zarf.yaml

# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/v0.21.3/zarf.schema.json
kind: ZarfPackageConfig
metadata:
  name: big-bang
  description: "Deploy Big Bang Core"
  version: "###ZARF_PKG_VAR_BIGBANG_VERSION###"
  url: https://p1.dso.mil/products/big-bang
  image: https://p1.dso.mil/img/Big_Bang_Color_Logo_White_text.de14c793.webp
  # Big Bang / Iron Bank are only amd64
  architecture: amd64

components:
  - name: flux
    required: false
    manifests:
      - name: flux-installer
        kustomizations:
          - https://repo1.dso.mil/platform-one/big-bang/bigbang.git/base/flux?ref=###ZARF_PKG_VAR_BIGBANG_VERSION###
    images:
      - registry1.dso.mil/ironbank/fluxcd/helm-controller:v0.25.0
      - registry1.dso.mil/ironbank/fluxcd/kustomize-controller:v0.29.0
      - registry1.dso.mil/ironbank/fluxcd/notification-controller:v0.27.0
      - registry1.dso.mil/ironbank/fluxcd/source-controller:v0.30.0

  - name: big-bang-base
    description: "Git repositories and OCI images used by Big Bang"
    required: true
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/bigbang.git@###ZARF_PKG_VAR_BIGBANG_VERSION###
      - https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git@1.15.0-bb.1
      - https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git@1.15.0-bb.1
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/metrics-server.git@3.8.0-bb.4

    images:
      - "registry1.dso.mil/ironbank/big-bang/base:2.0.0"
      - "registry1.dso.mil/ironbank/redhat/ubi/ubi8-minimal:8.6"
      - "registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.3"
      - "registry1.dso.mil/ironbank/opensource/istio/pilot:1.15.0"
      - "registry1.dso.mil/ironbank/opensource/istio/proxyv2:1.15.0"
      - "registry1.dso.mil/ironbank/opensource/istio/install-cni:1.15.0"
      - "registry1.dso.mil/ironbank/opensource/istio/operator:1.15.0"
      - "registry1.dso.mil/ironbank/tetrate/istio/istioctl:1.14.4-tetratefips-v0"
      - "registry1.dso.mil/ironbank/tetrate/istio/proxyv2:1.14.4-tetratefips-v0"
      - "registry1.dso.mil/ironbank/tetrate/istio/pilot:1.14.4-tetratefips-v0"
      - "registry1.dso.mil/ironbank/tetrate/istio/install-cni:1.14.4-tetratefips-v0"
      - "registry1.dso.mil/ironbank/tetrate/istio/operator:1.14.4-tetratefips-v0"
      - "registry1.dso.mil/ironbank/opensource/kubernetes/kube-state-metrics:v2.6.0"
      - "registry1.dso.mil/ironbank/opensource/kubernetes-sigs/metrics-server:0.6.1"

  - name: policy-kyverno
    description: "Git repositories and OCI images used by Kyverno Policy Engine"
    required: true
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/kyverno.git@2.6.0-bb.0
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/kyverno-policies.git@1.0.1-bb.6
    images:
      - "registry1.dso.mil/ironbank/nirmata/kyverno:v1.8.0"
      - "registry1.dso.mil/ironbank/nirmata/kyvernopre:v1.8.0"
      
  - name: observability-tracing
    description: "Git repositories and OCI images used by Big Bang observability & tracing"
    required: true
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger.git@2.36.0-bb.1
      - https://repo1.dso.mil/platform-one/big-bang/apps/core/kiali.git@1.58.0-bb.0
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git@0.16.1-bb.2
    images:
      - "registry1.dso.mil/ironbank/opensource/jaegertracing/all-in-one:1.38.0"
      - "registry1.dso.mil/ironbank/opensource/jaegertracing/jaeger-operator:1.38.0"
      - "registry1.dso.mil/ironbank/opensource/kiali/kiali-operator:v1.58.0"
      - "registry1.dso.mil/ironbank/opensource/kiali/kiali:v1.58.0"
      - "registry1.dso.mil/ironbank/opensource/grafana/tempo-query:1.5.0"
      - "registry1.dso.mil/ironbank/opensource/grafana/tempo:1.5.0"

  - name: monitoring
    description: "Git repositories and OCI images used by monitoring"
    required: true
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git@41.5.0-bb.1
    images:
      - "registry1.dso.mil/ironbank/big-bang/grafana/grafana-plugins:9.2.0"
      - "registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.19.5"
      - "registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen:v1.3.0"
      - "registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader:v0.60.1"
      - "registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator:v0.60.1"
      - "registry1.dso.mil/ironbank/opensource/prometheus/alertmanager:v0.24.0"
      - "registry1.dso.mil/ironbank/opensource/prometheus/node-exporter:v1.4.0"
      - "registry1.dso.mil/ironbank/opensource/prometheus/prometheus:v2.39.1"

  - name: logging-plg
    description: "Git repositories and OCI images used by PLG"
    required: true
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki.git@3.2.1-bb.3
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/promtail.git@6.2.2-bb.2
    images:
      - "registry1.dso.mil/ironbank/opensource/grafana/loki:2.6.1"
      - "registry1.dso.mil/ironbank/opensource/grafana/promtail:v2.6.1"

  - name: keycloak
    description: "Git repositories and OCI images used by Keycloak"
    required: false
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak.git@18.2.1-bb.5
    images:
      - "registry.dso.mil/platform-one/big-bang/apps/security-tools/keycloak/keycloak-ib:18.0.2-1.2.0-1"
      - "registry1.dso.mil/ironbank/opensource/postgres/postgresql12:12.11"
      - "registry1.dso.mil/ironbank/bitnami/redis:7.0.0-debian-10-r3"

  - name: authsvc
    description: "Git repositories and OCI images used by Keycloak"
    required: false
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/core/authservice.git@0.5.2-bb.1
    images:
      - "registry1.dso.mil/ironbank/istio-ecosystem/authservice:0.5.2"
      
  - name: neuvector
    description: "Git repositories and OCI images used by Neuvector runtime security"
    required: false
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/neuvector.git@2.2.2-bb.0
    images:
      - "registry1.dso.mil/ironbank/neuvector/neuvector/enforcer:5.0.2"
      - "registry1.dso.mil/ironbank/neuvector/neuvector/manager:5.0.2"
      - "registry1.dso.mil/ironbank/neuvector/neuvector/scanner:5"
      - "registry1.dso.mil/ironbank/neuvector/neuvector/controller:5.0.2"

  - name: big-bang-storage
    description: "Git repositories and OCI images need for Big Bang storage"
    required: true
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git@4.5.3-bb.0
      - https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio.git@4.5.3-bb.1
    images:
      - "registry1.dso.mil/ironbank/opensource/minio/operator:v4.5.3"
      - "registry1.dso.mil/ironbank/opensource/minio/console:v0.21.1"
      - "registry1.dso.mil/ironbank/opensource/minio/minio:RELEASE.2022-10-15T19-57-03Z"

  - name: big-bang-backup
    description: "Git repositories and OCI images used by Velero backup"
    required: false
    repos:
      - https://repo1.dso.mil/platform-one/big-bang/apps/cluster-utilities/velero.git@2.31.8-bb.2
    images:
      - "registry1.dso.mil/ironbank/opensource/velero/velero:v1.9.2"
      # - "velero/velero-plugin-for-csi:v0.3.1"
      # - "velero/velero-plugin-for-aws:v1.5.1"
      # - "registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-microsoft-azure:v1.5.1"

  - name: big-bang-umbrella-chart
    description: "Deploy a version of Big Bang Core with Keycloak deployed in-cluster"
    required: true
    repos:
      - https://github.com/defenseunicorns/zarf-package-big-bang.git@###ZARF_PKG_VAR_BIGBANG_VERSION###
    manifests:
      - name: big-bang-config
        files:
          - manifests/setup.yaml
          - manifests/big-bang.yaml