blob: f11a961c7c02223ecb129e0564538d93f525ec4f [file] [log] [blame]
# Copyright © 2020 Huawei Technologies Co., Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration defaults.
#################################################################
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
soCryptoImage: sdesbure/so_crypto:latest
persistence:
mountPath: /dockerdata-nfs
aai:
enabled: true
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- uid: db-user-creds
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
login: '{{ .Values.db.userName }}'
password: '{{ .Values.db.userPassword }}'
passwordPolicy: required
- uid: db-admin-creds
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
login: '{{ .Values.db.adminName }}'
password: '{{ .Values.db.adminPassword }}'
passwordPolicy: required
- uid: server-actuator-creds
name: '{{ include "common.release" . }}-so-cnf-actuator-creds'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
login: '{{ .Values.server.actuator.username }}'
password: '{{ .Values.server.actuator.password }}'
passwordPolicy: required
- uid: so-aai-creds
name: '{{ include "common.release" . }}-so-cnf-aai-creds'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
login: '{{ .Values.server.aai.username }}'
password: '{{ .Values.server.aai.password }}'
passwordPolicy: required
- uid: cnf-adapter-mso-key
name: '{{ include "common.release" . }}-so-cnf-mso-key'
type: password
externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}'
password: '{{ .Values.mso.msoKey }}'
#secretsFilePaths: |
# - 'my file 1'
# - '{{ include "templateThatGeneratesFileName" . }}'
#################################################################
# Application configuration defaults.
#################################################################
image: onap/so/so-cnf-adapter:1.10.0
pullPolicy: Always
readinessCheck:
wait_for:
jobs:
- '{{ include "common.release" . }}-so-mariadb-config-job'
# Local mariadb galera instance default name
mariadb-galera:
nameOverride: so-mariadb-galera
service:
internalPort: 3306
mariadbOperator:
galera:
enabled: false
db:
userName: so_user
userPassword: so_User123
# userCredsExternalSecret: some secret
adminName: so_admin
adminPassword: so_Admin123
# adminCredsExternalSecret: some secret
server:
aai:
username: aai@aai.onap.org
password: demo123456!
auth: ${AAI_AUTH}
# aaiCredsExternalSecret: some secret
actuator:
username: mso_admin
password: password1$
# actuatorCredsExternalSecret: some secret
mso:
msoKey: 07a7159d3bf51a0e53be7a8f89699be7
# msoKeySecret: some secret
adapters:
requestDb:
auth: ${REQUEST_AUTH}
replicaCount: 1
minReadySeconds: 10
containerPort: &containerPort 8090
logPath: ./logs/cnf-adapter/
app: cnf-adapter
service:
type: ClusterIP
ports:
- name: http-api
port: *containerPort
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
maxSurge: 1
#################################################################
# soHelpers part
#################################################################
soHelpers:
containerPort: *containerPort
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
small:
limits:
memory: 1Gi
cpu: 1
requests:
memory: 1Gi
cpu: 0.5
large:
limits:
memory: 2Gi
cpu: 2
requests:
memory: 2Gi
cpu: 1
unlimited: {}
livenessProbe:
path: /manage/health
port: 8090
scheme: HTTP
initialDelaySeconds: 600
periodSeconds: 60
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
ingress:
enabled: false
serviceMesh:
authorizationPolicy:
authorizedPrincipals:
- serviceAccount: so-read
nodeSelector: {}
tolerations: []
affinity: {}
#Pods Service Account
serviceAccount:
nameOverride: so-cnf-adapter
roles:
- read