blob: 4cf9e67c99bd64813d79d59c4cde73c34086412d [file] [log] [blame]
saul.gill7124a4b2021-09-09 12:02:49 +01001# ============LICENSE_START=======================================================
2# Copyright (C) 2021 Nordix Foundation. All rights reserved.
3# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 nodePortPrefixExt: 304
24 persistence: {}
25 aafEnabled: true
26
27#################################################################
28# Secrets metaconfig
29#################################################################
30secrets:
31 - uid: db-secret
32 type: basicAuth
33 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
34 login: '{{ .Values.db.user }}'
35 password: '{{ .Values.db.password }}'
36 passwordPolicy: required
37 - uid: keystore-password
38 type: password
39 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
40 password: '{{ .Values.certStores.keyStorePassword }}'
41 passwordPolicy: required
42 - uid: truststore-password
43 type: password
44 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
45 password: '{{ .Values.certStores.trustStorePassword }}'
46 passwordPolicy: required
47 - uid: runtime-secret
48 type: basicAuth
49 externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}'
50 login: '{{ .Values.config.policyAppUserName }}'
51 password: '{{ .Values.config.policyAppUserPassword }}'
52 passwordPolicy: required
53
54certStores:
55 keyStorePassword: Pol1cy_0nap
56 trustStorePassword: Pol1cy_0nap
57
58certInitializer:
59 nameOverride: policy-clamp-cl-runtime-cert-initializer
60 aafDeployFqi: deployer@people.osaaf.org
61 aafDeployPass: demo123456!
62 fqdn: policy
63 fqi: policy@policy.onap.org
64 public_fqdn: policy.onap.org
65 cadi_latitude: "0.0"
66 cadi_longitude: "0.0"
67 credsPath: /opt/app/osaaf/local
68 app_ns: org.osaaf.aaf
69 uid: 100
70 gid: 101
71 aaf_add_config: >
72 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
73 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
74 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
75
76
77#################################################################
78# Application configuration defaults.
79#################################################################
80# application image
81image: onap/policy-clamp-cl-runtime:6.1.2
82pullPolicy: Always
83
84# flag to enable debugging - application support required
85debugEnabled: false
86
87# application configuration
88config:
89 policyAppUserName: runtimeUser
90 policyAppUserPassword: none
91
92db:
93 user: policy_user
94 password: policy_user
95 service:
96 name: policy-mariadb
97 internalPort: 3306
98
99# default number of instances
100replicaCount: 1
101
102nodeSelector: {}
103
104affinity: {}
105
106# probe configuration parameters
107liveness:
108 initialDelaySeconds: 20
109 periodSeconds: 10
110 # necessary to disable liveness probe when setting breakpoints
111 # in debugger so K8s doesn't restart unresponsive container
112 enabled: true
113 port: http-api
114
115readiness:
116 initialDelaySeconds: 20
117 periodSeconds: 10
118 port: http-api
119
120service:
121 type: ClusterIP
122 name: policy-clamp-cl-runtime
123 useNodePortExt: true
124 ports:
125 - name: http-api
126 port: 6969
127 nodePort: 42
128
129ingress:
130 enabled: false
131
132flavor: small
133resources:
134 small:
135 limits:
136 cpu: 1
137 memory: 4Gi
138 requests:
139 cpu: 100m
140 memory: 1Gi
141 large:
142 limits:
143 cpu: 2
144 memory: 8Gi
145 requests:
146 cpu: 200m
147 memory: 2Gi
148 unlimited: {}
149
150#Pods Service Account
151serviceAccount:
152 nameOverride: policy-clamp-cl-runtime
153 roles:
154 - read