blob: 92cd50c808a9693e80d8727260ed3c568f4b9f42 [file] [log] [blame]
mmis95971132018-07-17 00:13:13 +01001# ============LICENSE_START=======================================================
2# Copyright (C) 2018 Ericsson. All rights reserved.
jhh999c2242021-02-24 12:10:02 -06003# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
Sirisha_Manchikantib402a592022-09-09 12:01:20 +01004# Modifications Copyright © 2022 Nordix Foundation
mmis95971132018-07-17 00:13:13 +01005# ================================================================================
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17#
18# SPDX-License-Identifier: Apache-2.0
19# ============LICENSE_END=========================================================
20
21#################################################################
22# Global configuration defaults.
23#################################################################
24global:
25 nodePortPrefix: 302
jhhd4258672020-08-09 12:08:08 -050026 aafEnabled: true
mmis95971132018-07-17 00:13:13 +010027 persistence: {}
28
29#################################################################
Dominik Mizynb8c44b42020-04-21 10:48:27 +020030# Secrets metaconfig
31#################################################################
32secrets:
33 - uid: restserver-creds
34 type: basicAuth
35 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
36 login: '{{ .Values.restServer.user }}'
37 password: '{{ .Values.restServer.password }}'
38 - uid: truststore-pass
39 type: password
jhhd4258672020-08-09 12:08:08 -050040 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
41 password: '{{ .Values.certStores.trustStorePassword }}'
42 passwordPolicy: required
43 - uid: keystore-pass
44 type: password
45 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
46 password: '{{ .Values.certStores.keyStorePassword }}'
47 passwordPolicy: required
Sirisha_Manchikantib402a592022-09-09 12:01:20 +010048 - uid: policy-kafka-user
49 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
50 type: genericKV
51 envs:
52 - name: sasl.jaas.config
53 value: '{{ .Values.config.someConfig }}'
54 policy: generate
Dominik Mizynb8c44b42020-04-21 10:48:27 +020055
56#################################################################
mmis95971132018-07-17 00:13:13 +010057# Application configuration defaults.
58#################################################################
59# application image
jhh2a5d1bb2022-05-04 13:44:26 -050060image: onap/policy-apex-pdp:2.7.3
mmis95971132018-07-17 00:13:13 +010061pullPolicy: Always
62
63# flag to enable debugging - application support required
64debugEnabled: false
65
66# application configuration
67
Dominik Mizynb8c44b42020-04-21 10:48:27 +020068restServer:
69 user: healthcheck
70 password: zb!XztG34
71truststore:
72 password: Pol1cy_0nap
jhhd4258672020-08-09 12:08:08 -050073certStores:
74 keyStorePassword: Pol1cy_0nap
75 trustStorePassword: Pol1cy_0nap
76
77certInitializer:
78 nameOverride: policy-apex-pdp-cert-initializer
79 aafDeployFqi: deployer@people.osaaf.org
80 aafDeployPass: demo123456!
81 fqdn: policy
82 fqi: policy@policy.onap.org
83 public_fqdn: policy.onap.org
84 cadi_latitude: "0.0"
85 cadi_longitude: "0.0"
86 credsPath: /opt/app/osaaf/local
87 app_ns: org.osaaf.aaf
88 uid: 101
89 gid: 102
90 aaf_add_config: >
jhhd4258672020-08-09 12:08:08 -050091 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci;
92 echo "export KEYSTORE_PASSWORD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
93 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
Dominik Mizynb8c44b42020-04-21 10:48:27 +020094
mmis95971132018-07-17 00:13:13 +010095# default number of instances
96replicaCount: 1
97
98nodeSelector: {}
99
100affinity: {}
101
102# probe configuration parameters
103liveness:
104 initialDelaySeconds: 20
105 periodSeconds: 10
106 # necessary to disable liveness probe when setting breakpoints
107 # in debugger so K8s doesn't restart unresponsive container
108 enabled: true
109
110readiness:
111 initialDelaySeconds: 20
112 periodSeconds: 10
113
114service:
jhh59ce22d2019-05-14 17:59:36 -0500115 type: ClusterIP
mmis95971132018-07-17 00:13:13 +0100116 name: policy-apex-pdp
117 portName: policy-apex-pdp
a.sreekumar7f4efaf2019-04-16 16:24:01 +0000118 externalPort: 6969
jhh59ce22d2019-05-14 17:59:36 -0500119 internalPort: 6969
mmis95971132018-07-17 00:13:13 +0100120 nodePort: 37
121
122ingress:
123 enabled: false
124
vaibhavjayas4136f5d2018-08-17 07:01:05 +0000125# Resource Limit flavor -By Default using small
vaibhavjayas4136f5d2018-08-17 07:01:05 +0000126# Segregation for Different environment (Small and Large)
jhhd4258672020-08-09 12:08:08 -0500127flavor: small
vaibhavjayas4136f5d2018-08-17 07:01:05 +0000128resources:
129 small:
130 limits:
131 cpu: 1
132 memory: 4Gi
133 requests:
134 cpu: 10m
135 memory: 1Gi
136 large:
137 limits:
138 cpu: 2
139 memory: 8Gi
140 requests:
141 cpu: 20m
Mandeep Khinda60d36d42018-09-24 15:15:48 +0000142 memory: 2Gi
Pamela Dragosh54048d32018-11-09 07:09:41 -0500143 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200144
145#Pods Service Account
146serviceAccount:
147 nameOverride: policy-apex-pdp
148 roles:
149 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400150
Rashmi Pujara8b09262022-03-15 21:58:57 -0400151metrics:
152 serviceMonitor:
153 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
154 # The default operator for prometheus enforces the below label.
155 labels:
156 release: prometheus
157 enabled: true
158 port: policy-apex-pdp
159 interval: 60s
160 isHttps: true
161 basicAuth:
162 enabled: true
163 externalSecretNameSuffix: policy-apex-pdp-restserver-creds
164 externalSecretUserKey: login
165 externalSecretPasswordKey: password
166 selector:
167 app: '{{ include "common.name" . }}'
168 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
169 release: '{{ include "common.release" . }}'
170 heritage: '{{ .Release.Service }}'
Sirisha_Manchikantib402a592022-09-09 12:01:20 +0100171
172# application configuration
173config:
174# Event consumption (kafka) properties
175 useStrimziKafka: true
176 kafkaBootstrap: strimzi-kafka-bootstrap
177 kafka:
178 consumer:
179 groupId: policy-group
180 app:
181 listener:
182 policyPdpPapTopic: policy-pdp-pap
183# If targeting a custom kafka cluster, ie useStrimziKakfa: false
184# uncomment below config and target your kafka bootstrap servers,
185# along with any other security config.
186#
187# eventConsumption:
188# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
189# spring.kafka.security.protocol: PLAINTEXT
190# spring.kafka.consumer.group-id: policy-group
191#
192# Any new property can be added in the env by setting in overrides in the format mentioned below
193# All the added properties must be in "key: value" format instead of yaml.