+{{/*
# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+*/}}
#####################################################
#
-# ONAP Casablanca oom configurable deployment params:
+# Hooks for specific environment configurations
#
#####################################################
-
+# Indicator for whether to use AAF for authentication
+UseAAF: false
#####################################################
#
-# Hooks for specific environment configurations
+# HTTP Server Configuration
#
#####################################################
-# Indicator for whether to use AAF
-UseAAF: {{ .Values.global.aafEnabled }}
-# csit: stubs out some southbound APIs for csit
-csit: No
+# Allow http access to dbcapi
+HttpAllowed: true
-# name of this DMaaP instance (deprecated)
-#DmaapName: demo
+# listen to http port within this container (server)
+IntHttpPort: 8080
+
+# listen to https port within this container (server)
+# set to 0 if no certificates are available.
+IntHttpsPort: 0
#####################################################
#
# Settings for Southbound API: Datarouter
#
#####################################################
-# FQDN of DR Prov Server (deprecated)
-#DR.provhost: dcae-drps.domain.not.set
-
# URI to retrieve dynamic DR configuration
ProvisioningURI: /internal/prov
# indicator for handling feed delete:
# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility)
-# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments.
-Feed.deleteHandling: SimulateDelete
+# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments.
+Feed.deleteHandling: DeleteOnDR
#####################################################
#
# Settings for Soutbound API: Postgresql
#
#####################################################
-# flag indicates if we are using postgresql
-UsePGSQL: {{ .Values.PG.enabled }}
+# flag indicates if we are using postgresql or an in memory db
+UsePGSQL: {{ .Values.usePostgres }}
# postgres host name
# Need to connect to PG primary service, designated by service.name2
# postgres schema name
#DB.schema: {{ .Values.postgres.config.pgDatabase }}
-
# postgres user name
-#DB.user: {{ .Values.postgres.config.pgUserName }}
+DB.user: ${PG_USER}
# postgres user password
-DB.cred: {{ .Values.postgres.config.pgUserPassword }}
-
+DB.cred: ${PG_PASSWORD}
#####################################################
#
MR.multisite: false
# FQDN of primary message router.
-# In ONAP Casablanca, there is only 1 message router service, so use that.
-# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR
+# In ONAP, there is only 1 message router service, so use that.
MR.CentralCname: {{ .Values.dmaapMessageRouterService }}
+# Indicator for whether we want hostname verification on SSL connection to MR
+MR.hostnameVerify: false
+
# MR Client Delete Level thoroughness:
# 0 = don't delete
# 1 = delete from persistent store
# 2 = delete from persistent store (DB) and authorization store (AAF)
MR.ClientDeleteLevel: 1
-# namespace of MR Topic Factory
-MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory
-
-# AAF Role assigned to Topic Manager Identity
-MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client
-
-# MR topic ProjectID (used in certain topic name generation formats)
-MR.projectID: mr
-
# Use Basic Authentication when provisioning topics
-MR.authentication: basicAuth
-
-
-#####################################################
-#
-# Settings for Southbound API: CADI
-#
-#####################################################
-# path to cadi.properties
-cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props
-
-#####################################################
-#
-# Settings for Southbound API: AAF proxy
-#
-#####################################################
-# URL of the AAF server
-aaf.URL: {{ .Values.aafURL }}
-
-# TopicMgr Identity
-aaf.TopicMgrUser: {{ .Values.topicMgrUser }}
-
-# Password for TopicMgr identity
-aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }}
-
-# Buscontroller Admin Identity
-aaf.AdminUser: {{ .Values.adminUser }}
+MR.authentication: none
-# Admin Password
-aaf.AdminPassword: {{ .Values.adminPwd }}
-
-# Identity that is owner of any created namespaces for topics
-aaf.NsOwnerIdentity: {{ .Values.adminUser }}
-
-# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
-CredentialCodeKeyfile: etc/LocalKey
-
-# this overrides the Class used for Decryption.
-# This allows for a plugin encryption/decryption method if needed.
-# Call this Class for decryption at runtime.
-#AafDecryption.Class: com.company.proprietaryDecryptor
-
-
-#####################################################
-#
-# Settings for authorization of DBCAPI
-#
-#####################################################
-# Namespace for URI values for the API used to create AAF permissions
-# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients
-ApiNamespace: org.onap.dmaap-bc.api
-
-# If API authorization is required, then implement a class to enforce it.
-# This overrides the Class used for API permission check.
ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll
-
-#####################################################
#
-# Settings for Southbound API: MirrorMaker provisioning
-#
-#####################################################
-# AAF Role of client publishing MM prov cmds
-MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov
-
-# AAF identity when publishing MM prov cmds
-MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org
-
-# pwd for Identity used to publish MM prov cmds
-MM.ProvUserPwd: demo123456!
-
-# AAF Role of MirrorMaker agent subscribed to prov cmds
-MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent
+# end of MR Related Properties
+################################################################################
#####################################################
#
-# HTTP Server Configuration
+# Certificate Management
#
#####################################################
+# When CertificateManagement is legacy, we need to provide more details about cert handling:
+#CertificateManagement: legacy
+# the type of keystore for https (for legacy CertificateManagment only)
+#KeyStoreType: jks
-# Allow http access to dbcapi
-HttpAllowed: true
-
-# listen to http port within this container (server)
-IntHttpPort: 8080
-
-# listen to https port within this container (server)
-# set to 0 if no certificates are available.
-IntHttpsPort: 8443
-
-# external port number for https taking port mapping into account
-ExtHttpsPort: 443
-
-# the type of keystore for https
-KeyStoreType: jks
+# path to the keystore file (for legacy CertificateManagment only)
+#KeyStoreFile: etc/keystore
-# path to the keystore file
-KeyStoreFile: etc/keystore
+# password for the https keystore (for legacy CertificateManagment only)
+#KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF
+# password for the private key in the https keystore (for legacy CertificateManagment only)
+#KeyPassword: changeit
-# password for the https keystore
-KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF
-# password for the private key in the https keystore
-KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF
+# type of truststore for https (for legacy CertificateManagment only)
+#TrustStoreType: jks
-# type of truststore for https
-TrustStoreType: jks
+# path to the truststore for https (for legacy CertificateManagment only)
+#TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks
-# path to the truststore for https
-TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks
-
-# password for the https truststore
-TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY*
-
-# path to the file used to trigger an orderly shutdown
-QuiesceFile: etc/SHUTDOWN
-
-inHttpsPort: 0
+# password for the https truststore (for legacy CertificateManagment only)
+#TrustStorePassword: changeit
+#
+# END OF legacy CertificateManagement properties
+##########################################################################################
Code Review / oom.git / blobdiff