1 # Copyright (c) 2018 Amdocs, Bell Canada, AT&T
2 # Modifications Copyright (c) 2020 Nokia, Orange
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 # Default values for sparky-be.
17 # This is a YAML-formatted file.
18 # Declare variables to be passed into your templates.
19 global: # global defaults
24 serviceName: aai-elasticsearch
26 serviceName: aai-gizmo
28 serviceName: aai-search-data
31 #################################################################
32 # Certificate configuration
33 #################################################################
35 nameOverride: aai-sparky-cert-initializer
36 aafDeployFqi: deployer@people.osaaf.org
37 aafDeployPass: demo123456!
38 # aafDeployCredsExternalSecret: some secret
40 app_ns: "org.osaaf.aaf"
41 fqi_namespace: "org.onap.aai"
42 fqi: "aai@aai.onap.org"
43 public_fqdn: "aaf.osaaf.org"
46 credsPath: /opt/app/osaaf/local
48 echo "*** changing passwords into shell safe ones"
49 export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
50 export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
51 cd {{ .Values.credsPath }}
52 keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
53 -storepass "${cadi_keystore_password_jks}" \
54 -keystore {{ .Values.fqi_namespace }}.jks
55 keytool -storepasswd -new "${TRUSTORE_PASSWD}" \
56 -storepass "${cadi_truststore_password}" \
57 -keystore {{ .Values.fqi_namespace }}.trust.jks
58 echo "*** set key password as same password as keystore password"
59 keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
60 -keystore {{ .Values.fqi_namespace }}.jks \
61 -keypass "${cadi_keystore_password_jks}" \
62 -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
63 echo "*** save the generated passwords"
64 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
65 echo "TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop
66 echo "*** change ownership of certificates to targeted user"
67 chown -R 1000 {{ .Values.credsPath }}
70 image: onap/sparky-be:2.0.2
75 dockerhubRepository: registry.hub.docker.com
76 ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
77 # application configuration
79 elasticsearchHttpPort: 9200
80 gerritBranch: 3.0.0-ONAP
81 gerritProject: http://gerrit.onap.org/r/aai/test-config
83 portalPassword: OBF:1t2v1vfv1unz1vgz1t3b
84 portalCookieName: UserId
85 portalAppRoles: ui_view
86 cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
87 cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
89 # ONAP Cookie Processing - During initial development, the following flag, if true, will
90 # prevent the portal interface's login processing from searching for a user
91 # specific cookie, and will instead allow passage if a valid session cookie is discovered.
92 portalOnapEnabled: true
95 # override chart name (sparky-be) to share a common namespace
96 # suffix with parent chart (aai)
100 # default number of instances
107 # probe configuration parameters
109 initialDelaySeconds: 10
111 # necessary to disable liveness probe when setting breakpoints
112 # in debugger so K8s doesn't restart unresponsive container
116 initialDelaySeconds: 10
121 portName: aai-sparky-be
128 - baseaddr: "aaisparkybe"
129 name: "aai-sparky-be"
134 # Configure resource requests and limits
135 # ref: http://kubernetes.io/docs/user-guide/compute-resources/