#################################################################
global:
nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+
+secrets:
+ - uid: pg-root-pass
+ name: &pgRootPassSecretName '{{ include "common.release" . }}-vnfsdk-pg-root-pass'
+ type: password
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "vnfsdk-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+ password: '{{ .Values.postgres.config.pgRootpassword }}'
+ policy: generate
+ - uid: pg-user-creds
+ name: &pgUserCredsSecretName '{{ include "common.release" . }}-vnfsdk-pg-user-creds'
+ type: basicAuth
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "vnfsdk-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+ login: '{{ .Values.postgres.config.pgUserName }}'
+ password: '{{ .Values.postgres.config.pgUserPassword }}'
+ passwordPolicy: generate
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: refrepo-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: refrepo
+ fqi: refrepo@refrepo.onap.org
+ fqi_namespace: org.onap.refrepo
+ public_fqdn: refrepo.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ echo "keystore password: $$cadi_keystore_password_p12"
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** copy key"
+ cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.key
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 999 {{ .Values.credsPath }}/certs
+
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.3.2
-postgresRepository: crunchydata
-postgresImage: crunchy-postgres:centos7-10.3-1.8.2
+image: onap/vnfsdk/refrepo:1.6.3
pullPolicy: Always
# application configuration override for postgres
config:
pgUserName: postgres
pgDatabase: postgres
- pgPrimaryPassword: postgres
- pgUserPassword: postgres
- pgRootPassword: postgres
- pgpool:
- nameOverride: vnfsdk-pgpool
- service:
- name: vnfsdk-pgpool
- credentials:
- pgusername: postgres
- pgpassword: postgres
- container:
- name:
- primary: pgpool-primary
- replica: pgpool-replica
+ pgUserExternalSecret: *pgUserCredsSecretName
+ pgRootPasswordExternalSecret: *pgRootPassSecretName
# flag to enable debugging - application support required
debugEnabled: false
enabled: true
readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 30
service:
type: NodePort
name: refrepo
- portName: refrepo
+ portName: https
nodePort: 97
- internalPort: 8702
+ internalPort: 8703
ingress:
enabled: false
service:
- baseaddr: "refrepo"
name: "refrepo"
- port: 97
+ port: 8703
config:
- ssl: "none"
+ ssl: "redirect"