sonarqube values.yaml📜
replicaCount📜
Type: int
Default value
1
sso.enabled📜
Type: bool
Default value
false
sso.name📜
Type: string
Default value
""
sso.applicationid📜
Type: string
Default value
""
sso.providerid📜
Type: string
Default value
""
sso.loginUrl📜
Type: string
Default value
""
sso.secured📜
Type: string
Default value
""
sso.serverBaseURL📜
Type: string
Default value
""
sso.idpmetadataurl📜
Type: string
Default value
""
sso.image📜
Type: string
Default value
""
sso.resources.limits.cpu📜
Type: string
Default value
"100m"
sso.resources.limits.memory📜
Type: string
Default value
"256Mi"
sso.resources.requests.cpu📜
Type: string
Default value
"100m"
sso.resources.requests.memory📜
Type: string
Default value
"256Mi"
sso.containerSecurityContext.enabled📜
Type: bool
Default value
true
sso.containerSecurityContext.fsGroup📜
Type: int
Default value
26
sso.containerSecurityContext.runAsUser📜
Type: int
Default value
26
sso.containerSecurityContext.runAsGroup📜
Type: int
Default value
26
sso.containerSecurityContext.capabilities.drop[0]📜
Type: string
Default value
"ALL"
upstream📜
Type: object
Default value
community:
buildNumber: 25.12.0.117093
enabled: true
containerSecurityContext:
capabilities:
drop:
- ALL
runAsGroup: 1000
env:
- name: JDK_JAVA_OPTIONS
value: -Dcom.redhat.fips=false
fullnameOverride: sonarqube-sonarqube
image:
pullSecrets: []
repository: registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube-community-build
tag: 25.12.0.117093-community
initContainers:
image: registry1.dso.mil/ironbank/big-bang/base:2.1.0
readOnlyRootFilesystem: true
resources:
limits:
cpu: 50m
memory: 300Mi
requests:
cpu: 50m
memory: 300Mi
securityContext:
runAsGroup: 1000
initFs:
enabled: false
initSysctl:
enabled: false
securityContext:
capabilities:
drop:
- ALL
livenessProbe:
exec:
command:
- sh
- -c
- 'curl --silent --fail --output /dev/null --max-time {{ .Values.livenessProbe.timeoutSeconds
| default 1 }} --header "X-Sonar-Passcode: $SONAR_WEB_SYSTEMPASSCODE" "http://localhost:{{
.Values.service.internalPort }}{{ .Values.livenessProbe.sonarWebContext | default
(include "sonarqube.webcontext" .) }}api/system/liveness"
'
monitoringPasscode: define_it
nameOverride: sonarqube
nginx:
enabled: false
persistence:
size: 20Gi
plugins:
image: registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube-community-build:25.12.0.117093-community
postgresql:
auth:
database: sonarDB
enablePostgresUser: true
password: sonarPass
username: sonarUser
enabled: true
image:
pullSecrets:
- private-registry
registry: registry1.dso.mil
repository: ironbank/opensource/postgres/postgresql
tag: '18.1'
postgresqlDatabase: sonarDB
postgresqlPassword: sonarPass
postgresqlUsername: sonarUser
primary:
extraEnvVars:
- name: POSTGRES_DB
value: sonarDB
extraVolumeMounts:
- mountPath: /var/run/postgresql
name: runtime
extraVolumes:
- emptyDir: {}
name: runtime
persistence:
mountPath: /var/lib/postgresql
size: 20Gi
prometheusExporter:
downloadURL: file:///opt/jmx_exporter/jmx_prometheus_javaagent-1.0.1.jar
image: registry1.dso.mil/ironbank/opensource/prometheus/jmx-exporter:1.0.1
readinessProbe:
exec:
command:
- sh
- -c
- "#!/bin/bash
# A Sonarqube container is considered ready if the status is UP,\
\ DB_MIGRATION_NEEDED or DB_MIGRATION_RUNNING
# status about migration are\
\ added to prevent the node to be kill while sonarqube is upgrading the database.
\
if curl -s http://localhost:{{ .Values.service.internalPort }}{{ .Values.readinessProbe.sonarWebContext\
\ | default (include \"sonarqube.webcontext\" .) }}api/system/status | grep\
\ -q -e '\"status\":\"UP\"' -e '\"status\":\"DB_MIGRATION_NEEDED\"' -e '\"status\"\
:\"DB_MIGRATION_RUNNING\"'; then
exit 0
fi
exit 1
"
timeoutSeconds: 90
resources:
limits:
cpu: 1000m
requests:
cpu: 500m
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
serviceAccount:
create: true
sonarProperties:
sonar.ce.javaAdditionalOpts: -Dcom.redhat.fips=false
sonar.forceAuthentication: true
sonar.search.javaAdditionalOpts: -Dcom.redhat.fips=false
sonar.telemetry.enable: false
sonar.web.javaAdditionalOpts: -Dcom.redhat.fips=false
tests:
enabled: false
image: bitnami/minideb-extras
resources: {}
waitForDb:
image: registry1.dso.mil/ironbank/opensource/postgres/postgresql:18.1
Description: We are exposing only the keys that BigBang overrides from the upstream chart. Please refer to the upstream chart for other value configs.
curlContainerImage📜
Type: string
Default value
"registry1.dso.mil/ironbank/redhat/ubi/ubi9:9.7"
domain📜
Type: string
Default value
"dev.bigbang.mil"
istio.enabled📜
Type: bool
Default value
false
istio.sidecar.enabled📜
Type: bool
Default value
false
istio.sidecar.outboundTrafficPolicyMode📜
Type: string
Default value
"REGISTRY_ONLY"
istio.serviceEntries.custom📜
Type: list
Default value
[]
istio.authorizationPolicies.enabled📜
Type: bool
Default value
false
istio.authorizationPolicies.custom📜
Type: list
Default value
[]
istio.mtls.mode📜
Type: string
Default value
"STRICT"
routes.inbound.sonarqube.enabled📜
Type: bool
Default value
true
routes.inbound.sonarqube.gateways[0]📜
Type: string
Default value
"istio-gateway/public-ingressgateway"
routes.inbound.sonarqube.hosts[0]📜
Type: string
Default value
"sonarqube.dev.bigbang.mil"
routes.inbound.sonarqube.service📜
Type: string
Default value
"sonarqube-sonarqube.sonarqube.svc.cluster.local"
routes.inbound.sonarqube.port📜
Type: int
Default value
9000
routes.inbound.sonarqube.selector.app📜
Type: string
Default value
"sonarqube"
OpenShift.enabled📜
Type: bool
Default value
false
networkPolicies.enabled📜
Type: bool
Default value
false
networkPolicies.ingress.to.sonarqube:[8000,8001,9000].podSelector.matchLabels.app📜
Type: string
Default value
"sonarqube"
networkPolicies.ingress.to.sonarqube:[8000,8001,9000].from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜
Type: bool
Default value
false
networkPolicies.egress.definitions.sonarsource-marketplace.to[0].ipBlock.cidr📜
Type: string
Default value
"0.0.0.0/0"
networkPolicies.egress.definitions.sonarsource-marketplace.to[0].ipBlock.except[0]📜
Type: string
Default value
"169.254.169.254/32"
networkPolicies.egress.definitions.sonarsource-marketplace.ports[0].port📜
Type: int
Default value
443
networkPolicies.egress.definitions.sonarsource-marketplace.ports[0].protocol📜
Type: string
Default value
"TCP"
networkPolicies.egress.definitions.code-repository.to[0].ipBlock.cidr📜
Type: string
Default value
"0.0.0.0/0"
networkPolicies.egress.definitions.code-repository.to[0].ipBlock.except[0]📜
Type: string
Default value
"169.254.169.254/32"
networkPolicies.egress.definitions.code-repository.ports[0].port📜
Type: int
Default value
443
networkPolicies.egress.definitions.code-repository.ports[0].protocol📜
Type: string
Default value
"TCP"
networkPolicies.egress.from.sonarqube.podSelector.matchLabels.app📜
Type: string
Default value
"sonarqube"
networkPolicies.egress.from.sonarqube.to.k8s.tempo/tempo:9411📜
Type: bool
Default value
false
networkPolicies.egress.from.sonarqube.to.definition.sonarsource-marketplace📜
Type: bool
Default value
false
networkPolicies.egress.from.sonarqube.to.definition.code-repository📜
Type: bool
Default value
true
networkPolicies.egressHttps📜
Type: object
Default value
enabled: true
Description: This section will be deprecated in the next major release in favor of the bb-common definitions
networkPolicies.additionalPolicies📜
Type: list
Default value
[]
bbtests.enabled📜
Type: bool
Default value
false
bbtests.cypress.artifacts📜
Type: bool
Default value
true
bbtests.cypress.envs.cypress_url📜
Type: string
Default value
"http://sonarqube-sonarqube:9000"
bbtests.cypress.envs.cypress_url_setup📜
Type: string
Default value
"http://sonarqube-sonarqube:9000/setup"
bbtests.cypress.envs.cypress_user📜
Type: string
Default value
"admin"
bbtests.cypress.envs.cypress_password📜
Type: string
Default value
"admin"
bbtests.cypress.envs.cypress_new_password📜
Type: string
Default value
"New_admin_password!2"
bbtests.cypress.envs.cypress_timeout📜
Type: string
Default value
"10000"