[COMMON] Harmonize resource settings

[oom.git] / kubernetes / dcaegen2-services / components / dcae-pmsh / values.yaml

diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
index 7f30654..523e31a 100644 (file)
--- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
@@ -1,7 +1,7 @@
 # ================================ LICENSE_START =============================
 # ============================================================================
 #  Copyright (C) 2021 Nordix Foundation.
-#  Copyright (c) 2022 J. F. Lucas. All rights reserved.
+#  Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
 # ============================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -35,11 +35,6 @@ filebeatConfig:
 # Secrets Configuration.
 #################################################################
 secrets:
-  - uid: &aafCredsUID aafcreds
-    type: basicAuth
-    login: '{{ .Values.aafCreds.identity }}'
-    password: '{{ .Values.aafCreds.password }}'
-    passwordPolicy: required
   - uid: &pgUserCredsSecretUid pg-user-creds
     name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds'
     type: basicAuth
@@ -48,16 +43,11 @@ secrets:
     password: '{{ .Values.postgres.config.pgUserPassword }}'
     passwordPolicy: generate
 
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
 #################################################################
 # Application Configuration Defaults.
 #################################################################
 # Application Image
-image: onap/org.onap.dcaegen2.services.pmsh:2.2.2
+image: onap/org.onap.dcaegen2.services.pmsh:2.2.3
 pullPolicy: Always
 
 # Log directory where logging sidecar should look for log files
@@ -67,15 +57,6 @@ log:
   path: /var/log/ONAP/dcaegen2/services/pmsh
 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
 
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/pmsh/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
 # Dependencies
 readinessCheck:
   wait_for:
@@ -101,24 +82,18 @@ service:
       plain_port: 8080
       port_protocol: http
 
-# AAF Credentials
-aafCreds:
-  identity: dcae@dcae.onap.org
-  password: demo123456!
-
-credentials:
-- name: AAF_IDENTITY
-  uid: *aafCredsUID
-  key: login
-- name: AAF_PASSWORD
-  uid: *aafCredsUID
-  key: password
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: message-router-read
+    authorizedPrincipalsPostgres:
+      - serviceAccount: dcae-pmsh-read
 
 # Initial Application Configuration
 applicationConfig:
   enable_tls: false
-  aaf_identity: ${AAF_IDENTITY}
-  aaf_password: ${AAF_PASSWORD}
+  aaf_identity: dummy_value
+  aaf_password: dummy_value
   key_path: /opt/app/pmsh/etc/certs/key.pem
   cert_path: /opt/app/pmsh/etc/certs/cert.pem
   ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem
@@ -164,18 +139,18 @@ flavor: small
 resources:
   small:
     limits:
-      cpu: 1
-      memory: 1Gi
+      cpu: "1"
+      memory: "1Gi"
     requests:
-      cpu: 1
-      memory: 1Gi
+      cpu: "1"
+      memory: "1Gi"
   large:
     limits:
-      cpu: 2
-      memory: 2Gi
+      cpu: "2"
+      memory: "2Gi"
     requests:
-      cpu: 2
-      memory: 2Gi
+      cpu: "2"
+      memory: "2Gi"
   unlimited: {}
 
 #################################################################