Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "[CDS] Add cps-data resourceSourceMapping in application.properties"
[oom.git] / kubernetes / cds / components / cds-blueprints-processor / values.yaml
diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
index 98121fd..023bf49 100755 (executable)
--- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
@@ -1,5 +1,6 @@
 # Copyright (c) 2019 IBM, Bell Canada
 # Copyright (c) 2020 Samsung Electronics
+# Modification Copyright © 2022 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -27,10 +28,28 @@ global:
   persistence:
     mountPath: /dockerdata-nfs
 
-  #This configuration specifies Service and port for SDNC OAM interface
+  # This configuration specifies Service and port for SDNC OAM interface
   sdncOamService: sdnc-oam
   sdncOamPort: 8282
 
+  # This concerns CDS/AAI communication through HTTP when TLS is not being needed
+  # Port value should match the one in aai/values.yml : service.externalPlainPort
+  aaiData:
+    ExternalPlainPort: 80 # when TLS is not needed
+    ServiceName: aai  # domain
+    # http://aai:80 or https://aai:443
+
+  #AAF is enabled by default
+  #aafEnabled: true
+
+  #enable importCustomCerts to add custom CA to blueprint processor pod
+  #importCustomCertsEnabled: true
+
+  #use below configmap to add custom CA certificates
+  #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod
+  #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod
+  #customCertsConfigMap: onap-cds-blueprints-processor-configmap
+
 #################################################################
 # Secrets metaconfig
 #################################################################
@@ -46,12 +65,50 @@ secrets:
     externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
     password: '{{ .Values.config.sdncDB.dbRootPass }}'
     passwordPolicy: required
+  - uid: cds-kafka-secret
+    externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+    type: genericKV
+    envs:
+      - name: password
+        value: '{{ .Values.config.someConfig }}'
+        policy: generate
+  - uid: cps-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}'
+    login: '{{ .Values.config.cps.cpsUsername }}'
+    password: '{{ .Values.config.cps.cpsPassword }}'
+    passwordPolicy: required
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: cds-blueprints-processor-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: sdnc-cds
+  fqi: sdnc-cds@sdnc-cds.onap.org
+  public_fqdn: sdnc-cds.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  fqi_namespace: org.onap.sdnc-cds
+  #enable below if we need custom CA to be added to blueprint processor pod
+  #importCustomCertsEnabled: true
+  #truststoreMountpath: /opt/onap/cds
+  #truststoreOutputFileName: truststoreONAPall.jks
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh;
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/ccsdk-blueprintsprocessor:1.1.4
+image: onap/ccsdk-blueprintsprocessor:1.3.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required
@@ -64,7 +121,7 @@ config:
     dbService: mariadb-galera
     dbPort: 3306
     dbName: sdnctl
-    #dbRootPass: Custom root password
+    # dbRootPass: Custom root password
     dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
   cdsDB:
     dbServer: cds-db
@@ -75,6 +132,11 @@ config:
     # dbCredsExternalSecret: <some secret name>
     # dbRootPassword: password
     # dbRootPassExternalSecret
+  someConfig: blah
+  cps:
+    cpsUsername: ''
+    cpsPassword: ''
+    cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
 
 # default number of instances
 replicaCount: 1
@@ -83,10 +145,40 @@ nodeSelector: {}
 
 affinity: {}
 
-# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using
-# custom kafka cluster.
-dmaapEnabled: true
+# If useStrimziKafka is true, the following also applies:
+# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
+# The connection type must be kafka-scram-plain-text-auth
+# The bootstrapServers will target the strimzi kafka cluster by default
+useStrimziKafka: false
+cdsKafkaUser: cds-kafka-user
 
+kafkaRequestConsumer:
+  enabled: false
+  type: kafka-scram-plain-text-auth
+  bootstrapServers: host:port
+  groupId: cds-consumer
+  topic: cds.blueprint-processor.self-service-api.request
+  clientId: request-receiver-client-id
+  pollMillSec: 1000
+kafkaRequestProducer:
+  type: kafka-scram-plain-text-auth
+  bootstrapServers: host:port
+  clientId: request-producer-client-id
+  topic: cds.blueprint-processor.self-service-api.response
+  enableIdempotence: false
+kafkaAuditRequest:
+  enabled: false
+  type: kafka-scram-plain-text-auth
+  bootstrapServers: host:port
+  clientId: audit-request-producer-client-id
+  topic: cds.blueprint-processor.self-service-api.audit.request
+  enableIdempotence: false
+kafkaAuditResponse:
+  type: kafka-scram-plain-text-auth
+  bootstrapServers: host:port
+  clientId: audit-response-producer-client-id
+  topic: cds.blueprint-processor.self-service-api.audit.response
+  enableIdempotence: false
 
 # probe configuration parameters
 startup:
@@ -95,12 +187,12 @@ startup:
   periodSeconds: 10
 
 liveness:
-  initialDelaySeconds: 0
+  initialDelaySeconds: 1
   periodSeconds: 20
-  timeoutSeconds: 20
+  timeoutSeconds: 30
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
-  enabled: true
+  enabled: false
 
 readiness:
   initialDelaySeconds: 120
@@ -110,17 +202,17 @@ readiness:
 service:
   http:
     type: ClusterIP
-    portName: blueprints-processor-http
+    portName: http
     internalPort: 8080
     externalPort: 8080
   grpc:
     type: ClusterIP
-    portName: blueprints-processor-grpc
+    portName: grpc
     internalPort: 9111
     externalPort: 9111
   cluster:
     type: ClusterIP
-    portName: blueprints-processor-cluster
+    portName: tcp-cluster
     internalPort: 5701
     externalPort: 5701
 
@@ -148,8 +240,8 @@ ingress:
     - baseaddr: "blueprintsprocessorhttp"
       name: "cds-blueprints-processor-http"
       port: 8080
-  config:
-    ssl: "none"
+      config:
+        ssl: "none"
 
 logback:
   rootLogLevel: INFO
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).