# ============= LICENSE_START ================================================
# ============================================================================
# Copyright (C) 2021-2022 Wipro Limited.
-# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
+# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &cpsCredsUID cpscreds
type: basicAuth
login: '{{ .Values.cpsCreds.identity }}'
password: '{{ .Values.postgres.config.pgUserPassword }}'
passwordPolicy: generate
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.son-handler:2.1.11
+image: onap/org.onap.dcaegen2.services.son-handler:2.2.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
path: /var/log/ONAP/dcaegen2/services/sonhms
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/sonhms/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
# Optional Policy configuration properties
# if present, policy-sync side car will be deployed
#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
# policyID: |
# '["com.Config_PCIMS_CONFIG_POLICY"]'
-# Dependencies
-readinessCheck:
- wait_for:
- - &postgresName dcae-sonhms-postgres
- - message-router
-
# Probe Configuration
readiness:
initialDelaySeconds: 10
port: 8080
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-son-handler-read
+
+# Credentials
cpsCreds:
identity: cps
password: cpsr0cks!
credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
- name: CPS_IDENTITY
uid: *cpsCredsUID
key: login
resources:
small:
limits:
- cpu: 1
- memory: 1Gi
+ cpu: "2"
+ memory: "1Gi"
requests:
- cpu: 1
- memory: 1Gi
+ cpu: "1"
+ memory: "1Gi"
large:
limits:
- cpu: 2
- memory: 2Gi
+ cpu: "4"
+ memory: "2Gi"
requests:
- cpu: 2
- memory: 2Gi
+ cpu: "2"
+ memory: "2Gi"
unlimited: {}
#################################################################
# Application configuration Overriding Defaults in the Postgres.
#################################################################
postgres:
- nameOverride: *postgresName
+ nameOverride: &postgresName dcae-sonhms-postgres
service:
name: *postgresName
name2: *dcaeSonhmsPgPrimary
pgDatabase: sonhms
pgUserExternalSecret: *pgUserCredsSecretName
+# Dependencies
+readinessCheck:
+ wait_for:
+ services:
+ - '{{ .Values.postgres.service.name2 }}'
+ - message-router
+
#Pods Service Account
serviceAccount:
nameOverride: dcae-son-handler