blob: 8345a81f06b4ce7556483eadb0c4e4b41f13b031 [file] [log] [blame]
# Copyright © 2018 Amdocs, Bell Canada, AT&T
# Modifications Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for resources.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global: # global defaults
nodePortPrefix: 302
# Common configuration for resources traversal and graphadmin
config:
# Specifies if the basic authorization is enabled
basic:
auth:
enabled: true
username: AAI
passwd: AAI
# Schema specific properties that include supported versions of api
schema:
source:
# Specifies which folder to take a look at
name: onap
uri:
# Base URI Path of the application
base:
path: /aai
version:
# Current version of the REST API
api:
default: v24
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26
# Specifies from which version related link should appear
related:
link: v11
# Specifies from which version the app root change happened
app:
root: v11
# Specifies from which version the xml namespace changed
namespace:
change: v12
# Specifies from which version the edge label appeared in API
edge:
label: v12
#################################################################
# Certificate configuration
#################################################################
certInitializer:
nameOverride: aai-schema-service-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
# aafDeployCredsExternalSecret: some secret
fqdn: aai-schema-service
fqi: aai-schema-service@aai-schema-service.onap.org
public_fqdn: aai-schema-service.onap.org
cadi_longitude: "0.0"
cadi_latitude: "0.0"
app_ns: org.osaaf.aaf
credsPath: /opt/app/osaaf/local
fqi_namespace: org.onap.aai-schema-service
user_id: &user_id 1000
group_id: &group_id 1000
aaf_add_config: |
echo "*** changing them into shell safe ones"
export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
cd {{ .Values.credsPath }}
keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
-storepass "${cadi_keystore_password_p12}" \
-keystore {{ .Values.fqi_namespace }}.p12
keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
-storepass "${cadi_truststore_password}" \
-keystore {{ .Values.fqi_namespace }}.trust.jks
echo "*** writing passwords into prop file"
echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
echo "*** change ownership of certificates to targeted user"
chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
# application image
image: onap/aai-schema-service:1.9.5
pullPolicy: Always
restartPolicy: Always
flavorOverride: small
# default number of instances
replicaCount: 1
nodeSelector: {}
affinity: {}
# probe configuration parameters
liveness:
initialDelaySeconds: 60
periodSeconds: 60
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: false
readiness:
initialDelaySeconds: 60
periodSeconds: 10
service:
type: ClusterIP
portName: http
internalPort: 8452
portName2: tcp-5005
internalPort2: 5005
ingress:
enabled: false
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
#
# Example:
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
# Minimum memory for development is 2 CPU cores and 4GB memory
# Minimum memory for production is 4 CPU cores and 8GB memory
#resources:
# limits:
# cpu: 2
# memory: 4Gi
# requests:
# cpu: 2
# memory: 4Gi
resources:
small:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 1
memory: 3Gi
large:
limits:
cpu: 4
memory: 8Gi
requests:
cpu: 2
memory: 4Gi
unlimited: {}
#Pods Service Account
serviceAccount:
nameOverride: aai-schema-service
roles:
- read
# Not fully used for now
securityContext:
user_id: *user_id
group_id: *group_id
#Log configuration
log:
path: /var/log/onap
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'