1 # Copyright © 2017 Amdocs, Bell Canada
2 # Modifications Copyright © 2018-2020 AT&T Intellectual Property
3 # Modifications Copyright (C) 2021-2023 Nordix Foundation.
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 #################################################################
18 # Global configuration defaults.
19 #################################################################
23 # '&mariadbConfig' means we "store" the values for later use in the file
24 # with '*mariadbConfig' pointer.
25 config: &mariadbConfig
26 mysqlDatabase: policyadmin
27 service: &mariadbService
28 name: &policy-mariadb policy-mariadb
30 prometheusEnabled: false
35 name2: tcp-pgset-primary
36 name3: tcp-pgset-replica
39 #Strimzi Kafka properties
41 kafkaBootstrap: strimzi-kafka-bootstrap
42 policyKafkaUser: policy-kafka-user
45 name: policy.clamp-runtime-acm
47 #################################################################
49 #################################################################
51 - uid: db-root-password
52 name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
54 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
55 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
58 name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
60 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}'
61 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
62 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
63 passwordPolicy: generate
64 - uid: policy-app-user-creds
65 name: &policyAppCredsSecret '{{ include "common.release" . }}-policy-app-user-creds'
67 externalSecret: '{{ tpl (default "" .Values.config.policyAppUserExternalSecret) . }}'
68 login: '{{ .Values.config.policyAppUserName }}'
69 password: '{{ .Values.config.policyAppUserPassword }}'
70 passwordPolicy: generate
71 - uid: policy-pap-user-creds
72 name: &policyPapCredsSecret '{{ include "common.release" . }}-policy-pap-user-creds'
74 externalSecret: '{{ tpl (default "" .Values.restServer.policyPapUserExternalSecret) . }}'
75 login: '{{ .Values.restServer.policyPapUserName }}'
76 password: '{{ .Values.restServer.policyPapUserPassword }}'
77 passwordPolicy: required
78 - uid: policy-api-user-creds
79 name: &policyApiCredsSecret '{{ include "common.release" . }}-policy-api-user-creds'
81 externalSecret: '{{ tpl (default "" .Values.restServer.policyApiUserExternalSecret) . }}'
82 login: '{{ .Values.restServer.policyApiUserName }}'
83 password: '{{ .Values.restServer.policyApiUserPassword }}'
84 passwordPolicy: required
86 name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass'
88 externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
89 password: '{{ .Values.postgres.config.pgRootpassword }}'
92 name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds'
94 externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
95 login: '{{ .Values.postgres.config.pgUserName }}'
96 password: '{{ .Values.postgres.config.pgUserPassword }}'
97 passwordPolicy: generate
100 credsExternalSecret: *dbSecretName
106 apiUserExternalSecret: *policyApiCredsSecret
108 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
113 papUserExternalSecret: *policyPapCredsSecret
114 apiUserExternalSecret: *policyApiCredsSecret
116 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
121 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
126 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
131 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
135 policy-clamp-ac-k8s-ppnt:
137 policy-clamp-ac-pf-ppnt:
140 apiUserExternalSecret: *policyApiCredsSecret
141 papUserExternalSecret: *policyPapCredsSecret
142 policy-clamp-ac-http-ppnt:
144 policy-clamp-ac-a1pms-ppnt:
146 policy-clamp-runtime-acm:
150 appUserExternalSecret: *policyAppCredsSecret
154 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
158 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
160 #################################################################
161 # DB configuration defaults.
162 #################################################################
165 image: onap/policy-db-migrator:2.6.1
167 policy_home: "/opt/app/policy"
172 # flag to enable debugging - application support required
175 # default number of instances
182 # probe configuration parameters
184 initialDelaySeconds: 10
186 # necessary to disable liveness probe when setting breakpoints
187 # in debugger so K8s doesn't restart unresponsive container
191 initialDelaySeconds: 10
196 policyAppUserName: runtimeUser
197 useStrimziKafka: true
202 segmentBytes: 1073741824
204 groupId: policy-group
205 policyHeartbeatTopic:
206 name: policy-heartbeat
209 segmentBytes: 1073741824
211 groupId: policy-group
212 policyNotificationTopic:
213 name: policy-notification
216 segmentBytes: 1073741824
218 groupId: policy-group
222 # mariadb-galera.config and global.mariadb.config must be equals
226 externalSecret: *dbSecretName
227 name: &mysqlDbName policyadmin
229 externalSecret: *dbRootPassSecretName
230 nameOverride: *policy-mariadb
231 # mariadb-galera.service and global.mariadb.service must be equals
232 service: *mariadbService
236 mountSubPath: policy/maria/data
238 nameOverride: *policy-mariadb
240 postgresImage: library/postgres:latest
241 # application configuration override for postgres
243 nameOverride: &postgresName policy-postgres
246 name2: policy-pg-primary
247 name3: policy-pg-replica
250 primary: policy-pg-primary
251 replica: policy-pg-replica
253 mountSubPath: policy/postgres/data
254 mountInitPath: policy
256 pgUserName: policy_user
257 pgDatabase: policyadmin
258 pgUserExternalSecret: *pgUserCredsSecretName
259 pgRootPasswordExternalSecret: *pgRootPassSecretName
263 - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
266 policyPapUserName: policyadmin
267 policyPapUserPassword: zb!XztG34
268 policyApiUserName: policyadmin
269 policyApiUserPassword: zb!XztG34
271 # Resource Limit flavor -By Default using small
272 # Segregation for Different environment (small, large, or unlimited)
291 #Pods Service Account