blob: 76b0f3a42a9355cb88e81957a3facbe91683ca7b [file] [log] [blame]
Michael Mokryafae9972019-03-11 14:46:34 -05001# ============LICENSE_START=======================================================
jhh999c2242021-02-24 12:10:02 -06002# Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
Michael Mokryafae9972019-03-11 14:46:34 -05003# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 persistence: {}
jhhd4258672020-08-09 12:08:08 -050024 aafEnabled: true
Michael Mokryafae9972019-03-11 14:46:34 -050025
26#################################################################
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020027# Secrets metaconfig
28#################################################################
29secrets:
30 - uid: db-secret
31 type: basicAuth
32 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
33 login: '{{ .Values.db.user }}'
34 password: '{{ .Values.db.password }}'
35 passwordPolicy: required
Dominik Mizync88bcc92020-04-14 18:20:20 +020036 - uid: restserver-creds
37 type: basicAuth
38 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
39 login: '{{ .Values.restServer.user }}'
40 password: '{{ .Values.restServer.password }}'
41 passwordPolicy: required
42 - uid: api-creds
43 type: basicAuth
44 externalSecret: '{{ tpl (default "" .Values.apiServer.credsExternalSecret) . }}'
45 login: '{{ .Values.apiServer.user }}'
46 password: '{{ .Values.apiServer.password }}'
47 passwordPolicy: required
jhhd4258672020-08-09 12:08:08 -050048 - uid: keystore-password
49 type: password
50 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
51 password: '{{ .Values.certStores.keyStorePassword }}'
52 passwordPolicy: required
53 - uid: truststore-password
54 type: password
55 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
56 password: '{{ .Values.certStores.trustStorePassword }}'
57 passwordPolicy: required
58
59certStores:
60 keyStorePassword: Pol1cy_0nap
61 trustStorePassword: Pol1cy_0nap
62
63certInitializer:
64 nameOverride: policy-xacml-pdp-cert-initializer
65 aafDeployFqi: deployer@people.osaaf.org
66 aafDeployPass: demo123456!
67 fqdn: policy
68 fqi: policy@policy.onap.org
69 public_fqdn: policy.onap.org
70 cadi_latitude: "0.0"
71 cadi_longitude: "0.0"
72 credsPath: /opt/app/osaaf/local
73 app_ns: org.osaaf.aaf
74 uid: 100
75 gid: 101
76 aaf_add_config: >
77 /opt/app/aaf_config/bin/agent.sh;
78 export $(/opt/app/aaf_config/bin/agent.sh local showpass
79 {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12");
80 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
81 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
82 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
83
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020084
85#################################################################
Michael Mokryafae9972019-03-11 14:46:34 -050086# Application configuration defaults.
87#################################################################
88# application image
jhh32367fc2021-03-10 13:10:47 -060089image: onap/policy-xacml-pdp:2.4.2
Michael Mokryafae9972019-03-11 14:46:34 -050090pullPolicy: Always
91
92# flag to enable debugging - application support required
93debugEnabled: false
94
95# application configuration
96
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020097db:
98 user: policy_user
99 password: policy_user
jhhd4258672020-08-09 12:08:08 -0500100 service:
101 name: policy-mariadb
102 internalPort: 3306
103
Dominik Mizync88bcc92020-04-14 18:20:20 +0200104restServer:
105 user: healthcheck
106 password: zb!XztG34
jhhd4258672020-08-09 12:08:08 -0500107
Dominik Mizync88bcc92020-04-14 18:20:20 +0200108apiServer:
109 user: healthcheck
110 password: zb!XztG34
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +0200111
Michael Mokryafae9972019-03-11 14:46:34 -0500112# default number of instances
ramverma39a79a42019-05-02 13:07:36 +0000113replicaCount: 1
Michael Mokryafae9972019-03-11 14:46:34 -0500114
115nodeSelector: {}
116
117affinity: {}
118
119# probe configuration parameters
120liveness:
121 initialDelaySeconds: 20
122 periodSeconds: 10
123 # necessary to disable liveness probe when setting breakpoints
124 # in debugger so K8s doesn't restart unresponsive container
125 enabled: true
126
127readiness:
128 initialDelaySeconds: 20
129 periodSeconds: 10
130
131service:
132 type: ClusterIP
133 name: policy-xacml-pdp
134 portName: policy-xacml-pdp
135 externalPort: 6969
136 internalPort: 6969
137
138ingress:
139 enabled: false
140
jhhd4258672020-08-09 12:08:08 -0500141flavor: small
142resources:
143 small:
144 limits:
145 cpu: 1
146 memory: 4Gi
147 requests:
148 cpu: 100m
149 memory: 1Gi
150 large:
151 limits:
152 cpu: 2
153 memory: 8Gi
154 requests:
155 cpu: 200m
156 memory: 2Gi
157 unlimited: {}
158