1 # Copyright (c) 2019 IBM, Bell Canada
2 # Copyright (c) 2020 Samsung Electronics
3 # Modification Copyright © 2022 Nordix Foundation
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 #################################################################
18 # Global configuration defaults.
19 #################################################################
21 # Change to an unused port prefix range to prevent port conflicts
22 # with other instances running within the same k8s cluster
23 nodePortPrefixExt: 304
29 mountPath: /dockerdata-nfs
31 # This configuration specifies Service and port for SDNC OAM interface
32 sdncOamService: sdnc-oam
35 # This concerns CDS/AAI communication through HTTP when TLS is not being needed
36 # Port value should match the one in aai/values.yml : service.externalPlainPort
38 ExternalPlainPort: 80 # when TLS is not needed
39 ServiceName: aai # domain
40 # http://aai:80 or https://aai:443
42 #AAF is enabled by default
45 #enable importCustomCerts to add custom CA to blueprint processor pod
46 #importCustomCertsEnabled: true
48 #use below configmap to add custom CA certificates
49 #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod
50 #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod
51 #customCertsConfigMap: onap-cds-blueprints-processor-configmap
53 #################################################################
55 #################################################################
57 - uid: 'cds-db-user-creds'
59 externalSecret: '{{ tpl (default "" .Values.config.cdsDB.dbCredsExternalSecret) . }}'
60 login: '{{ .Values.config.cdsDB.dbUser }}'
61 password: '{{ .Values.config.cdsDB.dbPassword }}'
62 passwordPolicy: required
63 - uid: 'sdnc-db-root-pass'
65 externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
66 password: '{{ .Values.config.sdncDB.dbRootPass }}'
67 passwordPolicy: required
68 - uid: cds-kafka-secret
69 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
73 value: '{{ .Values.config.someConfig }}'
77 externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}'
78 login: '{{ .Values.config.cps.cpsUsername }}'
79 password: '{{ .Values.config.cps.cpsPassword }}'
80 passwordPolicy: required
82 #################################################################
84 #################################################################
86 nameOverride: cds-blueprints-processor-cert-initializer
87 aafDeployFqi: deployer@people.osaaf.org
88 aafDeployPass: demo123456!
89 # aafDeployCredsExternalSecret: some secret
91 fqi: sdnc-cds@sdnc-cds.onap.org
92 public_fqdn: sdnc-cds.onap.org
96 credsPath: /opt/app/osaaf/local
97 fqi_namespace: org.onap.sdnc-cds
98 #enable below if we need custom CA to be added to blueprint processor pod
99 #importCustomCertsEnabled: true
100 #truststoreMountpath: /opt/onap/cds
101 #truststoreOutputFileName: truststoreONAPall.jks
103 /opt/app/aaf_config/bin/agent.sh;
104 /opt/app/aaf_config/bin/agent.sh local showpass
105 {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
107 #################################################################
108 # Application configuration defaults.
109 #################################################################
111 image: onap/ccsdk-blueprintsprocessor:1.4.1
114 # flag to enable debugging - application support required
117 # application configuration
119 appConfigDir: /opt/app/onap/config
121 dbService: mariadb-galera
124 # dbRootPass: Custom root password
125 dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
132 # dbCredsExternalSecret: <some secret name>
133 # dbRootPassword: password
134 # dbRootPassExternalSecret
139 cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
141 # default number of instances
148 # If useStrimziKafka is true, the following also applies:
149 # strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
150 # The connection type must be kafka-scram-plain-text-auth
151 # The bootstrapServers will target the strimzi kafka cluster by default
152 useStrimziKafka: false
153 cdsKafkaUser: cds-kafka-user
155 kafkaRequestConsumer:
157 type: kafka-scram-plain-text-auth
158 bootstrapServers: host:port
159 groupId: cds-consumer
160 topic: cds.blueprint-processor.self-service-api.request
161 clientId: request-receiver-client-id
163 kafkaRequestProducer:
164 type: kafka-scram-plain-text-auth
165 bootstrapServers: host:port
166 clientId: request-producer-client-id
167 topic: cds.blueprint-processor.self-service-api.response
168 enableIdempotence: false
171 type: kafka-scram-plain-text-auth
172 bootstrapServers: host:port
173 clientId: audit-request-producer-client-id
174 topic: cds.blueprint-processor.self-service-api.audit.request
175 enableIdempotence: false
177 type: kafka-scram-plain-text-auth
178 bootstrapServers: host:port
179 clientId: audit-response-producer-client-id
180 topic: cds.blueprint-processor.self-service-api.audit.response
181 enableIdempotence: false
183 # probe configuration parameters
185 initialDelaySeconds: 10
190 initialDelaySeconds: 1
193 # necessary to disable liveness probe when setting breakpoints
194 # in debugger so K8s doesn't restart unresponsive container
198 initialDelaySeconds: 120
215 portName: tcp-cluster
220 volumeReclaimPolicy: Retain
221 accessMode: ReadWriteMany
224 mountSubPath: cds/blueprints/deploy
225 deployedBlueprint: /opt/app/onap/blueprints/deploy
228 # Cannot have cluster enabled if the replicaCount is not at least 3
231 clusterName: cds-cluster
233 # Defines the number of node to be part of the CP subsystem/raft algorithm. This value should be
234 # between 3 and 7 only.
240 - baseaddr: "cds-blueprintsprocessor-api"
241 name: "cds-blueprints-processor-http"
249 springframework: INFO
250 springframeworkWeb: INFO
251 springframeworkSecurityWebauthentication: INFO
274 #Pods Service Account
276 nameOverride: cds-blueprints-processor
280 # workflow store flag