X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Fvalues.yaml;h=785435a478712eb4d3b98ff5adddbe06d5138cbe;hb=3291609df9abe49dc393fbdfff3a17c3f31a139a;hp=e3f3a6e1725346930cc880af87ae9fa65c84ca4d;hpb=fc84d43852eedf6ce97a9d51c596058910035e41;p=oom.git diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index e3f3a6e172..785435a478 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -30,8 +30,6 @@ global: service: mariadb-galera internalPort: 3306 nameOverride: mariadb-galera - # Enabling CMPv2 with CertManager - CMPv2CertManagerIntegration: false ################################################################# # Secrets metaconfig @@ -172,6 +170,17 @@ secrets: login: '{{ .Values.config.scaleoutUser }}' password: '{{ .Values.config.scaleoutPassword }}' passwordPolicy: required + - uid: oauth-token-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.tokenSecret }}' + passwordPolicy: required + - uid: keycloak-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}' + passwordPolicy: required + ################################################################# # Certificates ################################################################# @@ -184,6 +193,7 @@ certificates: outputType: - jks passwordSecretRef: + create: true name: sdnc-cmpv2-keystore-password key: password issuer: @@ -196,7 +206,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.1.3 +image: onap/sdnc-image:2.2.0 # flag to enable debugging - application support required debugEnabled: false @@ -311,6 +321,9 @@ config: sdnrdbTrustAllCerts: true mountpointRegistrarEnabled: false mountpointStateProviderEnabled: false + netconfCallHome: + enabled: true + # # enable and set dmaap-proxy for mountpointRegistrar dmaapProxy: enabled: false @@ -318,10 +331,28 @@ config: user: addUserHere password: addPasswordHere url: addProxyUrlHere - - - - + oauth: + enabled: false + tokenIssuer: ONAP SDNC + tokenSecret: secret + supportOdlusers: true + redirectUri: null + publicUrl: none + odluxRbac: + enabled: true + # example definition for a oauth provider + providersSecrets: + keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46 + providers: + - id: keycloak + type: KEYCLOAK + host: http://keycloak:8080 + clientId: odlux.app + secret: ${KEYCLOAK_SECRET} + scope: openid + title: ONAP Keycloak Provider + roleMapping: + mykeycloak: admin # dependency / sub-chart configuration certInitializer: @@ -428,6 +459,8 @@ dgbuilder: dbServiceName: mariadb-galera # This should be revisited and changed to plain text dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5 + serviceAccount: + nameOverride: sdnc-dgbuilder mariadb-galera: service: name: sdnc-dgbuilder @@ -519,6 +552,9 @@ service: geoNodePort5: 65 geoNodePort6: 66 + callHomePort: 6666 + callHomeNodePort: 66 + ## Persist data to a persitent volume persistence: enabled: true @@ -541,7 +577,7 @@ persistence: mountSubPath: sdnc/mdsal mdsalPath: /opt/opendaylight/mdsal daeximPath: /opt/opendaylight/mdsal/daexim - journalPath: /opt/opendaylight/journal + journalPath: /opt/opendaylight/segmented-journal snapshotsPath: /opt/opendaylight/snapshots certpersistence: @@ -589,3 +625,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc + roles: + - read