[POLICY] Add Kserve participant

Add kserve participant helm charts.

Issue-ID: POLICY-4525
Signed-off-by: aravind.est <aravindhan.a@est.tech>
Change-Id: I51f1ddb91302fd54c6e926f9f5c80e648b9a4a07
diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml
index 8c41754..c9d29ce 100755
--- a/kubernetes/policy/Chart.yaml
+++ b/kubernetes/policy/Chart.yaml
@@ -67,6 +67,10 @@
     version: ~12.x-0
     repository: 'file://components/policy-clamp-ac-a1pms-ppnt'
     condition: policy-clamp-ac-a1pms-ppnt.enabled
+  - name: policy-clamp-ac-kserve-ppnt
+    version: ~12.x-0
+    repository: 'file://components/policy-clamp-ac-kserve-ppnt'
+    condition: policy-clamp-ac-kserve-ppnt.enabled
   - name: policy-clamp-ac-pf-ppnt
     version: ~12.x-0
     repository: 'file://components/policy-clamp-ac-pf-ppnt'
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/Chart.yaml
new file mode 100755
index 0000000..f62c37a
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/Chart.yaml
@@ -0,0 +1,36 @@
+#  ============LICENSE_START=======================================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+apiVersion: v2
+description: ONAP Policy Clamp Kserve Participant
+name: policy-clamp-ac-kserve-ppnt
+version: 12.0.0
+
+dependencies:
+  - name: common
+    version: ~12.x-0
+    repository: '@local'
+  - name: repositoryGenerator
+    version: ~12.x-0
+    repository: '@local'
+  - name: serviceAccount
+    version: ~12.x-0
+    repository: '@local'
+  - name: readinessCheck
+    version: ~12.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/resources/config/KserveParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/resources/config/KserveParticipantParameters.yaml
new file mode 100755
index 0000000..af9d46a
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/resources/config/KserveParticipantParameters.yaml
@@ -0,0 +1,112 @@
+#  ============LICENSE_START=======================================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#       http://www.apache.org/licenses/LICENSE-2.0
+
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+spring:
+  cloud:
+    kubernetes:
+      enabled: false
+    discovery:
+      enabled: false
+  security:
+    user:
+      name: ${RESTSERVER_USER}
+      password: ${RESTSERVER_PASSWORD}
+  autoconfigure:
+    exclude:
+      - org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+      - org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
+      - org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
+      - org.springframework.boot.autoconfigure.data.web.SpringDataWebAutoConfiguration
+      - io.kubernetes.client.spring.extended.manifests.config.KubernetesManifestsAutoConfiguration
+      - io.kubernetes.client.spring.extended.network.config.KubernetesLoadBalancerAutoConfiguration
+
+security:
+  enable-csrf: false
+
+participant:
+  intermediaryParameters:
+    reportingTimeIntervalMs: 120000
+    description: Participant Description
+    participantId: 101c62b3-8918-41b9-a747-d21eb79c6c04
+    clampAutomationCompositionTopics:
+      topicSources:
+        -
+          useHttps: false
+          fetchTimeout: 15000
+          topic: {{ .Values.global.kafkaTopics.acRuntimeTopic.name }}
+          {{ if .Values.global.useStrimziKafka }}
+          topicCommInfrastructure: kafka
+          servers:
+            - {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+          additionalProps:
+            group.id: {{ (first .Values.kafkaUser.acls).name }}
+            allow.auto.create.topics: false
+            security.protocol: SASL_PLAINTEXT
+            sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
+            sasl.jaas.config: ${SASL_JAAS_CONFIG}
+          {{ else }}
+          topicCommInfrastructure: dmaap
+          servers:
+            - ${topicServer:message-router}
+          {{ end }}
+      topicSinks:
+        -
+          useHttps: false
+          fetchTimeout: 15000
+          topic: {{ .Values.global.kafkaTopics.acRuntimeTopic.name }}
+          {{ if .Values.global.useStrimziKafka }}
+          topicCommInfrastructure: kafka
+          servers:
+            - {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+          additionalProps:
+            client.id: {{ (first .Values.kafkaUser.acls).name }}-client-id
+            security.protocol: SASL_PLAINTEXT
+            sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
+            sasl.jaas.config: ${SASL_JAAS_CONFIG}
+          {{ else }}
+          topicCommInfrastructure: dmaap
+          servers:
+            - ${topicServer:message-router}
+          {{ end }}
+    participantSupportedElementTypes:
+      -
+        typeName: org.onap.policy.clamp.acm.KserveAutomationCompositionElement
+        typeVersion: 1.0.1
+      -
+        typeName: org.onap.policy.clamp.acm.AutomationCompositionElement
+        typeVersion: 1.0.0
+
+customresourcedefinition:
+  group: serving.kserve.io
+  version: v1beta1
+  plural: inferenceservices
+  grace-period: 10
+
+management:
+  endpoints:
+    web:
+      base-path: /
+      exposure:
+        include: health, metrics, prometheus
+server:
+  port: 8087
+  servlet:
+    context-path: /onap/policy/clamp/acm/kserveparticipant
+  ssl:
+    enabled: false
+
+
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/resources/config/logback.xml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/resources/config/logback.xml
new file mode 100755
index 0000000..897d62a
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/resources/config/logback.xml
@@ -0,0 +1,103 @@
+<!--
+  ============LICENSE_START=======================================================
+  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+  ================================================================================
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+       http://www.apache.org/licenses/LICENSE-2.0
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+  SPDX-License-Identifier: Apache-2.0
+  ============LICENSE_END=========================================================
+-->
+
+<configuration scan="true" scanPeriod="30 seconds" debug="false">
+
+    <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>/var/log/onap/policy/kserve-participant/error.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>/var/log/onap/policy/kserve-participant/error.%d{yyyy-MM-dd}.%i.log.zip
+            </fileNamePattern>
+            <maxFileSize>50MB</maxFileSize>
+            <maxHistory>30</maxHistory>
+            <totalSizeCap>10GB</totalSizeCap>
+        </rollingPolicy>
+        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+            <level>WARN</level>
+        </filter>
+        <encoder>
+            <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="ErrorOut" />
+    </appender>
+
+    <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>/var/log/onap/policy/kserve-participant/debug.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>/var/log/onap/policy/kserve-participant/debug.%d{yyyy-MM-dd}.%i.log.zip
+            </fileNamePattern>
+            <maxFileSize>50MB</maxFileSize>
+            <maxHistory>30</maxHistory>
+            <totalSizeCap>10GB</totalSizeCap>
+        </rollingPolicy>
+        <encoder>
+            <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="DebugOut" />
+    </appender>
+
+    <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>/var/log/onap/policy/kserve-participant/network.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>/var/log/onap/policy/kserve-participant/network.%d{yyyy-MM-dd}.%i.log.zip
+            </fileNamePattern>
+            <maxFileSize>50MB</maxFileSize>
+            <maxHistory>30</maxHistory>
+            <totalSizeCap>10GB</totalSizeCap>
+        </rollingPolicy>
+        <encoder>
+            <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="NetworkOut" />
+    </appender>
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <Pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</Pattern>
+        </encoder>
+    </appender>
+
+    <appender name="AsyncStdOut" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="STDOUT" />
+    </appender>
+
+    <logger name="network" level="INFO" additivity="false">
+        <appender-ref ref="AsyncNetworkOut" />
+        <appender-ref ref="AsyncStdOut" />
+    </logger>
+
+    <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
+        <appender-ref ref="AsyncNetworkOut" />
+        <appender-ref ref="AsyncStdOut" />
+    </logger>
+
+    <root level="INFO">
+        <appender-ref ref="AsyncDebugOut" />
+        <appender-ref ref="AsyncErrorOut" />
+        <appender-ref ref="AsyncStdOut" />
+    </root>
+
+</configuration>
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/configmap.yaml
new file mode 100755
index 0000000..d3e2833
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/configmap.yaml
@@ -0,0 +1,32 @@
+{{/*
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-configmap
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ include "common.release" . }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/deployment.yaml
new file mode 100755
index 0000000..902be12
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/deployment.yaml
@@ -0,0 +1,113 @@
+{{/*
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2023 Nordix Foundation.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+  selector: {{- include "common.selectors" . | nindent 4 }}
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+    spec:
+      initContainers:
+{{- if not .Values.global.useStrimziKafka }}
+{{ include "common.readinessCheck.waitFor" . | nindent 6 }}
+{{- end }}
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: RESTSERVER_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
+        - name: RESTSERVER_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
+{{- if .Values.global.useStrimziKafka }}
+        - name: SASL_JAAS_CONFIG
+          valueFrom:
+            secretKeyRef:
+              name: {{ include "common.name" . }}-ku
+              key: sasl.jaas.config
+{{- end }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: ac-kserve-ppnt-config
+        - mountPath: /config
+          name: ac-kserve-ppnt-config-processed
+        image: {{ include "repositoryGenerator.image.envsubst" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
+      containers:
+        - name: {{ include "common.name" . }}
+          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          command: ["/opt/app/policy/clamp/bin/kserve-participant.sh"]
+          args: ["/opt/app/policy/clamp/etc/mounted/KserveParticipantParameters.yaml"]
+          env:
+          - name: KEYSTORE_PASSWD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
+          - name: TRUSTSTORE_PASSWD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
+          ports: {{ include "common.containerPorts" . | nindent 12  }}
+          # disable liveness probe when breakpoints set in debugger
+          # so K8s doesn't restart unresponsive container
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.liveness.port }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end -}}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.readiness.port }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /opt/app/policy/clamp/etc/mounted
+            name: ac-kserve-ppnt-config-processed
+          resources: {{ include "common.resources" . | nindent 12 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}}
+      volumes:
+        - name: localtime
+          hostPath:
+             path: /etc/localtime
+        - name: ac-kserve-ppnt-config
+          configMap:
+            name: {{ include "common.fullname" . }}-configmap
+            defaultMode: 0755
+        - name: ac-kserve-ppnt-config-processed
+          emptyDir:
+            medium: Memory
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/kafkauser.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/kafkauser.yaml
new file mode 100755
index 0000000..16a3f72
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/kafkauser.yaml
@@ -0,0 +1,18 @@
+{{/*

+# Copyright © 2023 Nordix Foundation

+#

+# Licensed under the Apache License, Version 2.0 (the "License");

+# you may not use this file except in compliance with the License.

+# You may obtain a copy of the License at

+#

+#       http://www.apache.org/licenses/LICENSE-2.0

+#

+# Unless required by applicable law or agreed to in writing, software

+# distributed under the License is distributed on an "AS IS" BASIS,

+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+# See the License for the specific language governing permissions and

+# limitations under the License.

+*/}}

+{{ if .Values.global.useStrimziKafka }}

+{{ include "common.kafkauser" . }}

+{{ end }}
\ No newline at end of file
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/secrets.yaml
new file mode 100755
index 0000000..339fe33
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/secrets.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/service.yaml
new file mode 100644
index 0000000..ac5ee0b
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/templates/service.yaml
@@ -0,0 +1,38 @@
+{{/*

+#  ============LICENSE_START=======================================================

+#   Copyright (C) 2023 Nordix Foundation. All rights reserved.

+#  ================================================================================

+#  Licensed under the Apache License, Version 2.0 (the "License");

+#  you may not use this file except in compliance with the License.

+#  You may obtain a copy of the License at

+#

+#       http://www.apache.org/licenses/LICENSE-2.0

+#

+#  Unless required by applicable law or agreed to in writing, software

+#  distributed under the License is distributed on an "AS IS" BASIS,

+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+#  See the License for the specific language governing permissions and

+#  limitations under the License.

+#

+#  SPDX-License-Identifier: Apache-2.0

+#  ============LICENSE_END=========================================================

+*/}}

+

+apiVersion: rbac.authorization.k8s.io/v1

+kind: ClusterRoleBinding

+metadata:

+  name: {{ include "common.namespace" . }}-policy-clamp-ac-kserve-ppnt-binding

+  namespace: {{ include "common.namespace" . }}

+  labels:

+    app: {{ include "common.name" . }}

+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}

+    release: {{ include "common.release" . }}

+    heritage: {{ .Release.Service }}

+roleRef:

+  apiGroup: rbac.authorization.k8s.io

+  kind: ClusterRole

+  name: cluster-admin

+subjects:

+  - kind: ServiceAccount

+    name: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}}

+    namespace: {{ include "common.namespace" . }}

diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml
new file mode 100755
index 0000000..dddf025
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml
@@ -0,0 +1,148 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2023 Nordix Foundation.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  persistence: {}
+  aafEnabled: false
+  #Strimzi Kafka properties
+  useStrimziKafka: set-via-parent-chart-global-value
+  kafkaTopics:
+    acRuntimeTopic:
+      name: &acRuntimeTopic policy.clamp-runtime-acm
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: restserver-secret
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
+    login: '{{ .Values.restServer.user }}'
+    password: '{{ .Values.restServer.password }}'
+    passwordPolicy: required
+  - uid: keystore-password
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
+    password: '{{ .Values.certStores.keyStorePassword }}'
+    passwordPolicy: required
+  - uid: truststore-password
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
+    password: '{{ .Values.certStores.trustStorePassword }}'
+    passwordPolicy: required
+
+certStores:
+  keyStorePassword: Pol1cy_0nap
+  trustStorePassword: Pol1cy_0nap
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/policy-clamp-ac-kserve-ppnt:6.4.1
+pullPolicy: Always
+
+
+componentName: &componentName policy-clamp-ac-kserve-ppnt
+
+# application configuration
+restServer:
+  user: participantUser
+  password: zb!XztG34
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+ingress:
+  enabled: false
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 20
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+  port: kserve-api
+
+readiness:
+  initialDelaySeconds: 20
+  periodSeconds: 10
+  port: kserve-api
+
+service:
+  type: ClusterIP
+  name: *componentName
+  ports:
+    - name: kserve-api
+      port: 8087
+      nodePort: 42
+
+
+flavor: small
+resources:
+  small:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 100m
+      memory: 1Gi
+  large:
+    limits:
+      cpu: 2
+      memory: 8Gi
+    requests:
+      cpu: 200m
+      memory: 2Gi
+  unlimited: {}
+#Pods Service Account
+serviceAccount:
+  nameOverride: *componentName
+  roles:
+    - create
+
+config:
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
+# additional:
+#   spring.config.max-size: 200
+#   spring.config.min-size: 10
+# Strimzi Kafka config
+kafkaUser:
+  authenticationType: scram-sha-512
+  acls:
+    - name: *componentName
+      type: group
+      operations: [Read]
+    - name: *acRuntimeTopic
+      type: topic
+      operations: [Read, Write]
+
+readinessCheck:
+  wait_for:
+    - message-router
\ No newline at end of file
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 3ff153a..e15f835 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -143,6 +143,8 @@
   enabled: true
 policy-clamp-ac-a1pms-ppnt:
   enabled: true
+policy-clamp-ac-kserve-ppnt:
+  enabled: true
 policy-clamp-runtime-acm:
   enabled: true
   db: *dbSecretsHook