X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fpolicy%2Fcomponents%2Fpolicy-api%2Fvalues.yaml;h=0e3ada89562ae91ff4657739bcf193c7eb8e3984;hb=2a5d1bbf59b2ec3abc2d61fdaf85e801cbaf3d7d;hp=6f0a590f47c9864736e5eec8ab9a9ca39b016d03;hpb=83778d2dac0c7bd83ed6cb658bc66c6326ef3ddd;p=oom.git diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 6f0a590f47..0e3ada8956 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2022 Bell Canada. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,9 +23,7 @@ global: nodePortPrefix: 304 persistence: {} - envsubstImage: dibi/envsubst aafEnabled: true - readinessImage: onap/oom/readiness:3.0.1 ################################################################# # Secrets metaconfig @@ -38,7 +37,7 @@ secrets: passwordPolicy: required - uid: restserver-creds type: basicAuth - externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}' + externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}' login: '{{ .Values.restServer.user }}' password: '{{ .Values.restServer.password }}' passwordPolicy: required @@ -71,9 +70,6 @@ certInitializer: uid: 100 gid: 101 aaf_add_config: > - /opt/app/aaf_config/bin/agent.sh; - export $(/opt/app/aaf_config/bin/agent.sh local showpass - {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); @@ -83,8 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/policy-api:2.3.3 +image: onap/policy-api:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -99,7 +94,7 @@ db: internalPort: 3306 restServer: - user: healthcheck + user: policyadmin password: zb!XztG34 # default number of instances @@ -111,15 +106,20 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 20 + initialDelaySeconds: 60 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 20 - periodSeconds: 10 + initialDelaySeconds: 10 + periodSeconds: 120 + api: /policy/api/v1/healthcheck + scheme: HTTPS + successThreshold: 1 + failureThreshold: 3 + timeout: 60 service: type: ClusterIP @@ -150,3 +150,29 @@ resources: memory: 2Gi unlimited: {} +#Pods Service Account +serviceAccount: + nameOverride: policy-api + roles: + - read + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-api + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-api-user-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}'