# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

#################################################################
# Global configuration defaults.
#################################################################
global:
  nodePortPrefix: 302
  zkTunnelService:
    type: ClusterIP
    name: zk-tunnel-svc
    portName: tcp-zk-tunnel
    internalPort: 2181

zookeeper:
  entrance:
    image: scholzj/zoo-entrance:latest

#################################################################
# AAF part
#################################################################
certInitializer:
  nameOverride: dmaap-mr-cert-initializer
  aafDeployFqi: deployer@people.osaaf.org
  aafDeployPass: demo123456!
  # aafDeployCredsExternalSecret: some secret
  fqdn: dmaap-mr
  fqi: dmaapmr@mr.dmaap.onap.org
  public_fqdn: mr.dmaap.onap.org
  cadi_longitude: "-122.26147"
  cadi_latitude: "37.78187"
  app_ns: org.osaaf.aaf
  credsPath: /opt/app/osaaf/local
  appMountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops
  fqi_namespace: org.onap.dmaap.mr
  aaf_add_config: |
    cd {{ .Values.credsPath }}
    echo "*** change jks password into shell safe one"
    export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
    keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
      -storepass "${cadi_keystore_password_jks}" \
      -keystore {{ .Values.fqi_namespace }}.jks
    echo "*** set key password as same password as jks keystore password"
      keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
        -keystore {{ .Values.fqi_namespace }}.jks \
        -keypass "${cadi_keystore_password_jks}" \
        -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
    echo "*** store the passwords"
    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
    echo "KEYSTORE_PASSWORD_P12=${cadi_keystore_password_p12}" >> mycreds.prop
    echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> mycreds.prop
    echo "*** give ownership of files to the user"
    chown -R 1000 .

#################################################################
# Application configuration defaults.
#################################################################
# application image
image: onap/dmaap/dmaap-mr:1.4.3
pullPolicy: Always

secrets:
  - uid: mr-kafka-admin-secret
    externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
    type: genericKV
    envs:
      - name: sasl.jaas.config
        value: '{{ .Values.config.someConfig }}'
        policy: generate

# flag to enable debugging - application support required
debugEnabled: false

# application configuration
config:
  someConfig: blah

# default number of instances
replicaCount: 1

nodeSelector: {}

affinity: {}

# probe configuration parameters
liveness:
  initialDelaySeconds: 10
  periodSeconds: 10
  timeoutSeconds: 1
  successThreshold: 1
  failureThreshold: 3
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  port: api
  enabled: true

readiness:
  initialDelaySeconds: 10
  periodSeconds: 10
  timeoutSeconds: 1
  successThreshold: 1
  failureThreshold: 3
  port: api

startup:
  initialDelaySeconds: 10
  periodSeconds: 10
  timeoutSeconds: 1
  successThreshold: 1
  failureThreshold: 70
  port: api

service:
  type: NodePort
  name: message-router
  both_tls_and_plain: true
  msb:
    - port: 3904
      url: "/"
      version: "v1"
      protocol: "REST"
      visualRange: "1"
  ports:
    - name: api
      port: 3905
      plain_port: 3904
      port_protocol: http
      nodePort: 26

prometheus:
  jmx:
    enabled: false
    image: solsson/kafka-prometheus-jmx-exporter@sha256
    imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
    port: 5556
    targetPort: 5555

ingress:
  enabled: false
  service:
    - baseaddr: "dmaap-mr-api"
      name: "message-router"
      port: 3905
      plain_port: 3904
  config:
    ssl: "redirect"


# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
  small:
    limits:
      cpu: 2000m
      memory: 4Gi
    requests:
      cpu: 500m
      memory: 1Gi
  large:
    limits:
      cpu: 4000m
      memory: 8Gi
    requests:
      cpu: 1000m
      memory: 2Gi
  unlimited: {}

#Pods Service Account
serviceAccount:
  nameOverride: message-router
  roles:
    - read