

Type: bool

Default value
true

cve.scanner.replicasπŸ“œ

Type: int

Default value
3

cve.scanner.dockerPathπŸ“œ

Type: string

Default value
""

cve.scanner.strategy.typeπŸ“œ

Type: string

Default value
"RollingUpdate"

cve.scanner.strategy.rollingUpdate.maxSurgeπŸ“œ

Type: int

Default value
1

cve.scanner.strategy.rollingUpdate.maxUnavailableπŸ“œ

Type: int

Default value
0

cve.scanner.image.repositoryπŸ“œ

Type: string

Default value
"ironbank/neuvector/neuvector/scanner"

cve.scanner.image.tagπŸ“œ

Type: int

Default value
5

cve.scanner.image.hashπŸ“œ

Type: string

Default value
nil

cve.scanner.priorityClassNameπŸ“œ

Type: string

Default value
nil

cve.scanner.resourcesπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.scanner.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.scanner.podLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.scanner.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.scanner.envπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

cve.scanner.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

cve.scanner.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

cve.scanner.securityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

cve.scanner.securityContext.runAsUserπŸ“œ

Type: int

Default value
1000

cve.scanner.securityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

cve.scanner.securityContext.fsGroupπŸ“œ

Type: int

Default value
1000

cve.scanner.internal.certificate.secretπŸ“œ

Type: string

Default value
"neuvector-internal"

cve.scanner.internal.certificate.keyFileπŸ“œ

Type: string

Default value
"tls.key"

cve.scanner.internal.certificate.pemFileπŸ“œ

Type: string

Default value
"tls.crt"

cve.scanner.internal.certificate.caFileπŸ“œ

Type: string

Default value
"ca.crt"

cve.scanner.containerSecurityContext.runAsUserπŸ“œ

Type: int

Default value
1000

cve.scanner.containerSecurityContext.runAsGroupπŸ“œ

Type: int

Default value
1000

cve.scanner.containerSecurityContext.runAsNonRootπŸ“œ

Type: bool

Default value
true

cve.scanner.containerSecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

docker.pathπŸ“œ

Type: string

Default value
"/var/run/docker.sock"

resourcesπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

k3s.enabledπŸ“œ

Type: bool

Default value
false

k3s.runtimePathπŸ“œ

Type: string

Default value
"/run/k3s/containerd/containerd.sock"

bottlerocket.enabledπŸ“œ

Type: bool

Default value
false

bottlerocket.runtimePathπŸ“œ

Type: string

Default value
"/run/dockershim.sock"

containerd.enabledπŸ“œ

Type: bool

Default value
false

containerd.pathπŸ“œ

Type: string

Default value
"/var/run/containerd/containerd.sock"

crio.enabledπŸ“œ

Type: bool

Default value
false

crio.pathπŸ“œ

Type: string

Default value
"/var/run/crio/crio.sock"

admissionwebhook.typeπŸ“œ

Type: string

Default value
"ClusterIP"

crdwebhook.enabledπŸ“œ

Type: bool

Default value
true

crdwebhook.typeπŸ“œ

Type: string

Default value
"ClusterIP"

domainπŸ“œ

Type: string

Default value
"bigbang.dev"

istio.enabledπŸ“œ

Type: bool

Default value
false

istio.injectionπŸ“œ

Type: string

Default value
"enabled"

istio.hardened.enabledπŸ“œ

Type: bool

Default value
false

istio.hardened.matchLabelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

istio.hardened.customAuthorizationPoliciesπŸ“œ

Type: list

Default value
[]
Default value (formatted)
[]

istio.neuvector.enabledπŸ“œ

Type: bool

Default value
true

istio.neuvector.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

istio.neuvector.labelsπŸ“œ

Type: object

Default value
{}
Default value (formatted)
{}

istio.neuvector.gateways[0]πŸ“œ

Type: string

Default value
"istio-system/main"

istio.neuvector.hosts[0]πŸ“œ

Type: string

Default value
"neuvector.{{ .Values.domain }}"

istio.mtlsπŸ“œ

Type: object

Default value
{"mode":"STRICT"}
Default value (formatted)
{
  "mode": "STRICT"
}

Description: Default neuvector peer authentication

istio.mtls.modeπŸ“œ

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

monitoring.enabledπŸ“œ

Type: bool

Default value
false

monitoring.namespaceπŸ“œ

Type: string

Default value
"monitoring"

networkPolicies.enabledπŸ“œ

Type: bool

Default value
false

networkPolicies.ingressLabels.appπŸ“œ

Type: string

Default value
"istio-ingressgateway"

networkPolicies.ingressLabels.istioπŸ“œ

Type: string

Default value
"ingressgateway"

networkPolicies.controlPlaneCidrπŸ“œ

Type: string

Default value
"0.0.0.0/0"

monitor.imagePullSecretsπŸ“œ

Type: string

Default value
"private-registry"

bbtests.enabledπŸ“œ

Type: bool

Default value
false

bbtests.cypress.artifactsπŸ“œ

Type: bool

Default value
true

bbtests.cypress.envs.cypress_urlπŸ“œ

Type: string

Default value
"http://neuvector-service-webui.{{ .Release.Namespace }}.svc.cluster.local:8443"

bbtests.scripts.envs.URLπŸ“œ

Type: string

Default value
"http://neuvector-service-webui.{{ .Release.Namespace }}.svc.cluster.local:8443"