[UUI] Update image version 16.0.1 of components of UUI
[oom.git] / kubernetes / sdc / components / sdc-onboarding-be / values.yaml
index 5a1c664..6a35c44 100644 (file)
@@ -1,5 +1,6 @@
 # Copyright © 2017 Amdocs, Bell Canada
 # Modifications Copyright © 2018 AT&T, ZTE
+# Modifications Copyright © 2025 Deutsche Telekom
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,7 +19,6 @@
 #################################################################
 global:
   nodePortPrefix: 302
-  aafEnabled: true
   persistence: {}
   sdc_cassandra:
     #This flag allows SDC to instantiate its own cluster, serviceName
@@ -32,35 +32,12 @@ global:
     clusterName: cassandra
     dataCenter: Pod
 
-#################################################################
-# AAF Part
-#################################################################
-certInitializer:
-  nameOverride: sdc-onboarding-be-cert-init
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  fqdn: sdc
-  fqi: sdc@sdc.onap.org
-  public_fqdn: sdc.onap.org
-  cadi_longitude: "0.0"
-  cadi_latitude: "0.0"
-  app_ns: org.osaaf.aaf
-  credsPath: /opt/app/osaaf/local
-  addconfig: true
-  keystoreFile: "org.onap.sdc.p12"
-  truststoreFile: "org.onap.sdc.trust.jks"
-  permission_user: 352070
-  permission_group: 35953
-  aaf_add_config: |
-    echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop
-    echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop
-
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/sdc-onboard-backend:1.11.4
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.4
+image: onap/sdc-onboard-backend:1.14.1
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.14.1
 pullPolicy: Always
 
 # flag to enable debugging - application support required
@@ -83,6 +60,7 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
+  path: /onboarding-api/v1.0/healthcheck
   initialDelaySeconds: 1
   periodSeconds: 10
   timeoutSeconds: 15
@@ -93,6 +71,7 @@ liveness:
   enabled: true
 
 readiness:
+  path: /onboarding-api/v1.0/healthcheck
   initialDelaySeconds: 1
   periodSeconds: 10
   timeoutSeconds: 15
@@ -100,6 +79,7 @@ readiness:
   failureThreshold: 3
 
 startup:
+  path: /onboarding-api/v1.0/healthcheck
   initialDelaySeconds: 10
   periodSeconds: 10
   timeoutSeconds: 15
@@ -109,12 +89,16 @@ startup:
 service:
   type: ClusterIP
   name: sdc-onboarding-be
-  portName: http
-  internalPort: 8445
-  externalPort: 8445
+  internalPort: 8081
+  jobPort: 8080
+  ports:
+    - name: http
+      port: 8081
 
-  internalPort2: 8081
-  externalPort2: 8081
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: sdc-be-read
 
 ## Persist data to a persitent volume
 persistence:
@@ -139,21 +123,6 @@ persistence:
   mountPath: /dockerdata-nfs
   mountSubPath: /sdc/sdc-cs/CS
 
-##Certificate storage persistence
-##This is temporary solution for SDC-1980
-cert:
-  certDir: /app/jetty/cert
-  persistence:
-    enabled: true
-    size: 10Mi
-    accessMode: ReadWriteOnce
-    volumeReclaimPolicy: Retain
-    mountSubPath: /sdc/onbaording/cert
-
-securityContext:
-  fsGroup: 35953
-  runAsUser: 352070
-
 ingress:
   enabled: false
 
@@ -163,18 +132,18 @@ flavor: small
 resources:
   small:
     limits:
-      cpu: 500m
-      memory: 2Gi
+      cpu: "2"
+      memory: "2Gi"
     requests:
-      cpu: 40m
-      memory: 1Gi
+      cpu: "0.5"
+      memory: "1.5Gi"
   large:
     limits:
-      cpu: 1
-      memory: 4Gi
+      cpu: "2"
+      memory: "3Gi"
     requests:
-      cpu: 80m
-      memory: 2Gi
+      cpu: "1"
+      memory: "3Gi"
   unlimited: {}
 
 #Pods Service Account
@@ -187,7 +156,136 @@ wait_for_job_container:
   containers:
     - '{{ include "common.name" . }}-job'
 
+readinessCheck:
+  wait_for:
+    timeout: 25
+    jobs:
+      - '{{ include "common.release" . }}-sdc-onboarding-be'
+  job_wait_for:
+    timeout: 20
+    jobs:
+      - '{{ include "common.release" . }}-sdc-cs'
+
 #Log configuration
 log:
   path: /var/log/onap
 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+
+securityContext:
+  user_id: 1000
+  group_id: 101
+
+volumes:
+  logSizeLimit: 300Mi
+  jettySizeLimit: 400Mi
+  tmpSizeLimit: 500Mi
+
+resources_initContainer:
+  limits:
+    cpu: "100m"
+    memory: "500Mi"
+  requests:
+    cpu: "3m"
+    memory: "20Mi"
+
+jobPodSecurityContext:
+  fsGroup: 1000
+  runAsGroup: 1000
+  runAsNonRoot: true
+  runAsUser: 1000
+  seccompProfile:
+    type: RuntimeDefault
+
+#################################################################
+# Settings from Default.rb
+#################################################################
+ONBOARDING_BE:
+  http_port: 8081
+  https_port: 8445
+  catalog_notification_url: "%s://%s:%s/sdc2/rest/v1/catalog/notif/vsp/"
+FE:
+  http_port: 8181
+  https_port: 9443
+disableHttp: true
+cassandra:
+  truststore_password: Aa123456
+  cassandra_port: 9042
+  datacenter_name: DC-
+  cluster_name: SDC-CS-
+  socket_read_timeout: 20000
+  socket_connect_timeout: 20000
+  janusgraph_connection_timeout: 10000
+  cassandra_user: asdc_user
+  cassandra_password: Aa1234%^!
+sdcHelmValidator:
+  enabled: true
+  helmVersion: 3.5.2
+  deployable: true
+  lintable: false
+  strictLintable: false
+  url: http://sdc-helm-validator:8080/validate
+VnfRepo:
+  vnfRepoPort: 8703
+  vnfRepoHost: refrepo
+jetty:
+  trustStorePassword: "z+KEj;t+,KN^iimSiS89e#p0"
+  keyManagerPassword: "?(kP!Yur![*!Y5!E^f(ZKc31"
+  keyStorePassword: "?(kP!Yur![*!Y5!E^f(ZKc31"
+basic_auth:
+  enabled: true
+  user_name: testName
+  user_pass: testPass
+  excludedUrls: /v1.0/healthcheck
+
+EXTTEST:
+  ep1_config: vtp,VTP,true,http://refrepo:8702/onapapi/vnfsdk-marketplace,onap.*
+  ep2_config: repository,Repository,false,,.*
+
+#Addiding extra Envs
+permittedAncestors: ""
+JETTY_BASE: "/app/jetty"
+http_option: http_option
+
+autoscaling:
+  enabled: true
+  minReplicas: 1
+  maxReplicas: 3
+  targetCPUUtilizationPercentage: 75
+
+# number of ReplicaSets that should be retained for the Deployment
+revisionHistoryLimit: 1
+
+# the minimum number of seconds that a newly created Pod should be ready
+minReadySeconds: 30
+updateStrategy:
+  type: RollingUpdate
+  # The number of pods that can be unavailable during the update process
+  maxUnavailable: 0
+  # The number of pods that can be created above the desired amount of pods during an update
+  maxSurge: 1
+
+metrics:
+  serviceMonitor:
+    enabled: true
+    targetPort: 8081
+    path: /onboarding-api/v1.0/actuator/prometheus
+    basicAuth:
+      enabled: false
+
+logback:
+  rootLogLevel: INFO
+
+# Annotations to control the execution and deletion of the job
+# Can be used to delete a job before an Upgrade
+#
+# jobAnnotations:
+#   # In case of an ArgoCD deployment this Hook deletes the job before syncing
+#   argocd.argoproj.io/hook: Sync
+#   argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
+#
+#   # In case of an Helm/Flux deployment this Hook deletes the job
+#   # This is what defines this resource as a hook. Without this line, the
+#   # job is considered part of the release.
+#   "helm.sh/hook": "pre-upgrade,pre-rollback,post-install"
+#   "helm.sh/hook-delete-policy": "before-hook-creation"
+#   "helm.sh/hook-weight": "1"