#################################################################
global:
nodePortPrefix: 302
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: cli-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: "cli"
+ app_ns: "org.osaaf.aaf"
+ fqi_namespace: "org.onap.cli"
+ fqi: "cli@cli.onap.org"
+ public_fqdn: "aaf.osaaf.org"
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+ -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+ -alias ca_local_0 \
+ -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** generating needed file"
+ cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.pem \
+ {{ .Values.credsPath }}/certs/cacert.pem \
+ > {{ .Values.credsPath }}/certs/fullchain.pem;
+ cat {{ .Values.credsPath }}/certs/fullchain.pem
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 33 {{ .Values.credsPath }}
+
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/cli:2.0.2
+image: onap/cli:6.0.1
pullPolicy: Always
+flavor: small
# application configuration
config:
service:
type: NodePort
name: cli
- externalPort: 8080
- externalPort1: 9090
- internalPort: "80"
- internalPort1: 8080
+ externalPort: 443
+ externalPort1: 9443
+ internalPort: "443"
+ internalPort1: 9443
nodePort: "60"
nodePort1: "71"
ingress:
enabled: false
+ service:
+ - baseaddr: "cli.api"
+ name: "cli"
+ port: 443
+ - baseaddr: "cli2.api"
+ name: cli
+ port: 9443
+ config:
+ ssl: "redirect"
+
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 2Gi
+ requests:
+ cpu: 10m
+ memory: 500Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 4Gi
+ unlimited: {}
-resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-#resources:
-# limits:
-# cpu: 2
-# memory: 4Gi
-# requests:
-# cpu: 2
-# memory: 4Gi
+#Pods Service Account
+serviceAccount:
+ nameOverride: cli
+ roles:
+ - read