Merge "[UUI] New Solve 2 components in one Docker"
diff --git a/kubernetes/uui/components/uui-server/Chart.yaml b/kubernetes/uui/components/uui-server/Chart.yaml
index 133ebc5..166e219 100644
--- a/kubernetes/uui/components/uui-server/Chart.yaml
+++ b/kubernetes/uui/components/uui-server/Chart.yaml
@@ -1,7 +1,7 @@
 # Copyright © 2017 Amdocs, Bell Canada
 # Modifications Copyright © 2021 Orange
 # Modifications Copyright © 2021 Nordix Foundation
-#
+# Modifications Copyright © 2022 CMCC Corporation
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -22,13 +22,16 @@
 dependencies:
   - name: common
     version: ~11.x-0
-    # local reference to common chart, as it is
-    # a part of this chart's package and will not
-    # be published independently to a repo (at this point)
     repository: '@local'
   - name: certInitializer
     version: ~11.x-0
     repository: '@local'
   - name: repositoryGenerator
     version: ~11.x-0
-    repository: '@local'
\ No newline at end of file
+    repository: '@local'
+  - name: postgres
+    version: ~11.x-0
+    repository: '@local'
+  - name: serviceAccount
+    version: ~11.x-0
+    repository: '@local'
diff --git a/kubernetes/uui/components/uui-server/resources/config/application.properties b/kubernetes/uui/components/uui-server/resources/config/application.properties
index 37f8467..ee531dc 100644
--- a/kubernetes/uui/components/uui-server/resources/config/application.properties
+++ b/kubernetes/uui/components/uui-server/resources/config/application.properties
@@ -1,5 +1,5 @@
 ##
-## Copyright (C) 2017 CMCC, Inc. and others. All rights reserved.
+## Copyright (C) 2022 CMCC, Inc. and others. All rights reserved.
 ##
 ## Licensed under the Apache License, Version 2.0 (the "License");
 ## you may not use this file except in compliance with the License.
@@ -20,9 +20,9 @@
 spring.http.multipart.max-request-size=128MB
 
 ## App DB Properties
-spring.datasource.url=jdbc:postgresql://localhost:5432/uui
-spring.datasource.username=uui
-spring.datasource.password=uui
+spring.datasource.url=jdbc:postgresql://${POSTGRES_IP:127.0.0.1}:${POSTGRES_PORT:5432}/${POSTGRES_DB_NAME:uui}
+spring.datasource.username=${POSTGRES_USERNAME}
+spring.datasource.password=${POSTGRES_PASSWORD}
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQL9Dialect
 spring.database.driver.classname=org.postgresql.Driver
 spring.jpa.show-sql=false
@@ -50,4 +50,4 @@
 server.ssl.protocol=TLS
 server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
 server.ssl.key-store-password=${KEYSTORE_PASSWORD}
-server.ssl.key-store-type=PKCS12
\ No newline at end of file
+server.ssl.key-store-type=PKCS12
diff --git a/kubernetes/uui/components/uui-server/resources/config/postgres.sql b/kubernetes/uui/components/uui-server/resources/config/postgres.sql
new file mode 100644
index 0000000..36c0894
--- /dev/null
+++ b/kubernetes/uui/components/uui-server/resources/config/postgres.sql
@@ -0,0 +1,245 @@
+--
+-- Copyright (C) 2022 CMCC, Inc. and others. All rights reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+-- ----------------------------
+-- Table structure for "alarms_additionalinformation"
+-- ----------------------------
+DROP TABLE IF EXISTS alarms_additionalinformation;
+CREATE TABLE alarms_additionalinformation(
+  id serial,
+  "header_id" varchar(50) NOT NULL,
+  "name" varchar(100) DEFAULT NULL,
+  "value" varchar(100) DEFAULT NULL,
+  "source_id" varchar(100) DEFAULT NULL,
+  "start_epoch_microsec" varchar(100) DEFAULT NULL,
+  "last_epoch_microsec" varchar(100) DEFAULT NULL,
+  CONSTRAINT alarms_additionalinformation_pk PRIMARY KEY (id)
+) WITH ( OIDS = FALSE);
+
+-- ----------------------------
+-- Table structure for "alarms_commoneventheader"
+-- ----------------------------
+DROP TABLE IF EXISTS alarms_commoneventheader;
+CREATE TABLE alarms_commoneventheader (
+  "id" varchar(50) NOT NULL,
+  "version" varchar(100) DEFAULT NULL,
+  "event_name" varchar(100) DEFAULT NULL,
+  "domain" varchar(100) DEFAULT NULL,
+  "event_id" varchar(100) DEFAULT NULL,
+  "event_type" varchar(100) DEFAULT NULL,
+  "nfc_naming_code" varchar(100) DEFAULT NULL,
+  "nf_naming_code" varchar(100) DEFAULT NULL,
+  "source_id" varchar(100) DEFAULT NULL,
+  "source_name" varchar(100) DEFAULT NULL,
+  "reporting_entity_id" varchar(100) DEFAULT NULL,
+  "reporting_entity_name" varchar(100) DEFAULT NULL,
+  "priority" varchar(50) DEFAULT NULL,
+  "start_epoch_microsec" varchar(100) DEFAULT NULL,
+  "last_epoch_microsec" varchar(100) DEFAULT NULL,
+  "start_epoch_microsec_cleared" varchar(100) DEFAULT NULL,
+  "last_epoch_microsec_cleared" varchar(100) DEFAULT NULL,
+  "sequence" varchar(100) DEFAULT NULL,
+  "fault_fields_version" varchar(100) DEFAULT NULL,
+  "event_servrity" varchar(100) DEFAULT NULL,
+  "event_source_type" varchar(100) DEFAULT NULL,
+  "event_category" varchar(100) DEFAULT NULL,
+  "alarm_condition" varchar(100) DEFAULT NULL,
+  "specific_problem" varchar(100) DEFAULT NULL,
+  "vf_status" varchar(100) DEFAULT NULL,
+  "alarm_interfacea" varchar(100) DEFAULT NULL,
+  "status" varchar(50) DEFAULT NULL,
+  CONSTRAINT alarms_commoneventheader_pk PRIMARY KEY (id)
+) WITH ( OIDS = FALSE );
+
+-- ----------------------------
+-- Table structure for "performance_additionalinformation"
+-- ----------------------------
+DROP TABLE IF EXISTS performance_additionalinformation;
+CREATE TABLE performance_additionalinformation (
+  id serial,
+  "header_id" varchar(50) NOT NULL,
+  "name" varchar(100) DEFAULT NULL,
+  "value" varchar(100) DEFAULT NULL,
+  "source_id" varchar(100) DEFAULT NULL,
+  "start_epoch_microsec" varchar(100) DEFAULT NULL,
+  "last_epoch_microsec" varchar(100) DEFAULT NULL,
+  CONSTRAINT performance_additionalinformation_pk PRIMARY KEY (id)
+) WITH ( OIDS = FALSE );
+
+-- ----------------------------
+-- Table structure for "performance_commoneventheader"
+-- ----------------------------
+DROP TABLE IF EXISTS performance_commoneventheader;
+CREATE TABLE performance_commoneventheader (
+  "id" varchar(50) NOT NULL,
+  "version" varchar(100) DEFAULT NULL,
+  "event_name" varchar(100) DEFAULT NULL,
+  "domain" varchar(100) DEFAULT NULL,
+  "event_id" varchar(100) DEFAULT NULL,
+  "event_type" varchar(100) DEFAULT NULL,
+  "nfc_naming_code" varchar(100) DEFAULT NULL,
+  "nf_namingcode" varchar(100) DEFAULT NULL,
+  "source_id" varchar(100) DEFAULT NULL,
+  "source_name" varchar(100) DEFAULT NULL,
+  "reporting_entity_id" varchar(100) DEFAULT NULL,
+  "reporting_entity_name" varchar(100) DEFAULT NULL,
+  "priority" varchar(50) DEFAULT NULL,
+  "start_epoch_microsec" varchar(100) DEFAULT NULL,
+  "last_epoch_microsec" varchar(100) DEFAULT NULL,
+  "sequence" varchar(100) DEFAULT NULL,
+  "measurements_for_vf_scaling_version" varchar(100) DEFAULT NULL,
+  "measurement_interval" varchar(100) DEFAULT NULL,
+  CONSTRAINT performance_commoneventheader_pk PRIMARY KEY (id)
+) WITH (OIDS = FALSE);
+
+-- ----------------------------
+-- Table structure for service_instances
+-- ----------------------------
+DROP TABLE IF EXISTS service_instances;
+CREATE TABLE service_instances  (
+  "id" varchar(50) NOT NULL,
+  "service_instance_id" varchar(100) NOT NULL,
+  "customer_id" varchar(50) NOT NULL,
+  "service_type" varchar(50) NOT NULL,
+  "usecase_type" varchar(50) NOT NULL,
+  "uuid" varchar(100),
+  "invariant_uuid" varchar(100),
+  CONSTRAINT service_instances_pk PRIMARY KEY (service_instance_id)
+);
+
+-- ----------------------------
+-- Table structure for service_instance_operations
+-- ----------------------------
+DROP TABLE IF EXISTS service_instance_operations;
+CREATE TABLE service_instance_operations  (
+  "service_instance_id" varchar(100) NOT NULL,
+  "operation_id" varchar(100) NOT NULL,
+  "operation_type" varchar(50) NOT NULL,
+  "operation_progress" varchar(50) NOT NULL,
+  "operation_result" varchar(100) DEFAULT NULL,
+  "start_time" varchar(100) NOT NULL,
+  "end_time" varchar(100),
+  CONSTRAINT service_instance_operations_pk PRIMARY KEY (service_instance_id, operation_id)
+);
+
+-- ----------------------------
+-- Table structure for sort_master
+-- ----------------------------
+DROP TABLE IF EXISTS sort_master;
+CREATE TABLE sort_master  (
+  "sort_type" varchar(50) NOT NULL,
+  "sort_code" varchar(10) NOT NULL,
+  "sort_value" varchar(100) NOT NULL,
+  "language" varchar(50) NOT NULL,
+  CONSTRAINT sort_master_pk PRIMARY KEY (sort_type, sort_code, language)
+);
+
+-- ----------------------------
+-- Table structure for sort_master
+-- ----------------------------
+DROP TABLE IF EXISTS instance_performance;
+CREATE TABLE instance_performance
+(
+    id                   serial not null
+        constraint instance_performance_pk
+            primary key,
+    job_id               varchar(36),
+    resource_instance_id varchar(36),
+    bandwidth            numeric,
+    date                 timestamp,
+    max_bandwidth        numeric
+);
+
+-- ----------------------------
+-- Table structure for ccvpn_instance
+-- ----------------------------
+DROP TABLE IF EXISTS ccvpn_instance;
+CREATE TABLE ccvpn_instance
+(
+    id                          serial not null
+        constraint ccvpn_instance_pk
+            primary key,
+    instance_id                 varchar(16),
+    job_id                      varchar(36),
+    progress                    integer,
+    status                      char default 0,
+    resource_instance_id        varchar(36),
+    name                        varchar(255),
+    cloud_point_name            varchar(255),
+    access_point_one_name       varchar(255),
+    access_point_one_band_width integer,
+    line_num                    varchar(64),
+    delete_state                integer default 0,
+    protect_status              integer default 0,
+    protection_cloud_point_name       varchar(255),
+    protection_type       varchar(255)
+);
+
+-- ----------------------------
+-- Table structure for intent_model
+-- ----------------------------
+DROP TABLE IF EXISTS intent_model;
+create table intent_model
+(
+    id          serial not null
+        constraint intent_model_pk
+            primary key,
+    model_name  varchar(100) default NULL::character varying,
+    file_path   varchar(500) default NULL::character varying,
+    create_time varchar(100) default NULL::character varying,
+    size        numeric(10, 3),
+    active      integer,
+    model_type integer      default 0
+);
+
+-- ----------------------------
+-- Table structure for intent_instance
+-- ----------------------------
+DROP TABLE IF EXISTS intent_instance;
+create table intent_instance
+(
+    id                   serial not null
+        constraint intent_instance_pk
+            primary key,
+    intent_name          varchar(50),
+    intent_source        integer,
+    customer             varchar(50),
+    intent_content       text,
+    intent_config        text,
+    business_instance_id varchar(50),
+    business_instance    varchar(255)
+);
+
+-- ----------------------------
+-- import initial data for sort_master
+-- ----------------------------
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1001', 'Creating', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1002', 'Deleting', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1003', 'Scaling', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1004', 'Healing', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1005', 'Updating', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1001', '创建', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1002', '删除', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1003', '缩扩容', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1004', '自愈', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationType', '1005', '更新', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationResult', '2001', 'Successful', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationResult', '2002', 'Failed', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationResult', '2003', 'In Progress', 'en');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationResult', '2001', '成功', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationResult', '2002', '失败', 'cn');
+INSERT INTO sort_master (sort_type, sort_code, sort_value, language) VALUES ('operationResult', '2003', '执行中', 'cn');
+
diff --git a/kubernetes/uui/components/uui-server/templates/deployment.yaml b/kubernetes/uui/components/uui-server/templates/deployment.yaml
index b7a385d..13b8774 100644
--- a/kubernetes/uui/components/uui-server/templates/deployment.yaml
+++ b/kubernetes/uui/components/uui-server/templates/deployment.yaml
@@ -1,6 +1,7 @@
 {{/*
 # Copyright © 2018 ZTE
 # Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada
+# Modifications Copyright © 2022 CMCC Corporation
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -16,31 +17,56 @@
 
 apiVersion: apps/v1
 kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
 spec:
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
+  selector: {{- include "common.selectors" . | nindent 4 }}
   replicas: {{ .Values.replicaCount }}
   template:
     metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
+      {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
+      {{ include "common.podSecurityContext" . | indent 6 | trim }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
       initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: KEYSTORE_PASSWORD
+          value: "${KEYSTORE_PASSWORD}"
+        - name: POSTGRES_USERNAME
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 10 }}
+        - name: POSTGRES_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: init-data-input
+        - mountPath: /config
+          name: init-data
+        image: {{ include "repositoryGenerator.image.envsubst" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
+
+      - command:
+        - /app/ready.py
+        args:
+        - --container-name
+        - "{{ .Values.postgres.nameOverride }}"
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: {{ include "repositoryGenerator.image.readiness" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          {{- if .Values.global.aafEnabled }}
           command:
           - sh
           args:
@@ -48,7 +74,6 @@
           - |
             export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
             bash /uui/run.sh
-          {{- end }}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           # disable liveness probe when breakpoints set in debugger
@@ -59,7 +84,7 @@
               port: {{ .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
-          {{ end -}}
+          {{- end }}
           resources: {{ include "common.resources" . | nindent 12 }}
           readinessProbe:
             tcpSocket:
@@ -71,24 +96,32 @@
             value: {{tpl .Values.msbaddr .}}
           - name: MR_ADDR
             value: {{tpl .Values.mraddr .}}
-          {{- if .Values.global.aafEnabled }}
+          - name: POSTGRES_IP
+            value: {{.Values.postgres.service.name2}}
+          - name: POSTGRES_PORT
+            value: "$(UUI_SERVER_POSTGRES_SERVICE_PORT)"
           - name: SPRING_OPTS
             value: --spring.config.location=file:/config/application.properties
+          - name: POSTGRES_DB_NAME
+            value: {{ .Values.postgres.config.pgDatabase }}
           volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: /uui/run.sh
             name: entrypoint
             subPath: run.sh
           - mountPath: /config/application.properties
-            name: config
+            name: init-data
             subPath: application.properties
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
-      - name: config
+      volumes:
+      - name: init-data-input
         configMap:
           name: {{ include "common.fullname" . }}
+      - name: init-data
+        emptyDir:
+          medium: Memory
       - name: entrypoint
         configMap:
           name: {{ include "common.fullname" . }}-entrypoint
           defaultMode: 0755
-      {{- end }}
+      {{ include "common.certInitializer.volumes" . | nindent 6 }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/uui/components/uui-server/templates/job.yaml b/kubernetes/uui/components/uui-server/templates/job.yaml
new file mode 100644
index 0000000..73bde03
--- /dev/null
+++ b/kubernetes/uui/components/uui-server/templates/job.yaml
@@ -0,0 +1,67 @@
+#
+# Copyright 2022 CMCC Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+apiVersion: batch/v1
+kind: Job
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+  backoffLimit: 20
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}-job
+        release: {{ include "common.release" . }}
+    spec:
+      restartPolicy: Never
+      initContainers:
+      - command:
+        - /app/ready.py
+        args:
+        - --container-name
+        - "{{ .Values.postgres.nameOverride }}"
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: {{ include "repositoryGenerator.image.readiness" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy}}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+      - name: {{ include "common.name" . }}-job
+        image: {{ include "repositoryGenerator.image.postgres" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        env:
+        - name: PGUSER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 10 }}
+        - name: PGPASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }}
+        command:
+        - /bin/sh
+        - -c
+        - |
+          psql -U {{ .Values.postgres.config.pgUserName }}  -d {{ .Values.postgres.config.pgDatabase }}  -h $(UUI_SERVER_PG_PRIMARY_SERVICE_HOST) -f /aaa/init/postgres.sql
+        volumeMounts:
+        - name: init-data
+          mountPath: /aaa/init/postgres.sql
+          subPath: postgres.sql
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      volumes:
+      - name: init-data
+        configMap:
+          name: {{ include "common.fullname" . }}
+
diff --git a/kubernetes/uui/components/uui-server/templates/secrets.yaml b/kubernetes/uui/components/uui-server/templates/secrets.yaml
new file mode 100644
index 0000000..e36412b
--- /dev/null
+++ b/kubernetes/uui/components/uui-server/templates/secrets.yaml
@@ -0,0 +1,15 @@
+{{/*
+# Copyright © 2022 CMCC Corporation
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# #       http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml
index 8b98ae6..c477d03 100644
--- a/kubernetes/uui/components/uui-server/values.yaml
+++ b/kubernetes/uui/components/uui-server/values.yaml
@@ -1,5 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
-#
+# Modifications Copyright © 2022 CMCC Corporation
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -15,9 +15,29 @@
 # Default values for uui.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
 global:
   uuiPortPrefix: 303
 
+secrets:
+  - uid: pg-root-pass
+    name: &pgRootPassSecretName '{{ include "common.release" . }}-uui-pg-root-pass'
+    type: password
+    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "uui-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+    password: '{{ .Values.postgres.config.pgRootpassword }}'
+    policy: generate
+  - uid: pg-user-creds
+    name: &pgUserCredsSecretName '{{ include "common.release" . }}-uui-pg-user-creds'
+    type: basicAuth
+    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "uui-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+    login: '{{ .Values.postgres.config.pgUserName }}'
+    password: '{{ .Values.postgres.config.pgUserPassword }}'
+    passwordPolicy: generate
+
+
 #################################################################
 # AAF part
 #################################################################
@@ -56,6 +76,11 @@
     echo "*** change ownership of certificates to targeted user"
     chown -R 1000 {{ .Values.credsPath }}
 
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
 subChartsOnly:
   enabled: true
 
@@ -71,6 +96,28 @@
 msbaddr: msb-iag.{{include "common.namespace" .}}:443
 mraddr: message-router.{{include "common.namespace" .}}:3904
 
+# application configuration override for postgres
+postgres:
+  nameOverride: &postgresName uui-server-postgres
+  service:
+    name: *postgresName
+    name2: uui-server-pg-primary
+    name3: uui-server-pg-replica
+  container:
+    name:
+      primary: uui-server-pg-primary
+      replica: uui-server-pg-replica
+  persistence:
+    mountSubPath: uui/uuiserver/data
+    mountInitPath: uui/uuiserver
+  config:
+    pgUserName: uui
+    pgDatabase: uuidb
+    pgUserExternalSecret: *pgUserCredsSecretName
+    pgRootPasswordExternalSecret: *pgRootPassSecretName
+
+
+
 # flag to enable debugging - application support required
 debugEnabled: false
 
@@ -135,3 +182,12 @@
       cpu: 1
       memory: 500Mi
   unlimited: {}
+
+serviceAccount:
+  nameOverride: uui-server
+  roles:
+    - read
+
+securityContext:
+  user_id: 100
+  group_id: 655533
\ No newline at end of file