2 # ============LICENSE_START=======================================================
4 # ================================================================================
5 # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 # Copyright (c) 2020 Nokia Intellectual Property. All rights reserved.
7 # Copyright (c) 2020-2021 Orange Intellectual Property. All rights reserved.
8 # ================================================================================
9 # Licensed under the Apache License, Version 2.0 (the "License");
10 # you may not use this file except in compliance with the License.
11 # You may obtain a copy of the License at
13 # http://www.apache.org/licenses/LICENSE-2.0
15 # Unless required by applicable law or agreed to in writing, software
16 # distributed under the License is distributed on an "AS IS" BASIS,
17 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 # See the License for the specific language governing permissions and
19 # limitations under the License.
20 # ============LICENSE_END=========================================================
22 # Default values for resources.
23 # This is a YAML-formatted file.
24 # Declare variables to be passed into your templates.
25 global: # global defaults
28 #This will instantiate AAI cassandra cluster, default:shared cassandra.
33 # When enabled, it will create the schema based on oxm and edge rules
36 #migration using helm hooks
41 # Specifies that the cluster connected to a dynamic
42 # cluster being spinned up by kubernetes deployment
47 # Specifies if the basic authorization is enabled
54 # Notification event specific properties
59 # Schema specific properties that include supported versions of api
61 # Specifies if the connection should be one way ssl, two way ssl or no auth
62 # will be set to no-auth if tls is disabled
65 # Specifies which translator to use if it has schema-service, then it will
66 # make a rest request to schema service
70 # Specifies which folder to take a look at
73 # Base URI Path of the application
77 # Current version of the REST API
80 # Specifies which version the depth parameter is configurable
82 # List of all the supported versions of the API
83 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26
84 # Specifies from which version related link should appear
87 # Specifies from which version the app root change happened
90 # Specifies from which version the xml namespace changed
93 # Specifies from which version the edge label appeared in API
97 # Specifies which clients should always default to realtime graph connection
99 clients: SDNC,MSO,SO,robot-ete
101 #################################################################
102 # Certificate configuration
103 #################################################################
105 nameOverride: aai-graphadmin-cert-initializer
106 aafDeployFqi: deployer@people.osaaf.org
107 aafDeployPass: demo123456!
108 # aafDeployCredsExternalSecret: some secret
110 fqi: aai@aai.onap.org
111 public_fqdn: aai.onap.org
112 cadi_longitude: "0.0"
114 app_ns: org.osaaf.aaf
115 credsPath: /opt/app/osaaf/local
116 fqi_namespace: org.onap.aai
117 user_id: &user_id 1000
118 group_id: &group_id 1000
120 echo "*** changing them into shell safe ones"
121 export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
122 export KEYSTORE_JKS_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
123 export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
124 cd {{ .Values.credsPath }}
125 keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
126 -storepass "${cadi_keystore_password_p12}" \
127 -keystore {{ .Values.fqi_namespace }}.p12
128 keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
129 -storepass "${cadi_truststore_password}" \
130 -keystore {{ .Values.fqi_namespace }}.trust.jks
131 keytool -storepasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
132 -storepass "${cadi_keystore_password_jks}" \
133 -keystore {{ .Values.fqi_namespace }}.jks
134 echo "*** set key password as same password as keystore password"
135 keytool -keypasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
136 -keystore {{ .Values.fqi_namespace }}.jks \
137 -keypass "${cadi_keystore_password_jks}" \
138 -storepass "${KEYSTORE_JKS_PLAIN_PASSWORD}" -alias {{ .Values.fqi }}
139 echo "*** writing passwords into prop file"
140 echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
141 echo "KEYSTORE_JKS_PLAIN_PASSWORD=${KEYSTORE_JKS_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
142 echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
143 echo "*** change ownership of certificates to targeted user"
144 chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
147 image: onap/aai-graphadmin:1.9.4
149 restartPolicy: Always
151 flavorOverride: small
152 # default number of instances
154 # the minimum number of seconds that a newly created Pod should be ready
158 # The number of pods that can be unavailable during the update process
160 # The number of pods that can be created above the desired amount of pods during an update
163 # Configuration for the graphadmin deployment
166 # Specify the profiles for the graphadmin microservice
168 # one way ssl profile will be set unless tlsEnabled is set to false or serviceMesh is enabled and
169 # serviceMesh.tls is set to tru
170 active: dmaap #,one-way-ssl"
172 # Specifies the timeout limit for the REST API requests
177 # Default maximum records to fix for the data grooming and dupeTool
182 # Default number of sleep minutes for dataGrooming and dupeTool
187 # Cron specific attributes to be triggered for the graphadmin spring cron tasks
189 # Specifies that the data grooming tool which runs duplicates should be enabled
192 # Specifies that the data snapshot which takes a graphson snapshot should be enabled
195 params: JUST_TAKE_SNAPSHOT
197 # Data cleanup which zips snapshots older than x days and deletes older than y days
202 # Zips up the dataGrooming files older than 5 days
204 # Deletes the dataGrooming files older than 30 days
209 # Zips up the dataSnapshot graphson files older than 5 days
211 # Deletes the dataSnapshot graphson files older than 30 days
213 # Concurrency lock control flag
224 # probe configuration parameters
226 initialDelaySeconds: 60
228 # necessary to disable liveness probe when setting breakpoints
229 # in debugger so K8s doesn't restart unresponsive container
233 initialDelaySeconds: 60
238 # REST API port for the graphadmin microservice
243 terminationGracePeriodSeconds: 120
250 ## A manually managed Persistent Volume and Claim
251 ## Requires persistence.enabled: true
252 ## If defined, PVC must be created manually before volume will be bound
254 volumeReclaimPolicy: Retain
255 ## database data Persistent Volume Storage Class
256 ## If defined, storageClassName: <storageClass>
257 ## If set to "-", storageClassName: "", which disables dynamic provisioning
258 ## If undefined (the default) or set to null, no storageClassName spec is
259 ## set, choosing the default provisioner. (gp2 on AWS, standard on
260 ## GKE, AWS & OpenStack)
263 accessMode: ReadWriteMany
266 mountPath: /dockerdata-nfs
267 mountSubPath: aai/aai-graphadmin
268 mountSubPath1: aai/migration
287 # Not fully used for now
292 #Pods Service Account
294 nameOverride: aai-graphadmin
300 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'