blob: fd0b2ae7309b10f7bdd9a94d50d0426b42d09760 [file] [log] [blame]
rameshiyer27ff176652021-09-21 15:19:05 +01001# ============LICENSE_START=======================================================
FrancescoFioraEst9c79e262022-02-22 13:12:19 +00002# Copyright (C) 2021-2022 Nordix Foundation.
rameshiyer27ff176652021-09-21 15:19:05 +01003# ================================================================================
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16# SPDX-License-Identifier: Apache-2.0
17# ============LICENSE_END=========================================================
18
19#################################################################
20# Global configuration defaults.
21#################################################################
22global:
23 persistence: {}
24 aafEnabled: true
25
26#################################################################
27# Secrets metaconfig
28#################################################################
29secrets:
FrancescoFioraEst9c79e262022-02-22 13:12:19 +000030 - uid: restserver-secret
31 type: basicAuth
32 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
33 login: '{{ .Values.restServer.participantppnt.user }}'
34 password: '{{ .Values.restServer.participantppnt.password }}'
35 passwordPolicy: required
rameshiyer27ff176652021-09-21 15:19:05 +010036 - uid: api-secret
37 type: basicAuth
38 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
39 login: '{{ .Values.restServer.api.user }}'
40 password: '{{ .Values.restServer.api.password }}'
41 passwordPolicy: required
42 - uid: pap-secret
43 type: basicAuth
44 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
45 login: '{{ .Values.restServer.pap.user }}'
46 password: '{{ .Values.restServer.pap.password }}'
47 passwordPolicy: required
48 - uid: keystore-password
49 type: password
50 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
51 password: '{{ .Values.certStores.keyStorePassword }}'
52 passwordPolicy: required
53 - uid: truststore-password
54 type: password
55 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
56 password: '{{ .Values.certStores.trustStorePassword }}'
57 passwordPolicy: required
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +010058 - uid: policy-kafka-user
59 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
60 type: genericKV
61 envs:
62 - name: sasl.jaas.config
63 value: '{{ .Values.config.someConfig }}'
64 policy: generate
rameshiyer27ff176652021-09-21 15:19:05 +010065
66certStores:
67 keyStorePassword: Pol1cy_0nap
68 trustStorePassword: Pol1cy_0nap
69
70certInitializer:
FrancescoFioraEst9c79e262022-02-22 13:12:19 +000071 nameOverride: policy-clamp-ac-pf-ppnt-cert-initializer
rameshiyer27ff176652021-09-21 15:19:05 +010072 aafDeployFqi: deployer@people.osaaf.org
73 aafDeployPass: demo123456!
74 fqdn: policy
75 fqi: policy@policy.onap.org
76 public_fqdn: policy.onap.org
77 cadi_latitude: "0.0"
78 cadi_longitude: "0.0"
79 credsPath: /opt/app/osaaf/local
80 app_ns: org.osaaf.aaf
81 uid: 100
82 gid: 101
83 aaf_add_config: >
84 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
85 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
86 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
87
88
89#################################################################
90# Application configuration defaults.
91#################################################################
92# application image
saul.gill5e611402023-03-02 11:49:23 +000093image: onap/policy-clamp-ac-pf-ppnt:6.4.1
rameshiyer27ff176652021-09-21 15:19:05 +010094pullPolicy: Always
95
96# flag to enable debugging - application support required
97debugEnabled: false
98
99# default number of instances
100replicaCount: 1
101
102# application configuration
103restServer:
104 api:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000105 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100106 password: none
107 pap:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000108 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100109 password: none
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000110 participantppnt:
111 user: participantUser
112 password: none
rameshiyer27ff176652021-09-21 15:19:05 +0100113
114nodeSelector: {}
115
116affinity: {}
117ingress:
118 enabled: false
119
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000120# probe configuration parameters
121liveness:
122 initialDelaySeconds: 20
123 periodSeconds: 10
124 # necessary to disable liveness probe when setting breakpoints
125 # in debugger so K8s doesn't restart unresponsive container
126 enabled: true
127 port: http-api
128
129readiness:
130 initialDelaySeconds: 20
131 periodSeconds: 10
132 port: http-api
133
134service:
135 type: ClusterIP
136 name: policy-clamp-ac-pf-ppnt
137 useNodePortExt: true
138 ports:
139 - name: http-api
140 port: 8085
141 nodePort: 42
142
rameshiyer27ff176652021-09-21 15:19:05 +0100143flavor: small
144resources:
145 small:
146 limits:
147 cpu: 1
148 memory: 4Gi
149 requests:
150 cpu: 100m
151 memory: 1Gi
152 large:
153 limits:
154 cpu: 2
155 memory: 8Gi
156 requests:
157 cpu: 200m
158 memory: 2Gi
159 unlimited: {}
160#Pods Service Account
161serviceAccount:
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000162 nameOverride: policy-clamp-ac-pf-ppnt
rameshiyer27ff176652021-09-21 15:19:05 +0100163 roles:
164 - read
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100165
166config:
167# Event consumption (kafka) properties
168 useStrimziKafka: true
169 kafkaBootstrap: strimzi-kafka-bootstrap
170 kafka:
171 consumer:
172 groupId: policy-group
173 app:
174 listener:
175 acRuntimeTopic: policy-acruntime-participant
176# If targeting a custom kafka cluster, ie useStrimziKakfa: false
177# uncomment below config and target your kafka bootstrap servers,
178# along with any other security config.
179#
180# eventConsumption:
181# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
182# spring.kafka.security.protocol: PLAINTEXT
183# spring.kafka.consumer.group-id: policy-group
184#
185# Any new property can be added in the env by setting in overrides in the format mentioned below
186# All the added properties must be in "key: value" format instead of yaml.
187# additional:
188# spring.config.max-size: 200
189# spring.config.min-size: 10