big-bang

Note

To view the full example, as well as its dependencies, please visit examples/big-bang.

This package deploys Big Bang using the Zarf bigbang extension.

The bigbang noun sits within the extensions specification of Zarf and provides the following configuration:

Field	Type	Description
version *	string	The version of Big Bang to use
fluxPatchFiles	array	Optional paths to Flux kustomize strategic merge patch files
repo	string	Override repo to pull Big Bang from instead of Repo One
skipFlux	boolean	Whether to skip deploying flux; Defaults to false
valuesFiles	array	The list of values files to pass to Big Bang; these will be merged together

* Required field
 

To see a tutorial for the creation and deployment of this package see the Big Bang Tutorial.

Caution

valuesFiles are processed in the order provided with Zarf adding an initial values file to populate registry and git server credentials as the first file. Including credential values (even empty ones) will override these values. This can be used to our advantage however for things like YOLO mode as described below.

Big Bang YOLO Mode Support

The Big Bang extension also supports YOLO mode, provided that you add your own credentials for the image registry. This is accomplished below with the provision-flux-credentials component and the credentials.yaml values file which allows images to be pulled from registry1.dso.mil. We demonstrate providing account credentials via Zarf Variables, but there are other ways to populate the data in private-registry.yaml.

You can learn about YOLO mode in the FAQ or the YOLO mode example.

Big Bang YOLO Mode Example.

zarf.yaml

kind: ZarfPackageConfig
metadata:
  name: big-bang-example
  description: Deploy Big Bang Core
  # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
  version: 2.19.2
  url: https://p1.dso.mil/products/big-bang
  # Big Bang / Iron Bank are only amd64
  architecture: amd64

variables:
  - name: DOMAIN
    default: bigbang.dev
    prompt: false

components:
  - name: bigbang
    required: true
    actions:
      onRemove:
        before:
          - cmd: |
              ./zarf tools kubectl patch helmrelease -n bigbang bigbang --type=merge -p '{"spec":{"suspend":true}}'
              ./zarf tools kubectl delete helmrelease -n bigbang istio --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang istio-operator --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang monitoring --ignore-not-found
              ./zarf tools kubectl delete providers grafana -n monitoring --ignore-not-found
              ./zarf tools kubectl delete alerts grafana -n monitoring --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang promtail --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang loki --ignore-not-found
              ./zarf tools kubectl delete kiali -n kiali kiali --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang tempo --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang neuvector --ignore-not-found
              ./zarf tools kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io neuvector-validating-crd-webhook --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang kyverno-reporter --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang kyverno-policies --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang kyverno --ignore-not-found
              ./zarf tools kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io kyverno-policy-validating-webhook-cfg kyverno-resource-validating-webhook-cfg --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang kiali --ignore-not-found
              ./zarf tools kubectl delete helmrelease -n bigbang metrics-server --ignore-not-found
              ./zarf tools kubectl delete apiservices.apiregistration.k8s.io -l helm.toolkit.fluxcd.io/namespace=bigbang,helm.toolkit.fluxcd.io/name=metrics-server --ignore-not-found
              ./zarf tools kubectl delete gitrepositories -n bigbang -l app.kubernetes.io/part-of=bigbang
            description: "Cleaning up Big Bang resources"
    extensions:
      bigbang:
        # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
        version: 2.19.2
        valuesFiles:
          # Istio configs
          - config/ingress.yaml
          # Use Kyverno instead of Gatekeeper
          - config/kyverno.yaml
          # Use PLG instead of EFK
          - config/loki.yaml
          # Needed when running in k3s. Otherwise Neuvector fails to start with an error saying it can't detect its runtime
          - config/neuvector.yaml
          # Values are merged in order, so this would override the above and disable everything if uncommented
          # - config/disable-all.yaml
  - name: gitea-virtual-service
    description: >
      Expose the internal Zarf Gitea server through the Big Bang Istio
      deployment via a virtual service. (only applies if you are using the
      Zarf-provided Gitea deployment - not an externally configured git host)
    manifests:
      - name: gitea
        namespace: zarf
        files:
          - virtualservices/gitea.yaml