[AAI] Make AAI Sparky BE ServiceMesh ready

[oom.git] / kubernetes / aai / components / aai-sparky-be / values.yaml

diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml
index dae4247..a8896e0 100644 (file)
--- a/kubernetes/aai/components/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/components/aai-sparky-be/values.yaml
@@ -27,8 +27,42 @@ global: # global defaults
   searchData:
     serviceName: aai-search-data
 
+
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: aai-sparky-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: "aai"
+  app_ns: "org.osaaf.aaf"
+  fqi_namespace: "org.onap.aai"
+  fqi: "aai@aai.onap.org"
+  public_fqdn: "aaf.osaaf.org"
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  credsPath: /opt/app/osaaf/local
+  aaf_add_config: |
+    echo "*** changing passwords into shell safe ones"
+    export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    cd {{ .Values.credsPath }}
+    keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
+      -storepass "${cadi_keystore_password_p12}" \
+      -keystore {{ .Values.fqi_namespace }}.p12
+    keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
+      -storepass "${cadi_truststore_password}" \
+      -keystore {{ .Values.fqi_namespace }}.trust.jks
+    echo "*** save the generated passwords"
+    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
+    echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
+    echo "*** change ownership of certificates to targeted user"
+    chown -R 1000 {{ .Values.credsPath }}
+
 # application image
-image: onap/sparky-be:2.0.0
+image: onap/sparky-be:2.0.3
 pullPolicy: Always
 restartPolicy: Always
 flavor: small
@@ -41,16 +75,10 @@ config:
   gerritBranch: 3.0.0-ONAP
   gerritProject: http://gerrit.onap.org/r/aai/test-config
   portalUsername: aaiui
-  portalPassword: OBF:1t2v1vfv1unz1vgz1t3b
+  portalPassword: OBF:1t2v1vfv1unz1vgz1t3b # aaiui
   portalCookieName: UserId
   portalAppRoles: ui_view
-  aafUsername: aai@aai.onap.org
-  aafNamespace: org.onap.aai
-  aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz
-  cadiKeyFile: /opt/app/sparky/config/portal/keyFile
-  cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks
   cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
-  cadiTrustStorePassword: changeit
   cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
 
 # ONAP Cookie Processing - During initial development, the following flag, if true, will
@@ -85,14 +113,16 @@ readiness:
 
 service:
   type: NodePort
-  portName: aai-sparky-be
+  portName: http
+  externalPort: 8000
   internalPort: 8000
+  internalPlainPort: 9517
   nodePort: 20
 
 ingress:
   enabled: false
   service:
-    - baseaddr: "aaisparkybe"
+    - baseaddr: "aai-sparkybe-api"
       name: "aai-sparky-be"
       port: 8000
   config:
@@ -116,3 +146,14 @@ resources:
       cpu: 0.5
       memory: 2Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: aai-sparky-be
+  roles:
+    - read
+
+#Log configuration
+log:
+  path: /var/log/onap
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'