passwd: AAI
# Active spring profiles for the resources microservice
+ # aaf-auth profile will be automatically set if aaf enabled is set to true
profiles:
- active: production,dmaap,aaf-auth
+ active: production,dmaap #,aaf-auth
# Notification event specific properties
notification:
# Schema specific properties that include supported versions of api
schema:
# Specifies if the connection should be one way ssl, two way ssl or no auth
+ # will be set to no-auth if tls is disabled
service:
client: one-way-ssl
# Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
cadi_latitude: "0.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: |
- echo "*** retrieving passwords from AAF"
- /opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
- export $(grep '^c' {{ .Values.credsPath }}/mycreds.prop | xargs -0)
echo "*** transform AAF certs into pem files"
mkdir -p {{ .Values.credsPath }}/certs
keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
service:
type: NodePort
- portName: aai-ssl
+ portName: http
externalPort: 8443
internalPort: 8443
nodePort: 33
# POLICY hotfix - Note this must be temporary
# See https://jira.onap.org/browse/POLICY-510
aaiServiceClusterIp:
+ externalPlainPort: 80
+ internalPlainPort: 8080
+ nodeport: 33
ingress:
enabled: false
- baseaddr: "aai.api"
name: "aai"
port: 8443
- config:
- ssl: "redirect"
+ config:
+ ssl: "redirect"
resources:
small:
cpu: 2
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: aai
+ roles:
+ - read