wrapper values.yaml
📜
bigbang📜
Type: object
addons:
authservice:
enabled: false
values:
selector:
key: protect
value: keycloak
domain: bigbang.dev
istio:
enabled: false
monitoring:
enabled: false
networkPolicies:
controlPlaneCidr: 0.0.0.0/0
controlPlaneNode: null
enabled: false
openshift: false
Description: Passdown values from Big Bang
package📜
Type: object
configMaps: []
istio:
hardened:
customAuthorizationPolicies: []
enabled: false
matchLabels: {}
hosts: []
injection: enabled
peerAuthentications: []
monitor:
alerts: null
dashboards: {}
encryptedMetrics: true
services: []
name: ''
namespace:
name: null
network:
additionalPolicies: []
allowControlPlaneEgress: false
allowDnsEgress: true
allowHttpsEgress: []
allowIntraNamespace: true
defaultDeny: true
policies: true
secrets: []
sso:
enabled: false
values: {}
Description: Passdown values from package
package.name📜
Type: Required
""
Description: Name of the package
package.istio.injection📜
Type: string
"enabled"
Description: Toggles sidecar injection into the package. Enabling this allows mTLS. Options are “enabled” or “disabled”.
package.monitor.encryptedMetrics📜
Type: bool
true
Description: Toggle automatic setup of encrypted metrics via https. Requires Istio injection. Strict mTLS relies on this being enabled.
package.monitor.services📜
Type: list
[]
Description: Services to monitor using Prometheus. Each service is specified as name: "", [spec: {}](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.ServiceMonitorSpec)
package.monitor.alerts📜
Type: string
nil
Description: Prometheus alerting rules, list of Prometheus RuleGroups
package.monitor.dashboards📜
Type: object
{}
Description: Custom Grafana dashboards. Each dashboard is specified with a unique name key and dashboard contents value. Dashboard contents are a key-value pair where key is dashboard format (“json”) and value is dashboard contents. Adds to existing bigbang grafana configuration, so no provider required, but otherwise follows Grafana conventions. More Info
package.network.policies📜
Type: bool
true
Description: Toggle all policies on or off
package.network.defaultDeny📜
Type: bool
true
Description: Deny all traffic in the namespace by default
package.network.allowIntraNamespace📜
Type: bool
true
Description: Allow traffic between pods inside the namespace
package.network.allowControlPlaneEgress📜
Type: bool
false
Description: Allow egress traffic from the namespace to the Kubernetes control plane for API calls
package.network.allowDnsEgress📜
Type: bool
true
Description: Allow egress traffic from the namespace to the DNS port
package.network.allowHttpsEgress📜
Type: list
[]
Description: Allow https egress to internet from specific pods
package.network.additionalPolicies📜
Type: list
[]
Description: Custom egress/ingress policies to deploy. More info
package.secrets📜
Type: list
[]
Description: Secrets that should be created prior to Helm install
package.configMaps📜
Type: list
[]
Description: ConfigMaps that should be created prior to Helm install
package.sso.enabled📜
Type: bool
false
Description: Toggle AuthService SSO for package; Chain must be setup in Authservice & workload must be appropriately labeled for this to work
package.values📜
Type: object
{}
Description: Pass through values to this package’s upstream Helm chart