Skip to content

anchore-enterprise values.yaml📜

domain📜

Type: string

Default value
"dev.bigbang.mil"

istio.enabled📜

Type: bool

Default value
false

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntries📜

Type: list

Default value
[]

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.injection📜

Type: string

Default value
"disabled"

istio.ui.enabled📜

Type: bool

Default value
true

istio.ui.annotations📜

Type: object

Default value
{}

istio.ui.labels📜

Type: object

Default value
{}

istio.ui.gateways[0]📜

Type: string

Default value
"istio-system/main"

istio.ui.hosts[0]📜

Type: string

Default value
"anchore.{{ .Values.domain }}"

istio.api.enabled📜

Type: bool

Default value
true

istio.api.annotations📜

Type: object

Default value
{}

istio.api.labels📜

Type: object

Default value
{}

istio.api.gateways[0]📜

Type: string

Default value
"istio-system/main"

istio.api.hosts[0]📜

Type: string

Default value
"anchore-api.{{ .Values.domain }}"

istio.api.service.apiVersion📜

Type: string

Default value
"v2"

istio.mtls📜

Type: object

Default value
mode: STRICT

Description: Default peer authentication

istio.mtls.mode📜

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.ingressLabels.app📜

Type: string

Default value
"istio-ingressgateway"

networkPolicies.ingressLabels.istio📜

Type: string

Default value
"ingressgateway"

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

feedsHosts📜

Type: list

Default value
[]

openshift📜

Type: bool

Default value
false

Description: Openshift Container Platform Feature Toggle

postgresqlSuperUser.postgresUsername📜

Type: string

Default value
""

postgresqlSuperUser.postgresPassword📜

Type: string

Default value
""

postgresqlSuperUser.existingSecret📜

Type: string

Default value
nil

ensureDbJobs.resources.limits.cpu📜

Type: int

Default value
2

ensureDbJobs.resources.limits.memory📜

Type: string

Default value
"2G"

ensureDbJobs.resources.requests.cpu📜

Type: int

Default value
2

ensureDbJobs.resources.requests.memory📜

Type: string

Default value
"2G"

monitoring.enabled📜

Type: bool

Default value
false

monitoring.namespace📜

Type: string

Default value
"monitoring"

monitoring.serviceMonitor.scheme📜

Type: string

Default value
""

monitoring.serviceMonitor.tlsConfig📜

Type: object

Default value
{}

enterpriseLicenseYaml📜

Type: string

Default value
""

sso.enabled📜

Type: bool

Default value
false

sso.name📜

Type: string

Default value
"keycloak"

sso.acsHttpsPort📜

Type: int

Default value
-1

sso.spEntityId📜

Type: string

Default value
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-anchore"

sso.acsUrl📜

Type: string

Default value
"https://anchore.bigbang.dev/service/sso/auth/keycloak"

sso.defaultAccount📜

Type: string

Default value
"user"

sso.defaultRole📜

Type: string

Default value
"read-write"

sso.roleAttribute📜

Type: string

Default value
""

sso.requireSignedAssertions📜

Type: bool

Default value
false

sso.requireSignedResponse📜

Type: bool

Default value
true

sso.idpMetadataUrl📜

Type: string

Default value
"https://login.dso.mil/auth/realms/baby-yoda/protocol/saml/descriptor"

sso.host📜

Type: string

Default value
"login.dso.mil"

sso.realm📜

Type: string

Default value
"baby-yoda"

sso.resources.limits.cpu📜

Type: string

Default value
"100m"

sso.resources.limits.memory📜

Type: string

Default value
"256Mi"

sso.resources.requests.cpu📜

Type: string

Default value
"100m"

sso.resources.requests.memory📜

Type: string

Default value
"256Mi"

sso.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

sso.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

sso.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

global.fullnameOverride📜

Type: string

Default value
""

global.nameOverride📜

Type: string

Default value
"anchore-enterprise"

global.imagePullSecretName📜

Type: string

Default value
"private-registry"

image📜

Type: string

Default value
"registry1.dso.mil/ironbank/anchore/enterprise/enterprise:5.7.0"

imagePullPolicy📜

Type: string

Default value
"IfNotPresent"

imagePullSecretName📜

Type: string

Default value
"private-registry"

startMigrationPod📜

Type: bool

Default value
true

migrationPodImage📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/postgres/postgresql:16.2"

serviceAccountName📜

Type: string

Default value
""

injectSecretsViaEnv📜

Type: bool

Default value
false

licenseSecretName📜

Type: string

Default value
"anchore-enterprise-license"

certStoreSecretName📜

Type: string

Default value
""

extraEnv📜

Type: list

Default value
[]

useExistingSecrets📜

Type: bool

Default value
false

existingSecretName📜

Type: string

Default value
"anchore-enterprise-env"

labels📜

Type: object

Default value
{}

annotations📜

Type: object

Default value
{}

nodeSelector📜

Type: object

Default value
{}

tolerations📜

Type: list

Default value
[]

affinity📜

Type: object

Default value
{}

scratchVolume.mountPath📜

Type: string

Default value
"/analysis_scratch"

scratchVolume.fixGroupPermissions📜

Type: bool

Default value
false

scratchVolume.details📜

Type: object

Default value
{}

extraVolumes📜

Type: list

Default value
[]

extraVolumeMounts📜

Type: list

Default value
[]

securityContext.runAsUser📜

Type: int

Default value
1000

securityContext.runAsGroup📜

Type: int

Default value
1000

securityContext.fsGroup📜

Type: int

Default value
1000

containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

probes.liveness.initialDelaySeconds📜

Type: int

Default value
120

probes.liveness.timeoutSeconds📜

Type: int

Default value
10

probes.liveness.periodSeconds📜

Type: int

Default value
10

probes.liveness.failureThreshold📜

Type: int

Default value
6

probes.liveness.successThreshold📜

Type: int

Default value
1

probes.readiness.timeoutSeconds📜

Type: int

Default value
10

probes.readiness.periodSeconds📜

Type: int

Default value
10

probes.readiness.failureThreshold📜

Type: int

Default value
3

probes.readiness.successThreshold📜

Type: int

Default value
1

doSourceAtEntry.enabled📜

Type: bool

Default value
false

doSourceAtEntry.filePaths📜

Type: list

Default value
[]

configOverride📜

Type: string

Default value
""

scripts.anchore-config📜

Type: string

Default value
"#!/bin/bash\nwhile IFS= read -r line; do\n  while [[ \"$line\" =~ (\\$\\{[a-zA-Z_][a-zA-Z_0-9]*\\}) ]]; do\n    VAR_NAME=${BASH_REMATCH[1]#*\\{}; VAR_NAME=${VAR_NAME%\\}};\n    line=${line//${BASH_REMATCH[1]}/${!VAR_NAME}};\n  done;\n  printf '%s\\n' \"$line\";\ndone < /config/config.yaml\n"

anchoreConfig.service_dir📜

Type: string

Default value
"/anchore_service"

anchoreConfig.log_level📜

Type: string

Default value
"INFO"

anchoreConfig.logging.colored_logging📜

Type: bool

Default value
false

anchoreConfig.logging.exception_backtrace_logging📜

Type: bool

Default value
false

anchoreConfig.logging.exception_diagnose_logging📜

Type: bool

Default value
false

anchoreConfig.logging.file_rotation_rule📜

Type: string

Default value
"10 MB"

anchoreConfig.logging.file_retention_rule📜

Type: int

Default value
10

anchoreConfig.logging.log_level📜

Type: string

Default value
"INFO"

anchoreConfig.logging.server_access_logging📜

Type: bool

Default value
true

anchoreConfig.logging.server_response_debug_logging📜

Type: bool

Default value
false

anchoreConfig.logging.server_log_level📜

Type: string

Default value
"info"

anchoreConfig.logging.structured_logging📜

Type: bool

Default value
false

anchoreConfig.server.max_connection_backlog📜

Type: int

Default value
2048

anchoreConfig.server.max_wsgi_middleware_worker_queue_size📜

Type: int

Default value
100

anchoreConfig.server.max_wsgi_middleware_worker_count📜

Type: int

Default value
50

anchoreConfig.server.timeout_graceful_shutdown📜

Type: bool

Default value
false

anchoreConfig.server.timeout_keep_alive📜

Type: int

Default value
5

anchoreConfig.audit.enabled📜

Type: bool

Default value
true

anchoreConfig.allow_awsecr_iam_auto📜

Type: bool

Default value
true

anchoreConfig.keys.secret📜

Type: string

Default value
""

anchoreConfig.keys.privateKeyFileName📜

Type: string

Default value
""

anchoreConfig.keys.publicKeyFileName📜

Type: string

Default value
""

anchoreConfig.user_authentication.oauth.enabled📜

Type: bool

Default value
true

anchoreConfig.user_authentication.oauth.default_token_expiration_seconds📜

Type: int

Default value
3600

anchoreConfig.user_authentication.oauth.refresh_token_expiration_seconds📜

Type: int

Default value
86400

anchoreConfig.user_authentication.allow_api_keys_for_saml_users📜

Type: bool

Default value
false

anchoreConfig.user_authentication.max_api_key_age_days📜

Type: int

Default value
365

anchoreConfig.user_authentication.max_api_keys_per_user📜

Type: int

Default value
100

anchoreConfig.user_authentication.hashed_passwords📜

Type: bool

Default value
true

anchoreConfig.user_authentication.sso_require_existing_users📜

Type: bool

Default value
false

anchoreConfig.user_authentication.remove_deleted_user_api_keys_older_than_days📜

Type: int

Default value
365

anchoreConfig.metrics.enabled📜

Type: bool

Default value
false

anchoreConfig.metrics.auth_disabled📜

Type: bool

Default value
false

anchoreConfig.webhooks📜

Type: object

Default value
{}

anchoreConfig.default_admin_password📜

Type: string

Default value
""

anchoreConfig.default_admin_email📜

Type: string

Default value
"admin@myanchore"

anchoreConfig.database.timeout📜

Type: int

Default value
120

anchoreConfig.database.ssl📜

Type: bool

Default value
false

anchoreConfig.database.sslMode📜

Type: string

Default value
"verify-full"

anchoreConfig.database.sslRootCertFileName📜

Type: string

Default value
""

anchoreConfig.database.db_pool_size📜

Type: int

Default value
30

anchoreConfig.database.db_pool_max_overflow📜

Type: int

Default value
100

anchoreConfig.database.engineArgs📜

Type: object

Default value
{}

anchoreConfig.internalServicesSSL.enabled📜

Type: bool

Default value
false

anchoreConfig.internalServicesSSL.verifyCerts📜

Type: bool

Default value
false

anchoreConfig.internalServicesSSL.certSecretKeyFileName📜

Type: string

Default value
""

anchoreConfig.internalServicesSSL.certSecretCertFileName📜

Type: string

Default value
""

anchoreConfig.policyBundles📜

Type: object

Default value
{}

anchoreConfig.apiext.external.enabled📜

Type: bool

Default value
false

anchoreConfig.apiext.external.useTLS📜

Type: bool

Default value
true

anchoreConfig.apiext.external.hostname📜

Type: string

Default value
""

anchoreConfig.apiext.external.port📜

Type: int

Default value
8443

anchoreConfig.analyzer.cycle_timers.image_analyzer📜

Type: int

Default value
1

anchoreConfig.analyzer.layer_cache_max_gigabytes📜

Type: int

Default value
0

anchoreConfig.analyzer.enable_hints📜

Type: bool

Default value
false

anchoreConfig.analyzer.configFile.retrieve_files.file_list[0]📜

Type: string

Default value
"/etc/passwd"

anchoreConfig.analyzer.configFile.secret_search.match_params[0]📜

Type: string

Default value
"MAXFILESIZE=10000"

anchoreConfig.analyzer.configFile.secret_search.match_params[1]📜

Type: string

Default value
"STOREONMATCH=n"

anchoreConfig.analyzer.configFile.secret_search.regexp_match[0]📜

Type: string

Default value
"AWS_ACCESS_KEY=(?i).*aws_access_key_id( *=+ *).*(?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]).*"

anchoreConfig.analyzer.configFile.secret_search.regexp_match[1]📜

Type: string

Default value
"AWS_SECRET_KEY=(?i).*aws_secret_access_key( *=+ *).*(?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]).*"

anchoreConfig.analyzer.configFile.secret_search.regexp_match[2]📜

Type: string

Default value
"PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+"

anchoreConfig.analyzer.configFile.secret_search.regexp_match[3]📜

Type: string

Default value
"DOCKER_AUTH=(?i).*\"auth\": *\".+\""

anchoreConfig.analyzer.configFile.secret_search.regexp_match[4]📜

Type: string

Default value
"API_KEY=(?i).*api(-\|_)key( *=+ *).*(?<![A-Z0-9])[A-Z0-9]{20,60}(?![A-Z0-9]).*"

anchoreConfig.analyzer.configFile.malware.clamav.enabled📜

Type: bool

Default value
false

anchoreConfig.analyzer.configFile.malware.clamav.db_update_enabled📜

Type: bool

Default value
true

anchoreConfig.catalog.cycle_timers.image_watcher📜

Type: int

Default value
3600

anchoreConfig.catalog.cycle_timers.policy_eval📜

Type: int

Default value
3600

anchoreConfig.catalog.cycle_timers.vulnerability_scan📜

Type: int

Default value
14400

anchoreConfig.catalog.cycle_timers.analyzer_queue📜

Type: int

Default value
1

anchoreConfig.catalog.cycle_timers.archive_tasks📜

Type: int

Default value
43200

anchoreConfig.catalog.cycle_timers.notifications📜

Type: int

Default value
30

anchoreConfig.catalog.cycle_timers.service_watcher📜

Type: int

Default value
15

anchoreConfig.catalog.cycle_timers.policy_bundle_sync📜

Type: int

Default value
300

anchoreConfig.catalog.cycle_timers.repo_watcher📜

Type: int

Default value
60

anchoreConfig.catalog.cycle_timers.image_gc📜

Type: int

Default value
60

anchoreConfig.catalog.cycle_timers.k8s_image_watcher📜

Type: int

Default value
150

anchoreConfig.catalog.cycle_timers.resource_metrics📜

Type: int

Default value
60

anchoreConfig.catalog.cycle_timers.events_gc📜

Type: int

Default value
43200

anchoreConfig.catalog.cycle_timers.artifact_lifecycle_policy_tasks📜

Type: int

Default value
43200

anchoreConfig.catalog.event_log.max_retention_age_days📜

Type: int

Default value
180

anchoreConfig.catalog.event_log.notification.enabled📜

Type: bool

Default value
false

anchoreConfig.catalog.event_log.notification.level[0]📜

Type: string

Default value
"error"

anchoreConfig.catalog.analysis_archive📜

Type: object

Default value
{}

anchoreConfig.catalog.object_store.verify_content_digests📜

Type: bool

Default value
true

anchoreConfig.catalog.object_store.compression.enabled📜

Type: bool

Default value
true

anchoreConfig.catalog.object_store.compression.min_size_kbytes📜

Type: int

Default value
100

anchoreConfig.catalog.object_store.storage_driver.name📜

Type: string

Default value
"db"

anchoreConfig.catalog.object_store.storage_driver.config📜

Type: object

Default value
{}

anchoreConfig.catalog.runtime_inventory.inventory_ttl_days📜

Type: int

Default value
120

anchoreConfig.catalog.runtime_inventory.inventory_ingest_overwrite📜

Type: bool

Default value
false

anchoreConfig.catalog.down_analyzer_task_requeue📜

Type: bool

Default value
true

anchoreConfig.policy_engine.cycle_timers.feed_sync📜

Type: int

Default value
14400

anchoreConfig.policy_engine.cycle_timers.feed_sync_checker📜

Type: int

Default value
3600

anchoreConfig.policy_engine.overrideFeedsToUpstream📜

Type: bool

Default value
false

anchoreConfig.notifications.cycle_timers.notifications📜

Type: int

Default value
30

anchoreConfig.notifications.ui_url📜

Type: string

Default value
""

anchoreConfig.reports.enable_graphiql📜

Type: bool

Default value
true

anchoreConfig.reports.async_execution_timeout📜

Type: string

Default value
"48h"

anchoreConfig.reports.cycle_timers.reports_scheduled_queries📜

Type: int

Default value
600

anchoreConfig.reports.use_volume📜

Type: bool

Default value
false

anchoreConfig.reports_worker.enable_data_ingress📜

Type: bool

Default value
true

anchoreConfig.reports_worker.enable_data_egress📜

Type: bool

Default value
false

anchoreConfig.reports_worker.data_egress_window📜

Type: int

Default value
0

anchoreConfig.reports_worker.data_refresh_max_workers📜

Type: int

Default value
10

anchoreConfig.reports_worker.data_load_max_workers📜

Type: int

Default value
10

anchoreConfig.reports_worker.cycle_timers.reports_image_load📜

Type: int

Default value
600

anchoreConfig.reports_worker.cycle_timers.reports_tag_load📜

Type: int

Default value
600

anchoreConfig.reports_worker.cycle_timers.reports_runtime_inventory_load📜

Type: int

Default value
600

anchoreConfig.reports_worker.cycle_timers.reports_extended_runtime_vuln_load📜

Type: int

Default value
1800

anchoreConfig.reports_worker.cycle_timers.reports_image_refresh📜

Type: int

Default value
7200

anchoreConfig.reports_worker.cycle_timers.reports_tag_refresh📜

Type: int

Default value
7200

anchoreConfig.reports_worker.cycle_timers.reports_metrics📜

Type: int

Default value
3600

anchoreConfig.reports_worker.cycle_timers.reports_image_egress📜

Type: int

Default value
600

anchoreConfig.reports_worker.cycle_timers.reports_tag_egress📜

Type: int

Default value
600

anchoreConfig.ui.enable_proxy📜

Type: bool

Default value
false

anchoreConfig.ui.enable_ssl📜

Type: bool

Default value
false

anchoreConfig.ui.enable_shared_login📜

Type: bool

Default value
true

anchoreConfig.ui.redis_flushdb📜

Type: bool

Default value
false

anchoreConfig.ui.force_websocket📜

Type: bool

Default value
false

anchoreConfig.ui.authentication_lock.count📜

Type: int

Default value
5

anchoreConfig.ui.authentication_lock.expires📜

Type: int

Default value
300

Type: object

Default value
{}

anchoreConfig.ui.enable_add_repositories📜

Type: object

Default value
{}

anchoreConfig.ui.log_level📜

Type: string

Default value
"http"

anchoreConfig.ui.enrich_inventory_view📜

Type: bool

Default value
true

anchoreConfig.ui.appdb_config.native📜

Type: bool

Default value
true

anchoreConfig.ui.appdb_config.pool.max📜

Type: int

Default value
10

anchoreConfig.ui.appdb_config.pool.min📜

Type: int

Default value
0

anchoreConfig.ui.appdb_config.pool.acquire📜

Type: int

Default value
30000

anchoreConfig.ui.appdb_config.pool.idle📜

Type: int

Default value
10000

anchoreConfig.ui.dbUser📜

Type: string

Default value
""

anchoreConfig.ui.dbPassword📜

Type: string

Default value
""

anchoreConfig.ui.dbHostname📜

Type: string

Default value
""

anchoreConfig.ui.dbPort📜

Type: int

Default value
5432

anchoreConfig.ui.dbDatabase📜

Type: string

Default value
""

api.replicaCount📜

Type: int

Default value
1

api.service.type📜

Type: string

Default value
"ClusterIP"

api.service.port📜

Type: int

Default value
8228

api.service.reportsPort📜

Type: int

Default value
8558

api.service.annotations📜

Type: object

Default value
{}

api.service.labels📜

Type: object

Default value
{}

api.service.nodePort📜

Type: string

Default value
""

api.extraEnv📜

Type: list

Default value
[]

api.resources.limits.cpu📜

Type: int

Default value
1

api.resources.limits.memory📜

Type: string

Default value
"4G"

api.resources.requests.cpu📜

Type: int

Default value
1

api.resources.requests.memory📜

Type: string

Default value
"4G"

api.labels📜

Type: object

Default value
{}

api.annotations📜

Type: object

Default value
{}

api.nodeSelector📜

Type: object

Default value
{}

api.tolerations📜

Type: list

Default value
[]

api.affinity📜

Type: object

Default value
{}

api.serviceAccountName📜

Type: string

Default value
""

analyzer.replicaCount📜

Type: int

Default value
2

analyzer.service.port📜

Type: int

Default value
8084

analyzer.serviceType📜

Type: string

Default value
"ClusterIP"

analyzer.extraEnv📜

Type: list

Default value
[]

analyzer.extraVolumes📜

Type: list

Default value
[]

analyzer.extraVolumeMounts📜

Type: list

Default value
[]

analyzer.resources.limits.cpu📜

Type: int

Default value
1

analyzer.resources.limits.memory📜

Type: string

Default value
"4G"

analyzer.resources.requests.cpu📜

Type: int

Default value
1

analyzer.resources.requests.memory📜

Type: string

Default value
"4G"

analyzer.labels📜

Type: object

Default value
{}

analyzer.annotations📜

Type: object

Default value
{}

analyzer.nodeSelector📜

Type: object

Default value
{}

analyzer.tolerations📜

Type: list

Default value
[]

analyzer.affinity📜

Type: object

Default value
{}

analyzer.serviceAccountName📜

Type: string

Default value
""

catalog.replicaCount📜

Type: int

Default value
1

catalog.service.type📜

Type: string

Default value
"ClusterIP"

catalog.service.port📜

Type: int

Default value
8082

catalog.service.annotations📜

Type: object

Default value
{}

catalog.service.labels📜

Type: object

Default value
{}

catalog.service.nodePort📜

Type: string

Default value
""

catalog.extraEnv📜

Type: list

Default value
[]

catalog.extraVolumes📜

Type: list

Default value
[]

catalog.extraVolumeMounts📜

Type: list

Default value
[]

catalog.resources.limits.cpu📜

Type: int

Default value
1

catalog.resources.limits.memory📜

Type: string

Default value
"2G"

catalog.resources.requests.cpu📜

Type: int

Default value
1

catalog.resources.requests.memory📜

Type: string

Default value
"2G"

catalog.labels📜

Type: object

Default value
{}

catalog.annotations📜

Type: object

Default value
{}

catalog.nodeSelector📜

Type: object

Default value
{}

catalog.tolerations📜

Type: list

Default value
[]

catalog.affinity📜

Type: object

Default value
{}

catalog.serviceAccountName📜

Type: string

Default value
""

feeds.enabled📜

Type: bool

Default value
true

feeds.istio.enabled📜

Type: bool

Default value
false

feeds.istio.injection📜

Type: string

Default value
"disabled"

feeds.standalone📜

Type: bool

Default value
false

feeds.url📜

Type: string

Default value
""

feeds.service.port📜

Type: int

Default value
8448

feeds.service.apiVersion📜

Type: string

Default value
"v2"

feeds.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/anchore/enterprise/enterprise:5.7.0"

feeds.imagePullSecretName📜

Type: string

Default value
"private-registry"

feeds.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

feeds.resources.limits.cpu📜

Type: int

Default value
1

feeds.resources.limits.memory📜

Type: string

Default value
"10G"

feeds.resources.requests.cpu📜

Type: int

Default value
1

feeds.resources.requests.memory📜

Type: string

Default value
"10G"

feeds.anchoreConfig.internalServicesSSL.enabled📜

Type: bool

Default value
false

feeds.anchoreConfig.internalServicesSSL.verifyCerts📜

Type: bool

Default value
false

feeds.anchoreConfig.internalServicesSSL.certSecretKeyFileName📜

Type: string

Default value
""

feeds.anchoreConfig.internalServicesSSL.certSecretCertFileName📜

Type: string

Default value
""

feeds.feeds-db.enabled📜

Type: bool

Default value
true

feeds.feeds-db.image.registry📜

Type: string

Default value
"registry1.dso.mil"

feeds.feeds-db.image.repository📜

Type: string

Default value
"ironbank/opensource/postgres/postgresql"

feeds.feeds-db.image.tag📜

Type: string

Default value
"16.2"

feeds.feeds-db.global.imagePullSecrets[0]📜

Type: string

Default value
"private-registry"

feeds.feeds-db.externalEndpoint📜

Type: string

Default value
nil

feeds.feeds-db.postgresUser📜

Type: string

Default value
"anchore"

feeds.feeds-db.postgresPassword📜

Type: string

Default value
"anchore-postgres,123"

feeds.feeds-db.postgresDatabase📜

Type: string

Default value
"anchore"

feeds.feeds-db.securityContext.enabled📜

Type: bool

Default value
true

feeds.feeds-db.securityContext.fsGroup📜

Type: int

Default value
1001

feeds.feeds-db.securityContext.runAsUser📜

Type: int

Default value
1001

feeds.feeds-db.securityContext.runAsGroup📜

Type: int

Default value
1001

feeds.feeds-db.containerSecurityContext.enabled📜

Type: bool

Default value
true

feeds.feeds-db.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

feeds.feeds-db.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

feeds.feeds-db.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

feeds.feeds-db.resources.limits.cpu📜

Type: string

Default value
"100m"

feeds.feeds-db.resources.limits.memory📜

Type: string

Default value
"256Mi"

feeds.feeds-db.resources.requests.cpu📜

Type: string

Default value
"100m"

feeds.feeds-db.resources.requests.memory📜

Type: string

Default value
"256Mi"

feeds.feeds-db.metrics.resources.limits.cpu📜

Type: string

Default value
"100m"

feeds.feeds-db.metrics.resources.limits.memory📜

Type: string

Default value
"256Mi"

feeds.feeds-db.metrics.resources.requests.cpu📜

Type: string

Default value
"100m"

feeds.feeds-db.metrics.resources.requests.memory📜

Type: string

Default value
"256Mi"

feeds.feeds-db.primary.persistence.resourcePolicy📜

Type: string

Default value
"keep"

feeds.feeds-db.primary.persistence.size📜

Type: string

Default value
"20Gi"

feeds.feeds-db.primary.persistence.subPath📜

Type: string

Default value
"pgdata"

feeds.feeds-db.primary.persistence.mountPath📜

Type: string

Default value
"/var/lib/postgresql"

feeds.feeds-db.primary.postgresqlDataDir📜

Type: string

Default value
"/var/lib/postgresql/data"

feeds.feeds-db.primary.podSecurityContext.enabled📜

Type: bool

Default value
true

feeds.feeds-db.primary.podSecurityContext.fsGroup📜

Type: int

Default value
1001

feeds.feeds-db.primary.podSecurityContext.runAsUser📜

Type: int

Default value
1001

feeds.feeds-db.primary.podSecurityContext.runAsGroup📜

Type: int

Default value
1001

feeds.feeds-db.primary.containerSecurityContext.enabled📜

Type: bool

Default value
true

feeds.feeds-db.primary.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

feeds.feeds-db.primary.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

feeds.feeds-db.primary.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

feeds.feeds-db.postgresqlConfiguration.listen_addresses📜

Type: string

Default value
"*"

feeds.feeds-db.pgHbaConfiguration📜

Type: string

Default value
"local all all md5\nhost all all all md5"

feeds.gem-db.enabled📜

Type: bool

Default value
false

feeds.gem-db.image.registry📜

Type: string

Default value
"registry1.dso.mil"

feeds.gem-db.image.repository📜

Type: string

Default value
"ironbank/opensource/postgres/postgresql"

feeds.gem-db.image.tag📜

Type: string

Default value
"16.2"

feeds.gem-db.externalEndpoint📜

Type: string

Default value
nil

feeds.gem-db.postgresUser📜

Type: string

Default value
"anchore"

feeds.gem-db.postgresPassword📜

Type: string

Default value
"anchore-postgres,123"

feeds.gem-db.postgresDatabase📜

Type: string

Default value
"anchore"

feeds.gem-db.securityContext.enabled📜

Type: bool

Default value
true

feeds.gem-db.securityContext.fsGroup📜

Type: int

Default value
1001

feeds.gem-db.securityContext.runAsUser📜

Type: int

Default value
1001

feeds.gem-db.securityContext.runAsGroup📜

Type: int

Default value
1001

feeds.gem-db.primary.persistence.enabled📜

Type: bool

Default value
false

feeds.gem-db.primary.postgresqlDataDir📜

Type: string

Default value
"/var/lib/postgresql/data"

feeds.gem-db.primary.podSecurityContext.enabled📜

Type: bool

Default value
true

feeds.gem-db.primary.podSecurityContext.fsGroup📜

Type: int

Default value
1001

feeds.gem-db.primary.podSecurityContext.runAsUser📜

Type: int

Default value
1001

feeds.gem-db.primary.podSecurityContext.runAsGroup📜

Type: int

Default value
1001

feeds.gem-db.primary.containerSecurityContext.enabled📜

Type: bool

Default value
true

feeds.gem-db.primary.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

feeds.gem-db.primary.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

feeds.gem-db.primary.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

policyEngine.replicaCount📜

Type: int

Default value
1

policyEngine.service.type📜

Type: string

Default value
"ClusterIP"

policyEngine.service.port📜

Type: int

Default value
8087

policyEngine.service.annotations📜

Type: object

Default value
{}

policyEngine.service.labels📜

Type: object

Default value
{}

policyEngine.service.nodePort📜

Type: string

Default value
""

policyEngine.extraEnv📜

Type: list

Default value
[]

policyEngine.extraVolumes📜

Type: list

Default value
[]

policyEngine.extraVolumeMounts📜

Type: list

Default value
[]

policyEngine.resources.limits.cpu📜

Type: int

Default value
1

policyEngine.resources.limits.memory📜

Type: string

Default value
"4G"

policyEngine.resources.requests.cpu📜

Type: int

Default value
1

policyEngine.resources.requests.memory📜

Type: string

Default value
"4G"

policyEngine.labels📜

Type: object

Default value
{}

policyEngine.annotations📜

Type: object

Default value
{}

policyEngine.nodeSelector📜

Type: object

Default value
{}

policyEngine.tolerations📜

Type: list

Default value
[]

policyEngine.affinity📜

Type: object

Default value
{}

policyEngine.serviceAccountName📜

Type: string

Default value
""

simpleQueue.replicaCount📜

Type: int

Default value
1

simpleQueue.service.type📜

Type: string

Default value
"ClusterIP"

simpleQueue.service.port📜

Type: int

Default value
8083

simpleQueue.service.annotations📜

Type: object

Default value
{}

simpleQueue.service.labels📜

Type: object

Default value
{}

simpleQueue.service.nodePort📜

Type: string

Default value
""

simpleQueue.extraEnv📜

Type: list

Default value
[]

simpleQueue.resources.limits.cpu📜

Type: int

Default value
1

simpleQueue.resources.limits.memory📜

Type: string

Default value
"1G"

simpleQueue.resources.requests.cpu📜

Type: int

Default value
1

simpleQueue.resources.requests.memory📜

Type: string

Default value
"1G"

simpleQueue.labels📜

Type: object

Default value
{}

simpleQueue.annotations📜

Type: object

Default value
{}

simpleQueue.nodeSelector📜

Type: object

Default value
{}

simpleQueue.tolerations📜

Type: list

Default value
[]

simpleQueue.affinity📜

Type: object

Default value
{}

simpleQueue.serviceAccountName📜

Type: string

Default value
""

notifications.enabled📜

Type: bool

Default value
true

notifications.replicaCount📜

Type: int

Default value
1

notifications.service.type📜

Type: string

Default value
"ClusterIP"

notifications.service.port📜

Type: int

Default value
8668

notifications.service.annotations📜

Type: object

Default value
{}

notifications.service.labels📜

Type: object

Default value
{}

notifications.service.nodePort📜

Type: string

Default value
""

notifications.extraEnv📜

Type: list

Default value
[]

notifications.extraVolumes📜

Type: list

Default value
[]

notifications.extraVolumeMounts📜

Type: list

Default value
[]

notifications.resources.limits.cpu📜

Type: int

Default value
1

notifications.resources.limits.memory📜

Type: string

Default value
"1G"

notifications.resources.requests.cpu📜

Type: int

Default value
1

notifications.resources.requests.memory📜

Type: string

Default value
"1G"

notifications.labels📜

Type: object

Default value
{}

notifications.annotations📜

Type: object

Default value
{}

notifications.nodeSelector📜

Type: object

Default value
{}

notifications.tolerations📜

Type: list

Default value
[]

notifications.affinity📜

Type: object

Default value
{}

notifications.serviceAccountName📜

Type: string

Default value
""

reports.replicaCount📜

Type: int

Default value
1

reports.service.type📜

Type: string

Default value
"ClusterIP"

reports.service.port📜

Type: int

Default value
8558

reports.service.annotations📜

Type: object

Default value
{}

reports.service.labels📜

Type: object

Default value
{}

reports.service.nodePort📜

Type: string

Default value
""

reports.extraEnv📜

Type: list

Default value
[]

reports.extraVolumes📜

Type: list

Default value
[]

reports.extraVolumeMounts📜

Type: list

Default value
[]

reports.resources.limits.cpu📜

Type: int

Default value
1

reports.resources.limits.memory📜

Type: string

Default value
"1G"

reports.resources.requests.cpu📜

Type: int

Default value
1

reports.resources.requests.memory📜

Type: string

Default value
"1G"

reports.labels📜

Type: object

Default value
{}

reports.annotations📜

Type: object

Default value
{}

reports.nodeSelector📜

Type: object

Default value
{}

reports.tolerations📜

Type: list

Default value
[]

reports.affinity📜

Type: object

Default value
{}

reports.serviceAccountName📜

Type: string

Default value
""

ui.enabled📜

Type: bool

Default value
true

ui.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/anchore/enterpriseui/enterpriseui:5.7.0"

ui.imagePullPolicy📜

Type: string

Default value
"IfNotPresent"

ui.imagePullSecretName📜

Type: string

Default value
"private-registry"

ui.existingSecretName📜

Type: string

Default value
"anchore-enterprise-ui-env"

ui.ldapsRootCaCertName📜

Type: string

Default value
""

ui.service.type📜

Type: string

Default value
"ClusterIP"

ui.service.port📜

Type: int

Default value
3000

ui.service.annotations📜

Type: object

Default value
{}

ui.service.labels📜

Type: object

Default value
{}

ui.service.sessionAffinity📜

Type: string

Default value
"ClientIP"

ui.service.nodePort📜

Type: string

Default value
""

ui.extraEnv📜

Type: list

Default value
[]

ui.extraVolumes📜

Type: list

Default value
[]

ui.extraVolumeMounts📜

Type: list

Default value
[]

ui.resources.limits.cpu📜

Type: int

Default value
1

ui.resources.limits.memory📜

Type: string

Default value
"1G"

ui.resources.requests.cpu📜

Type: int

Default value
1

ui.resources.requests.memory📜

Type: string

Default value
"1G"

ui.labels📜

Type: object

Default value
{}

ui.annotations📜

Type: object

Default value
{}

ui.nodeSelector📜

Type: object

Default value
{}

ui.tolerations📜

Type: list

Default value
[]

ui.affinity📜

Type: object

Default value
{}

ui.serviceAccountName📜

Type: string

Default value
""

upgradeJob.enabled📜

Type: bool

Default value
true

upgradeJob.force📜

Type: bool

Default value
false

upgradeJob.rbacCreate📜

Type: bool

Default value
true

upgradeJob.serviceAccountName📜

Type: string

Default value
""

upgradeJob.usePostUpgradeHook📜

Type: bool

Default value
false

upgradeJob.kubectlImage📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.29.7"

upgradeJob.nodeSelector📜

Type: object

Default value
{}

upgradeJob.tolerations📜

Type: list

Default value
[]

upgradeJob.affinity📜

Type: object

Default value
{}

upgradeJob.annotations📜

Type: object

Default value
{}

upgradeJob.resources.limits.cpu📜

Type: int

Default value
1

upgradeJob.resources.limits.memory📜

Type: string

Default value
"1G"

upgradeJob.resources.requests.cpu📜

Type: int

Default value
1

upgradeJob.resources.requests.memory📜

Type: string

Default value
"1G"

upgradeJob.labels📜

Type: object

Default value
{}

upgradeJob.ttlSecondsAfterFinished📜

Type: int

Default value
-1

ingress.enabled📜

Type: bool

Default value
false

ingress.labels📜

Type: object

Default value
{}

ingress.annotations📜

Type: object

Default value
{}

ingress.apiHosts📜

Type: list

Default value
[]

ingress.apiPaths[0]📜

Type: string

Default value
"/v2/"

ingress.apiPaths[1]📜

Type: string

Default value
"/version/"

ingress.uiHosts📜

Type: list

Default value
[]

ingress.uiPath📜

Type: string

Default value
"/"

ingress.feedsHosts📜

Type: list

Default value
[]

ingress.feedsPaths[0]📜

Type: string

Default value
"/v2/feeds/"

ingress.reportsPaths[0]📜

Type: string

Default value
"/v2/reports/"

ingress.tls📜

Type: list

Default value
[]

ingress.ingressClassName📜

Type: string

Default value
"nginx"

cloudsql.enabled📜

Type: bool

Default value
false

cloudsql.image📜

Type: string

Default value
"gcr.io/cloudsql-docker/gce-proxy:1.25.0"

cloudsql.imagePullPolicy📜

Type: string

Default value
"IfNotPresent"

cloudsql.instance📜

Type: string

Default value
""

cloudsql.useExistingServiceAcc📜

Type: bool

Default value
false

cloudsql.serviceAccSecretName📜

Type: string

Default value
""

cloudsql.serviceAccJsonName📜

Type: string

Default value
""

cloudsql.extraArgs📜

Type: list

Default value
[]

ui-redis.enabled📜

Type: bool

Default value
true

ui-redis.istio.enabled📜

Type: string

Default value
"{{ .Values.istio.enabled }}"

ui-redis.externalEndpoint📜

Type: string

Default value
""

ui-redis.auth.password📜

Type: string

Default value
"anchore-redis,123"

ui-redis.architecture📜

Type: string

Default value
"standalone"

ui-redis.master.persistence.enabled📜

Type: bool

Default value
false

ui-redis.commonConfiguration📜

Type: string

Default value
"maxmemory 200mb\nsave \"\""

postgresql.enabled📜

Type: bool

Default value
true

postgresql.externalEndpoint📜

Type: string

Default value
""

postgresql.primary.service.ports.postgresql📜

Type: int

Default value
5432

postgresql.primary.podSecurityContext.enabled📜

Type: bool

Default value
true

postgresql.primary.podSecurityContext.fsGroup📜

Type: int

Default value
1001

postgresql.primary.podSecurityContext.runAsUser📜

Type: int

Default value
1001

postgresql.primary.podSecurityContext.runAsGroup📜

Type: int

Default value
1001

postgresql.primary.containerSecurityContext.enabled📜

Type: bool

Default value
true

postgresql.primary.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

postgresql.primary.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

postgresql.primary.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

postgresql.primary.persistence.size📜

Type: string

Default value
"20Gi"

postgresql.primary.persistence.resourcePolicy📜

Type: string

Default value
"keep"

postgresql.primary.persistence.subPath📜

Type: string

Default value
"data/pgdata"

postgresql.primary.persistence.mountPath📜

Type: string

Default value
"/var/lib/postgresql"

postgresql.primary.postgresqlDataDir📜

Type: string

Default value
"/var/lib/postgresql/data"

postgresql.primary.extraEnvVars📜

Type: list

Default value
[]

postgresql.image.registry📜

Type: string

Default value
"registry1.dso.mil"

postgresql.image.repository📜

Type: string

Default value
"ironbank/opensource/postgres/postgresql"

postgresql.image.tag📜

Type: string

Default value
"16.2"

postgresql.global.imagePullSecrets[0]📜

Type: string

Default value
"private-registry"

postgresql.postgresqlConfiguration.listen_addresses📜

Type: string

Default value
"*"

postgresql.pgHbaConfiguration📜

Type: string

Default value
"local all all md5\nhost all all all md5"

postgresql.postgresUser📜

Type: string

Default value
"anchore"

postgresql.postgresPassword📜

Type: string

Default value
"anchore-postgres,123"

postgresql.postgresDatabase📜

Type: string

Default value
"anchore"

postgresql.resources.limits.cpu📜

Type: string

Default value
"200m"

postgresql.resources.limits.memory📜

Type: string

Default value
"2048Mi"

postgresql.resources.requests.cpu📜

Type: string

Default value
"200m"

postgresql.resources.requests.memory📜

Type: string

Default value
"2048Mi"

postgresql.metrics.resources.limits.cpu📜

Type: string

Default value
"100m"

postgresql.metrics.resources.limits.memory📜

Type: string

Default value
"256Mi"

postgresql.metrics.resources.requests.cpu📜

Type: string

Default value
"100m"

postgresql.metrics.resources.requests.memory📜

Type: string

Default value
"256Mi"

postgresql.securityContext.enabled📜

Type: bool

Default value
true

postgresql.securityContext.fsGroup📜

Type: int

Default value
1001

postgresql.securityContext.runAsUser📜

Type: int

Default value
1001

postgresql.securityContext.runAsGroup📜

Type: int

Default value
1001

postgresql.containerSecurityContext.enabled📜

Type: bool

Default value
true

postgresql.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

postgresql.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

postgresql.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

osaaMigrationJob.enabled📜

Type: bool

Default value
false

osaaMigrationJob.kubectlImage📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.29.7"

osaaMigrationJob.extraEnv📜

Type: list

Default value
[]

osaaMigrationJob.extraVolumes📜

Type: list

Default value
[]

osaaMigrationJob.extraVolumeMounts📜

Type: list

Default value
[]

osaaMigrationJob.resources📜

Type: object

Default value
{}

osaaMigrationJob.labels📜

Type: object

Default value
{}

osaaMigrationJob.annotations📜

Type: object

Default value
{}

osaaMigrationJob.nodeSelector📜

Type: object

Default value
{}

osaaMigrationJob.tolerations📜

Type: list

Default value
[]

osaaMigrationJob.affinity📜

Type: object

Default value
{}

osaaMigrationJob.serviceAccountName📜

Type: string

Default value
""

osaaMigrationJob.analysisArchiveMigration.run📜

Type: bool

Default value
false

osaaMigrationJob.analysisArchiveMigration.bucket📜

Type: string

Default value
"analysis_archive"

osaaMigrationJob.analysisArchiveMigration.mode📜

Type: string

Default value
"to_analysis_archive"

osaaMigrationJob.analysisArchiveMigration.analysis_archive📜

Type: object

Default value
{}

osaaMigrationJob.objectStoreMigration.run📜

Type: bool

Default value
false

osaaMigrationJob.objectStoreMigration.object_store.verify_content_digests📜

Type: bool

Default value
true

osaaMigrationJob.objectStoreMigration.object_store.compression.enabled📜

Type: bool

Default value
true

osaaMigrationJob.objectStoreMigration.object_store.compression.min_size_kbytes📜

Type: int

Default value
100

osaaMigrationJob.objectStoreMigration.object_store.storage_driver.name📜

Type: string

Default value
"db"

osaaMigrationJob.objectStoreMigration.object_store.storage_driver.config📜

Type: object

Default value
{}

bbtests.enabled📜

Type: bool

Default value
false

bbtests.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/anchore/cli/cli:0.9.4"

bbtests.scripts.envs.ANCHORE_CLI_URL📜

Type: string

Default value
"http://{{ template \"enterprise.api.fullname\" . }}:{{ .Values.api.service.port }}/v1"

bbtests.scripts.envs.ANCHORE_CLI_USER📜

Type: string

Default value
"admin"

bbtests.scripts.envs.ANCHORE_SCAN_IMAGE📜

Type: string

Default value
"quay.io/prometheus/node-exporter:latest"

bbtests.scripts.secretEnvs[0].name📜

Type: string

Default value
"ANCHORE_CLI_PASS"

bbtests.scripts.secretEnvs[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"{{ template \"enterprise.fullname\" . }}"

bbtests.scripts.secretEnvs[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"ANCHORE_ADMIN_PASSWORD"

bbtests.cypress.resources.requests.cpu📜

Type: string

Default value
"1"

bbtests.cypress.resources.requests.memory📜

Type: string

Default value
"2Gi"

bbtests.cypress.resources.limits.cpu📜

Type: string

Default value
"1"

bbtests.cypress.resources.limits.memory📜

Type: string

Default value
"2Gi"

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_url📜

Type: string

Default value
"http://{{ template \"enterprise.ui.fullname\" . }}:{{ .Values.ui.service.port }}"

bbtests.cypress.envs.cypress_user📜

Type: string

Default value
"admin"

bbtests.cypress.envs.cypress_registry📜

Type: string

Default value
"docker.io"

bbtests.cypress.envs.cypress_repository📜

Type: string

Default value
"anchore/grype"

bbtests.cypress.envs.cypress_tag📜

Type: string

Default value
"latest"

bbtests.cypress.secretEnvs[0].name📜

Type: string

Default value
"cypress_password"

bbtests.cypress.secretEnvs[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"{{ template \"enterprise.fullname\" . }}"

bbtests.cypress.secretEnvs[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"ANCHORE_ADMIN_PASSWORD"