Skip to content

elasticsearch-kibana values.yamlπŸ“œ

domainπŸ“œ

Type: string

Default value
"bigbang.dev"

Description: Domain used for BigBang created exposed services.

autoRollingUpgrade.enabledπŸ“œ

Type: bool

Default value
false

Description: Enable BigBang specific autoRollingUpgrade support

imagePullPolicyπŸ“œ

Type: string

Default value
"IfNotPresent"

Description: Pull Policy for all non-init containers in this package.

fluentbitπŸ“œ

Type: object

Default value
{"enabled":false}
Default value (formatted) 
{
  "enabled": false
}

Description: Toggle for networkpolicies to allow fluentbit ingress

kibana.versionπŸ“œ

Type: string

Default value
"8.12.1"

Description: Kibana version

kibana.image.repositoryπŸ“œ

Type: string

Default value
"registry1.dso.mil/ironbank/elastic/kibana/kibana"

Description: Kibana image repository

kibana.image.tagπŸ“œ

Type: string

Default value
"8.12.1"

Description: Kibana image tag

kibana.hostπŸ“œ

Type: string

Default value
""

Description: Kibana Ingress Host Value. Only required if not using Istio for ingress.

kibana.countπŸ“œ

Type: int

Default value
3

Description: Number of Kibana replicas

kibana.serviceAccountNameπŸ“œ

Type: string

Default value
"logging-kibana"

Description: Name for serviceAccount to use, will be autocreated.

kibana.updateStrategyπŸ“œ

Type: object

Default value
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted) 
{
  "rollingUpdate": {
    "maxUnavailable": 1
  },
  "type": "rollingUpdate"
}

Description: Kibana updateStrategy

kibana.securityContextπŸ“œ

Type: object

Default value
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "fsGroup": 1000,
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Set securityContext for Kibana pods

kibana.containersecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

kibana.imagePullSecretsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Kibana imagePullSecrets

kibana.resourcesπŸ“œ

Type: object

Default value
{"limits":{"cpu":1,"memory":"2Gi"},"requests":{"cpu":1,"memory":"2Gi"}}
Default value (formatted) 
{
  "limits": {
    "cpu": 1,
    "memory": "2Gi"
  },
  "requests": {
    "cpu": 1,
    "memory": "2Gi"
  }
}

Description: Kibana resources

kibana.volumesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Kibana volumes

kibana.volumeMountsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Kibana volumeMounts

kibana.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Kibana podAnnotations

kibana.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Kibana affinity

kibana.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Kibana tolerations

kibana.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Kibana nodeSelector

kibana.lifecycleπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Kibana lifecycle

kibana.agentsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Kibana Elastic Agent / Fleet Server configuration https://www.elastic.co/guide/en/cloud-on-k8s/2.7/k8s-elastic-agent-fleet-quickstart.html

elasticsearch.versionπŸ“œ

Type: string

Default value
"8.12.1"

Description: Elasticsearch version

elasticsearch.image.repositoryπŸ“œ

Type: string

Default value
"registry1.dso.mil/ironbank/elastic/elasticsearch/elasticsearch"

Description: Elasticsearch image repository

elasticsearch.image.tagπŸ“œ

Type: string

Default value
"8.12.1"

Description: Elasticsearch image tag

elasticsearch.imagePullSecretsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch imagePullSecrets

elasticsearch.serviceAccountNameπŸ“œ

Type: string

Default value
"logging-elasticsearch"

Description: Name for serviceAccount to use, will be autocreated.

elasticsearch.master.initContainersπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Add init containers to master pods

elasticsearch.master.securityContextπŸ“œ

Type: object

Default value
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "fsGroup": 1000,
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Set securityContext for elasticsearch master node sets

elasticsearch.master.containersecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

elasticsearch.master.updateStrategyπŸ“œ

Type: object

Default value
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted) 
{
  "rollingUpdate": {
    "maxUnavailable": 1
  },
  "type": "rollingUpdate"
}

Description: Elasticsearch master updateStrategy

elasticsearch.master.volumesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch master volumes

elasticsearch.master.volumeMountsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch master volumeMounts

elasticsearch.master.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch master podAnnotations

elasticsearch.master.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch master affinity

elasticsearch.master.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch master tolerations

elasticsearch.master.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch master nodeSelector

elasticsearch.master.lifecycleπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch master lifecycle

elasticsearch.master.countπŸ“œ

Type: int

Default value
3

Description: Elasticsearch master pod count

elasticsearch.master.persistence.storageClassNameπŸ“œ

Type: string

Default value
""

Description: Elasticsearch master persistence storageClassName

elasticsearch.master.persistence.sizeπŸ“œ

Type: string

Default value
"5Gi"

Description: Elasticsearch master persistence size

elasticsearch.master.resourcesπŸ“œ

Type: object

Default value
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted) 
{
  "limits": {
    "cpu": 1,
    "memory": "4Gi"
  },
  "requests": {
    "cpu": 1,
    "memory": "4Gi"
  }
}

Description: Elasticsearch master pod resources

elasticsearch.master.heap.minπŸ“œ

Type: string

Default value
"2g"

Description: Elasticsearch master Java heap Xms setting

elasticsearch.master.heap.maxπŸ“œ

Type: string

Default value
"2g"

Description: Elasticsearch master Java heap Xmx setting

elasticsearch.data.initContainersπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Add init containers to data pods

elasticsearch.data.securityContextπŸ“œ

Type: object

Default value
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "fsGroup": 1000,
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Set securityContext for elasticsearch data node sets

elasticsearch.data.containersecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

elasticsearch.data.volumesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch data volumes

elasticsearch.data.volumeMountsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch data volumeMounts

elasticsearch.data.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch data podAnnotations

elasticsearch.data.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch data affinity

elasticsearch.data.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: Elasticsearch data tolerations

elasticsearch.data.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch data nodeSelector

elasticsearch.data.lifecycleπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Elasticsearch data lifecycle

elasticsearch.data.countπŸ“œ

Type: int

Default value
4

Description: Elasticsearch data pod count

elasticsearch.data.persistence.storageClassNameπŸ“œ

Type: string

Default value
""

Description: Elasticsearch data persistence storageClassName

elasticsearch.data.persistence.sizeπŸ“œ

Type: string

Default value
"100Gi"

Description: Elasticsearch data persistence size

elasticsearch.data.resourcesπŸ“œ

Type: object

Default value
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted) 
{
  "limits": {
    "cpu": 1,
    "memory": "4Gi"
  },
  "requests": {
    "cpu": 1,
    "memory": "4Gi"
  }
}

Description: Elasticsearch data pod resources

elasticsearch.data.heap.minπŸ“œ

Type: string

Default value
"2g"

Description: Elasticsearch data Java heap Xms setting

elasticsearch.data.heap.maxπŸ“œ

Type: string

Default value
"2g"

Description: Elasticsearch data Java heap Xmx setting

elasticsearch.ingest.enabledπŸ“œ

Type: bool

Default value
false

Description: Enable ingest specific Elasticsearch pods

elasticsearch.ingest.initContainersπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: initContainers

elasticsearch.ingest.securityContextπŸ“œ

Type: object

Default value
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "fsGroup": 1000,
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Set securityContext for elasticsearch ingest node sets

elasticsearch.ingest.containersecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

elasticsearch.ingest.volumesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: volumes

elasticsearch.ingest.volumeMountsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: volumeMounts

elasticsearch.ingest.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: podAnnotations

elasticsearch.ingest.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: affinity

elasticsearch.ingest.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: tolerations

elasticsearch.ingest.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: nodeSelector

elasticsearch.ingest.lifecycleπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: lifecycle

elasticsearch.ingest.countπŸ“œ

Type: int

Default value
1

Description: count

elasticsearch.ingest.persistence.storageClassNameπŸ“œ

Type: string

Default value
""

Description: storageClassName

elasticsearch.ingest.persistence.sizeπŸ“œ

Type: string

Default value
"100Gi"

Description: size

elasticsearch.ingest.resourcesπŸ“œ

Type: object

Default value
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted) 
{
  "limits": {
    "cpu": 1,
    "memory": "4Gi"
  },
  "requests": {
    "cpu": 1,
    "memory": "4Gi"
  }
}

Description: Elasticsearch ingest pod resources

elasticsearch.ingest.heap.minπŸ“œ

Type: string

Default value
"2g"

Description: Xms

elasticsearch.ingest.heap.maxπŸ“œ

Type: string

Default value
"2g"

Description: Xmx

elasticsearch.ml.enabledπŸ“œ

Type: bool

Default value
false

Description: Enable Machine Learning specific Elasticsearch pods

elasticsearch.ml.initContainersπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: initContainers

elasticsearch.ml.securityContextπŸ“œ

Type: object

Default value
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "fsGroup": 1000,
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Set securityContext for elasticsearch ml node sets

elasticsearch.ml.containersecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

elasticsearch.ml.updateStrategyπŸ“œ

Type: object

Default value
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted) 
{
  "rollingUpdate": {
    "maxUnavailable": 1
  },
  "type": "rollingUpdate"
}

Description: Elasticsearch ml updateStrategy

elasticsearch.ml.volumesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: volumes

elasticsearch.ml.volumeMountsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: volumeMounts

elasticsearch.ml.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: podAnnotations

elasticsearch.ml.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: affinity

elasticsearch.ml.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: tolerations

elasticsearch.ml.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: nodeSelector

elasticsearch.ml.lifecycleπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: lifecycle

elasticsearch.ml.countπŸ“œ

Type: int

Default value
1

Description: count

elasticsearch.ml.persistence.storageClassNameπŸ“œ

Type: string

Default value
""

Description: storageClassName

elasticsearch.ml.persistence.sizeπŸ“œ

Type: string

Default value
"100Gi"

Description: size

elasticsearch.ml.resourcesπŸ“œ

Type: object

Default value
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted) 
{
  "limits": {
    "cpu": 1,
    "memory": "4Gi"
  },
  "requests": {
    "cpu": 1,
    "memory": "4Gi"
  }
}

Description: Elasticsearch ml pod resources

elasticsearch.ml.heap.minπŸ“œ

Type: string

Default value
"2g"

Description: Xms

elasticsearch.ml.heap.maxπŸ“œ

Type: string

Default value
"2g"

Description: Xmx

elasticsearch.coord.enabledπŸ“œ

Type: bool

Default value
false

Description: Enable coordinating specific Elasticsearch pods

elasticsearch.coord.initContainersπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: initContainers

elasticsearch.coord.securityContextπŸ“œ

Type: object

Default value
{"fsGroup":1000,"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "fsGroup": 1000,
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Set securityContext for elasticsearch coordinating node sets

elasticsearch.coord.containersecurityContext.capabilities.drop[0]πŸ“œ

Type: string

Default value
"ALL"

elasticsearch.coord.updateStrategyπŸ“œ

Type: object

Default value
{"rollingUpdate":{"maxUnavailable":1},"type":"rollingUpdate"}
Default value (formatted) 
{
  "rollingUpdate": {
    "maxUnavailable": 1
  },
  "type": "rollingUpdate"
}

Description: Elasticsearch coord updateStrategy

elasticsearch.coord.volumesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: volumes

elasticsearch.coord.volumeMountsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: volumeMounts

elasticsearch.coord.podAnnotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: podAnnotations

elasticsearch.coord.affinityπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: affinity

elasticsearch.coord.tolerationsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: tolerations

elasticsearch.coord.nodeSelectorπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: nodeSelector

elasticsearch.coord.lifecycleπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: lifecycle

elasticsearch.coord.countπŸ“œ

Type: int

Default value
1

Description: count

elasticsearch.coord.persistence.storageClassNameπŸ“œ

Type: string

Default value
""

Description: storageClassName

elasticsearch.coord.persistence.sizeπŸ“œ

Type: string

Default value
"100Gi"

Description: size

elasticsearch.coord.resourcesπŸ“œ

Type: object

Default value
{"limits":{"cpu":1,"memory":"4Gi"},"requests":{"cpu":1,"memory":"4Gi"}}
Default value (formatted) 
{
  "limits": {
    "cpu": 1,
    "memory": "4Gi"
  },
  "requests": {
    "cpu": 1,
    "memory": "4Gi"
  }
}

Description: Elasticsearch coord pod resources

elasticsearch.coord.heap.minπŸ“œ

Type: string

Default value
"2g"

Description: Xms

elasticsearch.coord.heap.maxπŸ“œ

Type: string

Default value
"2g"

Description: Xmx

istio.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle istio interaction.

istio.hardened.enabledπŸ“œ

Type: bool

Default value
false

istio.hardened.customAuthorizationPoliciesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

istio.hardened.prometheus.enabledπŸ“œ

Type: bool

Default value
true

istio.hardened.prometheus.namespaces[0]πŸ“œ

Type: string

Default value
"monitoring"

istio.hardened.prometheus.principals[0]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.prometheus.principals[1]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.prometheus.principals[2]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.prometheus.principals[3]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.prometheus.principals[4]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.prometheus.principals[5]πŸ“œ

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.hardened.fluentbit.enabledπŸ“œ

Type: bool

Default value
true

istio.hardened.fluentbit.namespaces[0]πŸ“œ

Type: string

Default value
"fluentbit"

istio.hardened.fluentbit.principals[0]πŸ“œ

Type: string

Default value
"cluster.local/ns/fluentbit/sa/fluentbit-fluent-bit"

istio.hardened.elasticOperator.enabledπŸ“œ

Type: bool

Default value
true

istio.hardened.elasticOperator.namespaces[0]πŸ“œ

Type: string

Default value
"eck-operator"

istio.hardened.elasticOperator.principals[0]πŸ“œ

Type: string

Default value
"cluster.local/ns/eck-operator/sa/elastic-operator"

istio.hardened.mattermost.enabledπŸ“œ

Type: bool

Default value
true

istio.hardened.mattermost.namespaces[0]πŸ“œ

Type: string

Default value
"mattermost"

istio.hardened.mattermost.principals[0]πŸ“œ

Type: string

Default value
"cluster.local/ns/mattermost/sa/mattermost"

istio.hardened.jaeger.enabledπŸ“œ

Type: bool

Default value
true

istio.hardened.jaeger.namespaces[0]πŸ“œ

Type: string

Default value
"jaeger"

istio.hardened.jaeger.principals[0]πŸ“œ

Type: string

Default value
"cluster.local/ns/jaeger/sa/default"

istio.hardened.jaeger.principals[1]πŸ“œ

Type: string

Default value
"cluster.local/ns/jaeger/sa/jaeger"

istio.hardened.jaeger.principals[2]πŸ“œ

Type: string

Default value
"cluster.local/ns/jaeger/sa/jaeger-instance"

istio.mtlsπŸ“œ

Type: object

Default value
{"mode":"STRICT"}
Default value (formatted) 
{
  "mode": "STRICT"
}

Description: Default EK peer authentication

istio.mtls.modeπŸ“œ

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

istio.kibana.enabledπŸ“œ

Type: bool

Default value
true

Description: Toggle virtualService creation

istio.kibana.annotationsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Annotations for controls the gateway used/attached to the virtualService

istio.kibana.labelsπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

Description: Labels for virtualService

istio.kibana.gatewaysπŸ“œ

Type: list

Default value
["istio-system/main"]
Default value (formatted) 
[
  "istio-system/main"
]

Description: Gateway(s) to apply virtualService routes to.

istio.kibana.hostsπŸ“œ

Type: list

Default value
["kibana.{{ .Values.domain }}"]
Default value (formatted) 
[
  "kibana.{{ .Values.domain }}"
]

Description: hosts for the virtualService

sso.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle SSO with Keycloak

sso.redirect_urlπŸ“œ

Type: string

Default value
""

Description: redirect_url defaults to .Values.istio.kibana.hosts[0] if not set.

sso.client_idπŸ“œ

Type: string

Default value
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-kibana"

Description: client_id

sso.client_secretπŸ“œ

Type: string

Default value
""

Description: OIDC client secret, can be empty for public client.

sso.oidc.hostπŸ“œ

Type: string

Default value
"login.dso.mil"

Description: host

sso.oidc.realmπŸ“œ

Type: string

Default value
"baby-yoda"

Description: realm

sso.issuerπŸ“œ

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}"

Description: issuer

sso.auth_urlπŸ“œ

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/auth"

Description: auth_url

sso.token_urlπŸ“œ

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/token"

Description: token_url

sso.userinfo_urlπŸ“œ

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/userinfo"

Description: userinfo_url

sso.jwkset_urlπŸ“œ

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/certs"

Description: jwks_url

sso.claims_principalπŸ“œ

Type: string

Default value
"preferred_username"

Description: claims_principal

sso.requested_scopesπŸ“œ

Type: list

Default value
["openid"]
Default value (formatted) 
[
  "openid"
]

Description: requested_scopes

sso.signature_algorithmπŸ“œ

Type: string

Default value
"RS256"

Description: signature_algorithm

sso.endsession_urlπŸ“œ

Type: string

Default value
"https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"

Description: endsession_url

sso.claims_groupπŸ“œ

Type: string

Default value
"groups"

Description: claims_group

sso.claims_mailπŸ“œ

Type: string

Default value
"email"

Description: claims_mail

sso.claims_principal_patternπŸ“œ

Type: string

Default value
""

Description: claims_principal_pattern

sso.cert_authoritiesπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

Description: cert_authorities

kibanaBasicAuth.enabledπŸ“œ

Type: bool

Default value
true

Description: Toggle this to turn off Kibana’s built in auth and only allow SSO. Role mappings for SSO groups must be set up and SSO enabled before doing this.

networkPolicies.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle BigBang NetworkPolicy templates

networkPolicies.ingressLabelsπŸ“œ

Type: object

Default value
{"app":"istio-ingressgateway","istio":"ingressgateway"}
Default value (formatted) 
{
  "app": "istio-ingressgateway",
  "istio": "ingressgateway"
}

Description: Istio Ingressgateway labels. passed down to NetworkPolicy to whitelist external access to app

networkPolicies.controlPlaneCidrπŸ“œ

Type: string

Default value
"0.0.0.0/0"

Description: See kubectl cluster-info and then resolve to IP

upgradeJob.image.repositoryπŸ“œ

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base"

Description: image repository for upgradeJob

upgradeJob.image.tagπŸ“œ

Type: string

Default value
"2.1.0"

Description: image tag for upgradeJob

monitoring.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle BigBang monitoring integration, controls serviceMonitor template

metrics.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle Prometheus ElasticSearch Exporter Installation

metrics.imageπŸ“œ

Type: object

Default value
{"pullSecret":"private-registry"}
Default value (formatted) 
{
  "pullSecret": "private-registry"
}

Description: Exporter imagePullSecrets

metrics.podSecurityContextπŸ“œ

Type: object

Default value
{"runAsGroup":1000}
Default value (formatted) 
{
  "runAsGroup": 1000
}

Description: Pod securityContext

metrics.securityContextπŸ“œ

Type: object

Default value
{"runAsGroup":1000,"runAsUser":1000}
Default value (formatted) 
{
  "runAsGroup": 1000,
  "runAsUser": 1000
}

Description: Container securityContext

metrics.imagePullSecretsπŸ“œ

Type: list

Default value
[]
Default value (formatted) 
[]

metrics.serviceMonitor.schemeπŸ“œ

Type: string

Default value
""

metrics.serviceMonitor.tlsConfigπŸ“œ

Type: object

Default value
{}
Default value (formatted) 
{}

metrics.envπŸ“œ

Type: object

Default value
{"ES_USERNAME":"elastic"}
Default value (formatted) 
{
  "ES_USERNAME": "elastic"
}

Description: Environment Variable Passthrough to set Auth for Exporter

metrics.extraEnvSecretsπŸ“œ

Type: object

Default value
{"ES_PASSWORD":{"key":"elastic","secret":"logging-ek-es-elastic-user"}}
Default value (formatted) 
{
  "ES_PASSWORD": {
    "key": "elastic",
    "secret": "logging-ek-es-elastic-user"
  }
}

Description: Environment Variable Secret Mount to set Auth for Exporter Replace with empty braces if you would like to use a an API_KEY

openshiftπŸ“œ

Type: bool

Default value
false

Description: Openshift Container Platform Feature Toggle

mattermost.enabledπŸ“œ

Type: bool

Default value
false

Description: Mattermost integration toggle, controls mTLS exception and networkPolicies

bbtests.enabledπŸ“œ

Type: bool

Default value
false

Description: Big Bang CI/Dev toggle for helm tests

bbtests.cypress.artifactsπŸ“œ

Type: bool

Default value
true

Description: Toggle creation of cypress artifacts

bbtests.cypress.envsπŸ“œ

Type: object

Default value
{"cypress_expect_logs":"false","cypress_kibana_url":"https://logging-ek-kb-http:5601/login"}
Default value (formatted) 
{
  "cypress_expect_logs": "false",
  "cypress_kibana_url": "https://logging-ek-kb-http:5601/login"
}

Description: ENVs added to cypress test pods

bbtests.cypress.secretEnvsπŸ“œ

Type: list

Default value
[{"name":"cypress_elastic_password","valueFrom":{"secretKeyRef":{"key":"elastic","name":"logging-ek-es-elastic-user"}}}]
Default value (formatted) 
[
  {
    "name": "cypress_elastic_password",
    "valueFrom": {
      "secretKeyRef": {
        "key": "elastic",
        "name": "logging-ek-es-elastic-user"
      }
    }
  }
]

Description: ENVs added to cypress test pods from existing secrets

bbtests.scripts.imageπŸ“œ

Type: string

Default value
"registry1.dso.mil/ironbank/stedolan/jq:1.7"

Description: image to use for script based tests

bbtests.scripts.envsπŸ“œ

Type: object

Default value
{"desired_version":"{{ .Values.elasticsearch.version }}","elasticsearch_host":"https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200"}
Default value (formatted) 
{
  "desired_version": "{{ .Values.elasticsearch.version }}",
  "elasticsearch_host": "https://{{ .Release.Name }}-es-http.{{ .Release.Namespace }}.svc.cluster.local:9200"
}

Description: ENVs added to script test pods

bbtests.scripts.secretEnvsπŸ“œ

Type: list

Default value
[{"name":"ELASTIC_PASSWORD","valueFrom":{"secretKeyRef":{"key":"elastic","name":"logging-ek-es-elastic-user"}}}]
Default value (formatted) 
[
  {
    "name": "ELASTIC_PASSWORD",
    "valueFrom": {
      "secretKeyRef": {
        "key": "elastic",
        "name": "logging-ek-es-elastic-user"
      }
    }
  }
]

Description: ENVs added to script test pods from existing secrets