1 ################################################################################
2 # Copyright (c) 2020 Nordix Foundation. #
3 # Copyright © 2020 Samsung Electronics, Modifications #
5 # Licensed under the Apache License, Version 2.0 (the "License"); #
6 # you may not use this file except in compliance with the License. #
7 # You may obtain a copy of the License at #
9 # http://www.apache.org/licenses/LICENSE-2.0 #
11 # Unless required by applicable law or agreed to in writing, software #
12 # distributed under the License is distributed on an "AS IS" BASIS, #
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
14 # See the License for the specific language governing permissions and #
15 # limitations under the License. #
16 ################################################################################
17 # Default values for Policy Management Service.
18 # This is a YAML-formatted file.
19 # Declare variables to be passed into your templates.
26 - uid: controller-secret
28 externalSecret: '{{ tpl (default "" .Values.a1controller.credsExternalSecret) . }}'
29 login: '{{ .Values.a1controller.user }}'
30 password: '{{ .Values.a1controller.password }}'
31 passwordPolicy: required
33 #################################################################
35 #################################################################
37 nameOverride: a1p-cert-initializer
38 aafDeployFqi: deployer@people.osaaf.org
39 aafDeployPass: demo123456!
40 # aafDeployCredsExternalSecret: some secret
43 public_fqdn: a1p.onap.org
47 credsPath: /opt/app/osaaf/local
48 fqi_namespace: org.onap.a1p
50 echo "*** changing them into shell safe ones"
51 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
52 export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
53 cd {{ .Values.credsPath }}
54 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
55 -storepass "${cadi_keystore_password_p12}" \
56 -keystore {{ .Values.fqi_namespace }}.p12
57 keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
58 -storepass "${cadi_truststore_password}" \
59 -keystore {{ .Values.fqi_namespace }}.trust.jks
60 echo "*** save the generated passwords"
61 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
62 echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
63 echo "*** change ownership of certificates to targeted user"
66 image: onap/ccsdk-oran-a1policymanagementservice:1.3.0
67 userID: 1000 #Should match with image-defined user ID
68 groupID: 999 #Should match with image-defined group ID
69 pullPolicy: IfNotPresent
74 name: a1policymanagement
75 both_tls_and_plain: true
83 # SDNC Credentials are used here
86 password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
88 sdncLink: https://sdnc.onap:8443
89 # The information about A1-Mediator/RICs can be added here.
90 # The A1 policy management service supports both STD & OSC versions.
91 # Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD & OSC versions for A1 termination.
92 # Refer source code & run in docker container : https://gerrit.o-ran-sc.org/r/admin/repos/sim/a1-interface
93 # Refer it/dep repo for k8s deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep
94 # Example configuration:
97 # link: http://ric1url.url.com:1111/
102 # link: http://ric2url.url.com:2222/
107 streamPublish: http://message-router:3904/events/A1-POLICY-AGENT-WRITE
108 streamSubscribe: http://message-router:3904/events/A1-POLICY-AGENT-READ/users/policy-agent?timeout=15000&limit=100
112 initialDelaySeconds: 60
116 initialDelaySeconds: 60
119 #Resource Limit flavor -By Default using small
139 ## Persist data to a persistent volume
143 ## A manually managed Persistent Volume and Claim
144 ## Requires persistence.enabled: true
145 ## If defined, PVC must be created manually before volume will be bound
147 volumeReclaimPolicy: Retain
149 ## database data Persistent Volume Storage Class
150 ## If defined, storageClassName: <storageClass>
151 ## If set to "-", storageClassName: "", which disables dynamic provisioning
152 ## If undefined (the default) or set to null, no storageClassName spec is
153 ## set, choosing the default provisioner. (gp2 on AWS, standard on
154 ## GKE, AWS & OpenStack)
157 accessMode: ReadWriteOnce
159 mountPath: /dockerdata-nfs
160 mountSubPath: nonrtric/policymanagementservice
162 #Pods Service Account
164 nameOverride: a1policymanagement