Skip to content

anchore-enterprise values.yaml📜

domain📜

Type: string

Default value
"dev.bigbang.mil"

routes.inbound.anchore-api.enabled📜

Type: bool

Default value
true

routes.inbound.anchore-api.selector.”app.kubernetes.io/component”📜

Type: string

Default value
"api"

routes.inbound.anchore-api.gateways[0]📜

Type: string

Default value
"istio-gateway/public-ingressgateway"

routes.inbound.anchore-api.hosts[0]📜

Type: string

Default value
"anchore-api.{{ .Values.domain }}"

routes.inbound.anchore-api.http[0].match[0].uri.prefix📜

Type: string

Default value
"/metrics"

routes.inbound.anchore-api.http[0].route[0].destination.host📜

Type: string

Default value
"anchore-enterprise-anchore-enterprise-api.anchore.svc.cluster.local"

routes.inbound.anchore-api.http[0].route[0].destination.port.number📜

Type: int

Default value
8228

routes.inbound.anchore-api.http[0].fault.abort.percentage.value📜

Type: int

Default value
100

routes.inbound.anchore-api.http[0].fault.abort.httpStatus📜

Type: int

Default value
403

routes.inbound.anchore-api.http[1].match[0].uri.prefix📜

Type: string

Default value
"/"

routes.inbound.anchore-api.http[1].route[0].destination.host📜

Type: string

Default value
"anchore-enterprise-anchore-enterprise-api.anchore.svc.cluster.local"

routes.inbound.anchore-api.http[1].route[0].destination.port.number📜

Type: int

Default value
8228

routes.inbound.anchore-ui.enabled📜

Type: bool

Default value
true

routes.inbound.anchore-ui.selector.”app.kubernetes.io/component”📜

Type: string

Default value
"ui"

routes.inbound.anchore-ui.gateways[0]📜

Type: string

Default value
"istio-gateway/public-ingressgateway"

routes.inbound.anchore-ui.hosts[0]📜

Type: string

Default value
"anchore.{{ .Values.domain }}"

routes.inbound.anchore-ui.service📜

Type: string

Default value
"anchore-enterprise-anchore-enterprise-ui.anchore.svc.cluster.local"

routes.inbound.anchore-ui.port📜

Type: int

Default value
3000

routes.outbound.anchore-data-service.enabled📜

Type: bool

Default value
true

routes.outbound.anchore-data-service.hosts[0]📜

Type: string

Default value
"data.anchore-enterprise.com"

istio.enabled📜

Type: bool

Default value
false

istio.sidecar.enabled📜

Type: bool

Default value
false

istio.sidecar.outboundTrafficPolicyMode📜

Type: string

Default value
"REGISTRY_ONLY"

istio.serviceEntries.custom📜

Type: list

Default value
[]

istio.authorizationPolicies.enabled📜

Type: bool

Default value
false

istio.authorizationPolicies.custom📜

Type: list

Default value
[]

istio.mtls.mode📜

Type: string

Default value
"STRICT"

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.ingress.to.catalog:8082.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"catalog"

networkPolicies.ingress.to.catalog:8082.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.simplequeue:8083.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"simplequeue"

networkPolicies.ingress.to.simplequeue:8083.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.analyzer:8084.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"analyzer"

networkPolicies.ingress.to.analyzer:8084.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.policy:8087.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"policyengine"

networkPolicies.ingress.to.policy:8087.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.api:8228.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"api"

networkPolicies.ingress.to.api:8228.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.reports:8558.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"reports"

networkPolicies.ingress.to.reports:8558.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.notifications:8668.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"notifications"

networkPolicies.ingress.to.notifications:8668.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.ingress.to.ui-redis:9121.from.k8s.monitoring-monitoring-kube-prometheus@monitoring/prometheus📜

Type: bool

Default value
false

networkPolicies.egress.definitions.anchore-data-service.to[0].ipBlock.cidr📜

Type: string

Default value
"0.0.0.0/0"

networkPolicies.egress.definitions.anchore-data-service.ports[0].port📜

Type: int

Default value
443

networkPolicies.egress.definitions.anchore-data-service.ports[0].protocol📜

Type: string

Default value
"TCP"

networkPolicies.egress.definitions.ldap-subnets.to[0].ipBlock.cidr📜

Type: string

Default value
"192.168.0.0/16"

networkPolicies.egress.definitions.ldap-subnets.to[1].ipBlock.cidr📜

Type: string

Default value
"172.16.0.0/12"

networkPolicies.egress.definitions.ldap-subnets.to[2].ipBlock.cidr📜

Type: string

Default value
"10.0.0.0/8"

networkPolicies.egress.definitions.ldap-subnets.ports[0].port📜

Type: int

Default value
636

networkPolicies.egress.definitions.ldap-subnets.ports[0].protocol📜

Type: string

Default value
"TCP"

networkPolicies.egress.definitions.notification-services.to[0].ipBlock.cidr📜

Type: string

Default value
"0.0.0.0/0"

networkPolicies.egress.definitions.redis-subnets.to[0].ipBlock.cidr📜

Type: string

Default value
"192.168.0.0/16"

networkPolicies.egress.definitions.redis-subnets.to[1].ipBlock.cidr📜

Type: string

Default value
"172.16.0.0/12"

networkPolicies.egress.definitions.redis-subnets.to[2].ipBlock.cidr📜

Type: string

Default value
"10.0.0.0/8"

networkPolicies.egress.definitions.redis-subnets.ports[0].port📜

Type: int

Default value
6379

networkPolicies.egress.definitions.redis-subnets.ports[0].protocol📜

Type: string

Default value
"TCP"

networkPolicies.egress.definitions.registry-subnets.to[0].ipBlock.cidr📜

Type: string

Default value
"0.0.0.0/0"

networkPolicies.egress.from.*.to.k8s.tempo/tempo:9411📜

Type: bool

Default value
false

networkPolicies.egress.from.analyzer.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"analyzer"

networkPolicies.egress.from.analyzer.to.definition.registry-subnets📜

Type: bool

Default value
true

networkPolicies.egress.from.api.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"api"

networkPolicies.egress.from.api.to.definition.redis-subnets📜

Type: bool

Default value
false

networkPolicies.egress.from.api.to.definition.notification-services📜

Type: bool

Default value
true

networkPolicies.egress.from.catalog.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"catalog"

networkPolicies.egress.from.catalog.to.definition.registry-subnets📜

Type: bool

Default value
true

networkPolicies.egress.from.datasyncer.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"datasyncer"

networkPolicies.egress.from.datasyncer.to.definition.anchore-data-service📜

Type: bool

Default value
true

networkPolicies.egress.from.notifications.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"notifications"

networkPolicies.egress.from.notifications.to.definition.notification-services📜

Type: bool

Default value
true

networkPolicies.egress.from.ui.podSelector.matchLabels.”app.kubernetes.io/component”📜

Type: string

Default value
"ui"

networkPolicies.egress.from.ui.to.definition.ldap-subnets📜

Type: bool

Default value
true

networkPolicies.egress.from.ui.to.definition.redis-subnets📜

Type: bool

Default value
false

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

sso.enabled📜

Type: bool

Default value
false

sso.name📜

Type: string

Default value
"keycloak"

sso.acsHttpsPort📜

Type: int

Default value
-1

sso.spEntityId📜

Type: string

Default value
"platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-anchore"

sso.acsUrl📜

Type: string

Default value
"https://anchore.bigbang.dev/service/sso/auth/keycloak"

sso.defaultAccount📜

Type: string

Default value
"user"

sso.defaultRole📜

Type: string

Default value
"read-write"

sso.roleAttribute📜

Type: string

Default value
""

sso.requireSignedAssertions📜

Type: bool

Default value
false

sso.requireSignedResponse📜

Type: bool

Default value
true

sso.idpMetadataUrl📜

Type: string

Default value
"https://login.dso.mil/auth/realms/baby-yoda/protocol/saml/descriptor"

sso.host📜

Type: string

Default value
"login.dso.mil"

sso.realm📜

Type: string

Default value
"baby-yoda"

sso.resources.limits.cpu📜

Type: string

Default value
"100m"

sso.resources.limits.memory📜

Type: string

Default value
"256Mi"

sso.resources.requests.cpu📜

Type: string

Default value
"100m"

sso.resources.requests.memory📜

Type: string

Default value
"256Mi"

sso.containerSecurityContext.runAsUser📜

Type: int

Default value
1001

sso.containerSecurityContext.runAsGroup📜

Type: int

Default value
1001

sso.containerSecurityContext.capabilities.drop[0]📜

Type: string

Default value
"ALL"

monitoring.enabled📜

Type: bool

Default value
false

monitoring.namespace📜

Type: string

Default value
"monitoring"

monitoring.serviceMonitor.scheme📜

Type: string

Default value
""

monitoring.serviceMonitor.tlsConfig📜

Type: object

Default value
{}

bbtests.enabled📜

Type: bool

Default value
false

bbtests.scripts.image📜

Type: string

Default value
"registry1.dso.mil/ironbank/anchore/cli/cli:0.9.4"

bbtests.scripts.envs.ANCHORE_CLI_URL📜

Type: string

Default value
"http://{{ include \"enterprise.api.fullname\" . }}:{{ .Values.upstream.api.service.port }}/v2"

bbtests.scripts.envs.ANCHORE_CLI_USER📜

Type: string

Default value
"admin"

bbtests.scripts.envs.ANCHORE_SCAN_IMAGE📜

Type: string

Default value
"quay.io/prometheus/node-exporter:latest"

bbtests.scripts.secretEnvs[0].name📜

Type: string

Default value
"ANCHORE_CLI_PASS"

bbtests.scripts.secretEnvs[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"{{ include \"enterprise.fullname\" . }}"

bbtests.scripts.secretEnvs[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"ANCHORE_ADMIN_PASSWORD"

bbtests.cypress.resources.requests.cpu📜

Type: string

Default value
"2"

bbtests.cypress.resources.requests.memory📜

Type: string

Default value
"4Gi"

bbtests.cypress.resources.limits.cpu📜

Type: string

Default value
"2"

bbtests.cypress.resources.limits.memory📜

Type: string

Default value
"4Gi"

bbtests.cypress.artifacts📜

Type: bool

Default value
true

bbtests.cypress.envs.cypress_url📜

Type: string

Default value
"http://{{ include \"enterprise.ui.fullname\" . }}:{{ .Values.upstream.ui.service.port }}"

bbtests.cypress.envs.cypress_user📜

Type: string

Default value
"admin"

bbtests.cypress.envs.cypress_registry📜

Type: string

Default value
"docker.io"

bbtests.cypress.envs.cypress_repository📜

Type: string

Default value
"anchore/grype"

bbtests.cypress.envs.cypress_tag📜

Type: string

Default value
"latest"

bbtests.cypress.secretEnvs[0].name📜

Type: string

Default value
"cypress_password"

bbtests.cypress.secretEnvs[0].valueFrom.secretKeyRef.name📜

Type: string

Default value
"{{ include \"enterprise.fullname\" . }}"

bbtests.cypress.secretEnvs[0].valueFrom.secretKeyRef.key📜

Type: string

Default value
"ANCHORE_ADMIN_PASSWORD"

global.fullnameOverride📜

Type: string

Default value
""

global.nameOverride📜

Type: string

Default value
"anchore-enterprise"

ui-redis.enabled📜

Type: bool

Default value
true

ui-redis.istio.enabled📜

Type: string

Default value
"{{ .Values.istio.enabled }}"

ui-redis.externalEndpoint📜

Type: string

Default value
""

ui-redis.upstream.nameOverride📜

Type: string

Default value
"ui-redis"

ui-redis.upstream.fullnameOverride📜

Type: string

Default value
"anchore-enterprise-ui-redis"

ui-redis.upstream.auth.password📜

Type: string

Default value
"anchore-redis,123"

ui-redis.upstream.architecture📜

Type: string

Default value
"standalone"

ui-redis.upstream.master.persistence.enabled📜

Type: bool

Default value
false

ui-redis.upstream.commonConfiguration📜

Type: string

Default value
"maxmemory 200mb\nsave \"\""

ui-redis.cleanUpgrade.enabled📜

Type: bool

Default value
false

ui-redis.cleanUpgrade.redisLabel📜

Type: string

Default value
"app.kubernetes.io/name: ui-redis"

postgresql.enabled📜

Type: bool

Default value
true

postgresql.image.registry📜

Type: string

Default value
"registry1.dso.mil"

postgresql.image.repository📜

Type: string

Default value
"ironbank/opensource/postgres/postgresql"

postgresql.image.tag📜

Type: string

Default value
"18.3"

postgresql.global.security.allowInsecureImages📜

Type: bool

Default value
true

postgresql.global.postgresql.auth.username📜

Type: string

Default value
"anchore"

Description: PostgreSQL User to create

postgresql.global.postgresql.auth.password📜

Type: string

Default value
"anchore-postgres,123"

Description: PostgreSQL Password for the new user

postgresql.global.postgresql.auth.database📜

Type: string

Default value
"anchore"

Description: PostgreSQL Database to create

postgresql.primary.networkPolicy.enabled📜

Type: bool

Default value
false

postgresql.primary.persistence.mountPath📜

Type: string

Default value
"/var/lib/postgresql"

postgresql.primary.extraVolumes[0].name📜

Type: string

Default value
"run-postgresql"

postgresql.primary.extraVolumes[0].emptyDir📜

Type: object

Default value
{}

postgresql.primary.extraVolumeMounts[0].name📜

Type: string

Default value
"run-postgresql"

postgresql.primary.extraVolumeMounts[0].mountPath📜

Type: string

Default value
"/run/postgresql"

postgresql.primary.resources.limits.cpu📜

Type: string

Default value
"1000m"

postgresql.primary.resources.limits.memory📜

Type: string

Default value
"4096Mi"

postgresql.primary.resources.requests.cpu📜

Type: string

Default value
"1000m"

postgresql.primary.resources.requests.memory📜

Type: string

Default value
"4096Mi"

postgresql.metrics.resources.limits.cpu📜

Type: string

Default value
"200m"

postgresql.metrics.resources.limits.memory📜

Type: string

Default value
"256Mi"

postgresql.metrics.resources.requests.cpu📜

Type: string

Default value
"200m"

postgresql.metrics.resources.requests.memory📜

Type: string

Default value
"256Mi"

postgresql.postgresqlDataDir📜

Type: string

Default value
"/var/lib/postgresql/pgdata/data"

postgresql.volumePermissions.enabled📜

Type: bool

Default value
false

postgresqlSuperUser.postgresUsername📜

Type: string

Default value
""

postgresqlSuperUser.postgresPassword📜

Type: string

Default value
""

postgresqlSuperUser.existingSecret📜

Type: string

Default value
nil

ensureDbJobs.resources.limits.cpu📜

Type: int

Default value
2

ensureDbJobs.resources.limits.memory📜

Type: string

Default value
"2G"

ensureDbJobs.resources.requests.cpu📜

Type: int

Default value
2

ensureDbJobs.resources.requests.memory📜

Type: string

Default value
"2G"