blob: 45e54ed3aac9dd6f94a037eea5438792d194eb88 [file] [log] [blame]
Chenfei Gao9292e882019-02-27 22:14:45 -05001# ============LICENSE_START=======================================================
jhh999c2242021-02-24 12:10:02 -06002# Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
a.sreekumar2f377362022-02-09 12:40:57 +00003# Modifications Copyright (C) 2022 Bell Canada. All rights reserved.
Chenfei Gao9292e882019-02-27 22:14:45 -05004# ================================================================================
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
17# SPDX-License-Identifier: Apache-2.0
18# ============LICENSE_END=========================================================
19
20#################################################################
21# Global configuration defaults.
22#################################################################
23global:
24 nodePortPrefix: 304
25 persistence: {}
jhhd4258672020-08-09 12:08:08 -050026 aafEnabled: true
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020027
28#################################################################
29# Secrets metaconfig
30#################################################################
31secrets:
Dominik Mizyn11038102020-04-14 17:14:42 +020032 - uid: db-creds
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020033 type: basicAuth
34 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
35 login: '{{ .Values.db.user }}'
36 password: '{{ .Values.db.password }}'
37 passwordPolicy: required
Dominik Mizyn11038102020-04-14 17:14:42 +020038 - uid: restserver-creds
39 type: basicAuth
rameshiyer27ff176652021-09-21 15:19:05 +010040 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
Dominik Mizyn11038102020-04-14 17:14:42 +020041 login: '{{ .Values.restServer.user }}'
42 password: '{{ .Values.restServer.password }}'
43 passwordPolicy: required
jhhd4258672020-08-09 12:08:08 -050044 - uid: keystore-password
45 type: password
46 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
47 password: '{{ .Values.certStores.keyStorePassword }}'
48 passwordPolicy: required
49 - uid: truststore-password
50 type: password
51 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
52 password: '{{ .Values.certStores.trustStorePassword }}'
53 passwordPolicy: required
54
55certStores:
56 keyStorePassword: Pol1cy_0nap
57 trustStorePassword: Pol1cy_0nap
58
59certInitializer:
60 nameOverride: policy-api-cert-initializer
61 aafDeployFqi: deployer@people.osaaf.org
62 aafDeployPass: demo123456!
63 fqdn: policy
64 fqi: policy@policy.onap.org
65 public_fqdn: policy.onap.org
66 cadi_latitude: "0.0"
67 cadi_longitude: "0.0"
68 credsPath: /opt/app/osaaf/local
69 app_ns: org.osaaf.aaf
70 uid: 100
71 gid: 101
72 aaf_add_config: >
jhhd4258672020-08-09 12:08:08 -050073 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
74 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
75 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
76
Chenfei Gao9292e882019-02-27 22:14:45 -050077
78#################################################################
79# Application configuration defaults.
80#################################################################
81# application image
liamfallonedb388e2022-09-23 17:56:37 +010082image: onap/policy-api:2.7.0
Chenfei Gao9292e882019-02-27 22:14:45 -050083pullPolicy: Always
84
85# flag to enable debugging - application support required
86debugEnabled: false
87
88# application configuration
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020089db:
90 user: policy_user
91 password: policy_user
jhhd4258672020-08-09 12:08:08 -050092 service:
93 name: policy-mariadb
94 internalPort: 3306
95
Dominik Mizyn11038102020-04-14 17:14:42 +020096restServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +000097 user: policyadmin
a.sreekumar2f377362022-02-09 12:40:57 +000098 password: zb!XztG34
Chenfei Gao9292e882019-02-27 22:14:45 -050099
100# default number of instances
101replicaCount: 1
102
103nodeSelector: {}
104
105affinity: {}
106
107# probe configuration parameters
108liveness:
a.sreekumar2f377362022-02-09 12:40:57 +0000109 initialDelaySeconds: 60
Chenfei Gao9292e882019-02-27 22:14:45 -0500110 periodSeconds: 10
111 # necessary to disable liveness probe when setting breakpoints
112 # in debugger so K8s doesn't restart unresponsive container
113 enabled: true
114
115readiness:
a.sreekumar2f377362022-02-09 12:40:57 +0000116 initialDelaySeconds: 10
117 periodSeconds: 120
118 api: /policy/api/v1/healthcheck
119 scheme: HTTPS
120 successThreshold: 1
121 failureThreshold: 3
122 timeout: 60
Chenfei Gao9292e882019-02-27 22:14:45 -0500123
124service:
jhh59ce22d2019-05-14 17:59:36 -0500125 type: ClusterIP
Chenfei Gao9292e882019-02-27 22:14:45 -0500126 name: policy-api
127 portName: policy-api
jhh59ce22d2019-05-14 17:59:36 -0500128 externalPort: 6969
Chenfei Gao9292e882019-02-27 22:14:45 -0500129 internalPort: 6969
130 nodePort: 40
131
132ingress:
133 enabled: false
134
jhhd4258672020-08-09 12:08:08 -0500135flavor: small
136resources:
137 small:
138 limits:
139 cpu: 1
140 memory: 4Gi
141 requests:
142 cpu: 100m
143 memory: 1Gi
144 large:
145 limits:
146 cpu: 2
147 memory: 8Gi
148 requests:
149 cpu: 200m
150 memory: 2Gi
151 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200152
153#Pods Service Account
154serviceAccount:
155 nameOverride: policy-api
156 roles:
157 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400158
Rashmi Pujara8b09262022-03-15 21:58:57 -0400159metrics:
160 serviceMonitor:
161 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
162 # The default operator for prometheus enforces the below label.
163 labels:
164 release: prometheus
165 enabled: true
166 port: policy-api
167 interval: 60s
168 isHttps: true
169 basicAuth:
170 enabled: true
171 externalSecretNameSuffix: policy-api-user-creds
172 externalSecretUserKey: login
173 externalSecretPasswordKey: password
174 selector:
175 app: '{{ include "common.name" . }}'
176 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
177 release: '{{ include "common.release" . }}'
178 heritage: '{{ .Release.Service }}'