[POLICY] Service Mesh Compliance for Policy

Updating the basic requirements for Service Mesh Compliance within Policy.
Changing the DB jobs and updating the configuration files to use HTTP

Issue-ID: OOM-2253
Change-Id: If1aed68f0ed2f00d6a5cf06e5f95837f9405f65b
Signed-off-by: amatthews <adrian.matthews@est.tech>
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>

3 files changed, 9 insertions, 10 deletions

diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
index 7cb32d0079..8fe4fac5fb 100644
--- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
+++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
@@ -57,7 +57,7 @@ spring:
 server:
   port: 6969
   ssl:
-    enabled: true
+    enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
 
 pap:
   name: PapGroup
@@ -76,7 +76,7 @@ pap:
     - topic: POLICY-PDP-PAP
       servers:
       - message-router
-      useHttps: true
+      useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
       fetchTimeout: 15000
       topicCommInfrastructure: dmaap
     - topic: POLICY-HEARTBEAT
@@ -84,19 +84,19 @@ pap:
       consumerGroup: policy-pap
       servers:
       - message-router
-      useHttps: true
+      useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
       fetchTimeout: 15000
       topicCommInfrastructure: dmaap
     topicSinks:
     - topic: POLICY-PDP-PAP
       servers:
       - message-router
-      useHttps: true
+      useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
       topicCommInfrastructure: dmaap
     - topic: POLICY-NOTIFICATION
       servers:
       - message-router
-      useHttps: true
+      useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
       topicCommInfrastructure: dmaap
 # If Strimzi Kafka to be used for communication, replace following configuration for topicSources and topicSinks
 #          servers:
@@ -113,19 +113,19 @@ pap:
     port: 6969
     userName: "${API_USER}"
     password: "${API_PASSWORD}"
-    useHttps: true
+    useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
     basePath: policy/api/v1/healthcheck
   - clientName: distribution
     hostname: policy-distribution
     port: 6969
     userName: "${DISTRIBUTION_USER}"
     password: "${DISTRIBUTION_PASSWORD}"
-    useHttps: true
+    useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
     basePath: healthcheck
   - clientName: dmaap
     hostname: message-router
     port: 3905
-    useHttps: true
+    useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
     basePath: topics
 
 management:
diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml
index 6f02f8e4c0..e05204249e 100755
--- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml
@@ -112,7 +112,7 @@ spec:
               httpHeaders:
                 - name: Authorization
                   value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
-              scheme: {{ .Values.readiness.scheme }}
+              scheme: {{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}
             successThreshold: {{ .Values.readiness.successThreshold }}
             failureThreshold: {{ .Values.readiness.failureThreshold }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index 0dc6dbe4dc..cc66af9146 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -148,7 +148,6 @@ readiness:
   periodSeconds: 120
   port: http-api
   api: /policy/pap/v1/healthcheck
-  scheme: HTTPS
   successThreshold: 1
   failureThreshold: 3
   timeout: 60