[SO] Enable SO-Monitoring - use HTTPS and certInitializer

- SO-Monitoring service exposed as NodePort
- Certs are retrieved dynamically using certInitializer

Issue-ID: SO-2920
Signed-off-by: Krzysztof Gajewski <krzysztof.gajewski@nokia.com>
Change-Id: I04e6556bcddc3c67afc2a76c5b4fecb59a134911
diff --git a/kubernetes/so/components/so-monitoring/values.yaml b/kubernetes/so/components/so-monitoring/values.yaml
index e746baf..9ba1d7b 100644
--- a/kubernetes/so/components/so-monitoring/values.yaml
+++ b/kubernetes/so/components/so-monitoring/values.yaml
@@ -1,6 +1,7 @@
 #  ============LICENSE_START=======================================================
 #   Copyright (C) 2018 Ericsson. All rights reserved.
 #   Copyright (C) 2020 Huawei
+#   Modifications Copyright © 2020 Nokia
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -27,8 +28,15 @@
   readinessImage: onap/oom/readiness:3.0.1
   aafAgentImage: onap/aaf/aaf_agent:2.1.20
   envsubstImage: dibi/envsubst
+  aafEnabled: true
   persistence:
     mountPath: /dockerdata-nfs
+  security:
+    aaf:
+      enabled: true
+  aaf:
+    auth:
+      header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
 
 #################################################################
 # Secrets metaconfig
@@ -46,25 +54,21 @@
     login: '{{ .Values.db.adminName }}'
     password: '{{ .Values.db.adminPassword }}'
     passwordPolicy: required
+  - uid: app-user-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.server.monitoring.soMonitoringCredsExternalSecret) . }}'
+    login: '{{ .Values.server.monitoring.username }}'
+    password: '{{ .Values.server.monitoring.password }}'
 
 #secretsFilePaths: |
 #  - 'my file 1'
 #  - '{{ include "templateThatGeneratesFileName" . }}'
 
 #################################################################
-# AAF part
-#################################################################
-soHelpers:
-  nameOverride: so-monitoring-cert-init
-  certInitializer:
-    nameOverride: so-monitoring-cert-init
-    credsPath: /opt/app/osaaf/local
-
-#################################################################
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.6.4
+image: onap/so/so-monitoring:1.7.7
 pullPolicy: Always
 
 db:
@@ -77,15 +81,34 @@
 
 replicaCount: 1
 minReadySeconds: 10
-containerPort: 9091
+containerPort: &containerPort 9091
 logPath: app/logs/
 app: so-monitoring
+
+#################################################################
+# soHelpers part
+#################################################################
+soHelpers:
+  nameOverride: so-monitoring-cert-init
+  certInitializer:
+    nameOverride: so-monitoring-cert-init
+    credsPath: /opt/app/osaaf/local
+  cadi:
+    apiEnforcement: org.onap.so.monitoringPerm
+  containerPort: *containerPort
+
+server:
+  monitoring:
+    username: demo
+    # password: demo123456!
+    # soMonitoringCredsExternalSecret: some secret
+
 service:
 #Since this is a feature for monitoring the service type is changed to internal, users can change it to NodePort on need basis...
-    type: ClusterIP
+    type: NodePort
     nodePort: 24
-    internalPort: 9091
-    externalPort: 9091
+    internalPort: *containerPort
+    externalPort: *containerPort
     portName: so-monitor-port
 updateStrategy:
     type: RollingUpdate