X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fso%2Fvalues.yaml;h=064415927fc6ede5a91edc87fe1fe2495b03fa30;hb=c9f47135f5820c423ed0b6cf295be5a98624a73c;hp=358b104367e411e6b2bff5e6a8b2b7c1fb0cdb00;hpb=6f1cdc1aee56e11d8c05e569e5f5f31351b5fb1e;p=oom.git diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 358b104367..064415927f 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 AT&T USA # Copyright © 2020 Huawei +# Copyright © 2021 Orange # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -56,19 +57,14 @@ global: auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap - client: - certs: - truststore: /app/client/org.onap.so.trust.jks - keystore: /app/client/org.onap.so.jks - trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI - keyStorePassword: c280b25hcA== certificates: path: /etc/ssl/certs share_path: /usr/local/share/ca-certificates/ readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -77,7 +73,11 @@ secrets: - uid: db-root-pass name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass' type: password - externalSecret: '{{ ternary .Values.global.mariadbGalera.rootPasswordExternalSecret (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.rootPasswordExternalSecret) .Values.global.mariadbGalera.localCluster }}' + externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary + .Values.global.mariadbGalera.rootPasswordExternalSecret + (default (include "common.mariadb.secret.rootPassSecretName" + (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) + .Values.global.mariadbGalera.rootPasswordExternalSecret) }}' password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}' - uid: db-backup-creds name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds' @@ -104,12 +104,6 @@ secrets: login: '{{ .Values.dbCreds.adminName }}' password: '{{ .Values.dbCreds.adminPassword }}' passwordPolicy: generate - - uid: 'so-onap-certs' - name: &so-certs '{{ include "common.release" . }}-so-certs' - externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' - type: generic - filePaths: - - resources/config/certificates/msb-ca.crt - uid: 'mso-key' name: &mso-key '{{ include "common.release" . }}-mso-key' type: password @@ -156,6 +150,24 @@ aafConfig: aaf: trustore: org.onap.so.trust.jks +################################################################# +# AAF part for Ingress +################################################################# +certInitializer: + nameOverride: so-tls-cert + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: so + fqi: so@so.onap.org + public_fqdn: so.onap.org + fqi_namespace: org.onap.so + cadi_longitude: '0.0' + cadi_latitude: '0.0' + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + ingressTlsSecret: '{{ include "common.release" . }}-so-ingress-certs' + ################################################################# # Application configuration defaults. ################################################################# @@ -169,7 +181,7 @@ dbCreds: userName: so_user adminName: so_admin -image: onap/so/api-handler-infra:1.7.10 +image: onap/so/api-handler-infra:1.9.0 server: aaf: @@ -214,7 +226,6 @@ soHelpers: certInitializer: nameOverride: so-apih-cert-init credsPath: /opt/app/osaaf/local - certSecret: *so-certs containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -253,15 +264,15 @@ config: # --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \ # --set so.global.mariadbGalera.serviceName=so-mariadb-galera mariadb-galera: - config: - mariadbRootPasswordExternalSecret: *dbRootPassSecretName - nameOverride: so-mariadb-galera + rootUser: + externalSecret: *dbRootPassSecretName + nameOverride: &so-mariadb so-mariadb-galera replicaCount: 1 - service: - name: so-mariadb-galera persistence: mountSubPath: so/mariadb-galera/data enabled: true + serviceAccount: + nameOverride: *so-mariadb ingress: enabled: false @@ -270,7 +281,8 @@ ingress: name: 'so' port: 8080 config: - ssl: 'none' + tls: + secret: '{{ include "common.release" . }}-so-ingress-certs' mso: adapters: @@ -333,7 +345,7 @@ so-mariadb: userCredsExternalSecret: *dbUserCredsSecretName adminCredsExternalSecret: *dbAdminCredsSecretName -so-monitoring: +so-admin-cockpit: enabled: true db: <<: *dbSecrets @@ -373,15 +385,22 @@ so-sdnc-adapter: enabled: true db: <<: *dbSecrets + mso: + msoKeySecret: *mso-key so-ve-vnfm-adapter: enabled: false -so-vfc-adapter: +so-etsi-sol005-adapter: enabled: true db: <<: *dbSecrets -so-vnfm-adapter: +so-etsi-sol003-adapter: enabled: true +#Pods Service Account +serviceAccount: + nameOverride: so + roles: + - read