1 # ============LICENSE_START=======================================================
2 # Copyright (C) 2019 Nordix Foundation.
3 # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
4 # Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved.
5 # Modifications Copyright © 2022 Nordix Foundation
6 # ================================================================================
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
19 # SPDX-License-Identifier: Apache-2.0
20 # ============LICENSE_END=========================================================
22 #################################################################
23 # Global configuration defaults.
24 #################################################################
26 nodePortPrefixExt: 304
28 useStrimziKafkaPf: set-via-parent-chart-global-value
32 #################################################################
34 #################################################################
38 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
39 login: '{{ .Values.db.user }}'
40 password: '{{ .Values.db.password }}'
41 passwordPolicy: required
42 - uid: restserver-secret
44 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
45 login: '{{ .Values.restServer.user }}'
46 password: '{{ .Values.restServer.password }}'
47 passwordPolicy: required
50 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
51 login: '{{ .Values.healthCheckRestClient.api.user }}'
52 password: '{{ .Values.healthCheckRestClient.api.password }}'
53 passwordPolicy: required
54 - uid: distribution-secret
56 externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.distribution.credsExternalSecret) . }}'
57 login: '{{ .Values.healthCheckRestClient.distribution.user }}'
58 password: '{{ .Values.healthCheckRestClient.distribution.password }}'
59 passwordPolicy: required
60 - uid: policy-kafka-user
61 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
64 - name: sasl.jaas.config
65 value: '{{ .Values.config.someConfig }}'
68 #################################################################
69 # Application configuration defaults.
70 #################################################################
72 image: onap/policy-pap:2.8.2
75 # flag to enable debugging - application support required
78 # application configuration
85 pgName: policy-pg-primary
93 healthCheckRestClient:
101 # default number of instances
108 # probe configuration parameters
110 initialDelaySeconds: 60
112 # necessary to disable liveness probe when setting breakpoints
113 # in debugger so K8s doesn't restart unresponsive container
118 initialDelaySeconds: 10
121 api: /policy/pap/v1/healthcheck
141 authorizedPrincipals:
142 - serviceAccount: message-router-read
143 - serviceAccount: portal-app-read
163 #Pods Service Account
165 nameOverride: policy-pap
171 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
172 # The default operator for prometheus enforces the below label.
181 externalSecretNameSuffix: policy-pap-user-creds
182 externalSecretUserKey: login
183 externalSecretPasswordKey: password
185 # application configuration
187 # Event consumption (kafka) properties
188 useStrimziKafkaPf: true
189 kafkaBootstrap: strimzi-kafka-bootstrap
192 policyHeartbeat: policy-heartbeat
193 policyNotification: policy-notification
194 policyPdpPap: policy-pdp-pap
199 policyPdpPapTopic: policy-pdp-pap
203 policyHeartbeat: POLICY-HEARTBEAT
204 policyNotification: POLICY-NOTIFICATION
205 policyPdpPap: POLICY-PDP-PAP
206 # If targeting a custom kafka cluster, ie useStrimziKakfa: false
207 # uncomment below config and target your kafka bootstrap servers,
208 # along with any other security config.
211 # spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
212 # spring.kafka.security.protocol: PLAINTEXT
213 # spring.kafka.consumer.group-id: policy-group
215 # Any new property can be added in the env by setting in overrides in the format mentioned below
216 # All the added properties must be in "key: value" format instead of yaml.
218 authenticationType: scram-sha-512
222 operations: [Create, Describe, Read, Write]
223 - name: policy-pdp-pap
226 operations: [Create, Describe, Read, Write]
227 - name: policy-heartbeat
230 operations: [Create, Describe, Read, Write]
231 - name: policy-notification
234 operations: [Create, Describe, Read, Write]