Skip to content

headlamp values.yamlπŸ“œ

domainπŸ“œ

Type: string

Default value
"dev.bigbang.mil"

Description: Domain used for BigBang created exposed services

global.imagePullSecrets[0].nameπŸ“œ

Type: string

Default value
"private-registry"

istio.enabledπŸ“œ

Type: bool

Default value
false

istio.hardenedπŸ“œ

Type: object

Default value
customAuthorizationPolicies: []
customServiceEntries: []
enabled: false
outboundTrafficPolicyMode: REGISTRY_ONLY

Description: Default peer authentication values

istio.mtls.modeπŸ“œ

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

istio.headlampπŸ“œ

Type: object

Default value
annotations: {}
enabled: true
gateways:
- istio-system/public
hosts:
- headlamp.{{ .Values.domain }}
labels: {}

Description: Headlamp UI specific VirtualService values

istio.headlamp.enabledπŸ“œ

Type: bool

Default value
true

Description: Toggle VirtualService creation

networkPolicies.enabledπŸ“œ

Type: bool

Default value
false

networkPolicies.controlPlaneCidrπŸ“œ

Type: string

Default value
"0.0.0.0/0"

networkPolicies.ingressLabels.appπŸ“œ

Type: string

Default value
"public-ingressgateway"

networkPolicies.ingressLabels.istioπŸ“œ

Type: string

Default value
"ingressgateway"

networkPolicies.additionalPoliciesπŸ“œ

Type: list

Default value
[]

openshiftπŸ“œ

Type: bool

Default value
false

monitoringπŸ“œ

Type: object

Default value
enabled: false
serviceMonitor:
  scheme: ''
  tlsConfig: {}

Description: Monitoring toggle, affects servicemonitor and networkPolicies

metrics.enabledπŸ“œ

Type: bool

Default value
false

Description: Toggle Prometheus Blackbox Exporter Installation

metrics.portπŸ“œ

Type: int

Default value
9115

metrics.globalπŸ“œ

Type: object

Default value
imagePullSecrets:
- name: private-registry

Description: Exporter imagePullSecrets

metrics.image.registryπŸ“œ

Type: string

Default value
"registry1.dso.mil"

metrics.image.repositoryπŸ“œ

Type: string

Default value
"ironbank/opensource/prometheus/blackbox_exporter"

metrics.image.tagπŸ“œ

Type: string

Default value
"v0.26.0"

metrics.image.pullSecretπŸ“œ

Type: string

Default value
"private-registry"

metrics.podSecurityContextπŸ“œ

Type: object

Default value
runAsGroup: 1000

Description: Pod securityContext

metrics.securityContextπŸ“œ

Type: object

Default value
runAsGroup: 1000
runAsUser: 1000

Description: Container securityContext

metrics.config.modules.http_2xx.proberπŸ“œ

Type: string

Default value
"http"

metrics.config.modules.http_2xx.timeoutπŸ“œ

Type: string

Default value
"5s"

metrics.config.modules.http_2xx.http.methodπŸ“œ

Type: string

Default value
"GET"

bbtests.enabledπŸ“œ

Type: bool

Default value
false

bbtests.cypress.artifactsπŸ“œ

Type: bool

Default value
true

bbtests.cypress.envs.cypress_urlπŸ“œ

Type: string

Default value
"http://headlamp.headlamp.svc.cluster.local:4466"

bbtests.cypress.resources.requests.cpuπŸ“œ

Type: string

Default value
"1"

bbtests.cypress.resources.requests.memoryπŸ“œ

Type: string

Default value
"2Gi"

bbtests.cypress.resources.limits.cpuπŸ“œ

Type: string

Default value
"1"

bbtests.cypress.resources.limits.memoryπŸ“œ

Type: string

Default value
"2Gi"

replicaCountπŸ“œ

Type: int

Default value
1

Description: Number of desired pods

image.registryπŸ“œ

Type: string

Default value
"registry1.dso.mil"

Description: Container image registry

image.repositoryπŸ“œ

Type: string

Default value
"ironbank/opensource/headlamp-k8s/headlamp"

Description: Container image name

image.pullPolicyπŸ“œ

Type: string

Default value
"IfNotPresent"

Description: Image pull policy. One of Always, Never, IfNotPresent

image.tagπŸ“œ

Type: string

Default value
"v0.30.0"

Description: Container image tag, If β€œβ€ uses appVersion in Chart.yaml

image.pullSecrets[0]πŸ“œ

Type: string

Default value
"private-registry"

imagePullSecretsπŸ“œ

Type: list

Default value
- name: private-registry

Description: An optional list of references to secrets in the same namespace to use for pulling any of the images used

nameOverrideπŸ“œ

Type: string

Default value
""

Description: Overrides the name of the chart

fullnameOverrideπŸ“œ

Type: string

Default value
""

Description: Overrides the full name of the chart

initContainersπŸ“œ

Type: list

Default value
[]

Description: An optional list of init containers to be run before the main containers.

config.inClusterπŸ“œ

Type: bool

Default value
true

config.baseURLπŸ“œ

Type: string

Default value
""

Description: base url path at which headlamp should run

config.oidc.secret.createπŸ“œ

Type: bool

Default value
false

Description: Generate OIDC secret. If true, will generate a secret using .config.oidc.

config.oidc.secret.nameπŸ“œ

Type: string

Default value
"oidc"

Description: Name of the OIDC secret.

config.oidc.clientIDπŸ“œ

Type: string

Default value
""

Description: OIDC client ID Change to your respective IDP endpoints

config.oidc.clientSecretπŸ“œ

Type: string

Default value
""

Description: OIDC client secret

config.oidc.issuerURLπŸ“œ

Type: string

Default value
""

Description: OIDC issuer URL

config.oidc.scopesπŸ“œ

Type: string

Default value
""

Description: OIDC scopes to be used

config.oidc.externalSecret.enabledπŸ“œ

Type: bool

Default value
false

config.oidc.externalSecret.nameπŸ“œ

Type: string

Default value
""

config.pluginsDirπŸ“œ

Type: string

Default value
"/headlamp/plugins"

Description: directory to look for plugins

config.extraArgsπŸ“œ

Type: list

Default value
[]

serviceAccountπŸ“œ

Type: object

Default value
annotations: {}
create: true
name: ''

Description: An optional list of environment variables env: - name: KUBERNETES_SERVICE_HOST value: β€œlocalhost” - name: KUBERNETES_SERVICE_PORT value: β€œ6443”

serviceAccount.createπŸ“œ

Type: bool

Default value
true

Description: Specifies whether a service account should be created

serviceAccount.annotationsπŸ“œ

Type: object

Default value
{}

Description: Annotations to add to the service account

serviceAccount.nameπŸ“œ

Type: string

Default value
""

Description: The name of the service account to use.(If not set and create is true, a name is generated using the fullname template)

clusterRoleBinding.createπŸ“œ

Type: bool

Default value
true

Description: Specified whether a cluster role binding should be created

clusterRoleBinding.clusterRoleNameπŸ“œ

Type: string

Default value
"cluster-admin"

Description: Set name of the Cluster Role with limited permissions from you cluster for example - clusterRoleName: user-ro

clusterRoleBinding.annotationsπŸ“œ

Type: object

Default value
{}

Description: Annotations to add to the cluster role binding

podAnnotationsπŸ“œ

Type: object

Default value
{}

Description: Annotations to add to the pod

podSecurityContextπŸ“œ

Type: object

Default value
{}

Description: Headlamp pod’s Security Context

securityContextπŸ“œ

Type: object

Default value
privileged: false
runAsGroup: 101
runAsNonRoot: true
runAsUser: 100

Description: Headlamp containers Security Context

service.typeπŸ“œ

Type: string

Default value
"ClusterIP"

Description: Kubernetes Service type

service.portπŸ“œ

Type: int

Default value
4466

Description: Kubernetes Service port

service.clusterIPπŸ“œ

Type: string

Default value
""

Description: Kubernetes Service clusterIP

service.loadBalancerIPπŸ“œ

Type: string

Default value
""

Description: Kubernetes Service loadBalancerIP

service.loadBalancerSourceRangesπŸ“œ

Type: list

Default value
[]

Description: Kubernetes Service loadBalancerSourceRanges

service.nodePortπŸ“œ

Type: string

Default value
nil

Description: Kubernetes Service Nodeport

volumeMountsπŸ“œ

Type: list

Default value
[]

Description: Headlamp containers volume mounts

volumesπŸ“œ

Type: list

Default value
[]

Description: Headlamp pod’s volumes

persistentVolumeClaim.enabledπŸ“œ

Type: bool

Default value
false

Description: Enable Persistent Volume Claim

persistentVolumeClaim.annotationsπŸ“œ

Type: object

Default value
{}

Description: Annotations to add to the persistent volume claim (if enabled)

persistentVolumeClaim.accessModesπŸ“œ

Type: list

Default value
[]

Description: accessModes for the persistent volume claim, eg: ReadWriteOnce, ReadOnlyMany, ReadWriteMany etc.

persistentVolumeClaim.sizeπŸ“œ

Type: string

Default value
""

Description: size of the persistent volume claim, eg: 10Gi. Required if enabled is true.

persistentVolumeClaim.storageClassNameπŸ“œ

Type: string

Default value
""

Description: storageClassName for the persistent volume claim.

persistentVolumeClaim.selectorπŸ“œ

Type: object

Default value
{}

Description: selector for the persistent volume claim.

persistentVolumeClaim.volumeModeπŸ“œ

Type: string

Default value
""

Description: volumeMode for the persistent volume claim, eg: Filesystem, Block.

ingress.enabledπŸ“œ

Type: bool

Default value
false

Description: Enable ingress controller resource

ingress.annotationsπŸ“œ

Type: object

Default value
{}

Description: Annotations for Ingress resource

ingress.labelsπŸ“œ

Type: object

Default value
{}

Description: Additional labels to add to the Ingress resource

ingress.ingressClassNameπŸ“œ

Type: string

Default value
""

Description: Ingress class name. replacement for the deprecated β€œkubernetes.io/ingress.class” annotation

ingress.hostsπŸ“œ

Type: list

Default value
[]

Description: Hostname(s) for the Ingress resource Please refer to https://kubernetes.io/docs/reference/kubernetes-api/service-resources/ingress-v1/#IngressSpec for more information.

ingress.tlsπŸ“œ

Type: list

Default value
[]

Description: Ingress TLS configuration

resourcesπŸ“œ

Type: object

Default value
{}

Description: CPU/Memory resource requests/limits

nodeSelectorπŸ“œ

Type: object

Default value
{}

Description: Node labels for pod assignment

tolerationsπŸ“œ

Type: list

Default value
[]

Description: Toleration labels for pod assignment

affinityπŸ“œ

Type: object

Default value
{}

Description: Affinity settings for pod assignment

extraManifestsπŸ“œ

Type: list

Default value
[]

Description: Additional Kubernetes manifests to be deployed. Include the manifest as nested YAML.

waitJob.enabledπŸ“œ

Type: bool

Default value
true

waitJob.scripts.imageπŸ“œ

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.32.4"

waitJob.permissions.apiGroups[0]πŸ“œ

Type: string

Default value
"apps"

waitJob.permissions.resources[0]πŸ“œ

Type: string

Default value
"deployments"

waitJob.permissions.verbs[0]πŸ“œ

Type: string

Default value
"get"

waitJob.permissions.verbs[1]πŸ“œ

Type: string

Default value
"list"

waitJob.permissions.verbs[2]πŸ“œ

Type: string

Default value
"watch"