[POLICY] Upgrade image versions

[oom.git] / kubernetes / policy / components / policy-api / values.yaml

diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index 6f0a590..0e3ada8 100755 (executable)
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -1,5 +1,6 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
+#   Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
+#   Modifications Copyright (C) 2022 Bell Canada. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -22,9 +23,7 @@
 global:
   nodePortPrefix: 304
   persistence: {}
-  envsubstImage: dibi/envsubst
   aafEnabled: true
-  readinessImage: onap/oom/readiness:3.0.1
 
 #################################################################
 # Secrets metaconfig
@@ -38,7 +37,7 @@ secrets:
     passwordPolicy: required
   - uid: restserver-creds
     type: basicAuth
-    externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
+    externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
     login: '{{ .Values.restServer.user }}'
     password: '{{ .Values.restServer.password }}'
     passwordPolicy: required
@@ -71,9 +70,6 @@ certInitializer:
   uid: 100
   gid: 101
   aaf_add_config: >
-    /opt/app/aaf_config/bin/agent.sh;
-    export $(/opt/app/aaf_config/bin/agent.sh local showpass
-    {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12");
     echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
     echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
     chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
@@ -83,8 +79,7 @@ certInitializer:
 # Application configuration defaults.
 #################################################################
 # application image
-repository: nexus3.onap.org:10001
-image: onap/policy-api:2.3.3
+image: onap/policy-api:2.6.3
 pullPolicy: Always
 
 # flag to enable debugging - application support required
@@ -99,7 +94,7 @@ db:
     internalPort: 3306
 
 restServer:
-  user: healthcheck
+  user: policyadmin
   password: zb!XztG34
 
 # default number of instances
@@ -111,15 +106,20 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 20
+  initialDelaySeconds: 60
   periodSeconds: 10
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
 
 readiness:
-  initialDelaySeconds: 20
-  periodSeconds: 10
+  initialDelaySeconds: 10
+  periodSeconds: 120
+  api: /policy/api/v1/healthcheck
+  scheme: HTTPS
+  successThreshold: 1
+  failureThreshold: 3
+  timeout: 60
 
 service:
   type: ClusterIP
@@ -150,3 +150,29 @@ resources:
       memory: 2Gi
   unlimited: {}
 
+#Pods Service Account
+serviceAccount:
+  nameOverride: policy-api
+  roles:
+    - read
+
+metrics:
+  serviceMonitor:
+    # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+    # The default operator for prometheus enforces the below label.
+    labels:
+      release: prometheus
+    enabled: true
+    port: policy-api
+    interval: 60s
+    isHttps: true
+    basicAuth:
+      enabled: true
+      externalSecretNameSuffix: policy-api-user-creds
+      externalSecretUserKey: login
+      externalSecretPasswordKey: password
+    selector:
+      app: '{{ include "common.name" . }}'
+      chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+      release: '{{ include "common.release" . }}'
+      heritage: '{{ .Release.Service }}'