Skip to content

mattermost values.yaml📜

domain📜

Type: string

Default value
"bigbang.dev"

istio.enabled📜

Type: bool

Default value
false

Description: Toggle istio integration

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.hardened.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntries📜

Type: list

Default value
[]

istio.hardened.clusterAuditor.enabled📜

Type: bool

Default value
false

istio.hardened.clusterAuditor.namespace📜

Type: string

Default value
"cluster-auditor"

istio.hardened.minioOperator.enabled📜

Type: bool

Default value
true

istio.hardened.minioOperator.namespaces[0]📜

Type: string

Default value
"minio-operator"

istio.hardened.minioOperator.principals[0]📜

Type: string

Default value
"cluster.local/ns/minio-operator/sa/minio-operator"

istio.hardened.monitoring.enabled📜

Type: bool

Default value
true

istio.hardened.monitoring.namespaces[0]📜

Type: string

Default value
"monitoring"

istio.hardened.monitoring.principals[0]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.monitoring.principals[1]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.monitoring.principals[2]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.monitoring.principals[3]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.monitoring.principals[4]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.monitoring.principals[5]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.hardened.kyvernoReporter.enabled📜

Type: bool

Default value
false

istio.hardened.kyvernoReporter.namespace📜

Type: string

Default value
"kyverno-reporter"

istio.mtls📜

Type: object

Default value
mode: STRICT

Description: Default peer authentication

istio.mtls.mode📜

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

istio.chat.enabled📜

Type: bool

Default value
true

istio.chat.annotations📜

Type: object

Default value
{}

istio.chat.labels📜

Type: object

Default value
{}

istio.chat.gateways[0]📜

Type: string

Default value
"istio-system/main"

istio.chat.hosts[0]📜

Type: string

Default value
"chat.{{ .Values.domain }}"

istio.injection📜

Type: string

Default value
"disabled"

ingress📜

Type: object

Default value
annotations: {}
enabled: false
host: ''
tlsSecret: ''

Description: Specification to configure an Ingress with Mattermost

monitoring.enabled📜

Type: bool

Default value
false

monitoring.namespace📜

Type: string

Default value
"monitoring"

monitoring.serviceMonitor.scheme📜

Type: string

Default value
"http"

monitoring.serviceMonitor.tlsConfig📜

Type: object

Default value
{}

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.ingressLabels.app📜

Type: string

Default value
"istio-ingressgateway"

networkPolicies.ingressLabels.istio📜

Type: string

Default value
"ingressgateway"

networkPolicies.controlPlaneCidr📜

Type: string

Default value
"0.0.0.0/0"

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

sso.enabled📜

Type: bool

Default value
false

sso.client_id📜

Type: string

Default value
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-mattermost"

sso.client_secret📜

Type: string

Default value
"nothing"

sso.auth_endpoint📜

Type: string

Default value
"https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/auth"

sso.token_endpoint📜

Type: string

Default value
"https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/token"

sso.user_api_endpoint📜

Type: string

Default value
"https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/userinfo"

sso.enable_sign_up_with_email📜

Type: bool

Default value
false

sso.enable_sign_in_with_email📜

Type: bool

Default value
false

sso.enable_sign_in_with_username📜

Type: bool

Default value
false

image.name📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/mattermost/mattermost"

image.tag📜

Type: string

Default value
"10.2.0"

image.imagePullPolicy📜

Type: string

Default value
"IfNotPresent"

global.imagePullSecrets[0].name📜

Type: string

Default value
"private-registry"

replicaCount📜

Type: int

Default value
1

users📜

Type: string

Default value
nil

enterprise.enabled📜

Type: bool

Default value
false

enterprise.license📜

Type: string

Default value
""

nameOverride📜

Type: string

Default value
""

updateJob.disabled📜

Type: bool

Default value
true

Description: Must be disabled when Istio injected

updateJob.labels📜

Type: object

Default value
{}

updateJob.annotations📜

Type: object

Default value
{}

resources.limits.cpu📜

Type: int

Default value
2

resources.limits.memory📜

Type: string

Default value
"4Gi"

resources.requests.cpu📜

Type: int

Default value
2

resources.requests.memory📜

Type: string

Default value
"4Gi"

affinity📜

Type: object

Default value
{}

nodeSelector📜

Type: object

Default value
{}

tolerations📜

Type: object

Default value
{}

mattermostEnvs📜

Type: object

Default value
{}

existingSecretEnvs📜

Type: object

Default value
{}

volumes📜

Type: object

Default value
{}

volumeMounts📜

Type: object

Default value
{}

podLabels📜

Type: object

Default value
{}

Description: Pod labels for Mattermost server pods

podAnnotations📜

Type: object

Default value
{}

Description: Pod annotations for Mattermost server pods

securityContext📜

Type: object

Default value
runAsGroup: 2000
runAsNonRoot: true
runAsUser: 2000

Description: securityContext for Mattermost server pods

containerSecurityContext📜

Type: object

Default value
capabilities:
  drop:
  - ALL
runAsGroup: 2000
runAsNonRoot: true
runAsUser: 2000

Description: containerSecurityContext for Mattermost server containers

minio.install📜

Type: bool

Default value
false

minio.bucketCreationImage📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/minio/mc:RELEASE.2024-01-18T07-03-39Z"

minio.service.nameOverride📜

Type: string

Default value
"minio.mattermost.svc.cluster.local"

minio.tenant.configSecret.name📜

Type: string

Default value
"mattermost-objstore-creds"

minio.tenant.configSecret.accessKey📜

Type: string

Default value
"minio"

minio.tenant.configSecret.secretKey📜

Type: string

Default value
"minio123"

minio.tenant.metrics.enabled📜

Type: bool

Default value
false

minio.tenant.metrics.port📜

Type: int

Default value
9000

minio.tenant.buckets[0].name📜

Type: string

Default value
"mattermost"

postgresql.install📜

Type: bool

Default value
false

postgresql.image.registry📜

Type: string

Default value
"registry1.dso.mil/ironbank"

postgresql.image.repository📜

Type: string

Default value
"opensource/postgres/postgresql"

postgresql.image.tag📜

Type: string

Default value
"16.2"

postgresql.image.pullSecrets[0]📜

Type: string

Default value
"private-registry"

postgresql.auth.username📜

Type: string

Default value
"mattermost"

postgresql.auth.password📜

Type: string

Default value
"bigbang"

postgresql.auth.database📜

Type: string

Default value
"mattermost"

postgresql.fullnameOverride📜

Type: string

Default value
"mattermost-postgresql"

postgresql.securityContext.fsGroup📜

Type: int

Default value
26

postgresql.containerSecurityContext.runAsUser📜

Type: int

Default value
26

postgresql.containerSecurityContext.runAsNonRoot📜

Type: bool

Default value
true

postgresql.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

postgresql.volumePermissions.enabled📜

Type: bool

Default value
false

postgresql.volumePermissions.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

postgresql.postgresqlConfiguration.listen_addresses📜

Type: string

Default value
"*"

postgresql.pgHbaConfiguration📜

Type: string

Default value
"local all all md5\nhost all all all md5"

database.secret📜

Type: string

Default value
""

database.readinessCheck.disableDefault📜

Type: bool

Default value
true

database.readinessCheck.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/postgres/postgresql:16.2"

database.readinessCheck.command[0]📜

Type: string

Default value
"/bin/sh"

database.readinessCheck.command[1]📜

Type: string

Default value
"-c"

database.readinessCheck.command[2]📜

Type: string

Default value
"until pg_isready --dbname=\"$DB_CONNECTION_CHECK_URL\"; do echo waiting for database; sleep 5; done;"

database.readinessCheck.env[0].name📜

Type: string

Default value
"DB_CONNECTION_CHECK_URL"

database.readinessCheck.env[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"DB_CONNECTION_CHECK_URL"

database.readinessCheck.env[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"{{ .Values.database.secret \| default (printf \"%s-dbcreds\" (include \"mattermost.fullname\" .)) }}"

fileStore.secret📜

Type: string

Default value
""

fileStore.url📜

Type: string

Default value
""

fileStore.bucket📜

Type: string

Default value
""

fileStore.roleARN📜

Type: string

Default value
""

elasticsearch.enabled📜

Type: bool

Default value
false

elasticsearch.connectionurl📜

Type: string

Default value
"https://logging-ek-es-http.logging.svc.cluster.local:9200"

elasticsearch.username📜

Type: string

Default value
""

elasticsearch.password📜

Type: string

Default value
""

elasticsearch.enableindexing📜

Type: bool

Default value
true

elasticsearch.indexprefix📜

Type: string

Default value
"mm-"

elasticsearch.skiptlsverification📜

Type: bool

Default value
true

elasticsearch.bulkindexingtimewindowseconds📜

Type: int

Default value
3600

elasticsearch.sniff📜

Type: bool

Default value
false

elasticsearch.enablesearching📜

Type: bool

Default value
true

elasticsearch.enableautocomplete📜

Type: bool

Default value
true

openshift📜

Type: bool

Default value
false

resourcePatch📜

Type: object

Default value
{}

bbtests.enabled📜

Type: bool

Default value
false

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_url📜

Type: string

Default value
"http://mattermost.mattermost.svc.cluster.local:8065"

bbtests.cypress.envs.cypress_mm_email📜

Type: string

Default value
"test@bigbang.dev"

bbtests.cypress.envs.cypress_mm_user📜

Type: string

Default value
"bigbang"

bbtests.cypress.envs.cypress_mm_password📜

Type: string

Default value
"Bigbang#123"

bbtests.cypress.envs.cypress_waittime📜

Type: string

Default value
"5000"

bbtests.cypress.envs.cypress_tnr_username📜

Type: string

Default value
"cypress"

bbtests.cypress.envs.cypress_tnr_password📜

Type: string

Default value
"tnr_w!G33ZyAt@C8"

bbtests.cypress.resources.requests.cpu📜

Type: string

Default value
"2"

bbtests.cypress.resources.requests.memory📜

Type: string

Default value
"1500M"

bbtests.cypress.resources.limits.cpu📜

Type: string

Default value
"2"

bbtests.cypress.resources.limits.memory📜

Type: string

Default value
"1500M"

waitJob.enabled📜

Type: bool

Default value
true

waitJob.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.30.6"

waitJob.permissions.apiGroups[0]📜

Type: string

Default value
"installation.mattermost.com"

waitJob.permissions.resources[0]📜

Type: string

Default value
"mattermosts"