Skip to content

headlamp values.yaml📜

domain📜

Type: string

Default value
"dev.bigbang.mil"

Description: Domain used for BigBang created exposed services

global.imagePullSecrets[0].name📜

Type: string

Default value
"private-registry"

istio.enabled📜

Type: bool

Default value
false

istio.hardened📜

Type: object

Default value
customAuthorizationPolicies: []
customServiceEntries: []
enabled: false
outboundTrafficPolicyMode: REGISTRY_ONLY

Description: Default peer authentication values

istio.mtls.mode📜

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

istio.headlamp📜

Type: object

Default value
annotations: {}
enabled: true
gateways:
- istio-system/public
hosts:
- headlamp.{{ .Values.domain }}
labels: {}

Description: Headlamp UI specific VirtualService values

istio.headlamp.enabled📜

Type: bool

Default value
true

Description: Toggle VirtualService creation

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.controlPlaneCidr📜

Type: string

Default value
"0.0.0.0/0"

networkPolicies.ingressLabels.app📜

Type: string

Default value
"public-ingressgateway"

networkPolicies.ingressLabels.istio📜

Type: string

Default value
"ingressgateway"

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

openshift📜

Type: bool

Default value
false

bbtests.enabled📜

Type: bool

Default value
false

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_url📜

Type: string

Default value
"http://headlamp.headlamp.svc.cluster.local:4466"

bbtests.cypress.resources.requests.cpu📜

Type: string

Default value
"1"

bbtests.cypress.resources.requests.memory📜

Type: string

Default value
"2Gi"

bbtests.cypress.resources.limits.cpu📜

Type: string

Default value
"1"

bbtests.cypress.resources.limits.memory📜

Type: string

Default value
"2Gi"

replicaCount📜

Type: int

Default value
1

Description: Number of desired pods

image.registry📜

Type: string

Default value
"registry1.dso.mil"

Description: Container image registry

image.repository📜

Type: string

Default value
"ironbank/opensource/headlamp-k8s/headlamp"

Description: Container image name

image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

Description: Image pull policy. One of Always, Never, IfNotPresent

image.tag📜

Type: string

Default value
"v0.30.0"

Description: Container image tag, If “” uses appVersion in Chart.yaml

image.pullSecrets[0]📜

Type: string

Default value
"private-registry"

imagePullSecrets📜

Type: list

Default value
- name: private-registry

Description: An optional list of references to secrets in the same namespace to use for pulling any of the images used

nameOverride📜

Type: string

Default value
""

Description: Overrides the name of the chart

fullnameOverride📜

Type: string

Default value
""

Description: Overrides the full name of the chart

initContainers📜

Type: list

Default value
[]

Description: An optional list of init containers to be run before the main containers.

config.inCluster📜

Type: bool

Default value
true

config.baseURL📜

Type: string

Default value
""

Description: base url path at which headlamp should run

config.oidc.secret.create📜

Type: bool

Default value
false

Description: Generate OIDC secret. If true, will generate a secret using .config.oidc.

config.oidc.secret.name📜

Type: string

Default value
"oidc"

Description: Name of the OIDC secret.

config.oidc.clientID📜

Type: string

Default value
""

Description: OIDC client ID

config.oidc.clientSecret📜

Type: string

Default value
""

Description: OIDC client secret

config.oidc.issuerURL📜

Type: string

Default value
""

Description: OIDC issuer URL

config.oidc.scopes📜

Type: string

Default value
""

Description: OIDC scopes to be used

config.oidc.externalSecret.enabled📜

Type: bool

Default value
false

config.oidc.externalSecret.name📜

Type: string

Default value
""

config.pluginsDir📜

Type: string

Default value
"/headlamp/plugins"

Description: directory to look for plugins

config.extraArgs📜

Type: list

Default value
[]

serviceAccount📜

Type: object

Default value
annotations: {}
create: true
name: ''

Description: An optional list of environment variables env: - name: KUBERNETES_SERVICE_HOST value: “localhost” - name: KUBERNETES_SERVICE_PORT value: “6443”

serviceAccount.create📜

Type: bool

Default value
true

Description: Specifies whether a service account should be created

serviceAccount.annotations📜

Type: object

Default value
{}

Description: Annotations to add to the service account

serviceAccount.name📜

Type: string

Default value
""

Description: The name of the service account to use.(If not set and create is true, a name is generated using the fullname template)

clusterRoleBinding.create📜

Type: bool

Default value
true

Description: Specified whether a cluster role binding should be created

clusterRoleBinding.clusterRoleName📜

Type: string

Default value
"cluster-admin"

Description: Set name of the Cluster Role with limited permissions from you cluster for example - clusterRoleName: user-ro

clusterRoleBinding.annotations📜

Type: object

Default value
{}

Description: Annotations to add to the cluster role binding

podAnnotations📜

Type: object

Default value
{}

Description: Annotations to add to the pod

podSecurityContext📜

Type: object

Default value
{}

Description: Headlamp pod’s Security Context

securityContext📜

Type: object

Default value
privileged: false
runAsGroup: 101
runAsNonRoot: true
runAsUser: 100

Description: Headlamp containers Security Context

service.type📜

Type: string

Default value
"ClusterIP"

Description: Kubernetes Service type

service.port📜

Type: int

Default value
4466

Description: Kubernetes Service port

service.clusterIP📜

Type: string

Default value
""

Description: Kubernetes Service clusterIP

service.loadBalancerIP📜

Type: string

Default value
""

Description: Kubernetes Service loadBalancerIP

service.loadBalancerSourceRanges📜

Type: list

Default value
[]

Description: Kubernetes Service loadBalancerSourceRanges

service.nodePort📜

Type: string

Default value
nil

Description: Kubernetes Service Nodeport

volumeMounts📜

Type: list

Default value
[]

Description: Headlamp containers volume mounts

volumes📜

Type: list

Default value
[]

Description: Headlamp pod’s volumes

persistentVolumeClaim.enabled📜

Type: bool

Default value
false

Description: Enable Persistent Volume Claim

persistentVolumeClaim.annotations📜

Type: object

Default value
{}

Description: Annotations to add to the persistent volume claim (if enabled)

persistentVolumeClaim.accessModes📜

Type: list

Default value
[]

Description: accessModes for the persistent volume claim, eg: ReadWriteOnce, ReadOnlyMany, ReadWriteMany etc.

persistentVolumeClaim.size📜

Type: string

Default value
""

Description: size of the persistent volume claim, eg: 10Gi. Required if enabled is true.

persistentVolumeClaim.storageClassName📜

Type: string

Default value
""

Description: storageClassName for the persistent volume claim.

persistentVolumeClaim.selector📜

Type: object

Default value
{}

Description: selector for the persistent volume claim.

persistentVolumeClaim.volumeMode📜

Type: string

Default value
""

Description: volumeMode for the persistent volume claim, eg: Filesystem, Block.

ingress.enabled📜

Type: bool

Default value
false

Description: Enable ingress controller resource

ingress.annotations📜

Type: object

Default value
{}

Description: Annotations for Ingress resource

ingress.labels📜

Type: object

Default value
{}

Description: Additional labels to add to the Ingress resource

ingress.ingressClassName📜

Type: string

Default value
""

Description: Ingress class name. replacement for the deprecated “kubernetes.io/ingress.class” annotation

ingress.hosts📜

Type: list

Default value
[]

Description: Hostname(s) for the Ingress resource Please refer to https://kubernetes.io/docs/reference/kubernetes-api/service-resources/ingress-v1/#IngressSpec for more information.

ingress.tls📜

Type: list

Default value
[]

Description: Ingress TLS configuration

resources📜

Type: object

Default value
{}

Description: CPU/Memory resource requests/limits

nodeSelector📜

Type: object

Default value
{}

Description: Node labels for pod assignment

tolerations📜

Type: list

Default value
[]

Description: Toleration labels for pod assignment

affinity📜

Type: object

Default value
{}

Description: Affinity settings for pod assignment

extraManifests📜

Type: list

Default value
[]

Description: Additional Kubernetes manifests to be deployed. Include the manifest as nested YAML.

waitJob.enabled📜

Type: bool

Default value
true

waitJob.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.30.11"

waitJob.permissions.apiGroups[0]📜

Type: string

Default value
"apps"

waitJob.permissions.resources[0]📜

Type: string

Default value
"deployments"

waitJob.permissions.verbs[0]📜

Type: string

Default value
"get"

waitJob.permissions.verbs[1]📜

Type: string

Default value
"list"

waitJob.permissions.verbs[2]📜

Type: string

Default value
"watch"