Merge "[COMMON] Add limits to timescale db"

[oom.git] / kubernetes / sdnc / values.yaml

diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index e3f3a6e..785435a 100644 (file)
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -30,8 +30,6 @@ global:
     service: mariadb-galera
     internalPort: 3306
     nameOverride: mariadb-galera
-  # Enabling CMPv2 with CertManager
-  CMPv2CertManagerIntegration: false
 
 #################################################################
 # Secrets metaconfig
@@ -172,6 +170,17 @@ secrets:
     login: '{{ .Values.config.scaleoutUser }}'
     password: '{{ .Values.config.scaleoutPassword }}'
     passwordPolicy: required
+  - uid: oauth-token-secret
+    type: password
+    externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
+    password: '{{ .Values.config.sdnr.oauth.tokenSecret }}'
+    passwordPolicy: required
+  - uid: keycloak-secret
+    type: password
+    externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
+    password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}'
+    passwordPolicy: required
+
 #################################################################
 # Certificates
 #################################################################
@@ -184,6 +193,7 @@ certificates:
       outputType:
         - jks
       passwordSecretRef:
+        create: true
         name: sdnc-cmpv2-keystore-password
         key: password
     issuer:
@@ -196,7 +206,7 @@ certificates:
 # application images
 
 pullPolicy: Always
-image: onap/sdnc-image:2.1.3
+image: onap/sdnc-image:2.2.0
 
 # flag to enable debugging - application support required
 debugEnabled: false
@@ -311,6 +321,9 @@ config:
     sdnrdbTrustAllCerts: true
     mountpointRegistrarEnabled: false
     mountpointStateProviderEnabled: false
+    netconfCallHome:
+      enabled: true
+    #
     # enable and set dmaap-proxy for mountpointRegistrar
     dmaapProxy:
       enabled: false
@@ -318,10 +331,28 @@ config:
       user: addUserHere
       password: addPasswordHere
       url: addProxyUrlHere
-
-
-
-
+    oauth:
+      enabled: false
+      tokenIssuer: ONAP SDNC
+      tokenSecret: secret
+      supportOdlusers: true
+      redirectUri: null
+      publicUrl: none
+      odluxRbac:
+        enabled: true
+      # example definition for a oauth provider
+      providersSecrets:
+        keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46
+      providers:
+      - id: keycloak
+        type: KEYCLOAK
+        host: http://keycloak:8080
+        clientId: odlux.app
+        secret: ${KEYCLOAK_SECRET}
+        scope: openid
+        title: ONAP Keycloak Provider
+        roleMapping:
+          mykeycloak: admin
 
 # dependency / sub-chart configuration
 certInitializer:
@@ -428,6 +459,8 @@ dgbuilder:
     dbServiceName: mariadb-galera
     # This should be revisited and changed to plain text
     dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
+  serviceAccount:
+    nameOverride: sdnc-dgbuilder
   mariadb-galera:
   service:
     name: sdnc-dgbuilder
@@ -519,6 +552,9 @@ service:
   geoNodePort5: 65
   geoNodePort6: 66
 
+  callHomePort: 6666
+  callHomeNodePort: 66
+
 ## Persist data to a persitent volume
 persistence:
   enabled: true
@@ -541,7 +577,7 @@ persistence:
   mountSubPath: sdnc/mdsal
   mdsalPath: /opt/opendaylight/mdsal
   daeximPath: /opt/opendaylight/mdsal/daexim
-  journalPath: /opt/opendaylight/journal
+  journalPath: /opt/opendaylight/segmented-journal
   snapshotsPath: /opt/opendaylight/snapshots
 
 certpersistence:
@@ -589,3 +625,9 @@ resources:
       cpu: 2
       memory: 4Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: sdnc
+  roles:
+    - read