1 ################################################################################
2 # Copyright (c) 2020 Nordix Foundation. #
3 # Copyright © 2020 Samsung Electronics, Modifications #
5 # Licensed under the Apache License, Version 2.0 (the "License"); #
6 # you may not use this file except in compliance with the License. #
7 # You may obtain a copy of the License at #
9 # http://www.apache.org/licenses/LICENSE-2.0 #
11 # Unless required by applicable law or agreed to in writing, software #
12 # distributed under the License is distributed on an "AS IS" BASIS, #
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
14 # See the License for the specific language governing permissions and #
15 # limitations under the License. #
16 ################################################################################
17 # Default values for Policy Management Service.
18 # This is a YAML-formatted file.
19 # Declare variables to be passed into your templates.
25 - uid: controller-secret
27 externalSecret: '{{ tpl (default "" .Values.a1controller.credsExternalSecret) . }}'
28 login: '{{ .Values.a1controller.user }}'
29 password: '{{ .Values.a1controller.password }}'
30 passwordPolicy: required
32 #################################################################
34 #################################################################
36 nameOverride: a1p-cert-initializer
37 aafDeployFqi: deployer@people.osaaf.org
38 aafDeployPass: demo123456!
39 # aafDeployCredsExternalSecret: some secret
42 public_fqdn: a1p.onap.org
46 credsPath: /opt/app/osaaf/local
47 fqi_namespace: org.onap.a1p
49 echo "*** changing them into shell safe ones"
50 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
51 export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
52 cd {{ .Values.credsPath }}
53 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
54 -storepass "${cadi_keystore_password_p12}" \
55 -keystore {{ .Values.fqi_namespace }}.p12
56 keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
57 -storepass "${cadi_truststore_password}" \
58 -keystore {{ .Values.fqi_namespace }}.trust.jks
59 echo "*** set key password as same password as keystore password"
60 keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
61 -keystore {{ .Values.fqi_namespace }}.p12 \
62 -keypass "${cadi_keystore_password_p12}" \
63 -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
64 echo "*** save the generated passwords"
65 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
66 echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
67 echo "*** change ownership of certificates to targeted user"
70 image: onap/ccsdk-oran-a1policymanagementservice:1.0.1
71 userID: 1000 #Should match with image-defined user ID
72 groupID: 999 #Should match with image-defined group ID
73 pullPolicy: IfNotPresent
78 name: a1policymanagement
79 both_tls_and_plain: true
87 # SDNC Credentials are used here
90 password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
92 sdncLink: https://sdnc.onap:8443
93 # Add your own A1 Mediator link. Supports both STD & OSC Version. ex. http://<ip>:<port>
94 # Alternatively you can also use the A1 simulator available in ORAN. It provides STD & OSC Version for A1 termination.
95 # Refer source code & run in docker container : https://gerrit.o-ran-sc.org/r/admin/repos/sim/a1-interface
96 # Refer it/dep repo for k8's deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep
98 streamPublish: http://message-router:3904/events/A1-POLICY-AGENT-WRITE
99 streamSubscribe: http://message-router:3904/events/A1-POLICY-AGENT-READ/users/policy-agent?timeout=15000&limit=100
103 initialDelaySeconds: 60
107 initialDelaySeconds: 60
110 #Resource Limit flavor -By Default using small