keycloak values.yaml📜
domain📜
Type: string
"dev.bigbang.mil"
Description: The base domain for all Big Bang components. Keycloak will be available at keycloak.%domain%
istio.enabled📜
Type: bool
false
istio.sidecar.enabled📜
Type: bool
false
istio.sidecar.outboundTrafficPolicyMode📜
Type: string
"REGISTRY_ONLY"
istio.serviceEntries.custom📜
Type: list
[]
istio.authorizationPolicies.enabled📜
Type: bool
false
istio.authorizationPolicies.custom📜
Type: list
[]
istio.mtls.mode📜
Type: string
"STRICT"
routes.inbound.keycloak.enabled📜
Type: bool
true
routes.inbound.keycloak.gateways[0]📜
Type: string
"istio-gateway/passthrough-ingressgateway"
routes.inbound.keycloak.hosts[0]📜
Type: string
"keycloak.{{ .Values.domain }}"
routes.inbound.keycloak.service📜
Type: string
"keycloak-keycloak-http.keycloak.svc.cluster.local"
routes.inbound.keycloak.port📜
Type: int
8443
routes.inbound.keycloak.passthrough.enabled📜
Type: bool
true
networkPolicies.enabled📜
Type: bool
false
Description: Enable or disable the bundled network policies
networkPolicies.ingress📜
Type: object
to:
keycloak:9000:
from:
k8s:
monitoring-monitoring-kube-prometheus@monitoring/prometheus: false
Description: Configures additional network policies beyond the ones bundled with the chart, using the bb-common shorthand
networkPolicies.egress.definitions.smtp-subnets.to[0].ipBlock.cidr📜
Type: string
"192.168.0.0/16"
networkPolicies.egress.definitions.smtp-subnets.to[1].ipBlock.cidr📜
Type: string
"172.16.0.0/12"
networkPolicies.egress.definitions.smtp-subnets.to[2].ipBlock.cidr📜
Type: string
"10.0.0.0/8"
networkPolicies.egress.definitions.smtp-subnets.ports[0].port📜
Type: int
587
networkPolicies.egress.definitions.smtp-subnets.ports[0].protocol📜
Type: string
"TCP"
networkPolicies.egress.definitions.ldap-subnets.to[0].ipBlock.cidr📜
Type: string
"192.168.0.0/16"
networkPolicies.egress.definitions.ldap-subnets.to[1].ipBlock.cidr📜
Type: string
"172.16.0.0/12"
networkPolicies.egress.definitions.ldap-subnets.to[2].ipBlock.cidr📜
Type: string
"10.0.0.0/8"
networkPolicies.egress.definitions.ldap-subnets.ports[0].port📜
Type: int
636
networkPolicies.egress.definitions.ldap-subnets.ports[0].protocol📜
Type: string
"TCP"
networkPolicies.egress.from.keycloak.to.k8s.tempo/tempo:9411📜
Type: bool
false
networkPolicies.egress.from.keycloak.to.definition.ldap-subnets📜
Type: bool
false
networkPolicies.egress.from.keycloak.to.definition.smtp-subnets📜
Type: bool
false
networkPolicies.additionalPolicies📜
Type: list
[]
bbtests.enabled📜
Type: bool
false
Description: Enables the Big Bang test hooks
bbtests.image📜
Type: string
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"
bbtests.imagePullPolicy📜
Type: string
"IfNotPresent"
bbtests.cypress.artifacts📜
Type: bool
true
bbtests.cypress.envs.cypress_viewport_width📜
Type: string
"1920"
bbtests.cypress.envs.cypress_viewport_height📜
Type: string
"1080"
bbtests.cypress.envs.cypress_url📜
Type: string
"http://keycloak-keycloak-http.keycloak.svc.cluster.local"
bbtests.cypress.envs.cypress_username📜
Type: string
"admin"
bbtests.cypress.envs.cypress_password📜
Type: string
"password"
bbtests.cypress.envs.cypress_tnr_username📜
Type: string
"cypress"
bbtests.cypress.envs.cypress_tnr_password📜
Type: string
"tnr_w!G33ZyAt@C8"
bbtests.cypress.envs.tnr_username📜
Type: string
"cypress"
bbtests.cypress.envs.tnr_password📜
Type: string
"tnr_w!G33ZyAt@C8"
bbtests.cypress.envs.tnr_firstName📜
Type: string
"Cypress"
bbtests.cypress.envs.tnr_lastName📜
Type: string
"TNR"
bbtests.cypress.envs.tnr_email📜
Type: string
"cypress@tnr.mil"
bbtests.scripts.envs.HEADLESS_SERVICE📜
Type: string
"keycloak-keycloak-headless.keycloak.svc.cluster.local"
bbtests.scripts.envs.PORT📜
Type: string
"7800"
bbtests.scripts.envs.TIMEOUT📜
Type: string
"10"
postgresql.enabled📜
Type: bool
true
Description: If true, the Postgresql dependency is enabled
postgresql.image.registry📜
Type: string
"registry1.dso.mil"
postgresql.image.repository📜
Type: string
"ironbank/opensource/postgres/postgresql"
postgresql.image.tag📜
Type: string
"18.4"
postgresql.global.security.allowInsecureImages📜
Type: bool
true
Description: Allow registry1.dso.mil in lieu of the default bitnami registry
postgresql.global.postgresql.auth.username📜
Type: string
"keycloak"
Description: PostgreSQL User to create
postgresql.global.postgresql.auth.password📜
Type: string
"keycloak"
Description: PostgreSQL Password for the new user
postgresql.global.postgresql.auth.database📜
Type: string
"keycloak"
Description: PostgreSQL Database to create
postgresql.primary.networkPolicy.enabled📜
Type: bool
false
postgresql.primary.persistence.mountPath📜
Type: string
"/var/lib/postgresql"
postgresql.primary.extraVolumes[0].name📜
Type: string
"run-postgresql"
postgresql.primary.extraVolumes[0].emptyDir📜
Type: object
{}
postgresql.primary.extraVolumeMounts[0].name📜
Type: string
"run-postgresql"
postgresql.primary.extraVolumeMounts[0].mountPath📜
Type: string
"/run/postgresql"
postgresql.primary.extraEnvVars[0].name📜
Type: string
"POSTGRES_DB"
postgresql.primary.extraEnvVars[0].value📜
Type: string
"keycloak"
postgresql.postgresqlDataDir📜
Type: string
"/var/lib/postgresql/pgdata/data"
postgresql.volumePermissions.enabled📜
Type: bool
false