# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2020 Samsung Electronics
+# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Declare variables to be passed into your templates.
global:
nodePortPrefix: 302
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.2
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+ mariadbGalera: &mariadbGalera
+ #This flag allows VID to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
+ centralizedLoggingEnabled: true
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: vid-db-user-secret
+ name: &dbUserSecretName '{{ include "common.release" . }}-vid-db-user-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.db.userName }}'
+ password: '{{ .Values.config.db.userPassword }}'
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: vid-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: vid
+ fqi: vid@vid.onap.org
+ public_fqdn: vid.onap.org
+ fqi_namespace: "org.onap.vid"
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** retrieving password for keystore and trustore"
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
+ if [ -z "$cadi_keystore_password" ]
+ then
+ echo " /!\ certificates retrieval failed"
+ exit 1
+ else
+ echo "*** changing them into shell safe ones"
+ export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ cd {{ .Values.credsPath }}
+ keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
+ -storepass "${cadi_keystore_password_jks}" \
+ -keystore {{ .Values.fqi_namespace }}.jks
+ keytool -storepasswd -new "${TRUSTORE_PASSWD}" \
+ -storepass "${cadi_truststore_password}" \
+ -keystore {{ .Values.fqi_namespace }}.trust.jks
+ echo "*** set key password as same password as keystore password"
+ keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
+ -keystore {{ .Values.fqi_namespace }}.jks \
+ -keypass "${cadi_keystore_password_jks}" \
+ -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
+ echo "*** save the generated passwords"
+ echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
+ echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 1000 .
+ fi
subChartsOnly:
enabled: true
# application image
-repository: nexus3.onap.org:10001
-image: onap/vid:5.0.3
+image: onap/vid:8.0.2
pullPolicy: Always
-# mariadb image for initializing
-mariadb_image: library/mariadb:10
-
# application configuration
config:
- vidmysqlpassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- vidkeystorepassword: '\^7w\!f+aR\{EJcTRsDuA7x\,+c\!'
+ db:
+ userName: vidadmin
+# userCredentialsExternalSecret: some secret
+# userPassword: password
asdcclientrestauth: "Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU="
asdcclientrestport: "8443"
vidaaiport: "8443"
roleaccesscentralized: remote
mariadb-galera:
- config:
- userName: vidadmin
- userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- mariadbRootPassword: kjgsdhjqhawxvnbpoiawsfgjsqhsgjhjhdqihhjqdvcbxkjchizpw
- mysqlDatabase: vid_openecomp_epsdk
- nameOverride: vid-galera
- service:
- name: vid-galera
- portName: mysql-vid
- internalPort: "3306"
+ db:
+ # password:
+ externalSecret: *dbUserSecretName
+ name: &mysqlDbName vid_openecomp_epsdk
+ nameOverride: &vid-galera vid-galera
replicaCount: 3
persistence:
enabled: true
mountSubPath: vid/maria/data
externalConfig: |-
+ [mysqld]
lower_case_table_names = 1
+ serviceAccount:
+ nameOverride: *vid-galera
+
+mariadb-init:
+ config:
+ userCredentialsExternalSecret: *dbUserSecretName
+ mysqlDatabase: *mysqlDbName
+ nameOverride: vid-mariadb-init
+ # A configMap of same name is created. It points to file that will be run after
+ # The DB has been created.
+ dbScriptConfigMap: '{{ include "common.release" . }}-vid-db-init'
# default number of instances
replicaCount: 1
ingress:
enabled: false
service:
- - baseaddr: "vid"
- name: "vid-http"
- port: 8080
+ - baseaddr: "vid.api"
+ name: "vid-http"
+ port: 8443
config:
- ssl: "none"
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
cpu: 200m
memory: 2Gi
unlimited: {}
+
+# Log configuration
+log:
+ path: /var/log/onap