1 # Copyright © 2017 Amdocs, Bell Canada
2 # Modifications Copyright © 2018-2020 AT&T Intellectual Property
3 # Modifications Copyright (C) 2021-2023 Nordix Foundation.
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 #################################################################
18 # Global configuration defaults.
19 #################################################################
22 # '&mariadbConfig' means we "store" the values for later use in the file
23 # with '*mariadbConfig' pointer.
24 config: &mariadbConfig
25 mysqlDatabase: policyadmin
26 service: &mariadbService
27 name: &policy-mariadb policy-mariadb
29 prometheusEnabled: false
34 name2: tcp-pgset-primary
35 name3: tcp-pgset-replica
38 #Strimzi Kafka properties
40 kafkaBootstrap: strimzi-kafka-bootstrap
41 policyKafkaUser: policy-kafka-user
44 name: policy.clamp-runtime-acm
46 #################################################################
48 #################################################################
50 - uid: db-root-password
51 name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
53 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
54 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
57 name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
59 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}'
60 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
61 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
62 passwordPolicy: generate
63 - uid: policy-app-user-creds
64 name: &policyAppCredsSecret '{{ include "common.release" . }}-policy-app-user-creds'
66 externalSecret: '{{ tpl (default "" .Values.config.policyAppUserExternalSecret) . }}'
67 login: '{{ .Values.config.policyAppUserName }}'
68 password: '{{ .Values.config.policyAppUserPassword }}'
69 passwordPolicy: generate
70 - uid: policy-pap-user-creds
71 name: &policyPapCredsSecret '{{ include "common.release" . }}-policy-pap-user-creds'
73 externalSecret: '{{ tpl (default "" .Values.restServer.policyPapUserExternalSecret) . }}'
74 login: '{{ .Values.restServer.policyPapUserName }}'
75 password: '{{ .Values.restServer.policyPapUserPassword }}'
76 passwordPolicy: required
77 - uid: policy-api-user-creds
78 name: &policyApiCredsSecret '{{ include "common.release" . }}-policy-api-user-creds'
80 externalSecret: '{{ tpl (default "" .Values.restServer.policyApiUserExternalSecret) . }}'
81 login: '{{ .Values.restServer.policyApiUserName }}'
82 password: '{{ .Values.restServer.policyApiUserPassword }}'
83 passwordPolicy: required
85 name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass'
87 externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
88 password: '{{ .Values.postgres.config.pgRootpassword }}'
91 name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds'
93 externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
94 login: '{{ .Values.postgres.config.pgUserName }}'
95 password: '{{ .Values.postgres.config.pgUserPassword }}'
96 passwordPolicy: generate
99 credsExternalSecret: *dbSecretName
105 apiUserExternalSecret: *policyApiCredsSecret
107 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
112 papUserExternalSecret: *policyPapCredsSecret
113 apiUserExternalSecret: *policyApiCredsSecret
115 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
120 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
125 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
130 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
134 policy-clamp-ac-k8s-ppnt:
136 policy-clamp-ac-pf-ppnt:
139 apiUserExternalSecret: *policyApiCredsSecret
140 papUserExternalSecret: *policyPapCredsSecret
141 policy-clamp-ac-http-ppnt:
143 policy-clamp-ac-a1pms-ppnt:
145 policy-clamp-ac-kserve-ppnt:
147 policy-clamp-runtime-acm:
151 appUserExternalSecret: *policyAppCredsSecret
155 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
159 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
161 #################################################################
162 # DB configuration defaults.
163 #################################################################
166 image: onap/policy-db-migrator:2.6.1
168 policy_home: "/opt/app/policy"
173 # flag to enable debugging - application support required
176 # default number of instances
183 # probe configuration parameters
185 initialDelaySeconds: 10
187 # necessary to disable liveness probe when setting breakpoints
188 # in debugger so K8s doesn't restart unresponsive container
192 initialDelaySeconds: 10
197 policyAppUserName: runtimeUser
198 useStrimziKafka: true
203 segmentBytes: 1073741824
205 groupId: policy-group
206 policyHeartbeatTopic:
207 name: policy-heartbeat
210 segmentBytes: 1073741824
212 groupId: policy-group
213 policyNotificationTopic:
214 name: policy-notification
217 segmentBytes: 1073741824
219 groupId: policy-group
223 # mariadb-galera.config and global.mariadb.config must be equals
227 externalSecret: *dbSecretName
228 name: &mysqlDbName policyadmin
230 externalSecret: *dbRootPassSecretName
231 nameOverride: *policy-mariadb
232 # mariadb-galera.service and global.mariadb.service must be equals
233 service: *mariadbService
237 mountSubPath: policy/maria/data
239 nameOverride: *policy-mariadb
241 postgresImage: library/postgres:latest
242 # application configuration override for postgres
244 nameOverride: &postgresName policy-postgres
247 name2: policy-pg-primary
248 name3: policy-pg-replica
251 primary: policy-pg-primary
252 replica: policy-pg-replica
254 mountSubPath: policy/postgres/data
255 mountInitPath: policy
257 pgUserName: policy_user
258 pgDatabase: policyadmin
259 pgUserExternalSecret: *pgUserCredsSecretName
260 pgRootPasswordExternalSecret: *pgRootPassSecretName
264 - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
267 policyPapUserName: policyadmin
268 policyPapUserPassword: zb!XztG34
269 policyApiUserName: policyadmin
270 policyApiUserPassword: zb!XztG34
272 # Resource Limit flavor -By Default using small
273 # Segregation for Different environment (small, large, or unlimited)
292 #Pods Service Account