Skip to content

mattermost-operator values.yaml📜

image.imagePullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Default image pull policy

image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/mattermost/mattermost-operator"

Description: Full image name

image.tag📜

Type: string

Default value
"v1.21.0"

Description: Image tag

replicas.count📜

Type: int

Default value
1

Description: Mattermost operator desired replicas

imagePullSecrets📜

Type: list

Default value
- name: private-registry

Description: Image pull secrets

resources📜

Type: object

Default value
limits:
  cpu: 100m
  memory: 512Mi
requests:
  cpu: 100m
  memory: 512Mi

Description: Resources for operator pod(s)

securityContext📜

Type: object

Default value
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532

Description: securityContext for Kubernetes pod(s)

containerSecurityContext📜

Type: object

Default value
capabilities:
  drop:
  - ALL
privileged: false
readOnlyRootFilesystem: true

Description: containerSecurityContext for operator container

affinity📜

Type: object

Default value
{}

Description: Affinity for operator pod(s)

nodeSelector📜

Type: object

Default value
{}

Description: Node selector for operator pod(s)

tolerations📜

Type: object

Default value
{}

Description: Tolerations for operator pod(s)

podAnnotations📜

Type: object

Default value
{}

Description: Annotations for operator pod(s)

networkPolicies.enabled📜

Type: bool

Default value
false

Description: Toggle on/off Big Bang provided network policies

networkPolicies.controlPlaneCidr📜

Type: string

Default value
"0.0.0.0/0"

Description: See kubectl cluster-info and then resolve to IP

istio.enabled📜

Type: bool

Default value
false

Description: Toggle on/off istio interaction, used for network policies and mTLS

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.hardened.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntries📜

Type: list

Default value
[]

istio.hardened.monitoring.enabled📜

Type: bool

Default value
true

istio.hardened.monitoring.namespaces[0]📜

Type: string

Default value
"monitoring"

istio.hardened.monitoring.principals[0]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.monitoring.principals[1]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.monitoring.principals[2]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.monitoring.principals[3]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.monitoring.principals[4]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.monitoring.principals[5]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.mtls📜

Type: object

Default value
mode: STRICT

Description: Default peer authentication

istio.mtls.mode📜

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

monitoring.enabled📜

Type: bool

Default value
false

Description: Toggle on/off monitoring interaction, used for network policies

openshift📜

Type: bool

Default value
false

Description: Openshift feature toggle, used for DNS network policy