[AAI] Release 1.11.0 images for Kohn

[oom.git] / kubernetes / aai / components / aai-modelloader / values.yaml

diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml
index 0d8acf8..7857f6b 100644 (file)
--- a/kubernetes/aai/components/aai-modelloader/values.yaml
+++ b/kubernetes/aai/components/aai-modelloader/values.yaml
@@ -1,5 +1,5 @@
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020-2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -19,9 +19,44 @@
 global: # global defaults
   nodePortPrefix: 302
 
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: aai-ml-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: aai
+  fqi: aai@aai.onap.org
+  public_fqdn: aai.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  appMountPath: /opt/app/model-loader/config/auth/aaf
+  fqi_namespace: org.onap.aai
+  user_id: &user_id 1000
+  group_id: &group_id 1000
+  aaf_add_config: |
+    echo "*** changing them into shell safe ones"
+    export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    cd {{ .Values.credsPath }}
+    keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_keystore_password_p12}" \
+      -keystore {{ .Values.fqi_namespace }}.p12
+    keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_truststore_password}" \
+      -keystore {{ .Values.fqi_namespace }}.trust.jks
+    echo "*** writing passwords into prop file"
+    echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
+    echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+    echo "*** change ownership of certificates to targeted user"
+    chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
 
 # application image
-image: onap/model-loader:1.7.0
+image: onap/model-loader:1.11.0
 pullPolicy: Always
 restartPolicy: Always
 flavor: small
@@ -48,26 +83,6 @@ readiness:
   initialDelaySeconds: 10
   periodSeconds: 10
 
-service:
-  type: NodePort
-  portName: aai-modelloader
-  externalPort: 8080
-  internalPort: 8080
-  nodePort: 10
-  portName2: aai-modelloader-ssl
-  externalPort2: 8443
-  internalPort2: 8443
-  nodePort2: 29
-
-ingress:
-  enabled: false
-  service:
-    - baseaddr: "aaimodelloader"
-      name: "aai-modelloader"
-      port: 8443
-  config:
-    ssl: "redirect"
-
 resources:
   small:
     limits:
@@ -84,3 +99,19 @@ resources:
       cpu: 1
       memory: 1536Mi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: aai-modelloader
+  roles:
+    - read
+
+# Not fully used for now
+securityContext:
+  user_id: *user_id
+  group_id: *group_id
+
+#Log configuration
+log:
+  path: /var/log/onap
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'