blob: c825ab1a0cf203a3435df7db0c61776092f54951 [file] [log] [blame]
rameshiyer27ff176652021-09-21 15:19:05 +01001# ============LICENSE_START=======================================================
FrancescoFioraEst9c79e262022-02-22 13:12:19 +00002# Copyright (C) 2021-2022 Nordix Foundation.
rameshiyer27ff176652021-09-21 15:19:05 +01003# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 persistence: {}
24 aafEnabled: true
25
26#################################################################
27# Secrets metaconfig
28#################################################################
29secrets:
FrancescoFioraEst9c79e262022-02-22 13:12:19 +000030 - uid: restserver-secret
31 type: basicAuth
32 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
33 login: '{{ .Values.restServer.participantppnt.user }}'
34 password: '{{ .Values.restServer.participantppnt.password }}'
35 passwordPolicy: required
rameshiyer27ff176652021-09-21 15:19:05 +010036 - uid: api-secret
37 type: basicAuth
38 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
39 login: '{{ .Values.restServer.api.user }}'
40 password: '{{ .Values.restServer.api.password }}'
41 passwordPolicy: required
42 - uid: pap-secret
43 type: basicAuth
44 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
45 login: '{{ .Values.restServer.pap.user }}'
46 password: '{{ .Values.restServer.pap.password }}'
47 passwordPolicy: required
48 - uid: keystore-password
49 type: password
50 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
51 password: '{{ .Values.certStores.keyStorePassword }}'
52 passwordPolicy: required
53 - uid: truststore-password
54 type: password
55 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
56 password: '{{ .Values.certStores.trustStorePassword }}'
57 passwordPolicy: required
58
59certStores:
60 keyStorePassword: Pol1cy_0nap
61 trustStorePassword: Pol1cy_0nap
62
63certInitializer:
FrancescoFioraEst9c79e262022-02-22 13:12:19 +000064 nameOverride: policy-clamp-ac-pf-ppnt-cert-initializer
rameshiyer27ff176652021-09-21 15:19:05 +010065 aafDeployFqi: deployer@people.osaaf.org
66 aafDeployPass: demo123456!
67 fqdn: policy
68 fqi: policy@policy.onap.org
69 public_fqdn: policy.onap.org
70 cadi_latitude: "0.0"
71 cadi_longitude: "0.0"
72 credsPath: /opt/app/osaaf/local
73 app_ns: org.osaaf.aaf
74 uid: 100
75 gid: 101
76 aaf_add_config: >
77 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
78 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
79 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
80
81
82#################################################################
83# Application configuration defaults.
84#################################################################
85# application image
FrancescoFioraEst9c79e262022-02-22 13:12:19 +000086image: onap/policy-clamp-ac-pf-ppnt:6.2.1
rameshiyer27ff176652021-09-21 15:19:05 +010087pullPolicy: Always
88
89# flag to enable debugging - application support required
90debugEnabled: false
91
92# default number of instances
93replicaCount: 1
94
95# application configuration
96restServer:
97 api:
adheli.tavaresf3656cd2021-11-10 14:54:32 +000098 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +010099 password: none
100 pap:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000101 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100102 password: none
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000103 participantppnt:
104 user: participantUser
105 password: none
rameshiyer27ff176652021-09-21 15:19:05 +0100106
107nodeSelector: {}
108
109affinity: {}
110ingress:
111 enabled: false
112
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000113# probe configuration parameters
114liveness:
115 initialDelaySeconds: 20
116 periodSeconds: 10
117 # necessary to disable liveness probe when setting breakpoints
118 # in debugger so K8s doesn't restart unresponsive container
119 enabled: true
120 port: http-api
121
122readiness:
123 initialDelaySeconds: 20
124 periodSeconds: 10
125 port: http-api
126
127service:
128 type: ClusterIP
129 name: policy-clamp-ac-pf-ppnt
130 useNodePortExt: true
131 ports:
132 - name: http-api
133 port: 8085
134 nodePort: 42
135
rameshiyer27ff176652021-09-21 15:19:05 +0100136flavor: small
137resources:
138 small:
139 limits:
140 cpu: 1
141 memory: 4Gi
142 requests:
143 cpu: 100m
144 memory: 1Gi
145 large:
146 limits:
147 cpu: 2
148 memory: 8Gi
149 requests:
150 cpu: 200m
151 memory: 2Gi
152 unlimited: {}
153#Pods Service Account
154serviceAccount:
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000155 nameOverride: policy-clamp-ac-pf-ppnt
rameshiyer27ff176652021-09-21 15:19:05 +0100156 roles:
157 - read