X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Fvalues.yaml;h=43201fef4b2f83e20363abb828a230a28bbee00a;hb=f7db74aa20a656940a2d8a626ebf62c6efaa32f9;hp=802722f40082929e8b7577408999ce5dff24a993;hpb=0c31367d791d773bda5687d5977497a1e8215e4f;p=oom.git diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 802722f400..43201fef4b 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -86,12 +86,67 @@ secrets: externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}' password: '{{ .Values.config.netboxApikey }}' passwordPolicy: required + - uid: aai-truststore-password + type: password + externalSecret: '{{ .Values.config.aaiTruststoreExternalSecret }}' + password: '{{ .Values.config.aaiTruststorePassword }}' + passwordPolicy: required + - uid: ansible-truststore-password + type: password + externalSecret: '{{ .Values.config.ansibleTruststoreExternalSecret }}' + password: '{{ .Values.config.ansibleTruststorePassword }}' + passwordPolicy: required + - uid: truststore-password + type: password + externalSecret: '{{ .Values.config.truststoreExternalSecret }}' + password: '{{ .Values.config.truststorePassword }}' + passwordPolicy: required + - uid: keystore-password + type: password + externalSecret: '{{ .Values.config.keystoreExternalSecret }}' + password: '{{ .Values.config.keystorePassword }}' + passwordPolicy: required + - uid: dmaap-authkey + type: password + externalSecret: '{{ .Values.config.dmaapAuthKeyExternalSecret }}' + password: '{{ .Values.config.dmaapAuthKey }}' + passwordPolicy: required - uid: aai-user-creds type: basicAuth externalSecret: '{{ .Values.config.aaiCredsExternalSecret}}' login: '{{ .Values.config.aaiUser }}' password: '{{ .Values.config.aaiPassword }}' passwordPolicy: required + - uid: so-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.soCredsExternalSecret}}' + login: '{{ .Values.config.soUser }}' + password: '{{ .Values.config.soPassword }}' + passwordPolicy: required + - uid: neng-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.nengCredsExternalSecret}}' + login: '{{ .Values.config.nengUser }}' + password: '{{ .Values.config.nengPassword }}' + passwordPolicy: required + - uid: cds-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.cdsCredsExternalSecret}}' + login: '{{ .Values.config.cdsUser }}' + password: '{{ .Values.config.cdsPassword }}' + passwordPolicy: required + - uid: honeycomb-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.honeycombCredsExternalSecret}}' + login: '{{ .Values.config.honeycombUser }}' + password: '{{ .Values.config.honeycombPassword }}' + passwordPolicy: required + - uid: dmaap-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.dmaapCredsExternalSecret}}' + login: '{{ .Values.config.dmaapUser }}' + password: '{{ .Values.config.dmaapPassword }}' + passwordPolicy: required - uid: modeling-user-creds type: basicAuth externalSecret: '{{ .Values.config.modelingCredsExternalSecret}}' @@ -117,6 +172,17 @@ secrets: login: '{{ .Values.config.scaleoutUser }}' password: '{{ .Values.config.scaleoutPassword }}' passwordPolicy: required + - uid: oauth-token-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.tokenSecret }}' + passwordPolicy: required + - uid: keycloak-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}' + passwordPolicy: required + ################################################################# # Certificates ################################################################# @@ -129,6 +195,7 @@ certificates: outputType: - jks passwordSecretRef: + create: true name: sdnc-cmpv2-keystore-password key: password issuer: @@ -141,7 +208,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.0.5 +image: onap/sdnc-image:2.1.5 # flag to enable debugging - application support required debugEnabled: false @@ -155,9 +222,34 @@ config: # odlCredsExternalSecret: some secret netboxApikey: onceuponatimeiplayedwithnetbox20180814 # netboxApikeyExternalSecret: some secret + aaiTruststorePassword: changeit + # aaiTruststoreExternalSecret: some secret + ansibleTruststorePassword: changeit + # ansibleTruststoreExternalSecret: some secret + truststorePassword: adminadmin + # truststoreExternalSecret: some secret + keystorePassword: adminadmin + # keystoreExternalSecret: some secret aaiUser: sdnc@sdnc.onap.org aaiPassword: demo123456! # aaiCredsExternalSecret: some secret + soUser: sdncaBpmn + soPassword: password1$ + # soCredsExternalSecret: some secret + nengUser: ccsdkapps + nengPassword: ccsdkapps + # nengCredsExternalSecret: some secret + cdsUser: ccsdkapps + cdsPassword: ccsdkapps + # cdsCredsExternalSecret: some secret + honeycombUser: admin + honeycombPassword: admin + # honeycombCredsExternalSecret: some secret + dmaapUser: admin + dmaapPassword: admin + dmaapAuthKey: "fs20cKwalJ6ry4kX:7Hqm6BDZK47IKxGRkOPFk33qMYs=" + # dmaapCredsExternalSecret: some secret + # dmaapAuthKeyExternalSecret: some secret modelingUser: ccsdkapps modelingPassword: ccsdkapps # modelingCredsExternalSecret: some secret @@ -231,6 +323,7 @@ config: sdnrdbTrustAllCerts: true mountpointRegistrarEnabled: false mountpointStateProviderEnabled: false + # # enable and set dmaap-proxy for mountpointRegistrar dmaapProxy: enabled: false @@ -238,10 +331,28 @@ config: user: addUserHere password: addPasswordHere url: addProxyUrlHere - - - - + oauth: + enabled: false + tokenIssuer: ONAP SDNC + tokenSecret: secret + supportOdlusers: true + redirectUri: null + publicUrl: none + odluxRbac: + enabled: true + # example definition for a oauth provider + providersSecrets: + keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46 + providers: + - id: keycloak + type: KEYCLOAK + host: http://keycloak:8080 + clientId: odlux.app + secret: ${KEYCLOAK_SECRET} + scope: openid + title: ONAP Keycloak Provider + roleMapping: + mykeycloak: admin # dependency / sub-chart configuration certInitializer: