summaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt
diff options
context:
space:
mode:
authorSirisha_Manchikanti <sirisha.manchikanti@est.tech>2022-07-25 17:04:45 +0100
committerSirisha_Manchikanti <sirisha.manchikanti@est.tech>2022-07-25 18:09:31 +0100
commit73c5f00c93faa9238e8721fa4345c35ae256ccb1 (patch)
tree218a57933a2c78e5f8b1baff8381523cc3eea9f6 /kubernetes/policy/components/policy-clamp-ac-k8s-ppnt
parentcce2287bfff11ada8507f28509e45656e2ab1094 (diff)
[POLICY] Add strimzi kafka config from helm charts
Add strimzi kafka user and topics for policy components in relevant helm charts. Issue-ID: POLICY-4133 Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech> Change-Id: If0e1107c03acdfed83bfc359a45ad546d134bd30
Diffstat (limited to 'kubernetes/policy/components/policy-clamp-ac-k8s-ppnt')
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml16
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml4
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml32
3 files changed, 50 insertions, 2 deletions
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
index 823faf036d..6c14fd2207 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
@@ -21,6 +21,20 @@ spring:
user:
name: ${RESTSERVER_USER}
password: ${RESTSERVER_PASSWORD}
+{{- if .Values.config.useStrimziKafka }}
+ kafka:
+ bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+ security.protocol: SASL_PLAINTEXT
+ properties.sasl:
+ mechanism: SCRAM-SHA-512
+ jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
+{{- if .Values.config.additional }}
+{{ toYaml .Values.config.additional | nindent 2 }}
+{{- end }}
security:
enable-csrf: false
@@ -83,5 +97,3 @@ chart:
enabled: false
# Permitted list of helm repositories. Values are updated from values.yaml
-
-
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml
index 14cb6d3f4e..e8650fe350 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml
@@ -38,6 +38,10 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- name: RESTSERVER_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: ac-k8s-ppnt-config
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
index 5858b3630f..2cf8d2d723 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
@@ -44,6 +44,13 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
password: '{{ .Values.certStores.trustStorePassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
certStores:
keyStorePassword: Pol1cy_0nap
@@ -152,3 +159,28 @@ repoList:
protocols:
- http
- https
+
+config:
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: policy-group
+ app:
+ listener:
+ acRuntimeTopic: policy-acruntime-participant
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
+# additional:
+# spring.config.max-size: 200
+# spring.config.min-size: 10