[UUI] Update image version 16.0.1 of components of UUI

[oom.git] / kubernetes / policy / components / policy-drools-pdp / values.yaml
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml

old mode 100755 (executable)

new mode 100644 (file)

index 2ce7503..1dc1127
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -1,6 +1,8 @@
  # Copyright © 2017 Amdocs
  # Copyright © 2017, 2021 Bell Canada
  # Copyright © 2017 Amdocs
  # Copyright © 2017, 2021 Bell Canada
-# Modifications Copyright © 2018-2021 AT&T Intellectual Property
+# Modifications Copyright © 2018-2022 AT&T Intellectual Property
+# Modifications Copyright (C) 2024-2025 OpenInfra Europe. All rights reserved.
+# Modifications Copyright © 2024-2025 Deutsche Telekom
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -19,6 +21,12 @@
  #################################################################
  global:
    nodePortPrefix: 302
  #################################################################
  global:
    nodePortPrefix: 302
+  postgres:
+    service:
+      name: policy-postgres
+      name2: policy-pg-primary
+      name3: policy-pg-replica
+      port: 5432
  
  #################################################################
  # Secrets metaconfig
  
  #################################################################
  # Secrets metaconfig
@@ -30,12 +38,20 @@ secrets:
      login: '{{ .Values.db.user }}'
      password: '{{ .Values.db.password }}'
      passwordPolicy: required
      login: '{{ .Values.db.user }}'
      password: '{{ .Values.db.password }}'
      passwordPolicy: required
+  - uid: telemetry-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.telemetry.credsExternalSecret) . }}'
+    login: '{{ .Values.telemetry.user }}'
+    password: '{{ .Values.telemetry.password }}'
+    passwordPolicy: required
  
  #################################################################
  # Application configuration defaults.
  #################################################################
  # application image
  
  #################################################################
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/policy-pdpd-cl:1.10.1
+# The newest images have been tested with SASL and Postgres. The images released next will have the relevant fixes
+image: onap/policy-pdpd-cl:3.2.0
+
  pullPolicy: Always
  
  # flag to enable debugging - application support required
  pullPolicy: Always
  
  # flag to enable debugging - application support required
@@ -51,7 +67,8 @@ affinity: {}
  # probe configuration parameters
  liveness:
    initialDelaySeconds: 180
  # probe configuration parameters
  liveness:
    initialDelaySeconds: 180
-  periodSeconds: 10
+  periodSeconds: 60
+  timeoutSeconds: 10
    # necessary to disable liveness probe when setting breakpoints
    # in debugger so K8s doesn't restart unresponsive container
    enabled: true
    # necessary to disable liveness probe when setting breakpoints
    # in debugger so K8s doesn't restart unresponsive container
    enabled: true
@@ -63,49 +80,23 @@ readiness:
  service:
    type: ClusterIP
    name: policy-drools-pdp
  service:
    type: ClusterIP
    name: policy-drools-pdp
-  portName: policy-drools-pdp
    internalPort: 6969
    internalPort: 6969
-  externalPort: 6969
-  nodePort: 17
-  internalPort2: 9696
-  externalPort2: 9696
-  nodePort2: 21
+  ports:
+    - name: http
+      port: 6969
+    - name: http-2
+      port: 9696
  
  ingress:
    enabled: false
  
  
  ingress:
    enabled: false
  
-# Default installation values to be overridden
-
-certInitializer:
-  nameOverride: policy-drools-pdp-cert-initializer
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  fqdn: policy
-  fqi: policy@policy.onap.org
-  public_fqdn: policy.onap.org
-  cadi_latitude: "0.0"
-  cadi_longitude: "0.0"
-  credsPath: /opt/app/osaaf/local
-  app_ns: org.osaaf.aaf
-  uid: 100
-  gid: 101
-  aaf_add_config: >
-    echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci;
-    echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
-    echo "export CADI_KEYFILE='{{ .Values.credsPath }}/org.onap.policy.keyfile'" >> {{ .Values.credsPath }}/.ci;
-    chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: strimzi-kafka-read
  
  server:
  
  server:
-  jvmOpts: -server -XshowSettings:vm
-
-aaf:
-  enabled: "false"
-
-keystore:
-  password: Pol1cy_0nap
-
-truststore:
-  password: Pol1cy_0nap
+  jvmOpts: "-server -XshowSettings:vm"
  
  telemetry:
    user: demo@people.osaaf.org
  
  telemetry:
    user: demo@people.osaaf.org
@@ -119,8 +110,6 @@ nexus:
    offline: true
  
  db:
    offline: true
  
  db:
-  name: policy-mariadb
-  user: policy_user
    password: policy_user
  
  pap:
    password: policy_user
  
  pap:
@@ -147,10 +136,6 @@ so:
    user: InfraPortalClient
    password: password1$
  
    user: InfraPortalClient
    password: password1$
  
-vfc:
-  user:
-  password:
-
  sdnc:
    user: admin
    password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
  sdnc:
    user: admin
    password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
@@ -176,22 +161,128 @@ flavor: small
  resources:
    small:
      limits:
  resources:
    small:
      limits:
-      cpu: 1
-      memory: 4Gi
+      cpu: "1"
+      memory: "800Mi"
      requests:
      requests:
-      cpu: 100m
-      memory: 1Gi
+      cpu: "0.5"
+      memory: "800Mi"
    large:
      limits:
    large:
      limits:
-      cpu: 2
-      memory: 8Gi
+      cpu: "2"
+      memory: "1.6Gi"
      requests:
      requests:
-      cpu: 200m
-      memory: 2Gi
+      cpu: "1"
+      memory: "1.6Gi"
    unlimited: {}
  
    unlimited: {}
  
+securityContext:
+  user_id: 100
+  group_id: 102
+
+dirSizes:
+  emptyDir:
+    sizeLimit: 1Gi
+  logDir:
+    sizeLimit: 500Mi
+
  #Pods Service Account
  serviceAccount:
    nameOverride: policy-drools-pdp
    roles:
      - read
  #Pods Service Account
  serviceAccount:
    nameOverride: policy-drools-pdp
    roles:
      - read
+
+metrics:
+  serviceMonitor:
+    # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+    # The default operator for prometheus enforces the below label.
+    labels:
+      app: '{{ include "common.name" . }}'
+      helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+      app.kubernetes.io/instance: '{{ include "common.release" . }}'
+      app.kubernetes.io/managed-by: '{{ .Release.Service }}'
+      version: '{{ .Chart.Version | replace "+" "_" }}'
+      release: prometheus
+    enabled: true
+    port: policy-drools-pdp-9696
+    interval: 60s
+    isHttps: false
+    basicAuth:
+      enabled: true
+      externalSecretNameSuffix: policy-drools-pdp-telemetry-creds
+      externalSecretUserKey: login
+      externalSecretPasswordKey: password
+    selector:
+      app: '{{ include "common.name" . }}'
+      helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+      app.kubernetes.io/instance: '{{ include "common.release" . }}'
+      app.kubernetes.io/managed-by: '{{ .Release.Service }}'
+
+config:
+  # Event consumption (kafka) properties
+  kafka:
+    consumer:
+      groupId: policy-drools-pdp
+  app:
+    listener:
+      policyPdpPapTopic: policy-pdp-pap
+
+# Strimzi Kafka config
+kafkaUser:
+  authenticationType: scram-sha-512
+  acls:
+    - name: policy-drools-pdp
+      type: group
+      operations: [ Create, Describe, Read, Write ]
+    - name: policy-pdp-pap
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: a1-p-rsp
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: a1-p
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: appc-cl
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: appc-lcm-read
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: appc-lcm-write
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: dcae_cl_rsp
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: unauthenticated.dcae_cl_output
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: dcae_topic
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: policy-cl-mgt
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: sdnr-cl-rsp
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: sdnr-cl
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+
+readinessCheck:
+  wait_for:
+    services:
+      - policy-api