blob: d399cd5c4c60115682308bc3b4bad37c1c8c4185 [file] [log] [blame]
Michael Mokryafae9972019-03-11 14:46:34 -05001# ============LICENSE_START=======================================================
jhh999c2242021-02-24 12:10:02 -06002# Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
Michael Mokryafae9972019-03-11 14:46:34 -05003# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 persistence: {}
24
25#################################################################
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020026# Secrets metaconfig
27#################################################################
28secrets:
29 - uid: db-secret
30 type: basicAuth
31 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
32 login: '{{ .Values.db.user }}'
33 password: '{{ .Values.db.password }}'
34 passwordPolicy: required
Dominik Mizync88bcc92020-04-14 18:20:20 +020035 - uid: restserver-creds
36 type: basicAuth
37 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
38 login: '{{ .Values.restServer.user }}'
39 password: '{{ .Values.restServer.password }}'
40 passwordPolicy: required
41 - uid: api-creds
42 type: basicAuth
43 externalSecret: '{{ tpl (default "" .Values.apiServer.credsExternalSecret) . }}'
44 login: '{{ .Values.apiServer.user }}'
45 password: '{{ .Values.apiServer.password }}'
46 passwordPolicy: required
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020047
48#################################################################
Michael Mokryafae9972019-03-11 14:46:34 -050049# Application configuration defaults.
50#################################################################
51# application image
saul.gillef208b02023-04-26 16:16:05 +010052image: onap/policy-xacml-pdp:2.8.2
Michael Mokryafae9972019-03-11 14:46:34 -050053pullPolicy: Always
54
55# flag to enable debugging - application support required
56debugEnabled: false
57
58# application configuration
59
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020060db:
61 user: policy_user
62 password: policy_user
jhhd4258672020-08-09 12:08:08 -050063 service:
64 name: policy-mariadb
65 internalPort: 3306
66
Dominik Mizync88bcc92020-04-14 18:20:20 +020067restServer:
68 user: healthcheck
69 password: zb!XztG34
jhhd4258672020-08-09 12:08:08 -050070
Dominik Mizync88bcc92020-04-14 18:20:20 +020071apiServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +000072 user: policyadmin
Dominik Mizync88bcc92020-04-14 18:20:20 +020073 password: zb!XztG34
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020074
Michael Mokryafae9972019-03-11 14:46:34 -050075# default number of instances
ramverma39a79a42019-05-02 13:07:36 +000076replicaCount: 1
Michael Mokryafae9972019-03-11 14:46:34 -050077
78nodeSelector: {}
79
80affinity: {}
81
82# probe configuration parameters
83liveness:
84 initialDelaySeconds: 20
85 periodSeconds: 10
86 # necessary to disable liveness probe when setting breakpoints
87 # in debugger so K8s doesn't restart unresponsive container
88 enabled: true
89
90readiness:
91 initialDelaySeconds: 20
92 periodSeconds: 10
93
94service:
95 type: ClusterIP
96 name: policy-xacml-pdp
Michael Mokryafae9972019-03-11 14:46:34 -050097 internalPort: 6969
Andreas Geisslerf10c5552023-03-21 18:09:46 +010098 ports:
99 - name: http
100 port: 6969
Michael Mokryafae9972019-03-11 14:46:34 -0500101
102ingress:
103 enabled: false
104
AndrewLamb7ef78ae2023-04-20 16:24:13 +0100105serviceMesh:
106 authorizationPolicy:
107 authorizedPrincipals:
108 - serviceAccount: dcae-datafile-collector-read
109 - serviceAccount: dcae-datalake-admin-ui-read
110 - serviceAccount: dcae-datalake-des-read
111 - serviceAccount: dcae-datalake-feeder-read
112 - serviceAccount: dcae-heartbeat-read
113 - serviceAccount: dcae-hv-ves-collector-read
114 - serviceAccount: dcae-kpi-ms-read
115 - serviceAccount: dcae-pm-mapper-read
116 - serviceAccount: dcae-pmsh-read
117 - serviceAccount: dcae-prh-read
118 - serviceAccount: dcae-restconf-collector-read
119 - serviceAccount: dcae-slice-analysis-ms-read
120 - serviceAccount: dcae-snmptrap-collector-read
121 - serviceAccount: dcae-son-handler-read
122 - serviceAccount: dcae-tcagen2-read
123 - serviceAccount: dcae-ves-collector-read
124 - serviceAccount: dcae-ves-mapper-read
125 - serviceAccount: dcae-ves-openapi-manager-read
126 - serviceAccount: message-router-read
127 - serviceAccount: oof-read
128 - serviceAccount: sdnc-read
129
jhhd4258672020-08-09 12:08:08 -0500130flavor: small
131resources:
132 small:
133 limits:
Andreas Geissler555db9c2023-06-20 11:38:39 +0200134 cpu: 999
135 memory: 1Gi
jhhd4258672020-08-09 12:08:08 -0500136 requests:
Andreas Geissler555db9c2023-06-20 11:38:39 +0200137 cpu: 0.5
138 memory: 1Gi
jhhd4258672020-08-09 12:08:08 -0500139 large:
140 limits:
Andreas Geissler555db9c2023-06-20 11:38:39 +0200141 cpu: 999
142 memory: 2Gi
jhhd4258672020-08-09 12:08:08 -0500143 requests:
Andreas Geissler555db9c2023-06-20 11:38:39 +0200144 cpu: 1
145 memory: 2Gi
jhhd4258672020-08-09 12:08:08 -0500146 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200147
148#Pods Service Account
149serviceAccount:
150 nameOverride: policy-xacml-pdp
151 roles:
152 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400153
Rashmi Pujara8b09262022-03-15 21:58:57 -0400154metrics:
155 serviceMonitor:
156 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
157 # The default operator for prometheus enforces the below label.
158 labels:
159 release: prometheus
160 enabled: true
161 port: policy-xacml-pdp
162 interval: 60s
Andreas Geisslerf10c5552023-03-21 18:09:46 +0100163 isHttps: false
Rashmi Pujara8b09262022-03-15 21:58:57 -0400164 basicAuth:
165 enabled: true
166 externalSecretNameSuffix: policy-xacml-pdp-restserver-creds
167 externalSecretUserKey: login
168 externalSecretPasswordKey: password
169 selector:
170 app: '{{ include "common.name" . }}'
171 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
172 release: '{{ include "common.release" . }}'
173 heritage: '{{ .Release.Service }}'