Skip to content

vault values.yaml📜

domain📜

Type: string

Default value
"dev.bigbang.mil"

monitoring.enabled📜

Type: bool

Default value
false

monitoring.namespace📜

Type: string

Default value
"monitoring"

routes.inbound.vault.enabled📜

Type: bool

Default value
true

routes.inbound.vault.gateways[0]📜

Type: string

Default value
"istio-gateway/passthrough-ingressgateway"

routes.inbound.vault.hosts[0]📜

Type: string

Default value
"vault.{{ .Values.domain }}"

routes.inbound.vault.service📜

Type: string

Default value
"vault-vault.vault.svc.cluster.local"

routes.inbound.vault.port📜

Type: int

Default value
8200

routes.inbound.vault.passthrough.enabled📜

Type: bool

Default value
true

istio.enabled📜

Type: bool

Default value
false

istio.sidecar.enabled📜

Type: bool

Default value
false

istio.sidecar.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.serviceEntries.custom📜

Type: list

Default value
[]

istio.authorizationPolicies.enabled📜

Type: bool

Default value
false

istio.authorizationPolicies.custom📜

Type: list

Default value
[]

istio.mtls.mode📜

Type: string

Default value
"STRICT"

tls.cert📜

Type: string

Default value
""

tls.key📜

Type: string

Default value
""

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.ingress.definitions.custom-app-ingress.from[0].namespaceSelector📜

Type: object

Default value
{}

networkPolicies.ingress.definitions.custom-app-ingress.from[0].podSelector.matchLabels.vault-ingress📜

Type: string

Default value
"true"

networkPolicies.ingress.to.vault:8200.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.vault:8200.from.definition.custom-app-ingress📜

Type: bool

Default value
true

networkPolicies.ingress.to.vault-agent-injector:8080.from.cidr.”0.0.0.0/0”📜

Type: bool

Default value
true

networkPolicies.egress.definitions.kms.to[0].ipBlock.cidr📜

Type: string

Default value
"0.0.0.0/0"

networkPolicies.egress.definitions.kms.ports[0].port📜

Type: int

Default value
443

networkPolicies.egress.definitions.kms.ports[0].protocol📜

Type: string

Default value
"TCP"

networkPolicies.egress.from.vault.to.cidr.”169.254.169.254/32”📜

Type: bool

Default value
true

networkPolicies.egress.from.vault.to.k8s.tempo/tempo:9411📜

Type: bool

Default value
false

networkPolicies.egress.from.vault.to.definition.kms📜

Type: bool

Default value
true

networkPolicies.egress.from.vault.to.definition.kubeAPI📜

Type: bool

Default value
true

networkPolicies.egress.from.vault-agent-injector.to.definition.kubeAPI📜

Type: bool

Default value
true

networkPolicies.egress.from.vault-autoinit.podSelector.matchLabels.”batch.kubernetes.io/job-name”📜

Type: string

Default value
"vault-vault-job-init"

networkPolicies.egress.from.vault-autoinit.to.definition.kubeAPI📜

Type: bool

Default value
true

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

autoInit.enabled📜

Type: bool

Default value
true

autoInit.image.repository📜

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base"

autoInit.image.tag📜

Type: string

Default value
"2.1.0"

autoInit.storage.size📜

Type: string

Default value
"2Gi"

minio.enabled📜

Type: bool

Default value
false

customAppIngressSelector.key📜

Type: string

Default value
"vault-ingress"

customAppIngressSelector.value📜

Type: bool

Default value
true

bbtests.enabled📜

Type: bool

Default value
false

bbtests.cypress.resources.requests.cpu📜

Type: int

Default value
2

bbtests.cypress.resources.requests.memory📜

Type: string

Default value
"8Gi"

bbtests.cypress.resources.limits.cpu📜

Type: int

Default value
2

bbtests.cypress.resources.limits.memory📜

Type: string

Default value
"8Gi"

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_vault_url📜

Type: string

Default value
"http://vault.vault.svc:8200"

bbtests.cypress.secretEnvs[0].name📜

Type: string

Default value
"cypress_token"

bbtests.cypress.secretEnvs[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"vault-token"

bbtests.cypress.secretEnvs[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"key"

bbtests.cypress.disableDefaultTests📜

Type: bool

Default value
false

bbtests.scripts.permissions.apiGroups[0]📜

Type: string

Default value
""

bbtests.scripts.permissions.resources[0]📜

Type: string

Default value
"configmaps"

bbtests.scripts.permissions.verbs[0]📜

Type: string

Default value
"create"

bbtests.scripts.permissions.verbs[1]📜

Type: string

Default value
"delete"

bbtests.scripts.permissions.verbs[2]📜

Type: string

Default value
"list"

bbtests.scripts.permissions.verbs[3]📜

Type: string

Default value
"get"

bbtests.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"

bbtests.scripts.envs.VAULT_PORT📜

Type: string

Default value
"80"

bbtests.scripts.envs.VAULT_HOST📜

Type: string

Default value
"http://vault"

bbtests.scripts.secretEnvs[0].name📜

Type: string

Default value
"vault_token"

bbtests.scripts.secretEnvs[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"vault-token"

bbtests.scripts.secretEnvs[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"key"

openshift📜

Type: bool

Default value
false