X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcds%2Fcomponents%2Fcds-blueprints-processor%2Fvalues.yaml;h=7591a850ce42256b6416872e5fc2a0439ffd63a7;hb=2cef564fe7af8a43cb3e9bba77fff91a02fae372;hp=829bb220cdea6b859dfcba8edcb507f1a8217274;hpb=69abc8725b0c862ab06526034118402315f97093;p=oom.git diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 829bb220cd..7591a850ce 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2019 IBM, Bell Canada # Copyright (c) 2020 Samsung Electronics +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,6 +32,17 @@ global: sdncOamService: sdnc-oam sdncOamPort: 8282 + #AAF is enabled by default + #aafEnabled: true + + #enable importCustomCerts to add custom CA to blueprint processor pod + #importCustomCertsEnabled: true + + #use below configmap to add custom CA certificates + #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod + #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod + #customCertsConfigMap: onap-cds-blueprints-processor-configmap + ################################################################# # Secrets metaconfig ################################################################# @@ -46,12 +58,50 @@ secrets: externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}' password: '{{ .Values.config.sdncDB.dbRootPass }}' passwordPolicy: required + - uid: cds-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: password + value: '{{ .Values.config.someConfig }}' + policy: generate + - uid: cps-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}' + login: '{{ .Values.config.cps.cpsUsername }}' + password: '{{ .Values.config.cps.cpsPassword }}' + passwordPolicy: required + +################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: cds-blueprints-processor-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: sdnc-cds + fqi: sdnc-cds@sdnc-cds.onap.org + public_fqdn: sdnc-cds.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.sdnc-cds + #enable below if we need custom CA to be added to blueprint processor pod + #importCustomCertsEnabled: true + #truststoreMountpath: /opt/onap/cds + #truststoreOutputFileName: truststoreONAPall.jks + aaf_add_config: > + /opt/app/aaf_config/bin/agent.sh; + /opt/app/aaf_config/bin/agent.sh local showpass + {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-blueprintsprocessor:1.1.5 +image: onap/ccsdk-blueprintsprocessor:1.3.0 pullPolicy: Always # flag to enable debugging - application support required @@ -75,6 +125,11 @@ config: # dbCredsExternalSecret: # dbRootPassword: password # dbRootPassExternalSecret + someConfig: blah + cps: + cpsUsername: '' + cpsPassword: '' + cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds' # default number of instances replicaCount: 1 @@ -83,10 +138,40 @@ nodeSelector: {} affinity: {} -# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using -# custom kafka cluster. -dmaapEnabled: true +# If useStrimziKafka is true, the following also applies: +# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below. +# The connection type must be kafka-scram-plain-text-auth +# The bootstrapServers will target the strimzi kafka cluster by default +useStrimziKafka: false +cdsKafkaUser: cds-kafka-user +kafkaRequestConsumer: + enabled: false + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + groupId: cds-consumer + topic: cds.blueprint-processor.self-service-api.request + clientId: request-receiver-client-id + pollMillSec: 1000 +kafkaRequestProducer: + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: request-producer-client-id + topic: cds.blueprint-processor.self-service-api.response + enableIdempotence: false +kafkaAuditRequest: + enabled: false + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: audit-request-producer-client-id + topic: cds.blueprint-processor.self-service-api.audit.request + enableIdempotence: false +kafkaAuditResponse: + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: audit-response-producer-client-id + topic: cds.blueprint-processor.self-service-api.audit.response + enableIdempotence: false # probe configuration parameters startup: