1 # Copyright © 2018 Amdocs, Bell Canada, AT&T
2 # Modifications Copyright © 2020-2021 Orange
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 # Default values for modelloader.
17 # This is a YAML-formatted file.
18 # Declare variables to be passed into your templates.
19 global: # global defaults
21 aaiSdcListenerKafkaUser: aai-sdc-list-user
22 #################################################################
24 #################################################################
26 - uid: aai-sdc-kafka-secret
27 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
30 - name: sasl.jaas.config
31 value: '{{ .Values.config.someConfig }}'
34 #################################################################
35 # Certificate configuration
36 #################################################################
38 nameOverride: aai-ml-cert-initializer
39 aafDeployFqi: deployer@people.osaaf.org
40 aafDeployPass: demo123456!
41 # aafDeployCredsExternalSecret: some secret
44 public_fqdn: aai.onap.org
48 credsPath: /opt/app/osaaf/local
49 appMountPath: /opt/app/model-loader/config/auth/aaf
50 fqi_namespace: org.onap.aai
51 user_id: &user_id 1000
52 group_id: &group_id 1000
54 echo "*** changing them into shell safe ones"
55 export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
56 export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
57 cd {{ .Values.credsPath }}
58 keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
59 -storepass "${cadi_keystore_password_p12}" \
60 -keystore {{ .Values.fqi_namespace }}.p12
61 keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
62 -storepass "${cadi_truststore_password}" \
63 -keystore {{ .Values.fqi_namespace }}.trust.jks
64 echo "*** writing passwords into prop file"
65 echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
66 echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
67 echo "*** change ownership of certificates to targeted user"
68 chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
71 image: onap/model-loader:1.12.0
77 # application configuration
81 securityProtocol: SASL_PLAINTEXT
82 saslMechanism: SCRAM-SHA-512
87 clientId: aai-model-loader
89 # default number of instances
101 # probe configuration parameters
103 initialDelaySeconds: 10
105 # necessary to disable liveness probe when setting breakpoints
106 # in debugger so K8s doesn't restart unresponsive container
110 initialDelaySeconds: 10
130 #Pods Service Account
132 nameOverride: aai-modelloader
136 # Not fully used for now
144 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'