# Copyright © 2018 AT&T USA
# Copyright © 2020 Huawei
+# Copyright © 2021 Orange
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
siteName: onapheat
auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
defaultCloudOwner: onap
- msoKey: 07a7159d3bf51a0e53be7a8f89699be7
- client:
- certs:
- truststore: /app/client/org.onap.so.trust.jks
- keystore: /app/client/org.onap.so.jks
- trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI
- keyStorePassword: c280b25hcA==
+
certificates:
path: /etc/ssl/certs
share_path: /usr/local/share/ca-certificates/
- uid: db-root-pass
name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass'
type: password
- externalSecret: '{{ ternary .Values.global.mariadbGalera.rootPasswordExternalSecret (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.rootPasswordExternalSecret) .Values.global.mariadbGalera.localCluster }}'
+ externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary
+ .Values.global.mariadbGalera.rootPasswordExternalSecret
+ (default (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride))
+ .Values.global.mariadbGalera.rootPasswordExternalSecret) }}'
password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
- uid: db-backup-creds
name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
login: '{{ .Values.dbCreds.adminName }}'
password: '{{ .Values.dbCreds.adminPassword }}'
passwordPolicy: generate
- - uid: 'so-onap-certs'
- name: &so-certs '{{ include "common.release" . }}-so-certs'
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths:
- - resources/config/certificates/msb-ca.crt
- - uid: "mso-key"
+ - uid: 'mso-key'
name: &mso-key '{{ include "common.release" . }}-mso-key'
type: password
- password: '{{ .Values.global.app.msoKey }}'
+ password: '{{ .Values.mso.msoKey }}'
- uid: mso-oof-auth
name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth'
type: basicAuth
login: '{{ .Values.mso.oof.login }}'
password: '{{ .Values.mso.oof.password }}'
passwordPolicy: required
+ - uid: server-actuator-creds
+ name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
+ login: '{{ .Values.server.actuator.username }}'
+ password: '{{ .Values.server.actuator.password }}'
+ passwordPolicy: required
+ - uid: server-bpel-creds
+ name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}'
+ login: '{{ .Values.server.bpel.username }}'
+ password: '{{ .Values.server.bpel.password }}'
+ passwordPolicy: required
+ - uid: so-aaf-creds
+ name: &aaf-secrets '{{ include "common.release" . }}-so-server-aaf-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}'
+ login: '{{ .Values.server.aaf.username }}'
+ password: '{{ .Values.server.aaf.password }}'
+ passwordPolicy: required
+ - uid: so-aai-creds
+ name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
+ login: '{{ .Values.server.aai.username }}'
+ password: '{{ .Values.server.aai.password }}'
+ passwordPolicy: required
aafConfig:
permission_user: 1000
userName: so_user
adminName: so_admin
-image: onap/so/api-handler-infra:1.7.10
+image: onap/so/api-handler-infra:1.8.2
+
+server:
+ aaf:
+ username: so@so.onap.org
+ password: demo123456
+ # aafCredsExternalSecret: some secret
+ aai:
+ username: aai@aai.onap.org
+ password: demo123456!
+ # aaiCredsExternalSecret: some secret
+ actuator:
+ username: mso_admin
+ password: password1$
+ # actuatorCredsExternalSecret: some secret
+ bpel:
+ username: bpel
+ password: password1$
+ # bpelCredsExternalSecret: some secret
+
pullPolicy: Always
replicaCount: 1
minReadySeconds: 10
certInitializer:
nameOverride: so-apih-cert-init
credsPath: /opt/app/osaaf/local
- certSecret: *so-certs
containerPort: *containerPort
# Resource Limit flavor -By Default using small
# --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
# --set so.global.mariadbGalera.serviceName=so-mariadb-galera
mariadb-galera:
- config:
- mariadbRootPasswordExternalSecret: *dbRootPassSecretName
- nameOverride: so-mariadb-galera
+ rootUser:
+ externalSecret: *dbRootPassSecretName
+ nameOverride: &so-mariadb so-mariadb-galera
replicaCount: 1
- service:
- name: so-mariadb-galera
persistence:
mountSubPath: so/mariadb-galera/data
enabled: true
+ serviceAccount:
+ nameOverride: *so-mariadb
ingress:
enabled: false
requestDb:
auth: Basic YnBlbDpwYXNzd29yZDEk
camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
+ msoKey: 07a7159d3bf51a0e53be7a8f89699be7
sdc:
client:
auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24
so-appc-orchestrator:
enabled: false
+ server:
+ actuatorCredsExternalSecret: *actuator-secrets
db:
<<: *dbSecrets
db:
<<: *dbSecrets
-so-etsi-nfvo-ns-lcm:
+so-cnf-adapter:
enabled: true
db:
<<: *dbSecrets
+ server:
+ aafCredsExternalSecret: *aaf-secrets
+ aaiCredsExternalSecret: *aai-secrets
+ actuatorCredsExternalSecret: *actuator-secrets
+ mso:
+ msoKeySecret: *mso-key
-so-monitoring:
+so-etsi-nfvo-ns-lcm:
enabled: true
db:
<<: *dbSecrets
-so-openstack-adapter:
+so-mariadb:
+ db:
+ rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
+ rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
+ backupCredsExternalSecret: *dbBackupCredsSecretName
+ userCredsExternalSecret: *dbUserCredsSecretName
+ adminCredsExternalSecret: *dbAdminCredsSecretName
+
+so-admin-cockpit:
enabled: true
db:
<<: *dbSecrets
-so-request-db-adapter:
+so-nssmf-adapter:
+ enabled: true
+ server:
+ actuatorCredsExternalSecret: *actuator-secrets
+ bpelCredsExternalSecret: *bpel-secrets
db:
<<: *dbSecrets
-so-sdc-controller:
+so-oof-adapter:
+ enabled: true
db:
<<: *dbSecrets
+ mso:
+ msoKeySecret: *mso-key
+ camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
+ oof:
+ authSecret: *mso-oof-auth
-so-sdnc-adapter:
+so-openstack-adapter:
enabled: true
db:
<<: *dbSecrets
-so-ve-vnfm-adapter:
- enabled: false
-
-so-vfc-adapter:
- enabled: true
+so-request-db-adapter:
db:
<<: *dbSecrets
-so-nssmf-adapter:
- enabled: true
+so-sdc-controller:
db:
<<: *dbSecrets
-so-oof-adapter:
+so-sdnc-adapter:
enabled: true
db:
<<: *dbSecrets
mso:
msoKeySecret: *mso-key
- camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
- oof:
- authSecret: *mso-oof-auth
-so-vnfm-adapter:
- enabled: true
+so-ve-vnfm-adapter:
+ enabled: false
-so-mariadb:
+so-etsi-sol005-adapter:
+ enabled: true
db:
- rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
- rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
- backupCredsExternalSecret: *dbBackupCredsSecretName
- userCredsExternalSecret: *dbUserCredsSecretName
- adminCredsExternalSecret: *dbAdminCredsSecretName
+ <<: *dbSecrets
+
+so-etsi-sol003-adapter:
+ enabled: true
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: so
+ roles:
+ - read