1 # Copyright (c) 2019 IBM, Bell Canada
2 # Copyright (c) 2020 Samsung Electronics
3 # Modification Copyright © 2022 Nordix Foundation
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 #################################################################
18 # Global configuration defaults.
19 #################################################################
21 # Change to an unused port prefix range to prevent port conflicts
22 # with other instances running within the same k8s cluster
23 nodePortPrefixExt: 304
29 mountPath: /dockerdata-nfs
31 #This configuration specifies Service and port for SDNC OAM interface
32 sdncOamService: sdnc-oam
35 #AAF is enabled by default
38 #enable importCustomCerts to add custom CA to blueprint processor pod
39 #importCustomCertsEnabled: true
41 #use below configmap to add custom CA certificates
42 #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod
43 #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod
44 #customCertsConfigMap: onap-cds-blueprints-processor-configmap
46 #################################################################
48 #################################################################
50 - uid: 'cds-db-user-creds'
52 externalSecret: '{{ tpl (default "" .Values.config.cdsDB.dbCredsExternalSecret) . }}'
53 login: '{{ .Values.config.cdsDB.dbUser }}'
54 password: '{{ .Values.config.cdsDB.dbPassword }}'
55 passwordPolicy: required
56 - uid: 'sdnc-db-root-pass'
58 externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
59 password: '{{ .Values.config.sdncDB.dbRootPass }}'
60 passwordPolicy: required
61 - uid: cds-kafka-secret
62 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
66 value: '{{ .Values.config.someConfig }}'
70 externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}'
71 login: '{{ .Values.config.cps.cpsUsername }}'
72 password: '{{ .Values.config.cps.cpsPassword }}'
73 passwordPolicy: required
75 #################################################################
77 #################################################################
79 nameOverride: cds-blueprints-processor-cert-initializer
80 aafDeployFqi: deployer@people.osaaf.org
81 aafDeployPass: demo123456!
82 # aafDeployCredsExternalSecret: some secret
84 fqi: sdnc-cds@sdnc-cds.onap.org
85 public_fqdn: sdnc-cds.onap.org
89 credsPath: /opt/app/osaaf/local
90 fqi_namespace: org.onap.sdnc-cds
91 #enable below if we need custom CA to be added to blueprint processor pod
92 #importCustomCertsEnabled: true
93 #truststoreMountpath: /opt/onap/cds
94 #truststoreOutputFileName: truststoreONAPall.jks
96 /opt/app/aaf_config/bin/agent.sh;
97 /opt/app/aaf_config/bin/agent.sh local showpass
98 {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
100 #################################################################
101 # Application configuration defaults.
102 #################################################################
104 image: onap/ccsdk-blueprintsprocessor:1.3.0
107 # flag to enable debugging - application support required
110 # application configuration
112 appConfigDir: /opt/app/onap/config
114 dbService: mariadb-galera
117 #dbRootPass: Custom root password
118 dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
125 # dbCredsExternalSecret: <some secret name>
126 # dbRootPassword: password
127 # dbRootPassExternalSecret
132 cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
134 # default number of instances
141 # If useStrimziKafka is true, the following also applies:
142 # strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
143 # The connection type must be kafka-scram-plain-text-auth
144 # The bootstrapServers will target the strimzi kafka cluster by default
145 useStrimziKafka: false
146 cdsKafkaUser: cds-kafka-user
148 kafkaRequestConsumer:
150 type: kafka-scram-plain-text-auth
151 bootstrapServers: host:port
152 groupId: cds-consumer
153 topic: cds.blueprint-processor.self-service-api.request
154 clientId: request-receiver-client-id
156 kafkaRequestProducer:
157 type: kafka-scram-plain-text-auth
158 bootstrapServers: host:port
159 clientId: request-producer-client-id
160 topic: cds.blueprint-processor.self-service-api.response
161 enableIdempotence: false
164 type: kafka-scram-plain-text-auth
165 bootstrapServers: host:port
166 clientId: audit-request-producer-client-id
167 topic: cds.blueprint-processor.self-service-api.audit.request
168 enableIdempotence: false
170 type: kafka-scram-plain-text-auth
171 bootstrapServers: host:port
172 clientId: audit-response-producer-client-id
173 topic: cds.blueprint-processor.self-service-api.audit.response
174 enableIdempotence: false
176 # probe configuration parameters
178 initialDelaySeconds: 10
183 initialDelaySeconds: 0
186 # necessary to disable liveness probe when setting breakpoints
187 # in debugger so K8s doesn't restart unresponsive container
191 initialDelaySeconds: 120
198 portName: blueprints-processor-http
203 portName: blueprints-processor-grpc
208 portName: blueprints-processor-cluster
213 volumeReclaimPolicy: Retain
214 accessMode: ReadWriteMany
217 mountSubPath: cds/blueprints/deploy
218 deployedBlueprint: /opt/app/onap/blueprints/deploy
221 # Cannot have cluster enabled if the replicaCount is not at least 3
224 clusterName: cds-cluster
226 # Defines the number of node to be part of the CP subsystem/raft algorithm. This value should be
227 # between 3 and 7 only.
233 - baseaddr: "blueprintsprocessorhttp"
234 name: "cds-blueprints-processor-http"
242 springframework: INFO
243 springframeworkWeb: INFO
244 springframeworkSecurityWebauthentication: INFO
267 #Pods Service Account
269 nameOverride: cds-blueprints-processor
273 # workflow store flag