X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fpolicy%2Fcomponents%2Fpolicy-xacml-pdp%2Fvalues.yaml;h=15ef5e3de11a5f729f5c53bb1589cd980b397da2;hb=refs%2Fheads%2Fmaster;hp=b9d877fe7b228116aa8aea2a26740051b36ab3e7;hpb=fa01ec554cfa10cb1f9ec8be0c5530dd3f3ea50a;p=oom.git

diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
old mode 100755
new mode 100644
index b9d877fe7b..061ceed3cd
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -1,5 +1,7 @@
 #  ============LICENSE_START=======================================================
 #   Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
+#   Modifications Copyright (C) 2024-2025 OpenInfra Europe. All rights reserved.
+#   Modifications Copyright © 2024-2025 Deutsche Telekom
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -21,6 +23,12 @@
 #################################################################
 global:
   persistence: {}
+  postgres:
+    service:
+      name: policy-postgres
+      name2: policy-pg-primary
+      name3: policy-pg-replica
+      port: 5432
 
 #################################################################
 # Secrets metaconfig
@@ -49,9 +57,11 @@ secrets:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/policy-xacml-pdp:3.1.0
+image: onap/policy-xacml-pdp:4.2.0
 pullPolicy: Always
 
+componentName: &componentName policy-xacml-pdp
+
 # flag to enable debugging - application support required
 debugEnabled: false
 
@@ -60,9 +70,6 @@ debugEnabled: false
 db:
   user: policy-user
   password: policy_user
-  service:
-    name: policy-mariadb
-    internalPort: 3306
 
 restServer:
   user: healthcheck
@@ -74,6 +81,12 @@ apiServer:
 
 # default number of instances
 replicaCount: 1
+updateStrategy:
+  type: RollingUpdate
+  # The number of pods that can be unavailable during the update process
+  maxUnavailable: 0
+  # The number of pods that can be created above the desired amount of pods during an update
+  maxSurge: 1
 
 nodeSelector: {}
 
@@ -91,9 +104,15 @@ readiness:
   initialDelaySeconds: 20
   periodSeconds: 10
 
+autoscaling:
+  enabled: true
+  minReplicas: 1
+  maxReplicas: 3
+  targetCPUUtilizationPercentage: 80
+
 service:
   type: ClusterIP
-  name: policy-xacml-pdp
+  name: *componentName
   internalPort: 6969
   ports:
     - name: http
@@ -123,7 +142,7 @@ serviceMesh:
       - serviceAccount: dcae-ves-collector-read
       - serviceAccount: dcae-ves-mapper-read
       - serviceAccount: dcae-ves-openapi-manager-read
-      - serviceAccount: message-router-read
+      - serviceAccount: strimzi-kafka-read
       - serviceAccount: oof-read
       - serviceAccount: sdnc-read
 
@@ -145,9 +164,23 @@ resources:
       memory: "2Gi"
   unlimited: {}
 
+securityContext:
+  user_id: 100
+  group_id: 102
+
+groupIdPrefix: policy-xacml-pdp
+
+dirSizes:
+  emptyDir:
+    sizeLimit: 1Gi
+  logDir:
+    sizeLimit: 500Mi
+  policyDir:
+    sizeLimit: 100Mi
+
 #Pods Service Account
 serviceAccount:
-  nameOverride: policy-xacml-pdp
+  nameOverride: *componentName
   roles:
     - read
 
@@ -156,9 +189,15 @@ metrics:
     # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
     # The default operator for prometheus enforces the below label.
     labels:
+      app: '{{ include "common.name" . }}'
+      helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+      app.kubernetes.io/instance: '{{ include "common.release" . }}'
+      app.kubernetes.io/managed-by: '{{ .Release.Service }}'
+      version: '{{ .Chart.Version | replace "+" "_" }}'
       release: prometheus
     enabled: true
-    port: policy-xacml-pdp
+    port: http
+    path: /metrics
     interval: 60s
     isHttps: false
     basicAuth:
@@ -168,6 +207,33 @@ metrics:
       externalSecretPasswordKey: password
     selector:
       app: '{{ include "common.name" . }}'
-      chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
-      release: '{{ include "common.release" . }}'
-      heritage: '{{ .Release.Service }}'
+      helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+      app.kubernetes.io/instance: '{{ include "common.release" . }}'
+      app.kubernetes.io/managed-by: '{{ .Release.Service }}'
+
+config:
+  # Event consumption (kafka) properties
+  kafka:
+    consumer:
+      groupId: policy-xacml-pdp
+  app:
+    listener:
+      policyPdpPapTopic: policy-pdp-pap
+
+# Strimzi Kafka config
+kafkaUser:
+  authenticationType: scram-sha-512
+  acls:
+    - name: policy-xacml-pdp
+      type: group
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+    - name: policy-pdp-pap
+      type: topic
+      patternType: prefix
+      operations: [ Create, Describe, Read, Write ]
+
+readinessCheck:
+  wait_for:
+    services:
+      - policy-api