blob: 81196e12366784931842a0d7ba38cdbb6d2d471b [file] [log] [blame]
Michael Mokryafae9972019-03-11 14:46:34 -05001# ============LICENSE_START=======================================================
jhhd2b9ed82019-12-10 17:15:28 -06002# Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
Michael Mokryafae9972019-03-11 14:46:34 -05003# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 persistence: {}
Dominik Mizync88bcc92020-04-14 18:20:20 +020024 envsubstImage: dibi/envsubst
jhhd4258672020-08-09 12:08:08 -050025 aafEnabled: true
Sylvain Desbureaux1694e1d2020-08-21 09:58:25 +020026 readinessImage: onap/oom/readiness:3.0.1
Michael Mokryafae9972019-03-11 14:46:34 -050027
28#################################################################
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020029# Secrets metaconfig
30#################################################################
31secrets:
32 - uid: db-secret
33 type: basicAuth
34 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
35 login: '{{ .Values.db.user }}'
36 password: '{{ .Values.db.password }}'
37 passwordPolicy: required
Dominik Mizync88bcc92020-04-14 18:20:20 +020038 - uid: restserver-creds
39 type: basicAuth
40 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
41 login: '{{ .Values.restServer.user }}'
42 password: '{{ .Values.restServer.password }}'
43 passwordPolicy: required
44 - uid: api-creds
45 type: basicAuth
46 externalSecret: '{{ tpl (default "" .Values.apiServer.credsExternalSecret) . }}'
47 login: '{{ .Values.apiServer.user }}'
48 password: '{{ .Values.apiServer.password }}'
49 passwordPolicy: required
jhhd4258672020-08-09 12:08:08 -050050 - uid: keystore-password
51 type: password
52 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
53 password: '{{ .Values.certStores.keyStorePassword }}'
54 passwordPolicy: required
55 - uid: truststore-password
56 type: password
57 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
58 password: '{{ .Values.certStores.trustStorePassword }}'
59 passwordPolicy: required
60
61certStores:
62 keyStorePassword: Pol1cy_0nap
63 trustStorePassword: Pol1cy_0nap
64
65certInitializer:
66 nameOverride: policy-xacml-pdp-cert-initializer
67 aafDeployFqi: deployer@people.osaaf.org
68 aafDeployPass: demo123456!
69 fqdn: policy
70 fqi: policy@policy.onap.org
71 public_fqdn: policy.onap.org
72 cadi_latitude: "0.0"
73 cadi_longitude: "0.0"
74 credsPath: /opt/app/osaaf/local
75 app_ns: org.osaaf.aaf
76 uid: 100
77 gid: 101
78 aaf_add_config: >
79 /opt/app/aaf_config/bin/agent.sh;
80 export $(/opt/app/aaf_config/bin/agent.sh local showpass
81 {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12");
82 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
83 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
84 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
85
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +020086
87#################################################################
Michael Mokryafae9972019-03-11 14:46:34 -050088# Application configuration defaults.
89#################################################################
90# application image
91repository: nexus3.onap.org:10001
jhhbf8d8a92020-09-10 14:01:49 -050092image: onap/policy-xacml-pdp:2.3.1
Michael Mokryafae9972019-03-11 14:46:34 -050093pullPolicy: Always
94
95# flag to enable debugging - application support required
96debugEnabled: false
97
98# application configuration
99
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +0200100db:
101 user: policy_user
102 password: policy_user
jhhd4258672020-08-09 12:08:08 -0500103 service:
104 name: policy-mariadb
105 internalPort: 3306
106
Dominik Mizync88bcc92020-04-14 18:20:20 +0200107restServer:
108 user: healthcheck
109 password: zb!XztG34
jhhd4258672020-08-09 12:08:08 -0500110
Dominik Mizync88bcc92020-04-14 18:20:20 +0200111apiServer:
112 user: healthcheck
113 password: zb!XztG34
Krzysztof Opasiak7e31efc2020-04-01 00:21:45 +0200114
Michael Mokryafae9972019-03-11 14:46:34 -0500115# default number of instances
ramverma39a79a42019-05-02 13:07:36 +0000116replicaCount: 1
Michael Mokryafae9972019-03-11 14:46:34 -0500117
118nodeSelector: {}
119
120affinity: {}
121
122# probe configuration parameters
123liveness:
124 initialDelaySeconds: 20
125 periodSeconds: 10
126 # necessary to disable liveness probe when setting breakpoints
127 # in debugger so K8s doesn't restart unresponsive container
128 enabled: true
129
130readiness:
131 initialDelaySeconds: 20
132 periodSeconds: 10
133
134service:
135 type: ClusterIP
136 name: policy-xacml-pdp
137 portName: policy-xacml-pdp
138 externalPort: 6969
139 internalPort: 6969
140
141ingress:
142 enabled: false
143
jhhd4258672020-08-09 12:08:08 -0500144flavor: small
145resources:
146 small:
147 limits:
148 cpu: 1
149 memory: 4Gi
150 requests:
151 cpu: 100m
152 memory: 1Gi
153 large:
154 limits:
155 cpu: 2
156 memory: 8Gi
157 requests:
158 cpu: 200m
159 memory: 2Gi
160 unlimited: {}
161