[AAI] OOM AAI Rolling Update fixes

[oom.git] / kubernetes / aai / components / aai-schema-service / values.yaml

diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 252df40..50e12e8 100644 (file)
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -40,11 +40,11 @@ global: # global defaults
       version:
       # Current version of the REST API
         api:
-          default: v24
+          default: v27
         # Specifies which version the depth parameter is configurable
         depth: v11
         # List of all the supported versions of the API
-        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24
+        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
         # Specifies from which version related link should appear
         related:
           link: v11
@@ -58,29 +58,54 @@ global: # global defaults
         edge:
           label: v12
 
-    # Keystore configuration password and filename
-    keystore:
-      filename: aai_keystore
-      passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-
-    # Truststore configuration password and filename
-    truststore:
-      filename: aai_keystore
-      passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-
-    # Specifies a list of files to be included in auth volume
-    auth:
-      files:
-        - aai_keystore
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: aai-schema-service-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: aai-schema-service
+  fqi: aai-schema-service@aai-schema-service.onap.org
+  public_fqdn: aai-schema-service.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  fqi_namespace: org.onap.aai-schema-service
+  user_id: &user_id 1000
+  group_id: &group_id 1000
+  aaf_add_config: |
+    echo "*** changing them into shell safe ones"
+    export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    cd {{ .Values.credsPath }}
+    keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_keystore_password_p12}" \
+      -keystore {{ .Values.fqi_namespace }}.p12
+    keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_truststore_password}" \
+      -keystore {{ .Values.fqi_namespace }}.trust.jks
+    echo "*** writing passwords into prop file"
+    echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
+    echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+    echo "*** change ownership of certificates to targeted user"
+    chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
 
 # application image
-image: onap/aai-schema-service:1.9.2
+image: onap/aai-schema-service:1.11.0
 pullPolicy: Always
 restartPolicy: Always
 flavorOverride: small
 # default number of instances
 replicaCount: 1
 
+updateStrategy:
+  type: RollingUpdate
+  maxUnavailable: 0
+  maxSurge: 1
+
 nodeSelector: {}
 
 affinity: {}
@@ -146,3 +171,13 @@ serviceAccount:
   nameOverride: aai-schema-service
   roles:
     - read
+
+# Not fully used for now
+securityContext:
+  user_id: *user_id
+  group_id: *group_id
+
+#Log configuration
+log:
+  path: /var/log/onap
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'