X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-schema-service%2Fvalues.yaml;h=8345a81f06b4ce7556483eadb0c4e4b41f13b031;hb=4d0e62a2a386304c5423bc168593589be8dad722;hp=50bd6c38b86d2703066e1c041b99cd7a505d8890;hpb=0c4534e4155560e8726e6a75e0b7476ee9f754ee;p=oom.git diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 50bd6c38b8..8345a81f06 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,11 +40,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v23 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -58,23 +58,43 @@ global: # global defaults edge: label: v12 - # Keystore configuration password and filename - keystore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Truststore configuration password and filename - truststore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Specifies a list of files to be included in auth volume - auth: - files: - - aai_keystore +################################################################# +# Certificate configuration +################################################################# +certInitializer: + nameOverride: aai-schema-service-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: aai-schema-service + fqi: aai-schema-service@aai-schema-service.onap.org + public_fqdn: aai-schema-service.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.aai-schema-service + user_id: &user_id 1000 + group_id: &group_id 1000 + aaf_add_config: | + echo "*** changing them into shell safe ones" + export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + cd {{ .Values.credsPath }} + keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \ + -storepass "${cadi_keystore_password_p12}" \ + -keystore {{ .Values.fqi_namespace }}.p12 + keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \ + -storepass "${cadi_truststore_password}" \ + -keystore {{ .Values.fqi_namespace }}.trust.jks + echo "*** writing passwords into prop file" + echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop + echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-schema-service:1.8.6 +image: onap/aai-schema-service:1.9.5 pullPolicy: Always restartPolicy: Always flavorOverride: small @@ -99,9 +119,9 @@ readiness: service: type: ClusterIP - portName: aai-schema-service-8452 + portName: http internalPort: 8452 - portName2: aai-schema-service-5005 + portName2: tcp-5005 internalPort2: 5005 ingress: @@ -140,3 +160,19 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-schema-service + roles: + - read + +# Not fully used for now +securityContext: + user_id: *user_id + group_id: *group_id + +#Log configuration +log: + path: /var/log/onap +logConfigMapNamePrefix: '{{ include "common.fullname" . }}'