kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml

#  ============LICENSE_START=======================================================
#   Copyright (C) 2021-2023 Nordix Foundation.
#  ================================================================================
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
#
#  SPDX-License-Identifier: Apache-2.0
#  ============LICENSE_END=========================================================

#################################################################
# Global configuration defaults.
#################################################################
global:
  persistence: {}
  aafEnabled: false
  #Strimzi Kafka properties
  useStrimziKafka: set-via-parent-chart-global-value
  kafkaTopics:
    acRuntimeTopic:
      name: &acRuntimeTopic policy.clamp-runtime-acm

#################################################################
# Secrets metaconfig
#################################################################
secrets:
  - uid: restserver-secret
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
    login: '{{ .Values.restServer.participantppnt.user }}'
    password: '{{ .Values.restServer.participantppnt.password }}'
    passwordPolicy: required
  - uid: api-secret
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
    login: '{{ .Values.restServer.api.user }}'
    password: '{{ .Values.restServer.api.password }}'
    passwordPolicy: required
  - uid: pap-secret
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
    login: '{{ .Values.restServer.pap.user }}'
    password: '{{ .Values.restServer.pap.password }}'
    passwordPolicy: required
  - uid: keystore-password
    type: password
    externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
    password: '{{ .Values.certStores.keyStorePassword }}'
    passwordPolicy: required
  - uid: truststore-password
    type: password
    externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
    password: '{{ .Values.certStores.trustStorePassword }}'
    passwordPolicy: required

certStores:
  keyStorePassword: Pol1cy_0nap
  trustStorePassword: Pol1cy_0nap

certInitializer:
  nameOverride: policy-clamp-ac-pf-ppnt-cert-initializer
  aafDeployFqi: deployer@people.osaaf.org
  aafDeployPass: demo123456!
  fqdn: policy
  fqi: policy@policy.onap.org
  public_fqdn: policy.onap.org
  cadi_latitude: "0.0"
  cadi_longitude: "0.0"
  credsPath: /opt/app/osaaf/local
  app_ns: org.osaaf.aaf
  uid: 100
  gid: 101
  aaf_add_config: >
    echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
    echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
    chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});


#################################################################
# Application configuration defaults.
#################################################################
# application image
image: onap/policy-clamp-ac-pf-ppnt:6.4.1
pullPolicy: Always

componentName: &componentName policy-clamp-ac-pf-ppnt

# flag to enable debugging - application support required
debugEnabled: false

# default number of instances
replicaCount: 1

# application configuration
restServer:
  api:
    user: policyadmin
    password: none
  pap:
    user: policyadmin
    password: none
  participantppnt:
    user: participantUser
    password: none

nodeSelector: {}

affinity: {}

ingress:
  enabled: false

# probe configuration parameters
liveness:
  initialDelaySeconds: 20
  periodSeconds: 10
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true
  port: http-api

readiness:
  initialDelaySeconds: 20
  periodSeconds: 10
  port: http-api

service:
  type: ClusterIP
  name: *componentName
  useNodePortExt: true
  ports:
    - name: http-api
      port: 8085
      nodePort: 42

flavor: small
resources:
  small:
    limits:
      cpu: 1
      memory: 4Gi
    requests:
      cpu: 100m
      memory: 1Gi
  large:
    limits:
      cpu: 2
      memory: 8Gi
    requests:
      cpu: 200m
      memory: 2Gi
  unlimited: {}
#Pods Service Account
serviceAccount:
  nameOverride: *componentName
  roles:
    - read

config:
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format instead of yaml.
# additional:
#   spring.config.max-size: 200
#   spring.config.min-size: 10

# Strimzi Kafka config
kafkaUser:
  authenticationType: scram-sha-512
  acls:
    - name: *componentName
      type: group
      operations: [Read]
    - name: *acRuntimeTopic
      type: topic
      operations: [Read, Write]

readinessCheck:
  wait_for:
    - message-router