# Copyright © 2020, Nordix Foundation, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. global: mariadbGalera: &mariadbGalera #This flag allows EJBCA to instantiate its own mariadb-galera cluster localCluster: false service: mariadb-galera internalPort: 3306 nameOverride: mariadb-galera secrets: - uid: ejbca-db-secret name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret' type: basicAuth externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' login: '{{ .Values.config.db.userName }}' password: '{{ .Values.config.db.userPassword }}' - uid: ejbca-server-ra-iak name: '{{ include "common.release" . }}-ejbca-ra-iak' type: password password: '{{ .Values.config.ejbca.raIak }}' - uid: ejbca-server-client-iak name: '{{ include "common.release" . }}-ejbca-client-iak' type: password password: '{{ .Values.config.ejbca.clientIak }}' # application configuration config: db: userName: ejbca # userPassword: password # userCredentialsExternalSecret: some-secret ejbca: {} # raIak: mypassword # clientIak: mypassword mysqlDatabase: &dbName ejbca ################################################################# # Application configuration defaults. ################################################################# # application configuration replicaCount: 1 ejbca: image: primekey/ejbca-ce:7.4.3.2 pullPolicy: Always mariadb-galera: db: externalSecret: *ejbca-db-secret name: *dbName nameOverride: &ejbca-galera ejbca-galera service: name: ejbca-galera portName: ejbca-galera internalPort: 3306 replicaCount: 1 persistence: enabled: true mountSubPath: ejbca/maria/data serviceAccount: nameOverride: *ejbca-galera mariadb-init: config: userCredentialsExternalSecret: *ejbca-db-secret mysqlDatabase: *dbName nameOverride: ejbca-config nodeSelector: {} affinity: {} # probe configuration parameters liveness: path: /ejbca/publicweb/healthcheck/ejbcahealth port: api initialDelaySeconds: 30 periodSeconds: 30 readiness: path: /ejbca/publicweb/healthcheck/ejbcahealth port: api initialDelaySeconds: 30 periodSeconds: 30 service: type: ClusterIP both_tls_and_plain: true ports: - name: api port: 8443 plain_port: 8080 port_protocol: http # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: small: limits: cpu: 1500m memory: 1536Mi requests: cpu: 10m memory: 750Mi large: limits: cpu: 2 memory: 2Gi requests: cpu: 20m memory: 1Gi unlimited: {} #Pods Service Account serviceAccount: nameOverride: ejbca roles: - read