Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Run SDC pods as non-root
[oom.git] / kubernetes / sdc / charts / sdc-wfd-fe / values.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
index 45d2965..6b0669b 100644 (file)
--- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
@@ -17,6 +17,7 @@
 #################################################################
 global:
   nodePortPrefix: 302
+  nodePortPrefixExt: 304
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
@@ -27,15 +28,24 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/workflow-frontend:1.4.0-SNAPSHOT
+image: onap/workflow-frontend:1.6.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required
 debugEnabled: false
 
 config:
-  javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7000,server=y,suspend=n -Xmx256m -Xms256m"
-  backendServerURL: "http://sdc-wfd-be:8080"
+  javaOptions: "-Xmx256m -Xms256m"
+  backendServerURL: "https://sdc-wfd-be:8443"
+  isHttpsEnabled: true
+  # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
+  isTrustAll: true
+# https relevant settings. Change in case you have other trust files then default ones.
+security:
+  isDefaultStore: false
+  truststoreFilename: "org.onap.sdc.trust.jks"
+  keystoreFilename: "org.onap.sdc.p12"
+  storePath: "etc"
 
 # default number of instances
 replicaCount: 1
@@ -60,20 +70,24 @@ service:
   type: NodePort
   internalPort: 8080
   externalPort: 8080
+  internalPort2: 8443
+  externalPort2: 8443
   portName: sdc-wfd-fe
-  nodePort: "56"
+  nodePort: "56" # only one node port. set to http or https port depending on isHttpsEnabled property
 
 ingress:
   enabled: false
+  service:
+    - baseaddr: "sdcwfdfe"
+      name: "sdc-wfd-fe"
+      port: 8443
   annotations:
     ingress.kubernetes.io/secure-backends: "false"
     nginx.ingress.kubernetes.io/secure-backends: "false"
     nginx.ingress.kubernetes.io/proxy-body-size: "0"
     nginx.ingress.kubernetes.io/ssl-redirect: "true"
     nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
-    nginx.ingress.kubernetes.io/rewrite-target: /workflows/
-    nginx.ingress.kubernetes.io/server-snippet: |
-      underscores_in_headers on;
+    nginx.ingress.kubernetes.io/rewrite-target: "/workflows/"
 
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).