Jakub Latusek | 67f4e8d | 2020-10-21 13:36:29 +0200 | [diff] [blame^] | 1 | {{/* |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 2 | # Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | # you may not use this file except in compliance with the License. |
| 6 | # You may obtain a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
Jakub Latusek | 67f4e8d | 2020-10-21 13:36:29 +0200 | [diff] [blame^] | 15 | */}} |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 16 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 17 | |
| 18 | ##################################################### |
| 19 | # |
| 20 | # Hooks for specific environment configurations |
| 21 | # |
| 22 | ##################################################### |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 23 | # Indicator for whether to use AAF for authentication |
efiacor | e62958b | 2019-09-27 16:54:36 +0100 | [diff] [blame] | 24 | UseAAF: {{ .Values.global.aafEnabled }} |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 25 | |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 26 | # Stub out southbound calls for Unit Test cases to run. e.g. not timeout |
| 27 | # Comment out in other environments to get default (No) |
| 28 | #UnitTest: Yes |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 29 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 30 | |
| 31 | ##################################################### |
| 32 | # |
| 33 | # Settings for Southbound API: Datarouter |
| 34 | # |
| 35 | ##################################################### |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 36 | |
| 37 | # URI to retrieve dynamic DR configuration |
| 38 | ProvisioningURI: /internal/prov |
| 39 | |
| 40 | # indicator for handling feed delete: |
| 41 | # DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 42 | # SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments. |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 43 | Feed.deleteHandling: SimulateDelete |
| 44 | |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 45 | ########################################################### |
| 46 | # The following properties default to match ONAP DR instance. |
| 47 | # However, there are some non-ONAP DR instances that require other values. |
| 48 | # Sets the X-DR-ON-BEHALF-OF HTTP Header value |
| 49 | #DR.onBehalfHeader: |
| 50 | # Value for the Content-Type Header in DR Feed API |
| 51 | #DR.feedContentType: |
| 52 | # Value for the Content-Type Header in DR Subscription API |
| 53 | #DR.subContentType: |
| 54 | # |
| 55 | # END OF properties helpful for non-ONAP DR instance. |
| 56 | ############################################################ |
| 57 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 58 | ##################################################### |
| 59 | # |
| 60 | # Settings for Soutbound API: Postgresql |
| 61 | # |
| 62 | ##################################################### |
dglFromAtt | fb58a9d | 2019-04-12 20:12:26 +0000 | [diff] [blame] | 63 | # flag indicates if we are using postgresql |
| 64 | UsePGSQL: {{ .Values.PG.enabled }} |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 65 | |
| 66 | # postgres host name |
| 67 | # Need to connect to PG primary service, designated by service.name2 |
| 68 | DB.host: {{ .Values.postgres.service.name2 }} |
| 69 | |
| 70 | # postgres schema name |
| 71 | #DB.schema: {{ .Values.postgres.config.pgDatabase }} |
| 72 | |
| 73 | # postgres user name |
Krzysztof Opasiak | 03a125a | 2020-05-05 02:11:09 +0200 | [diff] [blame] | 74 | DB.user: ${PG_USER} |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 75 | |
| 76 | # postgres user password |
Krzysztof Opasiak | 03a125a | 2020-05-05 02:11:09 +0200 | [diff] [blame] | 77 | DB.cred: ${PG_PASSWORD} |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 78 | |
| 79 | |
| 80 | ##################################################### |
| 81 | # |
| 82 | # Settings for Soutbound API: Message Router |
| 83 | # |
| 84 | ##################################################### |
| 85 | # indicator for multi-site (locations) deployment. Give clue to buscontroller whether |
| 86 | # there is a need for message replication between edge and central. |
| 87 | # ONAP Casablanca is a single site deployment |
| 88 | MR.multisite: false |
| 89 | |
| 90 | # FQDN of primary message router. |
| 91 | # In ONAP Casablanca, there is only 1 message router service, so use that. |
| 92 | # In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR |
| 93 | MR.CentralCname: {{ .Values.dmaapMessageRouterService }} |
| 94 | |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 95 | # Indicator for whether we want hostname verification on SSL connection to MR |
| 96 | MR.hostnameVerify: false |
| 97 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 98 | # MR Client Delete Level thoroughness: |
| 99 | # 0 = don't delete |
| 100 | # 1 = delete from persistent store |
| 101 | # 2 = delete from persistent store (DB) and authorization store (AAF) |
| 102 | MR.ClientDeleteLevel: 1 |
| 103 | |
| 104 | # namespace of MR Topic Factory |
| 105 | MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory |
| 106 | |
| 107 | # AAF Role assigned to Topic Manager Identity |
| 108 | MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client |
| 109 | |
| 110 | # MR topic ProjectID (used in certain topic name generation formats) |
dglFromAtt | 7bc1636 | 2019-01-18 20:50:20 +0000 | [diff] [blame] | 111 | MR.projectID: mr |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 112 | |
dglFromAtt | 2ce1365 | 2019-05-03 18:25:12 +0000 | [diff] [blame] | 113 | # Use Basic Authentication when provisioning topics |
| 114 | MR.authentication: basicAuth |
| 115 | |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 116 | # MR topic name style (default is FQTN_LEGACY_FORMAT) |
| 117 | #MR.topicStyle: FQTN_LEGACY_FORMAT |
| 118 | # |
| 119 | # end of MR Related Properties |
| 120 | ################################################################################ |
| 121 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 122 | |
| 123 | ##################################################### |
| 124 | # |
| 125 | # Settings for Southbound API: CADI |
| 126 | # |
| 127 | ##################################################### |
| 128 | # path to cadi.properties |
burdziak | e07c331 | 2019-04-10 09:59:01 +0200 | [diff] [blame] | 129 | cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 130 | |
| 131 | ##################################################### |
| 132 | # |
| 133 | # Settings for Southbound API: AAF proxy |
| 134 | # |
| 135 | ##################################################### |
| 136 | # URL of the AAF server |
| 137 | aaf.URL: {{ .Values.aafURL }} |
| 138 | |
| 139 | # TopicMgr Identity |
| 140 | aaf.TopicMgrUser: {{ .Values.topicMgrUser }} |
| 141 | |
| 142 | # Password for TopicMgr identity |
| 143 | aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }} |
| 144 | |
| 145 | # Buscontroller Admin Identity |
| 146 | aaf.AdminUser: {{ .Values.adminUser }} |
| 147 | |
| 148 | # Admin Password |
| 149 | aaf.AdminPassword: {{ .Values.adminPwd }} |
| 150 | |
dglFromAtt | 7bc1636 | 2019-01-18 20:50:20 +0000 | [diff] [blame] | 151 | # Identity that is owner of any created namespaces for topics |
| 152 | aaf.NsOwnerIdentity: {{ .Values.adminUser }} |
| 153 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 154 | |
| 155 | # this overrides the Class used for Decryption. |
| 156 | # This allows for a plugin encryption/decryption method if needed. |
| 157 | # Call this Class for decryption at runtime. |
| 158 | #AafDecryption.Class: com.company.proprietaryDecryptor |
| 159 | |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 160 | # location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF |
| 161 | # Not used in ONAP, but possibly used with Decryption override class. |
| 162 | #CredentialCodeKeyfile: etc/LocalKey |
| 163 | |
| 164 | # |
| 165 | # endof AAF Properties |
| 166 | #################################################### |
| 167 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 168 | |
| 169 | ##################################################### |
| 170 | # |
| 171 | # Settings for authorization of DBCAPI |
| 172 | # |
| 173 | ##################################################### |
| 174 | # Namespace for URI values for the API used to create AAF permissions |
| 175 | # e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients |
| 176 | ApiNamespace: org.onap.dmaap-bc.api |
| 177 | |
| 178 | # If API authorization is required, then implement a class to enforce it. |
| 179 | # This overrides the Class used for API permission check. |
pkaras | cd79084 | 2019-04-18 10:21:40 +0200 | [diff] [blame] | 180 | ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 181 | |
| 182 | ##################################################### |
| 183 | # |
| 184 | # Settings for Southbound API: MirrorMaker provisioning |
| 185 | # |
| 186 | ##################################################### |
| 187 | # AAF Role of client publishing MM prov cmds |
| 188 | MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov |
| 189 | |
| 190 | # AAF identity when publishing MM prov cmds |
| 191 | MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org |
| 192 | |
| 193 | # pwd for Identity used to publish MM prov cmds |
| 194 | MM.ProvUserPwd: demo123456! |
| 195 | |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 196 | # AAF Role of MirrorMaker agent subscribed to prov cmds. |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 197 | MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent |
| 198 | |
| 199 | ##################################################### |
| 200 | # |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 201 | # Certificate Management |
| 202 | # |
| 203 | ##################################################### |
| 204 | |
| 205 | # Indicates how we are expecting certificates to be provided: |
| 206 | # cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file |
| 207 | # legacy (default) - artifacts will be installed manually or some other way and details will be in this file |
| 208 | CertificateManagement: cadi |
| 209 | |
| 210 | # When CertificateManagement is cadi, then this is where all the cadi properties will be. |
| 211 | # Note that the cadi properties include where the cert is, and the encrypted passwords to read. |
| 212 | cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props |
| 213 | |
| 214 | ########################################################################################### |
| 215 | # When CertificateManagement is legacy, we need to provide more details about cert handling: |
| 216 | #CertificateManagement: legacy |
| 217 | # the type of keystore for https (for legacy CertificateManagment only) |
| 218 | #KeyStoreType: jks |
| 219 | |
| 220 | # path to the keystore file (for legacy CertificateManagment only) |
| 221 | #KeyStoreFile: etc/keystore |
| 222 | |
| 223 | # password for the https keystore (for legacy CertificateManagment only) |
| 224 | #KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF |
| 225 | # password for the private key in the https keystore (for legacy CertificateManagment only) |
| 226 | #KeyPassword: changeit |
| 227 | |
| 228 | # type of truststore for https (for legacy CertificateManagment only) |
| 229 | #TrustStoreType: jks |
| 230 | |
| 231 | # path to the truststore for https (for legacy CertificateManagment only) |
| 232 | #TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks |
| 233 | |
| 234 | # password for the https truststore (for legacy CertificateManagment only) |
| 235 | #TrustStorePassword: changeit |
| 236 | # |
| 237 | # END OF legacy CertificateManagement properties |
| 238 | ########################################################################################### |
| 239 | |
| 240 | |
| 241 | ##################################################### |
| 242 | # |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 243 | # HTTP Server Configuration |
| 244 | # |
| 245 | ##################################################### |
| 246 | |
| 247 | # Allow http access to dbcapi |
| 248 | HttpAllowed: true |
| 249 | |
| 250 | # listen to http port within this container (server) |
| 251 | IntHttpPort: 8080 |
| 252 | |
| 253 | # listen to https port within this container (server) |
| 254 | # set to 0 if no certificates are available. |
| 255 | IntHttpsPort: 8443 |
| 256 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 257 | |
dglFromAtt | d9d3f42 | 2018-10-18 21:04:35 +0000 | [diff] [blame] | 258 | |
sunil.unnava | 02f077e | 2019-03-28 20:50:29 -0400 | [diff] [blame] | 259 | inHttpsPort: 0 |
Dominic Lunanuova | de7a02b | 2020-03-12 16:36:09 +0000 | [diff] [blame] | 260 | |
| 261 | ##################################################### |
| 262 | # |
| 263 | # Deprecated |
| 264 | # |
| 265 | ##################################################### |
| 266 | # csit: stubs out some southbound APIs for csit (deprecated) |
| 267 | #csit: No |
| 268 | # name of this DMaaP instance (deprecated) |
| 269 | #DmaapName: demo |
| 270 | # external port number for https taking port mapping into account (deprecated) |
| 271 | #ExtHttpsPort: 443 |
| 272 | # path to the file used to trigger an orderly shutdown (deprecated) |
| 273 | #QuiesceFile: etc/SHUTDOWN |
| 274 | # FQDN of DR Prov Server (deprecated) |
| 275 | #DR.provhost: dcae-drps.domain.not.set |
| 276 | # root of topic namespace (decrecated) |
| 277 | #topicNsRoot: org.onap.dcae.dmaap |