blob: 2a187d63921f504af2cd195659dc4a1821141e5d [file] [log] [blame]
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2022 CMCC Corporation
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for uui.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
#################################################################
# Global configuration defaults.
#################################################################
global:
uuiPortPrefix: 303
secrets:
- uid: pg-root-pass
name: &pgRootPassSecretName '{{ include "common.release" . }}-uui-pg-root-pass'
type: password
externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "uui-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
password: '{{ .Values.postgres.config.pgRootpassword }}'
policy: generate
- uid: pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-uui-pg-user-creds'
type: basicAuth
externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "uui-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
login: '{{ .Values.postgres.config.pgUserName }}'
password: '{{ .Values.postgres.config.pgUserPassword }}'
passwordPolicy: generate
#################################################################
# AAF part
#################################################################
certInitializer:
nameOverride: uui-server-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
# aafDeployCredsExternalSecret: some secret
fqdn: uui
fqi: uui@uui.onap.org
fqi_namespace: org.onap.uui
public_fqdn: uui.onap.org
cadi_longitude: "0.0"
cadi_latitude: "0.0"
app_ns: org.osaaf.aaf
credsPath: /opt/app/osaaf/local
aaf_add_config: |
echo "*** changing them into shell safe ones"
export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
cd {{ .Values.credsPath }}
keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
-storepass "${cadi_keystore_password_p12}" \
-keystore {{ .Values.fqi_namespace }}.p12
keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
-storepass "${cadi_truststore_password}" \
-keystore {{ .Values.fqi_namespace }}.trust.jks
echo "*** set key password as same password as keystore password"
keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-keystore {{ .Values.fqi_namespace }}.jks \
-keypass "${cadi_keystore_password_p12}" \
-storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
echo "*** save the generated passwords"
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
echo "*** change ownership of certificates to targeted user"
chown -R 1000 {{ .Values.credsPath }}
#################################################################
# Application configuration defaults.
#################################################################
subChartsOnly:
enabled: true
flavor: small
# application image
repository: nexus3.onap.org:10001
image: onap/usecase-ui-server:5.1.2
pullPolicy: Always
# application configuration
msbaddr: msb-iag.{{include "common.namespace" .}}:443
mraddr: message-router.{{include "common.namespace" .}}:3904
# application configuration override for postgres
postgres:
nameOverride: &postgresName uui-server-postgres
service:
name: *postgresName
name2: uui-server-pg-primary
name3: uui-server-pg-replica
container:
name:
primary: uui-server-pg-primary
replica: uui-server-pg-replica
persistence:
mountSubPath: uui/uuiserver/data
mountInitPath: uui/uuiserver
config:
pgUserName: uui
pgDatabase: uuidb
pgUserExternalSecret: *pgUserCredsSecretName
pgRootPasswordExternalSecret: *pgRootPassSecretName
# flag to enable debugging - application support required
debugEnabled: false
# default number of instances
replicaCount: 1
nodeSelector: {}
affinity: {}
# probe configuration parameters
liveness:
initialDelaySeconds: 120
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 60
periodSeconds: 10
service:
type: NodePort
name: uui-server
portName: uui-server
internalPort: 8082
nodePort: 99
ingress:
enabled: false
service:
- baseaddr: uui-server-api
name: "uui-server"
port: 8082
config:
ssl: "redirect"
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
#
# Example:
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
# Minimum memory for development is 2 CPU cores and 4GB memory
# Minimum memory for production is 4 CPU cores and 8GB memory
resources:
small:
limits:
cpu: 1.5
memory: 350Mi
requests:
cpu: 1
memory: 245Mi
large:
limits:
cpu: 2
memory: 500Mi
requests:
cpu: 1
memory: 500Mi
unlimited: {}
serviceAccount:
nameOverride: uui-server
roles:
- read
securityContext:
user_id: 100
group_id: 655533