Merge "[SO] Enable SO-Monitoring - use HTTPS and certInitializer"

[oom.git] / kubernetes / onap / values.yaml

diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 394c0b4..309e5dd 100755 (executable)
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -1,4 +1,6 @@
 # Copyright © 2019 Amdocs, Bell Canada
+# Copyright (c) 2020 Nordix Foundation, Modifications
+# Modifications Copyright © 2020 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -89,6 +91,11 @@ global:
   # flag to enable debugging - application support required
   debugEnabled: false
 
+  # default password complexity
+  # available options: phrase, name, pin, basic, short, medium, long, maximum security
+  # More datails: https://masterpassword.app/masterpassword-algorithm.pdf
+  passwordStrength: long
+
   # configuration to set log level to all components (the one that are using
   # "common.log.level" to set this)
   # can be overrided per components by setting logConfiguration.logLevelOverride
@@ -99,8 +106,8 @@ global:
   ingress:
     enabled: false
     virtualhost:
-        enabled: true
-        baseurl: "simpledemo.onap.org"
+      enabled: true
+      baseurl: "simpledemo.onap.org"
 
   # Global Service Mesh configuration
   # POC Mode, don't use it in production
@@ -116,12 +123,12 @@ global:
 
   # Enabling CMPv2
   cmpv2Enabled: true
-  aaf:
+  platform:
     certServiceClient:
-      image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0
+      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
       secret:
-        name: aaf-cert-service-client-tls-secret
-        mountPath: /etc/onap/aaf/certservice/certs/
+        name: oom-cert-service-client-tls-secret
+        mountPath: /etc/onap/oom/certservice/certs/
       envVariables:
         # Certificate related
         cmpv2Organization: "Linux-Foundation"
@@ -131,11 +138,12 @@ global:
         cmpv2Country: "US"
         # Client configuration related
         caName: "RA"
-        requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+        requestURL: "https://oom-cert-service:8443/v1/certificate/"
         requestTimeout: "30000"
-        keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
+        keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
+        outputType: "P12"
         keystorePassword: "secret"
-        truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"
+        truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
         truststorePassword: "secret"
 
   # TLS
@@ -149,13 +157,12 @@ global:
   # default
   centralizedLoggingEnabled: &centralizedLogging false
 
-
-# Example of specific for the components where you want to disable TLS only for
-# it:
-# if set this element will force or not tls even if global.serviceMesh.tls and
-# global.tlsEnabled is set otherwise.
-# robot:
-#   tlsOverride: false
+  # Example of specific for the components where you want to disable TLS only for
+  # it:
+  # if set this element will force or not tls even if global.serviceMesh.tls and
+  # global.tlsEnabled is set otherwise.
+  # robot:
+  #   tlsOverride: false
 
   # Global storage configuration
   #    Set to "-" for default, or with the name of the storage class
@@ -288,6 +295,12 @@ so:
     openStackServiceTenantName: "service"
     openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
 
+  # in order to enable static password for so-monitoring uncomment:
+  # so-monitoring:
+  #   server:
+  #     monitoring:
+  #       password: demo123456!
+
   # configure embedded mariadb
   mariadb:
     config:
@@ -302,3 +315,10 @@ vnfsdk:
   enabled: false
 modeling:
   enabled: false
+platform:
+  enabled: false
+a1policymanagement:
+  enabled: false
+
+cert-wrapper:
+  enabled: true