Skip to content

sonarqube values.yaml📜

deploymentType📜

Type: string

Default value
"StatefulSet"

replicaCount📜

Type: int

Default value
1

revisionHistoryLimit📜

Type: int

Default value
10

deploymentStrategy.type📜

Type: string

Default value
"Recreate"

OpenShift.enabled📜

Type: bool

Default value
false

OpenShift.createSCC📜

Type: bool

Default value
true

OpenShift.route.enabled📜

Type: bool

Default value
false

OpenShift.route.host📜

Type: string

Default value
"sonarqube.your-org.com"

OpenShift.route.path📜

Type: string

Default value
"/"

OpenShift.route.tls.termination📜

Type: string

Default value
"edge"

OpenShift.route.wildcardPolicy📜

Type: string

Default value
"None"

OpenShift.route.annotations📜

Type: object

Default value
{}

sso.enabled📜

Type: bool

Default value
false

sso.name📜

Type: string

Default value
""

sso.applicationid📜

Type: string

Default value
""

sso.providerid📜

Type: string

Default value
""

sso.loginUrl📜

Type: string

Default value
""

sso.secured📜

Type: string

Default value
""

sso.serverBaseURL📜

Type: string

Default value
""

sso.idpmetadataurl📜

Type: string

Default value
""

sso.image📜

Type: string

Default value
""

sso.resources.limits.cpu📜

Type: string

Default value
"100m"

sso.resources.limits.memory📜

Type: string

Default value
"256Mi"

sso.resources.requests.cpu📜

Type: string

Default value
"100m"

sso.resources.requests.memory📜

Type: string

Default value
"256Mi"

sso.containerSecurityContext.enabled📜

Type: bool

Default value
true

sso.containerSecurityContext.fsGroup📜

Type: int

Default value
26

sso.containerSecurityContext.runAsUser📜

Type: int

Default value
26

sso.containerSecurityContext.runAsGroup📜

Type: int

Default value
26

sso.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

upstream.fullnameOverride📜

Type: string

Default value
"sonarqube-sonarqube"

upstream.community.enabled📜

Type: bool

Default value
true

upstream.community.buildNumber📜

Type: string

Default value
"25.1.0.102122"

upstream.postgresql.enabled📜

Type: bool

Default value
true

upstream.postgresql.postgresqlUsername📜

Type: string

Default value
"sonarUser"

upstream.postgresql.postgresqlPassword📜

Type: string

Default value
"sonarPass"

upstream.postgresql.postgresqlDatabase📜

Type: string

Default value
"sonarDB"

upstream.postgresql.auth.enablePostgresUser📜

Type: bool

Default value
true

upstream.postgresql.auth.username📜

Type: string

Default value
"sonarUser"

upstream.postgresql.auth.password📜

Type: string

Default value
"sonarPass"

upstream.postgresql.auth.database📜

Type: string

Default value
"sonarDB"

upstream.postgresql.image.registry📜

Type: string

Default value
"registry1.dso.mil"

upstream.postgresql.image.repository📜

Type: string

Default value
"ironbank/opensource/postgres/postgresql"

upstream.postgresql.image.tag📜

Type: string

Default value
"16.2"

upstream.postgresql.image.pullSecrets[0]📜

Type: string

Default value
"private-registry"

upstream.postgresql.primary.extraEnvVars[0].name📜

Type: string

Default value
"POSTGRES_DB"

upstream.postgresql.primary.extraEnvVars[0].value📜

Type: string

Default value
"sonarDB"

upstream.postgresql.primary.extraVolumeMounts[0].name📜

Type: string

Default value
"runtime"

upstream.postgresql.primary.extraVolumeMounts[0].mountPath📜

Type: string

Default value
"/var/run/postgresql"

upstream.postgresql.primary.extraVolumes[0].name📜

Type: string

Default value
"runtime"

upstream.postgresql.primary.extraVolumes[0].emptyDir📜

Type: object

Default value
{}

upstream.postgresql.primary.persistence.size📜

Type: string

Default value
"20Gi"

upstream.postgresql.primary.persistence.mountPath📜

Type: string

Default value
"/var/lib/postgresql"

upstream.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube-community-build"

upstream.image.tag📜

Type: string

Default value
"25.1.0.102122-community"

upstream.image.pullPolicy📜

Type: string

Default value
"IfNotPresent"

upstream.image.pullSecrets📜

Type: list

Default value
[]

upstream.securityContext.fsGroup📜

Type: int

Default value
1000

upstream.securityContext.runAsUser📜

Type: int

Default value
1000

upstream.securityContext.runAsGroup📜

Type: int

Default value
1000

upstream.containerSecurityContext.allowPrivilegeEscalation📜

Type: bool

Default value
false

upstream.containerSecurityContext.runAsNonRoot📜

Type: bool

Default value
true

upstream.containerSecurityContext.runAsUser📜

Type: int

Default value
1000

upstream.containerSecurityContext.runAsGroup📜

Type: int

Default value
1000

upstream.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

upstream.elasticsearch.configureNode📜

Type: bool

Default value
false

upstream.elasticsearch.bootstrapChecks📜

Type: bool

Default value
true

upstream.nginx.enabled📜

Type: bool

Default value
false

upstream.service.type📜

Type: string

Default value
"ClusterIP"

upstream.service.externalPort📜

Type: int

Default value
9000

upstream.service.internalPort📜

Type: int

Default value
9000

upstream.service.labels📜

Type: string

Default value
nil

upstream.service.annotations📜

Type: object

Default value
{}

upstream.httpProxySecret📜

Type: string

Default value
""

upstream.httpProxy📜

Type: string

Default value
""

upstream.httpsProxy📜

Type: string

Default value
""

upstream.noProxy📜

Type: string

Default value
""

upstream.networkPolicy.enabled📜

Type: bool

Default value
false

upstream.networkPolicy.prometheusNamespace📜

Type: string

Default value
"monitoring"

upstream.sonarWebContext📜

Type: string

Default value
""

upstream.ingress-nginx.enabled📜

Type: bool

Default value
false

upstream.httproute.enabled📜

Type: bool

Default value
false

upstream.ingress.enabled📜

Type: bool

Default value
false

upstream.ingress.hosts[0].name📜

Type: string

Default value
"sonarqube.your-org.com"

upstream.ingress.annotations📜

Type: object

Default value
{}

upstream.ingress.tls📜

Type: list

Default value
[]

upstream.affinity📜

Type: object

Default value
{}

upstream.tolerations📜

Type: list

Default value
[]

upstream.nodeSelector📜

Type: object

Default value
{}

upstream.hostAliases📜

Type: list

Default value
[]

upstream.readinessProbe.exec.command[0]📜

Type: string

Default value
"sh"

upstream.readinessProbe.exec.command[1]📜

Type: string

Default value
"-c"

upstream.readinessProbe.exec.command[2]📜

Type: string

Default value
"#!/bin/bash\n# A Sonarqube container is considered ready if the status is UP, DB_MIGRATION_NEEDED or DB_MIGRATION_RUNNING\n# status about migration are added to prevent the node to be kill while sonarqube is upgrading the database.\nif curl -s http://localhost:{{ .Values.service.internalPort }}{{ .Values.readinessProbe.sonarWebContext | default (include \"sonarqube.webcontext\" .) }}api/system/status | grep -q -e '\"status\":\"UP\"' -e '\"status\":\"DB_MIGRATION_NEEDED\"' -e '\"status\":\"DB_MIGRATION_RUNNING\"'; then\n  exit 0\nfi\nexit 1\n"

upstream.readinessProbe.initialDelaySeconds📜

Type: int

Default value
60

upstream.readinessProbe.periodSeconds📜

Type: int

Default value
30

upstream.readinessProbe.failureThreshold📜

Type: int

Default value
6

upstream.readinessProbe.timeoutSeconds📜

Type: int

Default value
90

upstream.livenessProbe.exec.command[0]📜

Type: string

Default value
"sh"

upstream.livenessProbe.exec.command[1]📜

Type: string

Default value
"-c"

upstream.livenessProbe.exec.command[2]📜

Type: string

Default value
"curl --silent --fail --output /dev/null --max-time {{ .Values.livenessProbe.timeoutSeconds | default 1 }} --header \"X-Sonar-Passcode: $SONAR_WEB_SYSTEMPASSCODE\" \"http://localhost:{{ .Values.service.internalPort }}{{ .Values.livenessProbe.sonarWebContext | default (include \"sonarqube.webcontext\" .) }}api/system/liveness\"\n"

upstream.livenessProbe.initialDelaySeconds📜

Type: int

Default value
60

upstream.livenessProbe.periodSeconds📜

Type: int

Default value
30

upstream.livenessProbe.failureThreshold📜

Type: int

Default value
6

upstream.livenessProbe.timeoutSeconds📜

Type: int

Default value
1

upstream.startupProbe.initialDelaySeconds📜

Type: int

Default value
30

upstream.startupProbe.periodSeconds📜

Type: int

Default value
10

upstream.startupProbe.failureThreshold📜

Type: int

Default value
24

upstream.startupProbe.timeoutSeconds📜

Type: int

Default value
1

upstream.initContainers.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"

upstream.initContainers.securityContext.allowPrivilegeEscalation📜

Type: bool

Default value
false

upstream.initContainers.securityContext.runAsNonRoot📜

Type: bool

Default value
true

upstream.initContainers.securityContext.runAsUser📜

Type: int

Default value
1000

upstream.initContainers.securityContext.runAsGroup📜

Type: int

Default value
1000

upstream.initContainers.securityContext.seccompProfile.type📜

Type: string

Default value
"RuntimeDefault"

upstream.initContainers.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

upstream.initContainers.resources.limits.memory📜

Type: string

Default value
"300Mi"

upstream.initContainers.resources.limits.cpu📜

Type: string

Default value
"50m"

upstream.initContainers.resources.requests.memory📜

Type: string

Default value
"300Mi"

upstream.initContainers.resources.requests.cpu📜

Type: string

Default value
"50m"

upstream.extraInitContainers📜

Type: object

Default value
{}

upstream.extraContainers📜

Type: list

Default value
[]

upstream.extraVolumes📜

Type: list

Default value
[]

upstream.extraVolumeMounts📜

Type: list

Default value
[]

upstream.waitForDb.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/postgres/postgresql:16.2"

upstream.caCerts.enabled📜

Type: bool

Default value
false

upstream.initSysctl.enabled📜

Type: bool

Default value
false

upstream.initSysctl.vmMaxMapCount📜

Type: int

Default value
524288

upstream.initSysctl.fsFileMax📜

Type: int

Default value
131072

upstream.initSysctl.nofile📜

Type: int

Default value
131072

upstream.initSysctl.nproc📜

Type: int

Default value
8192

upstream.initSysctl.securityContext.privileged📜

Type: bool

Default value
true

upstream.initSysctl.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

upstream.initSysctl.securityContext.runAsUser📜

Type: int

Default value
0

upstream.initSysctl.securityContext.readOnlyRootFilesystem📜

Type: bool

Default value
true

upstream.initFs.enabled📜

Type: bool

Default value
true

upstream.initFs.securityContext.privileged📜

Type: bool

Default value
false

upstream.initFs.securityContext.runAsNonRoot📜

Type: bool

Default value
false

upstream.initFs.securityContext.runAsUser📜

Type: int

Default value
0

upstream.initFs.securityContext.runAsGroup📜

Type: int

Default value
0

upstream.initFs.securityContext.seccompProfile.type📜

Type: string

Default value
"RuntimeDefault"

upstream.initFs.securityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

upstream.initFs.securityContext.capabilities.add[0]📜

Type: string

Default value
"CHOWN"

upstream.initFs.securityContext.readOnlyRootFilesystem📜

Type: bool

Default value
true

upstream.prometheusExporter.enabled📜

Type: bool

Default value
false

upstream.prometheusExporter.version📜

Type: string

Default value
"0.17.2"

upstream.prometheusExporter.webBeanPort📜

Type: int

Default value
8000

upstream.prometheusExporter.ceBeanPort📜

Type: int

Default value
8001

upstream.prometheusExporter.config.rules[0].pattern📜

Type: string

Default value
".*"

upstream.prometheusExporter.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/prometheus/jmx-exporter:1.0.1"

upstream.prometheusMonitoring.podMonitor.enabled📜

Type: bool

Default value
false

upstream.prometheusMonitoring.podMonitor.interval📜

Type: string

Default value
"30s"

upstream.plugins.install📜

Type: list

Default value
[]

upstream.plugins.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/sonarsource/sonarqube/sonarqube-community-build:25.1.0.102122-community"

upstream.plugins.noCheckCertificate📜

Type: bool

Default value
false

upstream.jvmOpts📜

Type: string

Default value
""

upstream.jvmCeOpts📜

Type: string

Default value
""

upstream.monitoringPasscode📜

Type: string

Default value
"define_it"

upstream.env[0].name📜

Type: string

Default value
"JDK_JAVA_OPTIONS"

upstream.env[0].value📜

Type: string

Default value
"-Dcom.redhat.fips=false"

upstream.annotations📜

Type: object

Default value
{}

upstream.resources.limits.cpu📜

Type: string

Default value
"1000m"

upstream.resources.limits.memory📜

Type: string

Default value
"6144M"

upstream.resources.limits.ephemeral-storage📜

Type: string

Default value
"512000M"

upstream.resources.requests.cpu📜

Type: string

Default value
"500m"

upstream.resources.requests.memory📜

Type: string

Default value
"2048M"

upstream.resources.requests.ephemeral-storage📜

Type: string

Default value
"1536M"

upstream.persistence.enabled📜

Type: bool

Default value
false

upstream.persistence.annotations📜

Type: object

Default value
{}

upstream.persistence.storageClass📜

Type: string

Default value
nil

upstream.persistence.accessMode📜

Type: string

Default value
"ReadWriteOnce"

upstream.persistence.size📜

Type: string

Default value
"20Gi"

upstream.persistence.uid📜

Type: int

Default value
1000

upstream.persistence.guid📜

Type: int

Default value
0

upstream.persistence.volumes📜

Type: list

Default value
[]

upstream.persistence.mounts📜

Type: list

Default value
[]

upstream.emptyDir📜

Type: object

Default value
{}

upstream.sonarProperties.”sonar.forceAuthentication”📜

Type: bool

Default value
true

upstream.sonarProperties.”sonar.ce.javaAdditionalOpts”📜

Type: string

Default value
"-Dcom.redhat.fips=false"

upstream.sonarProperties.”sonar.search.javaAdditionalOpts”📜

Type: string

Default value
"-Dcom.redhat.fips=false"

upstream.sonarProperties.”sonar.web.javaAdditionalOpts”📜

Type: string

Default value
"-Dcom.redhat.fips=false"

upstream.jdbcOverwrite.enabled📜

Type: bool

Default value
false

upstream.jdbcOverwrite.jdbcUrl📜

Type: string

Default value
"jdbc:postgresql://myPostgress/myDatabase"

upstream.jdbcOverwrite.jdbcUsername📜

Type: string

Default value
"sonarUser"

upstream.jdbcOverwrite.jdbcPassword📜

Type: string

Default value
"sonarPass"

upstream.podLabels📜

Type: object

Default value
{}

upstream.sonarqubeFolder📜

Type: string

Default value
"/opt/sonarqube"

upstream.tests.image📜

Type: string

Default value
"bitnami/minideb-extras"

upstream.tests.enabled📜

Type: bool

Default value
false

upstream.tests.resources📜

Type: object

Default value
{}

upstream.serviceAccount.create📜

Type: bool

Default value
true

upstream.serviceAccount.automountToken📜

Type: bool

Default value
false

upstream.serviceAccount.annotations📜

Type: object

Default value
{}

upstream.extraConfig.secrets📜

Type: list

Default value
[]

upstream.extraConfig.configmaps📜

Type: list

Default value
[]

upstream.terminationGracePeriodSeconds📜

Type: int

Default value
60

curlContainerImage📜

Type: string

Default value
"registry1.dso.mil/ironbank/redhat/ubi/ubi9:9.6"

domain📜

Type: string

Default value
"dev.bigbang.mil"

istio.enabled📜

Type: bool

Default value
false

istio.hardened.enabled📜

Type: bool

Default value
false

istio.hardened.customAuthorizationPolicies📜

Type: list

Default value
[]

istio.hardened.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.hardened.customServiceEntries📜

Type: list

Default value
[]

istio.hardened.tempo.enabled📜

Type: bool

Default value
true

istio.hardened.tempo.namespaces[0]📜

Type: string

Default value
"tempo"

istio.hardened.tempo.principals[0]📜

Type: string

Default value
"cluster.local/ns/tempo/sa/tempo-tempo"

istio.hardened.monitoring.enabled📜

Type: bool

Default value
true

istio.hardened.monitoring.namespaces[0]📜

Type: string

Default value
"monitoring"

istio.hardened.monitoring.principals[0]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-grafana"

istio.hardened.monitoring.principals[1]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-alertmanager"

istio.hardened.monitoring.principals[2]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-operator"

istio.hardened.monitoring.principals[3]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus"

istio.hardened.monitoring.principals[4]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-state-metrics"

istio.hardened.monitoring.principals[5]📜

Type: string

Default value
"cluster.local/ns/monitoring/sa/monitoring-monitoring-prometheus-node-exporter"

istio.mtls📜

Type: object

Default value
mode: STRICT

Description: Default argocd peer authentication

istio.mtls.mode📜

Type: string

Default value
"STRICT"

Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic

istio.sonarqube.enabled📜

Type: bool

Default value
true

istio.sonarqube.annotations📜

Type: object

Default value
{}

istio.sonarqube.labels📜

Type: object

Default value
{}

istio.sonarqube.gateways[0]📜

Type: string

Default value
"istio-system/main"

istio.sonarqube.hosts[0]📜

Type: string

Default value
"sonarqube.{{ .Values.domain }}"

istio.injection📜

Type: string

Default value
"disabled"

monitoring.enabled📜

Type: bool

Default value
false

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.ingressLabels.app📜

Type: string

Default value
"istio-ingressgateway"

networkPolicies.ingressLabels.istio📜

Type: string

Default value
"ingressgateway"

networkPolicies.egressHttps.enabled📜

Type: bool

Default value
true

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

bbtests.enabled📜

Type: bool

Default value
false

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_url📜

Type: string

Default value
"http://sonarqube-sonarqube:9000"

bbtests.cypress.envs.cypress_url_setup📜

Type: string

Default value
"http://sonarqube-sonarqube:9000/setup"

bbtests.cypress.envs.cypress_user📜

Type: string

Default value
"admin"

bbtests.cypress.envs.cypress_password📜

Type: string

Default value
"New_admin_password!2"

bbtests.cypress.envs.cypress_timeout📜

Type: string

Default value
"10000"