argocd values.yaml📜
awsCredentials.awsAccessKeyId📜
Type: string
""
awsCredentials.awsSecretAccessKey📜
Type: string
""
awsCredentials.awsDefaultRegion📜
Type: string
"us-gov-west-1"
domain📜
Type: string
"dev.bigbang.mil"
istio.enabled📜
Type: bool
false
Description: Toggle BigBang istio integration
istio.hardened.enabled📜
Type: bool
false
istio.hardened.outboundTrafficPolicyMode📜
Type: string
"REGISTRY_ONLY"
istio.hardened.customServiceEntries📜
Type: list
[]
istio.hardened.customAuthorizationPolicies📜
Type: list
[]
istio.hardened.monitoring.enabled📜
Type: bool
true
istio.hardened.monitoring.namespaces[0]📜
Type: string
"monitoring"
istio.hardened.monitoring.principals[0]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.monitoring.principals[1]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.monitoring.principals[2]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.monitoring.principals[3]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.monitoring.principals[4]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.monitoring.principals[5]📜
Type: string
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.hardened.argocd.enabled📜
Type: bool
true
istio.hardened.argocd.namespaces[0]📜
Type: string
"argocd"
istio.hardened.argocd.principals[0]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-application-controller"
istio.hardened.argocd.principals[1]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-applicationset-controller"
istio.hardened.argocd.principals[2]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-argocd-redis-bb"
istio.hardened.argocd.principals[3]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-argocd-repo-server"
istio.hardened.argocd.principals[4]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-dex-server"
istio.hardened.argocd.principals[5]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-notifications-controller"
istio.hardened.argocd.principals[6]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-server"
istio.hardened.argocd.principals[7]📜
Type: string
"cluster.local/ns/argocd/sa/upgrade-job-svc-account"
istio.hardened.argocd.principals[8]📜
Type: string
"cluster.local/ns/argocd/sa/argocd-argocd-redis-bb-metrics"
istio.injection📜
Type: string
"disabled"
Description: Toggle BigBang istio injection
istio.mtls📜
Type: object
mode: STRICT
Description: Default argocd peer authentication
istio.mtls.mode📜
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
istio.argocd.enabled📜
Type: bool
true
Description: Toggle Istio VirtualService creation
istio.argocd.annotations📜
Type: object
{}
Description: Set Annotations for VirtualService
istio.argocd.labels📜
Type: object
{}
Description: Set Labels for VirtualService
istio.argocd.gateways📜
Type: list
- istio-system/main
Description: Set Gateway for VirtualService
istio.argocd.hosts📜
Type: list
- argocd.{{ .Values.domain }}
Description: Set Hosts for VirtualService
monitoring.enabled📜
Type: bool
false
Description: Toggle BigBang monitoring integration
networkPolicies.enabled📜
Type: bool
false
Description: Toggle BigBang networkPolicies integration
networkPolicies.ingressLabels.app📜
Type: string
"istio-ingressgateway"
networkPolicies.ingressLabels.istio📜
Type: string
"ingressgateway"
networkPolicies.controlPlaneCidr📜
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR, defaults to 0.0.0.0/0, use kubectl get endpoints -n default kubernetes to get the CIDR range needed for your cluster Must be an IP CIDR range (x.x.x.x/x - ideally with /32 for the specific IP of a single endpoint, broader range for multiple masters/endpoints) Used by package NetworkPolicies to allow Kube API access
networkPolicies.additionalPolicies📜
Type: list
[]
upgradeJob.enabled📜
Type: bool
true
upgradeJob.image.repository📜
Type: string
"registry1.dso.mil/ironbank/big-bang/base"
upgradeJob.image.tag📜
Type: string
"2.1.0"
upgradeJob.image.imagePullPolicy📜
Type: string
"IfNotPresent"
bbtests.enabled📜
Type: bool
false
bbtests.cypress.artifacts📜
Type: bool
true
bbtests.cypress.envs.cypress_url📜
Type: string
"http://argocd-server"
bbtests.cypress.envs.cypress_user📜
Type: string
"admin"
bbtests.cypress.envs.cypress_password📜
Type: string
"Password123"
bbtests.cypress.envs.cypress_timeout📜
Type: string
"120000"
bbtests.cypress.resources.requests.cpu📜
Type: int
4
bbtests.cypress.resources.requests.memory📜
Type: string
"4Gi"
bbtests.cypress.resources.limits.cpu📜
Type: int
4
bbtests.cypress.resources.limits.memory📜
Type: string
"8Gi"
bbtests.scripts.image📜
Type: string
"registry1.dso.mil/bigbang-ci/devops-tester:1.1.2"
bbtests.scripts.envs.ARGOCD_SERVER📜
Type: string
"http://argocd-server"
bbtests.scripts.envs.ARGOCD_USER📜
Type: string
"admin"
bbtests.scripts.envs.ARGOCD_PASSWORD📜
Type: string
"Password123"
redis-bb📜
Type: object
cleanUpgrade:
enabled: true
enabled: true
networkPolicies:
enabled: true
upstream:
auth:
enabled: false
commonConfiguration: 'maxmemory 200mb
save ""'
image:
pullSecrets:
- private-registry
istio:
redis:
enabled: false
master:
containerSecurityContext:
capabilities:
drop:
- ALL
enabled: true
runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
resources:
limits:
cpu: 100m
memory: 256Mi
requests:
cpu: 100m
memory: 256Mi
metrics:
containerSecurityContext:
enabled: true
runAsGroup: 1001
runAsUser: 1001
enabled: true
labels:
app.kubernetes.io/name: argocd-redis-ha-haproxy
metrics: null
replica:
containerSecurityContext:
capabilities:
drop:
- ALL
enabled: true
runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 6379
timeoutSeconds: 30
resources:
limits:
cpu: 100m
memory: 256Mi
requests:
cpu: 100m
memory: 256Mi
Description: BigBang HA Redis Passthrough
redis-bb.upstream.metrics.labels📜
Type: object
app.kubernetes.io/name: argocd-redis-ha-haproxy
Description: Custom labels for the haproxy pod. This is relevant for Argo CD CLI.
redis-bb.upstream.metrics.containerSecurityContext📜
Type: object
enabled: true
runAsGroup: 1001
runAsUser: 1001
Description: HAProxy enable prometheus metric scraping
global.image.repository📜
Type: string
"registry1.dso.mil/ironbank/big-bang/argocd"
global.image.tag📜
Type: string
"v3.1.3"
global.image.imagePullPolicy📜
Type: string
"IfNotPresent"
global.imagePullSecrets[0].name📜
Type: string
"private-registry"
argocd-apps.applications📜
Type: object
{}
argocd-apps.projects📜
Type: object
{}
argocd-apps.applicationsets📜
Type: object
{}
argocd-apps.itemTemplates📜
Type: list
[]
argocd-apps.exports📜
Type: object
{}
upstream📜
Type: object
applicationSet:
containerSecurityContext:
runAsGroup: 1000
runAsUser: 1000
enabled: true
livenessProbe:
failureThreshold: 5
timeoutSeconds: 30
readinessProbe:
failureThreshold: 5
timeoutSeconds: 30
configs:
params:
server.insecure: true
controller:
containerSecurityContext:
runAsGroup: 1000
runAsUser: 1000
readinessProbe:
timeoutSeconds: 30
resources:
limits:
cpu: 500m
memory: 3Gi
requests:
cpu: 500m
memory: 3Gi
dex:
containerSecurityContext:
runAsGroup: 1000
runAsUser: 1000
image:
repository: registry1.dso.mil/ironbank/opensource/dexidp/dex
tag: v2.44.0
livenessProbe:
timeoutSeconds: 30
readinessProbe:
timeoutSeconds: 30
resources:
limits:
cpu: 20m
memory: 256Mi
requests:
cpu: 10m
memory: 128Mi
externalRedis:
host: redis-bb-headless.argocd.svc.cluster.local
notifications:
containerSecurityContext:
runAsGroup: 1000
runAsUser: 1000
redis:
enabled: false
redisSecretInit:
enabled: false
repoServer:
containerSecurityContext:
runAsGroup: 1000
runAsUser: 1000
livenessProbe:
failureThreshold: 5
timeoutSeconds: 30
readinessProbe:
failureThreshold: 5
timeoutSeconds: 30
resources:
limits:
cpu: 100m
memory: 1Gi
requests:
cpu: 100m
memory: 1Gi
server:
containerSecurityContext:
runAsGroup: 1000
runAsUser: 1000
livenessProbe:
failureThreshold: 5
timeoutSeconds: 30
readinessProbe:
failureThreshold: 5
timeoutSeconds: 30
resources:
limits:
cpu: 20m
memory: 128Mi
requests:
cpu: 20m
memory: 128Mi
Description: We are exposing only the keys that BigBang overrides from the upstream chart. Please refer to the upstream chart for other value configs.