X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fmsb%2Fcomponents%2Fmsb-iag%2Fvalues.yaml;h=602177b4799ed20b7ee501729e5af80c86811a6d;hb=8d87db21a4ba5e42076c0a7f11110dbec2afd608;hp=b91ddcae1be9ca31b01586b3ce96dcf520bb5145;hpb=c6b46889bd9a72f85a06b8ce29b854ac1f922ca7;p=oom.git diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml index b91ddcae1b..602177b479 100644 --- a/kubernetes/msb/components/msb-iag/values.yaml +++ b/kubernetes/msb/components/msb-iag/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2018 Amdocs, Bell Canada , ZTE +# Copyright © 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,11 +18,41 @@ global: nodePortPrefix: 302 +################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: msb-iag-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: msb-iag + fqi: msb-iag@msb-iag.onap.org + fqi_namespace: org.onap.msb-iag + public_fqdn: msb-iag.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + aaf_add_config: | + mkdir -p {{ .Values.credsPath }}/certs + echo "*** retrieve certificate from pkcs12" + openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ + -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \ + -passin pass:$cadi_keystore_password_p12 \ + -passout pass:$cadi_keystore_password_p12 + echo "*** copy key to relevant place" + cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key + echo "*** change ownership and read/write attributes" + chown -R 1000 {{ .Values.credsPath }}/certs + chmod 600 {{ .Values.credsPath }}/certs/cert.crt + chmod 600 {{ .Values.credsPath }}/certs/cert.key + ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/msb/msb_apigateway:1.2.7 +image: onap/msb/msb_apigateway:1.4.0 pullPolicy: Always istioSidecar: true @@ -51,12 +82,17 @@ readiness: service: type: NodePort name: msb-iag - externalPort: 80 - internalPort: 80 - nodePort: 80 - externalPortHttps: 443 - internalPortHttps: 443 - nodePortHttps: 83 + both_tls_and_plain: true + # for liveness and readiness probe only + # internalPort: + internalPort: 443 + internalPlainPort: 80 + ports: + - name: msb-iag + port: 443 + plain_port: 80 + port_protocol: http + nodePort: '83' ingress: enabled: false @@ -86,3 +122,14 @@ resources: cpu: 100m memory: 400Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: msb-iag + roles: + - read + +#Logs configuration +log: + path: /var/log/onap +logConfigMapNamePrefix: '{{ include "common.fullname" . }}'