1 # Copyright (c) 2019 IBM, Bell Canada
2 # Copyright (c) 2020 Samsung Electronics
3 # Modification Copyright © 2022 Nordix Foundation
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 #################################################################
18 # Global configuration defaults.
19 #################################################################
21 # Change to an unused port prefix range to prevent port conflicts
22 # with other instances running within the same k8s cluster
23 nodePortPrefixExt: 304
29 mountPath: /dockerdata-nfs
31 # This configuration specifies Service and port for SDNC OAM interface
32 sdncOamService: sdnc-oam
35 # This concerns CDS/AAI communication through HTTP when TLS is not being needed
36 # Port value should match the one in aai/values.yml : service.externalPlainPort
38 ExternalPlainPort: 80 # when TLS is not needed
39 ServiceName: aai # domain
40 # http://aai:80 or https://aai:443
42 #AAF is enabled by default
45 #enable importCustomCerts to add custom CA to blueprint processor pod
46 #importCustomCertsEnabled: true
48 #use below configmap to add custom CA certificates
49 #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod
50 #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod
51 #customCertsConfigMap: onap-cds-blueprints-processor-configmap
53 #################################################################
55 #################################################################
57 - uid: 'cds-db-user-creds'
59 externalSecret: '{{ tpl (default "" .Values.config.cdsDB.dbCredsExternalSecret) . }}'
60 login: '{{ .Values.config.cdsDB.dbUser }}'
61 password: '{{ .Values.config.cdsDB.dbPassword }}'
62 passwordPolicy: required
63 - uid: 'sdnc-db-root-pass'
65 externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
66 password: '{{ .Values.config.sdncDB.dbRootPass }}'
67 passwordPolicy: required
68 - uid: cds-kafka-secret
69 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
73 value: '{{ .Values.config.someConfig }}'
76 #################################################################
78 #################################################################
80 nameOverride: cds-blueprints-processor-cert-initializer
81 aafDeployFqi: deployer@people.osaaf.org
82 aafDeployPass: demo123456!
83 # aafDeployCredsExternalSecret: some secret
85 fqi: sdnc-cds@sdnc-cds.onap.org
86 public_fqdn: sdnc-cds.onap.org
90 credsPath: /opt/app/osaaf/local
91 fqi_namespace: org.onap.sdnc-cds
92 #enable below if we need custom CA to be added to blueprint processor pod
93 #importCustomCertsEnabled: true
94 #truststoreMountpath: /opt/onap/cds
95 #truststoreOutputFileName: truststoreONAPall.jks
97 /opt/app/aaf_config/bin/agent.sh;
98 /opt/app/aaf_config/bin/agent.sh local showpass
99 {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
101 #################################################################
102 # Application configuration defaults.
103 #################################################################
105 image: onap/ccsdk-blueprintsprocessor:1.3.0
108 # flag to enable debugging - application support required
111 # application configuration
113 appConfigDir: /opt/app/onap/config
115 dbService: mariadb-galera
118 # dbRootPass: Custom root password
119 dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
126 # dbCredsExternalSecret: <some secret name>
127 # dbRootPassword: password
128 # dbRootPassExternalSecret
131 # default number of instances
138 # If useStrimziKafka is true, the following also applies:
139 # strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
140 # The connection type must be kafka-scram-plain-text-auth
141 # The bootstrapServers will target the strimzi kafka cluster by default
142 useStrimziKafka: false
143 cdsKafkaUser: cds-kafka-user
145 kafkaRequestConsumer:
147 type: kafka-scram-plain-text-auth
148 bootstrapServers: host:port
149 groupId: cds-consumer
150 topic: cds.blueprint-processor.self-service-api.request
151 clientId: request-receiver-client-id
153 kafkaRequestProducer:
154 type: kafka-scram-plain-text-auth
155 bootstrapServers: host:port
156 clientId: request-producer-client-id
157 topic: cds.blueprint-processor.self-service-api.response
158 enableIdempotence: false
161 type: kafka-scram-plain-text-auth
162 bootstrapServers: host:port
163 clientId: audit-request-producer-client-id
164 topic: cds.blueprint-processor.self-service-api.audit.request
165 enableIdempotence: false
167 type: kafka-scram-plain-text-auth
168 bootstrapServers: host:port
169 clientId: audit-response-producer-client-id
170 topic: cds.blueprint-processor.self-service-api.audit.response
171 enableIdempotence: false
173 # probe configuration parameters
175 initialDelaySeconds: 10
180 initialDelaySeconds: 1
183 # necessary to disable liveness probe when setting breakpoints
184 # in debugger so K8s doesn't restart unresponsive container
188 initialDelaySeconds: 120
205 portName: tcp-cluster
210 volumeReclaimPolicy: Retain
211 accessMode: ReadWriteMany
214 mountSubPath: cds/blueprints/deploy
215 deployedBlueprint: /opt/app/onap/blueprints/deploy
218 # Cannot have cluster enabled if the replicaCount is not at least 3
221 clusterName: cds-cluster
223 # Defines the number of node to be part of the CP subsystem/raft algorithm. This value should be
224 # between 3 and 7 only.
230 - baseaddr: "blueprintsprocessorhttp"
231 name: "cds-blueprints-processor-http"
239 springframework: INFO
240 springframeworkWeb: INFO
241 springframeworkSecurityWebauthentication: INFO
264 #Pods Service Account
266 nameOverride: cds-blueprints-processor
270 # workflow store flag