kyverno values.yaml📜
networkPolicies.enabled📜
Type: bool
Default value
false
networkPolicies.ingress.defaults.allowPrometheusToIstioSidecar.enabled📜
Type: bool
Default value
false
networkPolicies.ingress.definitions.kubeAPI.from[0].ipBlock.cidr📜
Type: string
Default value
"192.168.0.0/16"
networkPolicies.ingress.definitions.kubeAPI.from[1].ipBlock.cidr📜
Type: string
Default value
"172.16.0.0/12"
networkPolicies.ingress.definitions.kubeAPI.from[2].ipBlock.cidr📜
Type: string
Default value
"10.0.0.0/8"
networkPolicies.ingress.to.kyverno-admission-controller:9443.podSelector.matchLabels.”app.kubernetes.io/component”📜
Type: string
Default value
"admission-controller"
networkPolicies.ingress.to.kyverno-admission-controller:9443.from.definition.kubeAPI📜
Type: bool
Default value
true
networkPolicies.ingress.to.kyverno:8000.podSelector.matchLabels.”app.kubernetes.io/instance”📜
Type: string
Default value
"kyverno-kyverno"
networkPolicies.ingress.to.kyverno:8000.from.k8s.monitoring/prometheus📜
Type: bool
Default value
true
networkPolicies.egress.defaults.allowIstiod.enabled📜
Type: bool
Default value
false
networkPolicies.egress.definitions.private-registry.to[0].ipBlock.cidr📜
Type: string
Default value
"15.205.173.153/32"
networkPolicies.egress.definitions.private-registry.ports[0].port📜
Type: int
Default value
443
networkPolicies.egress.definitions.private-registry.ports[0].protocol📜
Type: string
Default value
"TCP"
networkPolicies.egress.from.kyverno-admission-controller.podSelector.matchLabels.”app.kubernetes.io/component”📜
Type: string
Default value
"admission-controller"
networkPolicies.egress.from.kyverno-admission-controller.to.definition.private-registry📜
Type: bool
Default value
true
networkPolicies.egress.from.kyverno-admission-controller.to.definition.kubeAPI📜
Type: bool
Default value
true
networkPolicies.egress.from.kyverno-migrate-resources.podSelector.matchLabels.”batch.kubernetes.io/job-name”📜
Type: string
Default value
"kyverno-kyverno-migrate-resources"
networkPolicies.egress.from.kyverno-migrate-resources.to.definition.kubeAPI📜
Type: bool
Default value
true
networkPolicies.externalRegistries📜
Type: object
Default value
allowEgress: false
ports: []
Description: This section will be deprecated in the next major release in favor of the bb-common definition
networkPolicies.additionalPolicies📜
Type: list
Default value
[]
istio.enabled📜
Type: bool
Default value
false
openshift📜
Type: bool
Default value
false
bbtests.enabled📜
Type: bool
Default value
false
bbtests.scripts.image📜
Type: string
Default value
"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.35.5"
bbtests.scripts.additionalVolumeMounts[0].name📜
Type: string
Default value
"kyverno-bbtest-manifest"
bbtests.scripts.additionalVolumeMounts[0].mountPath📜
Type: string
Default value
"/yaml"
bbtests.scripts.additionalVolumes[0].name📜
Type: string
Default value
"kyverno-bbtest-manifest"
bbtests.scripts.additionalVolumes[0].configMap.name📜
Type: string
Default value
"kyverno-bbtest-manifest"
global.image.registry📜
Type: string
Default value
"registry1.dso.mil"
Description: Global value that allows to set a single image registry across all deployments. When set, it will override any values set under .image.registry across the chart.
global.image.pullPolicy📜
Type: string
Default value
"IfNotPresent"
global.imagePullSecrets[0].name📜
Type: string
Default value
"private-registry"
global.resyncPeriod📜
Type: string
Default value
"15m"
global.templating.enabled📜
Type: bool
Default value
false
global.templating.debug📜
Type: bool
Default value
false
global.templating.version📜
Type: string
Default value
nil