blob: 4dfdcae1523b61e11d997e0a32e6c72a7c86a6bf [file] [log] [blame]
Chenfei Gao9292e882019-02-27 22:14:45 -05001# ============LICENSE_START=======================================================
jhh999c2242021-02-24 12:10:02 -06002# Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
Chenfei Gao9292e882019-02-27 22:14:45 -05003# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 nodePortPrefix: 304
24 persistence: {}
jhhd4258672020-08-09 12:08:08 -050025 aafEnabled: true
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020026
27#################################################################
28# Secrets metaconfig
29#################################################################
30secrets:
Dominik Mizyn11038102020-04-14 17:14:42 +020031 - uid: db-creds
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020032 type: basicAuth
33 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
34 login: '{{ .Values.db.user }}'
35 password: '{{ .Values.db.password }}'
36 passwordPolicy: required
Dominik Mizyn11038102020-04-14 17:14:42 +020037 - uid: restserver-creds
38 type: basicAuth
rameshiyer27ff176652021-09-21 15:19:05 +010039 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
Dominik Mizyn11038102020-04-14 17:14:42 +020040 login: '{{ .Values.restServer.user }}'
41 password: '{{ .Values.restServer.password }}'
42 passwordPolicy: required
jhhd4258672020-08-09 12:08:08 -050043 - uid: keystore-password
44 type: password
45 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
46 password: '{{ .Values.certStores.keyStorePassword }}'
47 passwordPolicy: required
48 - uid: truststore-password
49 type: password
50 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
51 password: '{{ .Values.certStores.trustStorePassword }}'
52 passwordPolicy: required
53
54certStores:
55 keyStorePassword: Pol1cy_0nap
56 trustStorePassword: Pol1cy_0nap
57
58certInitializer:
59 nameOverride: policy-api-cert-initializer
60 aafDeployFqi: deployer@people.osaaf.org
61 aafDeployPass: demo123456!
62 fqdn: policy
63 fqi: policy@policy.onap.org
64 public_fqdn: policy.onap.org
65 cadi_latitude: "0.0"
66 cadi_longitude: "0.0"
67 credsPath: /opt/app/osaaf/local
68 app_ns: org.osaaf.aaf
69 uid: 100
70 gid: 101
71 aaf_add_config: >
jhhd4258672020-08-09 12:08:08 -050072 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
73 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
74 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
75
Chenfei Gao9292e882019-02-27 22:14:45 -050076
77#################################################################
78# Application configuration defaults.
79#################################################################
80# application image
liamfallon312ab372021-12-13 14:33:33 +000081image: onap/policy-api:2.6.0
Chenfei Gao9292e882019-02-27 22:14:45 -050082pullPolicy: Always
83
84# flag to enable debugging - application support required
85debugEnabled: false
86
87# application configuration
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020088db:
89 user: policy_user
90 password: policy_user
jhhd4258672020-08-09 12:08:08 -050091 service:
92 name: policy-mariadb
93 internalPort: 3306
94
Dominik Mizyn11038102020-04-14 17:14:42 +020095restServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +000096 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +010097 password: none
Chenfei Gao9292e882019-02-27 22:14:45 -050098
99# default number of instances
100replicaCount: 1
101
102nodeSelector: {}
103
104affinity: {}
105
106# probe configuration parameters
107liveness:
108 initialDelaySeconds: 20
109 periodSeconds: 10
110 # necessary to disable liveness probe when setting breakpoints
111 # in debugger so K8s doesn't restart unresponsive container
112 enabled: true
113
114readiness:
115 initialDelaySeconds: 20
116 periodSeconds: 10
117
118service:
jhh59ce22d2019-05-14 17:59:36 -0500119 type: ClusterIP
Chenfei Gao9292e882019-02-27 22:14:45 -0500120 name: policy-api
121 portName: policy-api
jhh59ce22d2019-05-14 17:59:36 -0500122 externalPort: 6969
Chenfei Gao9292e882019-02-27 22:14:45 -0500123 internalPort: 6969
124 nodePort: 40
125
126ingress:
127 enabled: false
128
jhhd4258672020-08-09 12:08:08 -0500129flavor: small
130resources:
131 small:
132 limits:
133 cpu: 1
134 memory: 4Gi
135 requests:
136 cpu: 100m
137 memory: 1Gi
138 large:
139 limits:
140 cpu: 2
141 memory: 8Gi
142 requests:
143 cpu: 200m
144 memory: 2Gi
145 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200146
147#Pods Service Account
148serviceAccount:
149 nameOverride: policy-api
150 roles:
151 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400152
153prometheus:
154 enabled: true
155
156metrics:
157 serviceMonitor:
158 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
159 # The default operator for prometheus enforces the below label.
160 labels:
161 release: prometheus
162 enabled: true
163 port: policy-api
164 interval: 60s
165 isHttps: true
166 basicAuth:
167 enabled: true
168 externalSecretNameSuffix: policy-api-user-creds
169 externalSecretUserKey: login
170 externalSecretPasswordKey: password
171 selector:
172 app: '{{ include "common.name" . }}'
173 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
174 release: '{{ include "common.release" . }}'
175 heritage: '{{ .Release.Service }}'