Skip to content

wrapper values.yamlπŸ“œ

bigbangπŸ“œ

Type: object

Default value
addons:
  authservice:
    enabled: false
    values:
      selector:
        key: protect
        value: keycloak
domain: bigbang.dev
istio:
  enabled: false
  hardened:
    enabled: false
monitoring:
  enabled: false
networkPolicies:
  controlPlaneCidr: 0.0.0.0/0
  controlPlaneNode: null
  enabled: false
openshift: false

Description: Passdown values from Big Bang

packageπŸ“œ

Type: object

Default value
configMaps: []
istio:
  hardened:
    customAuthorizationPolicies: []
    enabled: '{{ .Values.bigbang.istio.values.hardened.enabled }}'
    matchLabels: {}
  hosts: []
  injection: enabled
  peerAuthentications: []
monitor:
  alerts: null
  dashboards: {}
  encryptedMetrics: true
  services: []
name: ''
namespace:
  name: null
network:
  additionalPolicies: []
  allowControlPlaneEgress: false
  allowDnsEgress: true
  allowHttpsEgress: []
  allowIntraNamespace: true
  defaultDeny: true
  policies: true
secrets: []
sso:
  enabled: false
values: {}

Description: Passdown values from package

package.nameπŸ“œ

Type: Required

Default value
""

Description: Name of the package

package.istio.injectionπŸ“œ

Type: string

Default value
"enabled"

Description: Toggles sidecar injection into the package. Enabling this allows mTLS. Options are β€œenabled” or β€œdisabled”.

package.monitor.encryptedMetricsπŸ“œ

Type: bool

Default value
true

Description: Toggle automatic setup of encrypted metrics via https. Requires Istio injection. Strict mTLS relies on this being enabled.

package.monitor.servicesπŸ“œ

Type: list

Default value
[]

Description: Services to monitor using Prometheus. Each service is specified as name: "", [spec: {}](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.ServiceMonitorSpec)

package.monitor.alertsπŸ“œ

Type: string

Default value
nil

Description: Prometheus alerting rules, list of Prometheus RuleGroups

package.monitor.dashboardsπŸ“œ

Type: object

Default value
{}

Description: Custom Grafana dashboards. Each dashboard is specified with a unique name key and dashboard contents value. Dashboard contents are a key-value pair where key is dashboard format (β€œjson”) and value is dashboard contents. Adds to existing bigbang grafana configuration, so no provider required, but otherwise follows Grafana conventions. More Info

package.network.policiesπŸ“œ

Type: bool

Default value
true

Description: Toggle all policies on or off

package.network.defaultDenyπŸ“œ

Type: bool

Default value
true

Description: Deny all traffic in the namespace by default

package.network.allowIntraNamespaceπŸ“œ

Type: bool

Default value
true

Description: Allow traffic between pods inside the namespace

package.network.allowControlPlaneEgressπŸ“œ

Type: bool

Default value
false

Description: Allow egress traffic from the namespace to the Kubernetes control plane for API calls

package.network.allowDnsEgressπŸ“œ

Type: bool

Default value
true

Description: Allow egress traffic from the namespace to the DNS port

package.network.allowHttpsEgressπŸ“œ

Type: list

Default value
[]

Description: Allow https egress to internet from specific pods

package.network.additionalPoliciesπŸ“œ

Type: list

Default value
[]

Description: Custom egress/ingress policies to deploy. More info

package.secretsπŸ“œ

Type: list

Default value
[]

Description: Secrets that should be created prior to Helm install

package.configMapsπŸ“œ

Type: list

Default value
[]

Description: ConfigMaps that should be created prior to Helm install

package.sso.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle AuthService SSO for package; Chain must be setup in Authservice & workload must be appropriately labeled for this to work

package.valuesπŸ“œ

Type: object

Default value
{}

Description: Pass through values to this package’s upstream Helm chart