summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--blueprints/k8s-policy_handler.yaml-template5
-rw-r--r--blueprints/policy_handler.yaml-template2
-rw-r--r--input-templates/phinputs.yaml22
3 files changed, 27 insertions, 2 deletions
diff --git a/blueprints/k8s-policy_handler.yaml-template b/blueprints/k8s-policy_handler.yaml-template
index 62f605a..e5ea8c7 100644
--- a/blueprints/k8s-policy_handler.yaml-template
+++ b/blueprints/k8s-policy_handler.yaml-template
@@ -32,7 +32,7 @@ inputs:
policy_handler_image:
description: Docker image for policy_handler
- default: '{{ ONAPTEMPLATE_DOCKERREGURL_org_onap_dcaegen2_releases }}/onap/org.onap.dcaegen2.platform.policy-handler:4.2.0'
+ default: '{{ ONAPTEMPLATE_DOCKERREGURL_org_onap_dcaegen2_releases }}/onap/org.onap.dcaegen2.platform.policy-handler:4.3.0'
application_config:
description: policy handler application configuration - requires info on policy-engine
@@ -55,3 +55,6 @@ node_templates:
log_info:
log_directory: '/opt/app/policy_handler/logs'
container_port: 25577
+ tls_info:
+ cert_directory: '/opt/app/policy_handler/etc/tls/certs/'
+ use_tls: true
diff --git a/blueprints/policy_handler.yaml-template b/blueprints/policy_handler.yaml-template
index b897958..4a8d26d 100644
--- a/blueprints/policy_handler.yaml-template
+++ b/blueprints/policy_handler.yaml-template
@@ -39,7 +39,7 @@ inputs:
policy_handler_image:
description: Docker image for policy_handler
- default: '{{ ONAPTEMPLATE_DOCKERREGURL_org_onap_dcaegen2_releases }}/onap/org.onap.dcaegen2.platform.policy-handler:4.2.0'
+ default: '{{ ONAPTEMPLATE_DOCKERREGURL_org_onap_dcaegen2_releases }}/onap/org.onap.dcaegen2.platform.policy-handler:4.3.0'
application_config:
description: policy handler application configuration - requires info on policy-engine
diff --git a/input-templates/phinputs.yaml b/input-templates/phinputs.yaml
index e23d051..850f935 100644
--- a/input-templates/phinputs.yaml
+++ b/input-templates/phinputs.yaml
@@ -56,6 +56,18 @@ application_config:
Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw=="
Environment : "TEST"
target_entity : "policy_engine"
+ # optional tls_ca_mode specifies where to find the cacert.pem for tls
+ # can be one of these:
+ # "cert_directory" - use the cacert.pem stored locally in cert_directory.
+ # this is the default if cacert.pem file is found
+ #
+ # "os_ca_bundle" - use the public ca_bundle provided by linux system.
+ # this is the default if cacert.pem file not found
+ #
+ # "do_not_verify" - special hack to turn off the verification by cacert and hostname
+ tls_ca_mode : "cert_directory"
+ # optional tls_wss_ca_mode specifies the same for the tls based web-socket
+ tls_wss_ca_mode : "cert_directory"
# deploy_handler config
# changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
deploy_handler :
@@ -71,3 +83,13 @@ application_config:
# optionally specify the tenant name for the cloudify under deployment-handler
# if not specified the "default_tenant" is used by the deployment-handler
cfy_tenant_name : "default_tenant"
+ # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification
+ # can be one of these:
+ # "cert_directory" - use the cacert.pem stored locally in cert_directory.
+ # this is the default if cacert.pem file is found
+ #
+ # "os_ca_bundle" - use the public ca_bundle provided by linux system.
+ # this is the default if cacert.pem file not found
+ #
+ # "do_not_verify" - special hack to turn off the verification by cacert and hostname
+ tls_ca_mode : "cert_directory"