# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018-2020 AT&T Intellectual Property
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2021-2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
service: &mariadbService
name: &policy-mariadb policy-mariadb
internalPort: 3306
+ prometheusEnabled: false
+ postgres:
+ localCluster: false
+ service:
+ name: pgset
+ name2: tcp-pgset-primary
+ name3: tcp-pgset-replica
+ container:
+ name: postgres
#################################################################
# Secrets metaconfig
login: '{{ .Values.restServer.policyApiUserName }}'
password: '{{ .Values.restServer.policyApiUserPassword }}'
passwordPolicy: required
+ - uid: pg-root-pass
+ name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass'
+ type: password
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+ password: '{{ .Values.postgres.config.pgRootpassword }}'
+ policy: generate
+ - uid: pg-user-creds
+ name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds'
+ type: basicAuth
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+ login: '{{ .Values.postgres.config.pgUserName }}'
+ password: '{{ .Values.postgres.config.pgUserPassword }}'
+ passwordPolicy: generate
db: &dbSecretsHook
credsExternalSecret: *dbSecretName
db: *dbSecretsHook
config:
appUserExternalSecret: *policyAppCredsSecret
-policy-clamp-fe:
- enabled: true
-policy-clamp-cl-k8s-ppnt:
+policy-clamp-ac-k8s-ppnt:
enabled: true
-policy-clamp-cl-pf-ppnt:
+policy-clamp-ac-pf-ppnt:
enabled: true
restServer:
apiUserExternalSecret: *policyApiCredsSecret
papUserExternalSecret: *policyPapCredsSecret
-policy-clamp-cl-http-ppnt:
+policy-clamp-ac-http-ppnt:
enabled: true
policy-nexus:
enabled: false
-policy-clamp-cl-runtime:
+policy-clamp-runtime-acm:
enabled: true
db: *dbSecretsHook
config:
image: mariadb:10.5.8
dbmigrator:
- image: onap/policy-db-migrator:2.3.1
+ image: onap/policy-db-migrator:2.4.2
schema: policyadmin
policy_home: "/opt/app/policy"
serviceAccount:
nameOverride: *policy-mariadb
+postgresImage: library/postgres:latest
+# application configuration override for postgres
+postgres:
+ nameOverride: &postgresName policy-postgres
+ service:
+ name: *postgresName
+ name2: policy-pg-primary
+ name3: policy-pg-replica
+ container:
+ name:
+ primary: policy-pg-primary
+ replica: policy-pg-replica
+ persistence:
+ mountSubPath: policy/postgres/data
+ mountInitPath: policy
+ config:
+ pgUserName: policy_user
+ pgDatabase: policyadmin
+ pgUserExternalSecret: *pgUserCredsSecretName
+ pgRootPasswordExternalSecret: *pgRootPassSecretName
+
+readinessCheck:
+ wait_for:
+ - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
+
restServer:
policyPapUserName: policyadmin
policyPapUserPassword: zb!XztG34