1 # ============LICENSE_START=======================================================
2 # Copyright (C) 2019 Nordix Foundation.
3 # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
4 # Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved.
5 # Modifications Copyright © 2022 Nordix Foundation
6 # ================================================================================
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
19 # SPDX-License-Identifier: Apache-2.0
20 # ============LICENSE_END=========================================================
22 #################################################################
23 # Global configuration defaults.
24 #################################################################
26 nodePortPrefixExt: 304
30 #################################################################
32 #################################################################
36 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
37 login: '{{ .Values.db.user }}'
38 password: '{{ .Values.db.password }}'
39 passwordPolicy: required
40 - uid: restserver-secret
42 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
43 login: '{{ .Values.restServer.user }}'
44 password: '{{ .Values.restServer.password }}'
45 passwordPolicy: required
48 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
49 login: '{{ .Values.healthCheckRestClient.api.user }}'
50 password: '{{ .Values.healthCheckRestClient.api.password }}'
51 passwordPolicy: required
52 - uid: distribution-secret
54 externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.distribution.credsExternalSecret) . }}'
55 login: '{{ .Values.healthCheckRestClient.distribution.user }}'
56 password: '{{ .Values.healthCheckRestClient.distribution.password }}'
57 passwordPolicy: required
58 - uid: keystore-password
60 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
61 password: '{{ .Values.certStores.keyStorePassword }}'
62 passwordPolicy: required
63 - uid: truststore-password
65 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
66 password: '{{ .Values.certStores.trustStorePassword }}'
67 passwordPolicy: required
68 - uid: policy-kafka-user
69 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
72 - name: sasl.jaas.config
73 value: '{{ .Values.config.someConfig }}'
77 keyStorePassword: Pol1cy_0nap
78 trustStorePassword: Pol1cy_0nap
81 nameOverride: policy-pap-cert-initializer
82 aafDeployFqi: deployer@people.osaaf.org
83 aafDeployPass: demo123456!
85 fqi: policy@policy.onap.org
86 public_fqdn: policy.onap.org
89 credsPath: /opt/app/osaaf/local
94 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
95 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
96 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
99 #################################################################
100 # Application configuration defaults.
101 #################################################################
103 image: onap/policy-pap:2.7.2
106 # flag to enable debugging - application support required
109 # application configuration
113 password: policy_user
122 healthCheckRestClient:
130 # default number of instances
137 # probe configuration parameters
139 initialDelaySeconds: 60
141 # necessary to disable liveness probe when setting breakpoints
142 # in debugger so K8s doesn't restart unresponsive container
147 initialDelaySeconds: 10
150 api: /policy/pap/v1/healthcheck
185 #Pods Service Account
187 nameOverride: policy-pap
193 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
194 # The default operator for prometheus enforces the below label.
203 externalSecretNameSuffix: policy-pap-user-creds
204 externalSecretUserKey: login
205 externalSecretPasswordKey: password
207 # application configuration
209 # Event consumption (kafka) properties
210 useStrimziKafka: true
211 kafkaBootstrap: strimzi-kafka-bootstrap
214 groupId: policy-group
217 policyPdpPapTopic: policy-pdp-pap
218 # If targeting a custom kafka cluster, ie useStrimziKakfa: false
219 # uncomment below config and target your kafka bootstrap servers,
220 # along with any other security config.
223 # spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
224 # spring.kafka.security.protocol: PLAINTEXT
225 # spring.kafka.consumer.group-id: policy-group
227 # Any new property can be added in the env by setting in overrides in the format mentioned below
228 # All the added properties must be in "key: value" format instead of yaml.