+ # Specifies if the basic authorization is enabled
+ basic:
+ auth:
+ enabled: true
+ username: AAI
+ passwd: AAI
+
+ # Notification event specific properties
+ notification:
+ eventType: AAI-EVENT
+ domain: dev
+
+ # Schema specific properties that include supported versions of api
+ schema:
+ # Specifies if the connection should be one way ssl, two way ssl or no auth
+ # will be set to no-auth if tls is disabled
+ service:
+ client: one-way-ssl
+ # Specifies which translator to use if it has schema-service, then it will
+ # make a rest request to schema service
+ translator:
+ list: schema-service
+ source:
+ # Specifies which folder to take a look at
+ name: onap
+ uri:
+ # Base URI Path of the application
+ base:
+ path: /aai
+ version:
+ # Current version of the REST API
+ api:
+ default: v26
+ # Specifies which version the depth parameter is configurable
+ depth: v11
+ # List of all the supported versions of the API
+ list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26
+ # Specifies from which version related link should appear
+ related:
+ link: v11
+ # Specifies from which version the app root change happened
+ app:
+ root: v11
+ # Specifies from which version the xml namespace changed
+ namespace:
+ change: v12
+ # Specifies from which version the edge label appeared in API
+ edge:
+ label: v12
+
+ # Specifies which clients should always default to realtime graph connection
+ realtime:
+ clients: SDNC,MSO,SO,robot-ete
+
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: aai-graphadmin-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: aai
+ fqi: aai@aai.onap.org
+ public_fqdn: aai.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ fqi_namespace: org.onap.aai
+ user_id: &user_id 1000
+ group_id: &group_id 1000
+ aaf_add_config: |
+ echo "*** changing them into shell safe ones"
+ export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ export KEYSTORE_JKS_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ cd {{ .Values.credsPath }}
+ keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
+ -storepass "${cadi_keystore_password_p12}" \
+ -keystore {{ .Values.fqi_namespace }}.p12
+ keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
+ -storepass "${cadi_truststore_password}" \
+ -keystore {{ .Values.fqi_namespace }}.trust.jks
+ keytool -storepasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
+ -storepass "${cadi_keystore_password_jks}" \
+ -keystore {{ .Values.fqi_namespace }}.jks
+ echo "*** set key password as same password as keystore password"
+ keytool -keypasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
+ -keystore {{ .Values.fqi_namespace }}.jks \
+ -keypass "${cadi_keystore_password_jks}" \
+ -storepass "${KEYSTORE_JKS_PLAIN_PASSWORD}" -alias {{ .Values.fqi }}
+ echo "*** writing passwords into prop file"
+ echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
+ echo "KEYSTORE_JKS_PLAIN_PASSWORD=${KEYSTORE_JKS_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "*** change ownership of certificates to targeted user"
+ chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}