1 ################################################################################
2 # Copyright (c) 2020 Nordix Foundation. #
3 # Copyright © 2020 Samsung Electronics, Modifications #
5 # Licensed under the Apache License, Version 2.0 (the "License"); #
6 # you may not use this file except in compliance with the License. #
7 # You may obtain a copy of the License at #
9 # http://www.apache.org/licenses/LICENSE-2.0 #
11 # Unless required by applicable law or agreed to in writing, software #
12 # distributed under the License is distributed on an "AS IS" BASIS, #
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
14 # See the License for the specific language governing permissions and #
15 # limitations under the License. #
16 ################################################################################
17 # Default values for Policy Management Service.
18 # This is a YAML-formatted file.
19 # Declare variables to be passed into your templates.
25 - uid: controller-secret
27 externalSecret: '{{ tpl (default "" .Values.a1controller.credsExternalSecret) . }}'
28 login: '{{ .Values.a1controller.user }}'
29 password: '{{ .Values.a1controller.password }}'
30 passwordPolicy: required
32 #################################################################
34 #################################################################
36 nameOverride: a1p-cert-initializer
37 aafDeployFqi: deployer@people.osaaf.org
38 aafDeployPass: demo123456!
39 # aafDeployCredsExternalSecret: some secret
42 public_fqdn: a1p.onap.org
46 credsPath: /opt/app/osaaf/local
47 fqi_namespace: org.onap.a1p
49 echo "*** changing them into shell safe ones"
50 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
51 export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
52 cd {{ .Values.credsPath }}
53 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
54 -storepass "${cadi_keystore_password_p12}" \
55 -keystore {{ .Values.fqi_namespace }}.p12
56 keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
57 -storepass "${cadi_truststore_password}" \
58 -keystore {{ .Values.fqi_namespace }}.trust.jks
59 echo "*** save the generated passwords"
60 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
61 echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
62 echo "*** change ownership of certificates to targeted user"
65 image: onap/ccsdk-oran-a1policymanagementservice:1.1.3
66 userID: 1000 #Should match with image-defined user ID
67 groupID: 999 #Should match with image-defined group ID
68 pullPolicy: IfNotPresent
73 name: a1policymanagement
74 both_tls_and_plain: true
82 # SDNC Credentials are used here
85 password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
87 sdncLink: https://sdnc.onap:8443
88 # The information about A1-Mediator/RICs can be added here.
89 # The A1 policy management service supports both STD & OSC versions.
90 # Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD & OSC versions for A1 termination.
91 # Refer source code & run in docker container : https://gerrit.o-ran-sc.org/r/admin/repos/sim/a1-interface
92 # Refer it/dep repo for k8s deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep
93 # Example configuration:
96 # link: http://ric1url.url.com:1111/
101 # link: http://ric2url.url.com:2222/
106 streamPublish: http://message-router:3904/events/A1-POLICY-AGENT-WRITE
107 streamSubscribe: http://message-router:3904/events/A1-POLICY-AGENT-READ/users/policy-agent?timeout=15000&limit=100
111 initialDelaySeconds: 60
115 initialDelaySeconds: 60
118 #Resource Limit flavor -By Default using small
138 ## Persist data to a persistent volume
142 ## A manually managed Persistent Volume and Claim
143 ## Requires persistence.enabled: true
144 ## If defined, PVC must be created manually before volume will be bound
146 volumeReclaimPolicy: Retain
148 ## database data Persistent Volume Storage Class
149 ## If defined, storageClassName: <storageClass>
150 ## If set to "-", storageClassName: "", which disables dynamic provisioning
151 ## If undefined (the default) or set to null, no storageClassName spec is
152 ## set, choosing the default provisioner. (gp2 on AWS, standard on
153 ## GKE, AWS & OpenStack)
156 accessMode: ReadWriteOnce
158 mountPath: /dockerdata-nfs
159 mountSubPath: nonrtric/policymanagementservice