blob: ee3c5c41d9ab784fa8ff5124b94593e7f409e46d [file] [log] [blame]
# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
# Modifications Copyright (c) 2020 Nokia, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for sparky-be.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global: # global defaults
nodePortPrefix: 302
aai:
serviceName: aai
aaiElasticsearch:
serviceName: aai-elasticsearch
gizmo:
serviceName: aai-gizmo
searchData:
serviceName: aai-search-data
#################################################################
# Certificate configuration
#################################################################
certInitializer:
nameOverride: aai-sparky-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
# aafDeployCredsExternalSecret: some secret
fqdn: "aai"
app_ns: "org.osaaf.aaf"
fqi_namespace: "org.onap.aai"
fqi: "aai@aai.onap.org"
public_fqdn: "aaf.osaaf.org"
cadi_longitude: "0.0"
cadi_latitude: "0.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: |
echo "*** changing passwords into shell safe ones"
export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
cd {{ .Values.credsPath }}
keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
-storepass "${cadi_keystore_password_p12}" \
-keystore {{ .Values.fqi_namespace }}.p12
keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
-storepass "${cadi_truststore_password}" \
-keystore {{ .Values.fqi_namespace }}.trust.jks
echo "*** save the generated passwords"
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
echo "*** change ownership of certificates to targeted user"
chown -R 1000 {{ .Values.credsPath }}
# application image
image: onap/sparky-be:2.0.3
pullPolicy: Always
restartPolicy: Always
flavor: small
flavorOverride: small
dockerhubRepository: registry.hub.docker.com
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
# application configuration
config:
elasticsearchHttpPort: 9200
gerritBranch: 3.0.0-ONAP
gerritProject: http://gerrit.onap.org/r/aai/test-config
portalUsername: aaiui
portalPassword: OBF:1t2v1vfv1unz1vgz1t3b # aaiui
portalCookieName: UserId
portalAppRoles: ui_view
cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
# ONAP Cookie Processing - During initial development, the following flag, if true, will
# prevent the portal interface's login processing from searching for a user
# specific cookie, and will instead allow passage if a valid session cookie is discovered.
portalOnapEnabled: true
#
# override chart name (sparky-be) to share a common namespace
# suffix with parent chart (aai)
nsSuffix: aai
# default number of instances
replicaCount: 1
updateStrategy:
type: RollingUpdate
maxUnavailable: 0
maxSurge: 1
nodeSelector: {}
affinity: {}
# probe configuration parameters
liveness:
initialDelaySeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 10
periodSeconds: 10
service:
type: NodePort
portName: http
internalPort: 8000
nodePort: 20
ingress:
enabled: false
service:
- baseaddr: "aai-sparkybe-api"
name: "aai-sparky-be"
port: 8000
config:
ssl: "redirect"
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
small:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 0.25
memory: 1Gi
large:
limits:
cpu: 4
memory: 8Gi
requests:
cpu: 0.5
memory: 2Gi
unlimited: {}
#Pods Service Account
serviceAccount:
nameOverride: aai-sparky-be
roles:
- read
#Log configuration
log:
path: /var/log/onap
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'