[POLICY] Service Mesh Compliance for Policy

[oom.git] / kubernetes / policy / components / policy-clamp-ac-k8s-ppnt / resources / config / KubernetesParticipantParameters.yaml

diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
index 823faf0..6fc53e2 100644 (file)
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
@@ -21,6 +21,19 @@ spring:
     user:
       name: ${RESTSERVER_USER}
       password: ${RESTSERVER_PASSWORD}
+  kafka:
+    consumer:
+      group-id: {{ .Values.config.kafka.consumer.groupId }}
+{{- if .Values.config.useStrimziKafka }}
+    bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+    security.protocol: SASL_PLAINTEXT
+    properties.sasl:
+      mechanism: SCRAM-SHA-512
+      jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
+{{- end }}
+
 security:
   enable-csrf: false
 
@@ -44,14 +57,40 @@ participant:
             - ${topicServer:message-router}
           topicCommInfrastructure: dmaap
           fetchTimeout: 15000
-          useHttps: true
+          useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
       topicSinks:
         -
           topic: POLICY-ACRUNTIME-PARTICIPANT
           servers:
             - ${topicServer:message-router}
           topicCommInfrastructure: dmaap
-          useHttps: true
+          useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
+
+# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below
+#    clampAutomationCompositionTopics:
+#      topicSources:
+#        -
+#          topic: policy-acruntime-participant
+#          servers:
+#            - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+#          topicCommInfrastructure: kafka
+#          fetchTimeout: 15000
+#          useHttps: true
+#          additionalProps:
+#            security.protocol: SASL_PLAINTEXT
+#            sasl.mechanism: SCRAM-SHA-512
+#            sasl.jaas.config: ${JAASLOGIN}
+#      topicSinks:
+#        -
+#          topic: policy-acruntime-participant
+#          servers:
+#            - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+#          topicCommInfrastructure: kafka
+#          useHttps: true
+#          additionalProps:
+#            security.protocol: SASL_PLAINTEXT
+#            sasl.mechanism: SCRAM-SHA-512
+#            sasl.jaas.config: ${JAASLOGIN}
 
 management:
   endpoints:
@@ -65,6 +104,9 @@ server:
   port: 8083
   servlet:
     context-path: /onap/policy/clamp/acm/k8sparticipant
+  ssl:
+    enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+
 
 logging:
   # Configuration of logging
@@ -83,5 +125,3 @@ chart:
     enabled: false
 
 # Permitted list of helm repositories. Values are updated from values.yaml
-
-