Merge "[COMMON][SO] Create authorization policy template"

[oom.git] / kubernetes / policy / components / policy-clamp-ac-pf-ppnt / resources / config / PolicyParticipantParameters.yaml

diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
index 3ea4ac2..f4c26e4 100644 (file)
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2021-2022 Nordix Foundation.
+#   Copyright (C) 2021-2023 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -26,18 +26,6 @@ spring:
     user:
       name: ${RESTSERVER_USER}
       password: ${RESTSERVER_PASSWORD}
-  kafka:
-    consumer:
-      group-id: {{ .Values.config.kafka.consumer.groupId }}
-{{- if .Values.config.useStrimziKafka }}
-    bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
-    security.protocol: SASL_PLAINTEXT
-    properties.sasl:
-      mechanism: SCRAM-SHA-512
-      jaas.config: ${JAASLOGIN}
-{{ else }}
-{{ toYaml .Values.config.eventConsumption | nindent 2 }}
-{{- end }}
 
 security:
   enable-csrf: false
@@ -51,7 +39,7 @@ participant:
     port: 6969
     userName: ${API_USER}
     password: ${API_PASSWORD}
-    useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
+    useHttps: "false"
     allowSelfSignedCerts: true
   policyPapParameters:
     clientName: pap
@@ -59,59 +47,56 @@ participant:
     port: 6969
     userName: ${PAP_USER}
     password: ${PAP_PASSWORD}
-    useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
+    useHttps: "false"
     allowSelfSignedCerts: true
   intermediaryParameters:
     reportingTimeIntervalMs: 120000
     description: Participant Description
-    participantId:
-      name: org.onap.PM_Policy
-      version: 1.0.0
-    participantType:
-      name: org.onap.policy.clamp.acm.PolicyParticipant
-      version: 2.3.1
+    participantId: 101c62b3-8918-41b9-a747-d21eb79c6c03
     clampAutomationCompositionTopics:
       topicSources:
         -
-          topic: POLICY-ACRUNTIME-PARTICIPANT
+          useHttps: false
+          fetchTimeout: 15000
+          topic: {{ .Values.global.kafkaTopics.acRuntimeTopic.name }}
+          {{ if .Values.global.useStrimziKafka }}
+          topicCommInfrastructure: kafka
           servers:
-            - ${topicServer:message-router}
+            - {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+          additionalProps:
+            group.id: {{ (first .Values.kafkaUser.acls).name }}
+            allow.auto.create.topics: false
+            security.protocol: SASL_PLAINTEXT
+            sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
+            sasl.jaas.config: ${SASL_JAAS_CONFIG}
+          {{ else }}
           topicCommInfrastructure: dmaap
-          fetchTimeout: 15000
-          useHttps: "false"
+          servers:
+            - ${topicServer:message-router}
+          {{ end }}
       topicSinks:
         -
-          topic: POLICY-ACRUNTIME-PARTICIPANT
+          useHttps: false
+          fetchTimeout: 15000
+          topic: {{ .Values.global.kafkaTopics.acRuntimeTopic.name }}
+          {{ if .Values.global.useStrimziKafka }}
+          topicCommInfrastructure: kafka
           servers:
-            - ${topicServer:message-router}
+            - {{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+          additionalProps:
+            client.id: {{ (first .Values.kafkaUser.acls).name }}-client-id
+            security.protocol: SASL_PLAINTEXT
+            sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
+            sasl.jaas.config: ${SASL_JAAS_CONFIG}
+          {{ else }}
           topicCommInfrastructure: dmaap
-          useHttps: "false"
-
-# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below
-#    clampAutomationCompositionTopics:
-#      topicSources:
-#        -
-#          topic: policy-acruntime-participant
-#          servers:
-#            - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
-#          topicCommInfrastructure: kafka
-#          fetchTimeout: 15000
-#          useHttps: true
-#          additionalProps:
-#            security.protocol: SASL_PLAINTEXT
-#            sasl.mechanism: SCRAM-SHA-512
-#            sasl.jaas.config: ${JAASLOGIN}
-#      topicSinks:
-#        -
-#          topic: policy-acruntime-participant
-#          servers:
-#            - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
-#          topicCommInfrastructure: kafka
-#          useHttps: true
-#          additionalProps:
-#            security.protocol: SASL_PLAINTEXT
-#            sasl.mechanism: SCRAM-SHA-512
-#            sasl.jaas.config: ${JAASLOGIN}
+          servers:
+            - ${topicServer:message-router}
+          {{ end }}
+    participantSupportedElementTypes:
+      -
+        typeName: org.onap.policy.clamp.acm.PolicyAutomationCompositionElement
+        typeVersion: 1.0.0
 
 management:
   endpoints:
@@ -124,5 +109,5 @@ server:
   servlet:
     context-path: /onap/policyparticipant
   ssl:
-    enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+    enabled: false