[DCAEGEN2] Create Authorization Policies for DCAE

[oom.git] / kubernetes / dcaegen2-services / components / dcae-tcagen2 / values.yaml

diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
index 08ca865..191a5b1 100644 (file)
--- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -1,7 +1,8 @@
 #============LICENSE_START========================================================
 # ================================================================================
-# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved.
 # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -31,16 +32,11 @@ filebeatConfig:
   logstashServiceName: log-ls
   logstashPort: 5044
 
-#################################################################
-# initContainer images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.4
+image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.4.0
 pullPolicy: Always
 
 # log directory where logging sidecar should look for log files
@@ -50,15 +46,6 @@ log:
   path: /opt/logs/dcae-analytics-tca
 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
 
-# directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /etc/tca-gen2/ssl
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: false
-
 secrets:
   - uid: &aaiCredsUID aaicreds
     type: basicAuth
@@ -87,6 +74,11 @@ service:
     - port: 9091
       name: http
 
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: message-router-read
+
 # mongoDB overrides
 mongo:
   nameOverride: dcae-mongo