| # ============LICENSE_START======================================================= |
| # Copyright (C) 2021-2022 Nordix Foundation. |
| # ================================================================================ |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| # SPDX-License-Identifier: Apache-2.0 |
| # ============LICENSE_END========================================================= |
| |
| ################################################################# |
| # Global configuration defaults. |
| ################################################################# |
| global: # global defaults |
| nodePortPrefix: 304 |
| centralizedLoggingEnabled: true |
| #AAF service |
| aafEnabled: true |
| |
| ################################################################# |
| # Secrets metaconfig |
| ################################################################# |
| secrets: |
| - uid: keystore-password |
| type: password |
| externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' |
| password: '{{ .Values.certStores.keyStorePassword }}' |
| passwordPolicy: required |
| - uid: truststore-password |
| type: password |
| externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' |
| password: '{{ .Values.certStores.trustStorePassword }}' |
| passwordPolicy: required |
| |
| certStores: |
| keyStorePassword: Pol1cy_0nap |
| keystoreLocation: /opt/app/policy/gui/etc/ssl/policy-keystore |
| truststoreLocation: /opt/app/policy/gui/etc/ssl/policy-truststore |
| trustStorePassword: Pol1cy_0nap |
| |
| ################################################################# |
| # AAF part |
| ################################################################# |
| certInitializer: |
| nameOverride: policy-gui-cert-initializer |
| aafDeployFqi: deployer@people.osaaf.org |
| aafDeployPass: demo123456! |
| fqdn: policy |
| fqi: policy@policy.onap.org |
| public_fqdn: policy.onap.org |
| cadi_latitude: "0.0" |
| cadi_longitude: "0.0" |
| credsPath: /opt/app/osaaf/local |
| app_ns: org.osaaf.aaf |
| uid: 100 |
| gid: 101 |
| aaf_add_config: > |
| echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; |
| echo "export TRUSTSTORE='{{ .Values.credsPath }}/org.onap.policy.trust.jks'" >> {{ .Values.credsPath }}/.ci; |
| echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; |
| echo "export TRUSTSTORE_PASSWD='${cadi_truststore_password}'" >> {{ .Values.credsPath }}/.ci; |
| chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); |
| |
| subChartsOnly: |
| enabled: true |
| |
| flavor: small |
| |
| # application image |
| image: onap/policy-gui:2.3.1 |
| pullPolicy: Always |
| |
| # flag to enable debugging - application support required |
| debugEnabled: false |
| |
| # log configuration |
| log: |
| path: /var/log/onap/policy/gui |
| |
| ################################################################# |
| # Application configuration defaults. |
| ################################################################# |
| config: |
| log: |
| logstashServiceName: log-ls |
| logstashPort: 5044 |
| dataRootDir: /dockerdata-nfs |
| |
| # default number of instances |
| replicaCount: 1 |
| |
| nodeSelector: {} |
| |
| affinity: {} |
| |
| # probe configuration parameters |
| liveness: |
| initialDelaySeconds: 120 |
| periodSeconds: 10 |
| timeoutSeconds: 3 |
| # necessary to disable liveness probe when setting breakpoints |
| # in debugger so K8s doesn't restart unresponsive container |
| enabled: true |
| |
| readiness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| timeoutSeconds: 3 |
| |
| service: |
| type: NodePort |
| name: policy-gui |
| portName: http |
| internalPort: 2443 |
| nodePort: 43 |
| |
| # see https://wiki.onap.org/display/DW/OOM+NodePort+List |
| |
| ingress: |
| enabled: false |
| service: |
| - baseaddr: "policy-ui" |
| name: "policygui" |
| port: 2443 |
| config: |
| ssl: "redirect" |
| |
| #resources: {} |
| # We usually recommend not to specify default resources and to leave this as a conscious |
| # choice for the user. This also increases chances charts run on environments with little |
| # resources, such as Minikube. If you do want to specify resources, uncomment the following |
| # lines, adjust them as necessary, and remove the curly braces after 'resources:'. |
| # |
| # Example: |
| # Configure resource requests and limits |
| # ref: http://kubernetes.io/docs/user-guide/compute-resources/ |
| # Minimum memory for development is 2 CPU cores and 4GB memory |
| # Minimum memory for production is 4 CPU cores and 8GB memory |
| resources: |
| small: |
| limits: |
| cpu: 1 |
| memory: 200Mi |
| requests: |
| cpu: 1m |
| memory: 50Mi |
| large: |
| limits: |
| cpu: 1 |
| memory: 500Mi |
| requests: |
| cpu: 10m |
| memory: 50Mi |
| unlimited: {} |
| |
| #Pods Service Account |
| serviceAccount: |
| nameOverride: policy-gui |
| roles: |
| - read |