1 # Copyright © 2020, Nokia
2 # Modifications Copyright © 2020, Nordix Foundation, Orange
3 # Modifications Copyright © 2020 Nokia
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
19 envsubstImage: dibi/envsubst
22 readinessImage: onap/oom/readiness:3.0.1
24 ubuntuInitRepository: registry.hub.docker.com
25 ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
27 loggingRepository: docker.elastic.co
28 loggingImage: beats/filebeat:5.5.0
30 busyboxRepository: registry.hub.docker.com
31 busyboxImage: library/busybox:1.31
36 repository: "nexus3.onap.org:10001"
37 offlineDeploymentBuild: false
40 # Service configuration
48 # Certificates generation configuration
49 certificateGenerationImage: onap/integration-java11:7.1.0
51 # Deployment configuration
52 repository: nexus3.onap.org:10001
53 image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.1.0
58 initialDelaySeconds: 60
60 command: curl https://localhost:$HTTPS_PORT/actuator/health --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD
62 initialDelaySeconds: 30
64 command: curl https://localhost:$HTTPS_PORT/ready --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD
85 # Application configuration
88 name: oom-cert-service-secret
90 name: oom-cert-service-volume
91 mountPath: /etc/onap/oom/certservice
96 name: oom-cert-service-server-tls-secret
98 name: oom-cert-service-server-tls-volume
99 mountPath: /etc/onap/oom/certservice/certs/
102 defaultName: oom-cert-service-client-tls-secret
106 jksName: certServiceServer-keystore.jks
107 p12Name: certServiceServer-keystore.p12
109 jksName: truststore.jks
113 # External secrets with credentials can be provided to override default credentials defined below,
114 # by uncommenting and filling appropriate *ExternalSecret value
117 keystorePassword: secret
118 truststorePassword: secret
119 #keystorePasswordExternalSecret:
120 #truststorePasswordExternalSecret:
121 # Below cmp values contain credentials for EJBCA test instance and are relevant only if global addTestingComponents flag is enabled
123 # Used only if cmpv2 testing is enabled
124 clientIakExternalSecret: '{{ include "common.release" . }}-ejbca-client-iak'
125 #clientRvExternalSecret:
126 raIakExternalSecret: '{{ include "common.release" . }}-ejbca-ra-iak'
136 - uid: keystore-password
137 name: '{{ include "common.release" . }}-keystore-password'
139 externalSecret: '{{ tpl (default "" .Values.credentials.tls.keystorePasswordExternalSecret) . }}'
140 password: '{{ .Values.credentials.tls.keystorePassword }}'
141 passwordPolicy: required
142 - uid: truststore-password
143 name: '{{ include "common.release" . }}-truststore-password'
145 externalSecret: '{{ tpl (default "" .Values.credentials.tls.truststorePasswordExternalSecret) . }}'
146 password: '{{ .Values.credentials.tls.truststorePassword }}'
147 passwordPolicy: required
148 # Below values are relevant only if global addTestingComponents flag is enabled
149 - uid: ejbca-server-client-iak
151 externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientIakExternalSecret) . }}'
152 password: '{{ .Values.credentials.cmp.client.iak }}'
153 - uid: cmp-config-client-rv
155 externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientRvExternalSecret) . }}'
156 password: '{{ .Values.credentials.cmp.client.rv }}'
157 - uid: ejbca-server-ra-iak
159 externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raIakExternalSecret) . }}'
160 password: '{{ .Values.credentials.cmp.ra.iak }}'
161 - uid: cmp-config-ra-rv
163 externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raRvExternalSecret) . }}'
164 password: '{{ .Values.credentials.cmp.ra.rv }}'