1 # ============LICENSE_START=======================================================
2 # Copyright (C) 2019 Nordix Foundation.
3 # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
4 # Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved.
5 # ================================================================================
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
18 # SPDX-License-Identifier: Apache-2.0
19 # ============LICENSE_END=========================================================
21 #################################################################
22 # Global configuration defaults.
23 #################################################################
25 nodePortPrefixExt: 304
29 #################################################################
31 #################################################################
35 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
36 login: '{{ .Values.db.user }}'
37 password: '{{ .Values.db.password }}'
38 passwordPolicy: required
39 - uid: restserver-secret
41 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
42 login: '{{ .Values.restServer.user }}'
43 password: '{{ .Values.restServer.password }}'
44 passwordPolicy: required
47 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
48 login: '{{ .Values.healthCheckRestClient.api.user }}'
49 password: '{{ .Values.healthCheckRestClient.api.password }}'
50 passwordPolicy: required
51 - uid: distribution-secret
53 externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.distribution.credsExternalSecret) . }}'
54 login: '{{ .Values.healthCheckRestClient.distribution.user }}'
55 password: '{{ .Values.healthCheckRestClient.distribution.password }}'
56 passwordPolicy: required
57 - uid: keystore-password
59 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
60 password: '{{ .Values.certStores.keyStorePassword }}'
61 passwordPolicy: required
62 - uid: truststore-password
64 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
65 password: '{{ .Values.certStores.trustStorePassword }}'
66 passwordPolicy: required
67 - uid: policy-kafka-user
68 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
71 - name: sasl.jaas.config
72 value: '{{ .Values.config.someConfig }}'
76 keyStorePassword: Pol1cy_0nap
77 trustStorePassword: Pol1cy_0nap
80 nameOverride: policy-pap-cert-initializer
81 aafDeployFqi: deployer@people.osaaf.org
82 aafDeployPass: demo123456!
84 fqi: policy@policy.onap.org
85 public_fqdn: policy.onap.org
88 credsPath: /opt/app/osaaf/local
93 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
94 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
95 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
98 #################################################################
99 # Application configuration defaults.
100 #################################################################
102 image: onap/policy-pap:2.6.3
105 # flag to enable debugging - application support required
108 # application configuration
112 password: policy_user
121 healthCheckRestClient:
129 # default number of instances
136 # probe configuration parameters
138 initialDelaySeconds: 60
140 # necessary to disable liveness probe when setting breakpoints
141 # in debugger so K8s doesn't restart unresponsive container
146 initialDelaySeconds: 10
149 api: /policy/pap/v1/healthcheck
185 #Pods Service Account
187 nameOverride: policy-pap
193 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
194 # The default operator for prometheus enforces the below label.
203 externalSecretNameSuffix: policy-pap-user-creds
204 externalSecretUserKey: login
205 externalSecretPasswordKey: password
207 # application configuration
209 # Event consumption (kafka) properties
210 useStrimziKafka: true
211 kafkaBootstrap: strimzi-kafka-bootstrap
217 policyPdpPapTopic: policy-pdp-pap
218 # If targeting a custom kafka cluster, ie useStrimziKakfa: false
219 # uncomment below config and target your kafka bootstrap servers,
220 # along with any other security config.
223 # spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
224 # spring.kafka.security.protocol: PLAINTEXT
225 # spring.kafka.consumer.group-id: policy-group
227 # Any new property can be added in the env by setting in overrides in the format mentioned below
228 # All the added properties must be in "key: value" format instead of yaml.