blob: 3ef235631ab2d9329eb97bb0742a667e3b1a03ad [file] [log] [blame]
ramverma1a3b8ad2019-02-25 12:45:11 +00001# ============LICENSE_START=======================================================
2# Copyright (C) 2019 Nordix Foundation.
jhh999c2242021-02-24 12:10:02 -06003# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
Bruno Sakoto425d5be2020-05-20 07:25:41 -04004# Modifications Copyright (C) 2020 Bell Canada.
ramverma1a3b8ad2019-02-25 12:45:11 +00005# ================================================================================
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17#
18# SPDX-License-Identifier: Apache-2.0
19# ============LICENSE_END=========================================================
20
21#################################################################
22# Global configuration defaults.
23#################################################################
24global:
Bruno Sakoto425d5be2020-05-20 07:25:41 -040025 nodePortPrefixExt: 304
ramverma1a3b8ad2019-02-25 12:45:11 +000026 persistence: {}
jhhd4258672020-08-09 12:08:08 -050027 aafEnabled: true
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +020028
29#################################################################
30# Secrets metaconfig
31#################################################################
32secrets:
33 - uid: db-secret
34 type: basicAuth
35 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
36 login: '{{ .Values.db.user }}'
37 password: '{{ .Values.db.password }}'
38 passwordPolicy: required
Dominik Mizyn389fca12020-04-09 22:37:00 +020039 - uid: restserver-secret
40 type: basicAuth
rameshiyer27ff176652021-09-21 15:19:05 +010041 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
Dominik Mizyn389fca12020-04-09 22:37:00 +020042 login: '{{ .Values.restServer.user }}'
43 password: '{{ .Values.restServer.password }}'
44 passwordPolicy: required
45 - uid: api-secret
46 type: basicAuth
rameshiyer27ff176652021-09-21 15:19:05 +010047 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
Dominik Mizyn389fca12020-04-09 22:37:00 +020048 login: '{{ .Values.healthCheckRestClient.api.user }}'
49 password: '{{ .Values.healthCheckRestClient.api.password }}'
50 passwordPolicy: required
51 - uid: distribution-secret
52 type: basicAuth
53 externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.distribution.credsExternalSecret) . }}'
54 login: '{{ .Values.healthCheckRestClient.distribution.user }}'
55 password: '{{ .Values.healthCheckRestClient.distribution.password }}'
56 passwordPolicy: required
jhhd4258672020-08-09 12:08:08 -050057 - uid: keystore-password
58 type: password
59 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
60 password: '{{ .Values.certStores.keyStorePassword }}'
61 passwordPolicy: required
62 - uid: truststore-password
63 type: password
64 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
65 password: '{{ .Values.certStores.trustStorePassword }}'
66 passwordPolicy: required
67
68certStores:
69 keyStorePassword: Pol1cy_0nap
70 trustStorePassword: Pol1cy_0nap
71
72certInitializer:
73 nameOverride: policy-pap-cert-initializer
74 aafDeployFqi: deployer@people.osaaf.org
75 aafDeployPass: demo123456!
76 fqdn: policy
77 fqi: policy@policy.onap.org
78 public_fqdn: policy.onap.org
79 cadi_latitude: "0.0"
80 cadi_longitude: "0.0"
81 credsPath: /opt/app/osaaf/local
82 app_ns: org.osaaf.aaf
83 uid: 100
84 gid: 101
85 aaf_add_config: >
jhhd4258672020-08-09 12:08:08 -050086 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
87 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
88 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
89
ramverma1a3b8ad2019-02-25 12:45:11 +000090
91#################################################################
92# Application configuration defaults.
93#################################################################
94# application image
liamfallon312ab372021-12-13 14:33:33 +000095image: onap/policy-pap:2.6.0
ramverma1a3b8ad2019-02-25 12:45:11 +000096pullPolicy: Always
97
98# flag to enable debugging - application support required
99debugEnabled: false
100
101# application configuration
102
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +0200103db:
104 user: policy_user
105 password: policy_user
jhhd4258672020-08-09 12:08:08 -0500106 service:
107 name: policy-mariadb
108 internalPort: 3306
109
Dominik Mizyn389fca12020-04-09 22:37:00 +0200110restServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000111 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100112 password: none
jhhd4258672020-08-09 12:08:08 -0500113
Dominik Mizyn389fca12020-04-09 22:37:00 +0200114healthCheckRestClient:
115 api:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000116 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100117 password: none
Dominik Mizyn389fca12020-04-09 22:37:00 +0200118 distribution:
119 user: healthcheck
120 password: zb!XztG34
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +0200121
ramverma1a3b8ad2019-02-25 12:45:11 +0000122# default number of instances
123replicaCount: 1
124
125nodeSelector: {}
126
127affinity: {}
128
129# probe configuration parameters
130liveness:
131 initialDelaySeconds: 20
132 periodSeconds: 10
133 # necessary to disable liveness probe when setting breakpoints
134 # in debugger so K8s doesn't restart unresponsive container
135 enabled: true
Bruno Sakoto0644c262020-05-22 16:56:35 -0400136 port: http-api
ramverma1a3b8ad2019-02-25 12:45:11 +0000137
138readiness:
139 initialDelaySeconds: 20
140 periodSeconds: 10
Bruno Sakoto0644c262020-05-22 16:56:35 -0400141 port: http-api
ramverma1a3b8ad2019-02-25 12:45:11 +0000142
143service:
144 type: ClusterIP
145 name: policy-pap
Bruno Sakoto0644c262020-05-22 16:56:35 -0400146 useNodePortExt: true
147 ports:
148 - name: http-api
149 port: 6969
150 nodePort: 42
ramverma1a3b8ad2019-02-25 12:45:11 +0000151
152ingress:
153 enabled: false
154
jhhd4258672020-08-09 12:08:08 -0500155flavor: small
156resources:
157 small:
158 limits:
159 cpu: 1
160 memory: 4Gi
161 requests:
162 cpu: 100m
163 memory: 1Gi
164 large:
165 limits:
166 cpu: 2
167 memory: 8Gi
168 requests:
169 cpu: 200m
170 memory: 2Gi
171 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200172
173#Pods Service Account
174serviceAccount:
175 nameOverride: policy-pap
176 roles:
177 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400178
179prometheus:
180 enabled: true
181
182metrics:
183 serviceMonitor:
184 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
185 # The default operator for prometheus enforces the below label.
186 labels:
187 release: prometheus
188 enabled: true
189 port: http-api
190 interval: 60s
191 isHttps: true
192 basicAuth:
193 enabled: true
194 externalSecretNameSuffix: policy-pap-user-creds
195 externalSecretUserKey: login
196 externalSecretPasswordKey: password