neuvector values.yaml📜
openshift📜
Type: bool
Default value
false
registry📜
Type: string
Default value
"registry1.dso.mil"
tag📜
Type: string
Default value
"5.4.0"
oem📜
Type: string
Default value
nil
imagePullSecrets📜
Type: string
Default value
"private-registry"
psp📜
Type: bool
Default value
false
rbac📜
Type: bool
Default value
true
serviceAccount📜
Type: string
Default value
"default"
leastPrivilege📜
Type: bool
Default value
false
global.cattle.url📜
Type: string
Default value
nil
global.azure.enabled📜
Type: bool
Default value
false
global.azure.identity.clientId📜
Type: string
Default value
"DONOTMODIFY"
global.azure.marketplace.planId📜
Type: string
Default value
"DONOTMODIFY"
global.azure.extension.resourceId📜
Type: string
Default value
"DONOTMODIFY"
global.azure.serviceAccount📜
Type: string
Default value
"csp"
global.azure.imagePullSecrets📜
Type: string
Default value
nil
global.azure.images.neuvector_csp_pod.tag📜
Type: string
Default value
"latest"
global.azure.images.neuvector_csp_pod.image📜
Type: string
Default value
"neuvector-billing-azure-by-suse-llc"
global.azure.images.neuvector_csp_pod.registry📜
Type: string
Default value
"registry.suse.de/suse/sle-15-sp5/update/pubclouds/images"
global.azure.images.neuvector_csp_pod.imagePullPolicy📜
Type: string
Default value
"IfNotPresent"
global.azure.images.controller.tag📜
Type: string
Default value
"5.3.4"
global.azure.images.controller.image📜
Type: string
Default value
"controller"
global.azure.images.controller.registry📜
Type: string
Default value
"registry1.dso.mil/ironbank/neuvector/neuvector"
global.azure.images.manager.tag📜
Type: string
Default value
"5.3.4"
global.azure.images.manager.image📜
Type: string
Default value
"manager"
global.azure.images.manager.registry📜
Type: string
Default value
"registry1.dso.mil/ironbank/neuvector/neuvector"
global.azure.images.enforcer.tag📜
Type: string
Default value
"5.3.4"
global.azure.images.enforcer.image📜
Type: string
Default value
"enforcer"
global.azure.images.enforcer.registry📜
Type: string
Default value
"registry1.dso.mil/ironbank/neuvector/neuvector"
global.aws.enabled📜
Type: bool
Default value
false
global.aws.accountNumber📜
Type: string
Default value
""
global.aws.roleName📜
Type: string
Default value
""
global.aws.serviceAccount📜
Type: string
Default value
"csp"
global.aws.annotations📜
Type: object
Default value
{}
global.aws.imagePullSecrets📜
Type: string
Default value
nil
global.aws.image.digest📜
Type: string
Default value
""
global.aws.image.repository📜
Type: string
Default value
"neuvector/neuvector-csp-adapter"
global.aws.image.tag📜
Type: string
Default value
"latest"
global.aws.image.imagePullPolicy📜
Type: string
Default value
"IfNotPresent"
bootstrapPassword📜
Type: string
Default value
""
autoGenerateCert📜
Type: bool
Default value
true
defaultValidityPeriod📜
Type: int
Default value
365
internal.certmanager.enabled📜
Type: bool
Default value
false
internal.certmanager.secretname📜
Type: string
Default value
"neuvector-internal"
internal.autoGenerateCert📜
Type: bool
Default value
true
internal.autoRotateCert📜
Type: bool
Default value
false
controller.enabled📜
Type: bool
Default value
true
controller.annotations📜
Type: object
Default value
{}
controller.strategy.type📜
Type: string
Default value
"RollingUpdate"
controller.strategy.rollingUpdate.maxSurge📜
Type: int
Default value
1
controller.strategy.rollingUpdate.maxUnavailable📜
Type: int
Default value
0
controller.image.repository📜
Type: string
Default value
"ironbank/neuvector/neuvector/controller"
controller.image.hash📜
Type: string
Default value
nil
controller.replicas📜
Type: int
Default value
3
controller.disruptionbudget📜
Type: int
Default value
0
controller.schedulerName📜
Type: string
Default value
nil
controller.priorityClassName📜
Type: string
Default value
nil
controller.podLabels📜
Type: object
Default value
{}
controller.podAnnotations📜
Type: object
Default value
{}
controller.containerSecurityContext.privileged📜
Type: bool
Default value
true
controller.containerSecurityContext.runAsUser📜
Type: int
Default value
1000
controller.containerSecurityContext.runAsNonRoot📜
Type: bool
Default value
true
controller.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
controller.searchRegistries📜
Type: string
Default value
nil
controller.env📜
Type: list
Default value
[]
controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].weight📜
Type: int
Default value
100
controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].key📜
Type: string
Default value
"app"
controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].operator📜
Type: string
Default value
"In"
controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchExpressions[0].values[0]📜
Type: string
Default value
"neuvector-controller-pod"
controller.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.topologyKey📜
Type: string
Default value
"kubernetes.io/hostname"
controller.tolerations📜
Type: list
Default value
[]
controller.topologySpreadConstraints📜
Type: list
Default value
[]
controller.nodeSelector📜
Type: object
Default value
{}
controller.apisvc.type📜
Type: string
Default value
nil
controller.apisvc.annotations📜
Type: object
Default value
{}
controller.apisvc.route.enabled📜
Type: bool
Default value
false
controller.apisvc.route.termination📜
Type: string
Default value
"passthrough"
controller.apisvc.route.host📜
Type: string
Default value
nil
controller.apisvc.route.tls📜
Type: string
Default value
nil
controller.ranchersso.enabled📜
Type: bool
Default value
false
controller.sso.certificateAuthority.secretName📜
Type: string
Default value
""
controller.pvc.enabled📜
Type: bool
Default value
false
controller.pvc.existingClaim📜
Type: bool
Default value
false
controller.pvc.accessModes[0]📜
Type: string
Default value
"ReadWriteMany"
controller.pvc.storageClass📜
Type: string
Default value
nil
controller.pvc.capacity📜
Type: string
Default value
nil
controller.azureFileShare.enabled📜
Type: bool
Default value
false
controller.azureFileShare.secretName📜
Type: string
Default value
nil
controller.azureFileShare.shareName📜
Type: string
Default value
nil
controller.certificate.secret📜
Type: string
Default value
""
controller.certificate.keyFile📜
Type: string
Default value
"tls.key"
controller.certificate.pemFile📜
Type: string
Default value
"tls.pem"
controller.internal.certificate.secret📜
Type: string
Default value
""
controller.internal.certificate.keyFile📜
Type: string
Default value
"tls.key"
controller.internal.certificate.pemFile📜
Type: string
Default value
"tls.crt"
controller.internal.certificate.caFile📜
Type: string
Default value
"ca.crt"
controller.federation.mastersvc.type📜
Type: string
Default value
nil
controller.federation.mastersvc.loadBalancerIP📜
Type: string
Default value
nil
controller.federation.mastersvc.clusterIP📜
Type: string
Default value
nil
controller.federation.mastersvc.nodePort📜
Type: string
Default value
nil
controller.federation.mastersvc.externalTrafficPolicy📜
Type: string
Default value
nil
controller.federation.mastersvc.internalTrafficPolicy📜
Type: string
Default value
nil
controller.federation.mastersvc.ingress.enabled📜
Type: bool
Default value
false
controller.federation.mastersvc.ingress.host📜
Type: string
Default value
nil
controller.federation.mastersvc.ingress.ingressClassName📜
Type: string
Default value
""
controller.federation.mastersvc.ingress.path📜
Type: string
Default value
"/"
controller.federation.mastersvc.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”📜
Type: string
Default value
"HTTPS"
controller.federation.mastersvc.ingress.tls📜
Type: bool
Default value
false
controller.federation.mastersvc.ingress.secretName📜
Type: string
Default value
nil
controller.federation.mastersvc.annotations📜
Type: object
Default value
{}
controller.federation.mastersvc.route.enabled📜
Type: bool
Default value
false
controller.federation.mastersvc.route.termination📜
Type: string
Default value
"passthrough"
controller.federation.mastersvc.route.host📜
Type: string
Default value
nil
controller.federation.mastersvc.route.tls📜
Type: string
Default value
nil
controller.federation.managedsvc.type📜
Type: string
Default value
nil
controller.federation.managedsvc.loadBalancerIP📜
Type: string
Default value
nil
controller.federation.managedsvc.clusterIP📜
Type: string
Default value
nil
controller.federation.managedsvc.nodePort📜
Type: string
Default value
nil
controller.federation.managedsvc.externalTrafficPolicy📜
Type: string
Default value
nil
controller.federation.managedsvc.internalTrafficPolicy📜
Type: string
Default value
nil
controller.federation.managedsvc.ingress.enabled📜
Type: bool
Default value
false
controller.federation.managedsvc.ingress.host📜
Type: string
Default value
nil
controller.federation.managedsvc.ingress.ingressClassName📜
Type: string
Default value
""
controller.federation.managedsvc.ingress.path📜
Type: string
Default value
"/"
controller.federation.managedsvc.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”📜
Type: string
Default value
"HTTPS"
controller.federation.managedsvc.ingress.tls📜
Type: bool
Default value
false
controller.federation.managedsvc.ingress.secretName📜
Type: string
Default value
nil
controller.federation.managedsvc.annotations📜
Type: object
Default value
{}
controller.federation.managedsvc.route.enabled📜
Type: bool
Default value
false
controller.federation.managedsvc.route.termination📜
Type: string
Default value
"passthrough"
controller.federation.managedsvc.route.host📜
Type: string
Default value
nil
controller.federation.managedsvc.route.tls📜
Type: string
Default value
nil
controller.ingress.enabled📜
Type: bool
Default value
false
controller.ingress.host📜
Type: string
Default value
nil
controller.ingress.ingressClassName📜
Type: string
Default value
""
controller.ingress.path📜
Type: string
Default value
"/"
controller.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”📜
Type: string
Default value
"HTTPS"
controller.ingress.tls📜
Type: bool
Default value
false
controller.ingress.secretName📜
Type: string
Default value
nil
controller.resources📜
Type: object
Default value
{}
controller.configmap.enabled📜
Type: bool
Default value
false
controller.configmap.data📜
Type: string
Default value
nil
controller.secret.enabled📜
Type: bool
Default value
false
controller.secret.data.”userinitcfg.yaml”.users[0].Fullname📜
Type: string
Default value
"admin"
controller.secret.data.”userinitcfg.yaml”.users[0].Password📜
Type: string
Default value
nil
controller.secret.data.”userinitcfg.yaml”.users[0].Role📜
Type: string
Default value
"admin"
controller.certupgrader.env📜
Type: list
Default value
[]
controller.certupgrader.schedule📜
Type: string
Default value
""
controller.certupgrader.imagePullPolicy📜
Type: string
Default value
"IfNotPresent"
controller.certupgrader.timeout📜
Type: int
Default value
3600
controller.certupgrader.priorityClassName📜
Type: string
Default value
nil
controller.certupgrader.podLabels📜
Type: object
Default value
{}
controller.certupgrader.podAnnotations📜
Type: object
Default value
{}
controller.certupgrader.nodeSelector📜
Type: object
Default value
{}
controller.certupgrader.securityContext.runAsNonRoot📜
Type: bool
Default value
true
controller.certupgrader.securityContext.runAsUser📜
Type: int
Default value
1000
controller.certupgrader.securityContext.runAsGroup📜
Type: int
Default value
1000
controller.certupgrader.securityContext.fsGroup📜
Type: int
Default value
1000
controller.certupgrader.containerSecurityContext.runAsUser📜
Type: int
Default value
1000
controller.certupgrader.containerSecurityContext.runAsGroup📜
Type: int
Default value
1000
controller.certupgrader.containerSecurityContext.runAsNonRoot📜
Type: bool
Default value
true
controller.certupgrader.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
controller.prime.enabled📜
Type: bool
Default value
false
controller.prime.image.repository📜
Type: string
Default value
"neuvector/compliance-config"
controller.prime.image.tag📜
Type: string
Default value
"1.0.0"
controller.prime.image.hash📜
Type: string
Default value
nil
enforcer.enabled📜
Type: bool
Default value
true
enforcer.image.repository📜
Type: string
Default value
"ironbank/neuvector/neuvector/enforcer"
enforcer.image.hash📜
Type: string
Default value
nil
enforcer.updateStrategy.type📜
Type: string
Default value
"RollingUpdate"
enforcer.priorityClassName📜
Type: string
Default value
nil
enforcer.podLabels📜
Type: object
Default value
{}
enforcer.podAnnotations📜
Type: object
Default value
{}
enforcer.containerSecurityContext.privileged📜
Type: bool
Default value
true
enforcer.containerSecurityContext.runAsGroup📜
Type: int
Default value
1000
enforcer.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
enforcer.env📜
Type: list
Default value
[]
enforcer.tolerations[0].effect📜
Type: string
Default value
"NoSchedule"
enforcer.tolerations[0].key📜
Type: string
Default value
"node-role.kubernetes.io/master"
enforcer.tolerations[1].effect📜
Type: string
Default value
"NoSchedule"
enforcer.tolerations[1].key📜
Type: string
Default value
"node-role.kubernetes.io/control-plane"
enforcer.resources📜
Type: object
Default value
{}
enforcer.internal.certificate.secret📜
Type: string
Default value
""
enforcer.internal.certificate.keyFile📜
Type: string
Default value
"tls.key"
enforcer.internal.certificate.pemFile📜
Type: string
Default value
"tls.crt"
enforcer.internal.certificate.caFile📜
Type: string
Default value
"ca.crt"
manager.enabled📜
Type: bool
Default value
true
manager.image.repository📜
Type: string
Default value
"ironbank/neuvector/neuvector/manager"
manager.image.hash📜
Type: string
Default value
nil
manager.priorityClassName📜
Type: string
Default value
nil
manager.env.ssl📜
Type: bool
Default value
false
manager.env.envs[0].name📜
Type: string
Default value
"JDK_JAVA_OPTIONS"
manager.env.envs[0].value📜
Type: string
Default value
"-Dcom.redhat.fips=false"
manager.svc.type📜
Type: string
Default value
"ClusterIP"
manager.svc.loadBalancerIP📜
Type: string
Default value
nil
manager.svc.annotations📜
Type: object
Default value
{}
manager.route.enabled📜
Type: bool
Default value
true
manager.route.termination📜
Type: string
Default value
"passthrough"
manager.route.host📜
Type: string
Default value
nil
manager.route.tls📜
Type: string
Default value
nil
manager.certificate.secret📜
Type: string
Default value
""
manager.certificate.keyFile📜
Type: string
Default value
"tls.key"
manager.certificate.pemFile📜
Type: string
Default value
"tls.pem"
manager.ingress.enabled📜
Type: bool
Default value
false
manager.ingress.host📜
Type: string
Default value
nil
manager.ingress.ingressClassName📜
Type: string
Default value
""
manager.ingress.path📜
Type: string
Default value
"/"
manager.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”📜
Type: string
Default value
"HTTPS"
manager.ingress.tls📜
Type: bool
Default value
false
manager.ingress.secretName📜
Type: string
Default value
nil
manager.resources📜
Type: object
Default value
{}
manager.topologySpreadConstraints📜
Type: list
Default value
[]
manager.affinity📜
Type: object
Default value
{}
manager.podLabels📜
Type: object
Default value
{}
manager.podAnnotations📜
Type: object
Default value
{}
manager.containerSecurityContext.runAsUser📜
Type: int
Default value
1000
manager.containerSecurityContext.runAsGroup📜
Type: int
Default value
1000
manager.containerSecurityContext.runAsNonRoot📜
Type: bool
Default value
true
manager.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
manager.tolerations📜
Type: list
Default value
[]
manager.nodeSelector📜
Type: object
Default value
{}
manager.securityContext.runAsNonRoot📜
Type: bool
Default value
true
manager.securityContext.runAsUser📜
Type: int
Default value
1000
manager.securityContext.runAsGroup📜
Type: int
Default value
1000
manager.securityContext.fsGroup📜
Type: int
Default value
1000
manager.probes.enabled📜
Type: bool
Default value
false
manager.probes.timeout📜
Type: int
Default value
1
manager.probes.periodSeconds📜
Type: int
Default value
10
manager.probes.startupFailureThreshold📜
Type: int
Default value
30
cve.adapter.enabled📜
Type: bool
Default value
false
cve.adapter.image.repository📜
Type: string
Default value
"neuvector/registry-adapter"
cve.adapter.image.tag📜
Type: string
Default value
"0.1.3"
cve.adapter.image.hash📜
Type: string
Default value
nil
cve.adapter.priorityClassName📜
Type: string
Default value
nil
cve.adapter.resources📜
Type: object
Default value
{}
cve.adapter.affinity📜
Type: object
Default value
{}
cve.adapter.podLabels📜
Type: object
Default value
{}
cve.adapter.podAnnotations📜
Type: object
Default value
{}
cve.adapter.env📜
Type: list
Default value
[]
cve.adapter.tolerations📜
Type: list
Default value
[]
cve.adapter.nodeSelector📜
Type: object
Default value
{}
cve.adapter.securityContext.runAsUser📜
Type: int
Default value
1000
cve.adapter.securityContext.runAsGroup📜
Type: int
Default value
1000
cve.adapter.securityContext.fsGroup📜
Type: int
Default value
1000
cve.adapter.securityContext.runAsNonRoot📜
Type: bool
Default value
true
cve.adapter.certificate.secret📜
Type: string
Default value
""
cve.adapter.certificate.keyFile📜
Type: string
Default value
"tls.key"
cve.adapter.certificate.pemFile📜
Type: string
Default value
"tls.crt"
cve.adapter.harbor.protocol📜
Type: string
Default value
"https"
cve.adapter.harbor.secretName📜
Type: string
Default value
nil
cve.adapter.svc.type📜
Type: string
Default value
"NodePort"
cve.adapter.svc.loadBalancerIP📜
Type: string
Default value
nil
cve.adapter.svc.annotations📜
Type: object
Default value
{}
cve.adapter.route.enabled📜
Type: bool
Default value
true
cve.adapter.route.termination📜
Type: string
Default value
"passthrough"
cve.adapter.route.host📜
Type: string
Default value
nil
cve.adapter.route.tls📜
Type: string
Default value
nil
cve.adapter.ingress.enabled📜
Type: bool
Default value
false
cve.adapter.ingress.host📜
Type: string
Default value
nil
cve.adapter.ingress.ingressClassName📜
Type: string
Default value
""
cve.adapter.ingress.path📜
Type: string
Default value
"/"
cve.adapter.ingress.annotations.”nginx.ingress.kubernetes.io/backend-protocol”📜
Type: string
Default value
"HTTPS"
cve.adapter.ingress.tls📜
Type: bool
Default value
false
cve.adapter.ingress.secretName📜
Type: string
Default value
nil
cve.adapter.internal.certificate.secret📜
Type: string
Default value
""
cve.adapter.internal.certificate.keyFile📜
Type: string
Default value
"tls.key"
cve.adapter.internal.certificate.pemFile📜
Type: string
Default value
"tls.crt"
cve.adapter.internal.certificate.caFile📜
Type: string
Default value
"ca.crt"
cve.updater.enabled📜
Type: bool
Default value
true
cve.updater.secure📜
Type: bool
Default value
false
cve.updater.cacert📜
Type: string
Default value
"/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
cve.updater.image.registry📜
Type: string
Default value
"registry1.dso.mil"
cve.updater.image.repository📜
Type: string
Default value
"ironbank/big-bang/base"
cve.updater.image.tag📜
Type: string
Default value
"2.1.0"
cve.updater.image.hash📜
Type: string
Default value
nil
cve.updater.schedule📜
Type: string
Default value
"0 0 * * *"
cve.updater.priorityClassName📜
Type: string
Default value
nil
cve.updater.resources📜
Type: object
Default value
{}
cve.updater.podLabels📜
Type: object
Default value
{}
cve.updater.podAnnotations📜
Type: object
Default value
{}
cve.updater.nodeSelector📜
Type: object
Default value
{}
cve.updater.securityContext.runAsUser📜
Type: int
Default value
1000
cve.updater.securityContext.runAsGroup📜
Type: int
Default value
1000
cve.updater.securityContext.fsGroup📜
Type: int
Default value
1000
cve.updater.securityContext.runAsNonRoot📜
Type: bool
Default value
true
cve.updater.containerSecurityContext.runAsUser📜
Type: int
Default value
1000
cve.updater.containerSecurityContext.runAsGroup📜
Type: int
Default value
1000
cve.updater.containerSecurityContext.runAsNonRoot📜
Type: bool
Default value
true
cve.updater.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
cve.scanner.enabled📜
Type: bool
Default value
true
cve.scanner.replicas📜
Type: int
Default value
3
cve.scanner.dockerPath📜
Type: string
Default value
""
cve.scanner.strategy.type📜
Type: string
Default value
"RollingUpdate"
cve.scanner.strategy.rollingUpdate.maxSurge📜
Type: int
Default value
1
cve.scanner.strategy.rollingUpdate.maxUnavailable📜
Type: int
Default value
0
cve.scanner.image.repository📜
Type: string
Default value
"ironbank/neuvector/neuvector/scanner"
cve.scanner.image.tag📜
Type: string
Default value
"5"
cve.scanner.image.hash📜
Type: string
Default value
nil
cve.scanner.priorityClassName📜
Type: string
Default value
nil
cve.scanner.resources📜
Type: object
Default value
{}
cve.scanner.topologySpreadConstraints📜
Type: list
Default value
[]
cve.scanner.affinity📜
Type: object
Default value
{}
cve.scanner.podLabels📜
Type: object
Default value
{}
cve.scanner.podAnnotations📜
Type: object
Default value
{}
cve.scanner.env📜
Type: list
Default value
[]
cve.scanner.tolerations📜
Type: list
Default value
[]
cve.scanner.nodeSelector📜
Type: object
Default value
{}
cve.scanner.securityContext.runAsNonRoot📜
Type: bool
Default value
true
cve.scanner.securityContext.runAsUser📜
Type: int
Default value
1000
cve.scanner.securityContext.runAsGroup📜
Type: int
Default value
1000
cve.scanner.securityContext.fsGroup📜
Type: int
Default value
1000
cve.scanner.internal.certificate.secret📜
Type: string
Default value
""
cve.scanner.internal.certificate.keyFile📜
Type: string
Default value
"tls.key"
cve.scanner.internal.certificate.pemFile📜
Type: string
Default value
"tls.crt"
cve.scanner.internal.certificate.caFile📜
Type: string
Default value
"ca.crt"
cve.scanner.containerSecurityContext.runAsUser📜
Type: int
Default value
1000
cve.scanner.containerSecurityContext.runAsGroup📜
Type: int
Default value
1000
cve.scanner.containerSecurityContext.runAsNonRoot📜
Type: bool
Default value
true
cve.scanner.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
resources📜
Type: object
Default value
{}
runtimePath📜
Type: string
Default value
nil
docker.path📜
Type: string
Default value
"/var/run/docker.sock"
k3s.enabled📜
Type: bool
Default value
false
k3s.runtimePath📜
Type: string
Default value
"/run/k3s/containerd/containerd.sock"
bottlerocket.enabled📜
Type: bool
Default value
false
bottlerocket.runtimePath📜
Type: string
Default value
"/run/dockershim.sock"
containerd.enabled📜
Type: bool
Default value
false
containerd.path📜
Type: string
Default value
"/var/run/containerd/containerd.sock"
crio.enabled📜
Type: bool
Default value
false
crio.path📜
Type: string
Default value
"/var/run/crio/crio.sock"
admissionwebhook.type📜
Type: string
Default value
"ClusterIP"
crdwebhook.enabled📜
Type: bool
Default value
true
crdwebhook.type📜
Type: string
Default value
"ClusterIP"
domain📜
Type: string
Default value
"dev.bigbang.mil"
istio.enabled📜
Type: bool
Default value
false
istio.injection📜
Type: string
Default value
"enabled"
istio.hardened.enabled📜
Type: bool
Default value
false
istio.hardened.customAuthorizationPolicies📜
Type: list
Default value
[]
istio.hardened.outboundTrafficPolicyMode📜
Type: string
Default value
"REGISTRY_ONLY"
istio.hardened.monitoring.enabled📜
Type: bool
Default value
true
istio.hardened.monitoring.namespaces[0]📜
Type: string
Default value
"monitoring"
istio.hardened.monitoring.principals[0]📜
Type: string
Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"
istio.hardened.monitoring.principals[1]📜
Type: string
Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"
istio.hardened.monitoring.principals[2]📜
Type: string
Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"
istio.hardened.monitoring.principals[3]📜
Type: string
Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"
istio.hardened.monitoring.principals[4]📜
Type: string
Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"
istio.hardened.monitoring.principals[5]📜
Type: string
Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"
istio.hardened.customServiceEntries📜
Type: list
Default value
[]
istio.neuvector.enabled📜
Type: bool
Default value
true
istio.neuvector.annotations📜
Type: object
Default value
{}
istio.neuvector.labels📜
Type: object
Default value
{}
istio.neuvector.gateways[0]📜
Type: string
Default value
"istio-system/main"
istio.neuvector.hosts[0]📜
Type: string
Default value
"neuvector.{{ .Values.domain }}"
istio.mtls📜
Type: object
Default value
mode: STRICT
Description: Default neuvector peer authentication
istio.mtls.mode📜
Type: string
Default value
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
monitoring.enabled📜
Type: bool
Default value
false
monitoring.namespace📜
Type: string
Default value
"monitoring"
networkPolicies.enabled📜
Type: bool
Default value
false
networkPolicies.ingressLabels.app📜
Type: string
Default value
"istio-ingressgateway"
networkPolicies.ingressLabels.istio📜
Type: string
Default value
"ingressgateway"
networkPolicies.controlPlaneCidr📜
Type: string
Default value
"0.0.0.0/0"
networkPolicies.additionalPolicies📜
Type: list
Default value
[]
monitor.imagePullSecrets📜
Type: string
Default value
"private-registry"
monitor.install📜
Type: bool
Default value
false
monitor.exporter.enabled📜
Type: bool
Default value
false
monitor.exporter.serviceMonitor.enabled📜
Type: bool
Default value
false
monitor.exporter.svc.enabled📜
Type: bool
Default value
false
bbtests.enabled📜
Type: bool
Default value
false
bbtests.cypress.artifacts📜
Type: bool
Default value
true
bbtests.cypress.envs.cypress_url📜
Type: string
Default value
"http://neuvector-service-webui.{{ .Release.Namespace }}.svc.cluster.local:8443"
bbtests.cypress.resources.requests.cpu📜
Type: string
Default value
"2"
bbtests.cypress.resources.requests.memory📜
Type: string
Default value
"4Gi"
bbtests.cypress.resources.limits.cpu📜
Type: string
Default value
"2"
bbtests.cypress.resources.limits.memory📜
Type: string
Default value
"4Gi"
bbtests.scripts.envs.URL📜
Type: string
Default value
"http://neuvector-service-webui.{{ .Release.Namespace }}.svc.cluster.local:8443"
exporter.enabled📜
Type: bool
Default value
false