From 73c5f00c93faa9238e8721fa4345c35ae256ccb1 Mon Sep 17 00:00:00 2001
From: Sirisha_Manchikanti <sirisha.manchikanti@est.tech>
Date: Mon, 25 Jul 2022 17:04:45 +0100
Subject: [POLICY] Add strimzi kafka config from helm charts

Add strimzi kafka user and topics for policy components in
relevant helm charts.

Issue-ID: POLICY-4133
Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech>
Change-Id: If0e1107c03acdfed83bfc359a45ad546d134bd30
---
 .../policy/templates/policy-kafka-topics.yaml      | 64 ++++++++++++++++++++++
 kubernetes/policy/templates/policy-kafka-user.yaml | 41 ++++++++++++++
 2 files changed, 105 insertions(+)
 create mode 100644 kubernetes/policy/templates/policy-kafka-topics.yaml
 create mode 100644 kubernetes/policy/templates/policy-kafka-user.yaml

(limited to 'kubernetes/policy/templates')

diff --git a/kubernetes/policy/templates/policy-kafka-topics.yaml b/kubernetes/policy/templates/policy-kafka-topics.yaml
new file mode 100644
index 0000000000..1894d62a42
--- /dev/null
+++ b/kubernetes/policy/templates/policy-kafka-topics.yaml
@@ -0,0 +1,64 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if .Values.config.useStrimziKafka }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+  name: {{ .Values.config.acRuntimeTopic.name }}
+  labels:
+    strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+  partitions: {{ .Values.config.acRuntimeTopic.partitions }}
+  config:
+    retention.ms: {{ .Values.config.acRuntimeTopic.retentionMs }}
+    segment.bytes: {{ .Values.config.acRuntimeTopic.segmentBytes }}
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+  name: {{ .Values.config.policyPdpPapTopic.name }}
+  labels:
+    strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+  partitions: {{ .Values.config.policyPdpPapTopic.partitions }}
+  config:
+    retention.ms: {{ .Values.config.policyPdpPapTopic.retentionMs }}
+    segment.bytes: {{ .Values.config.policyPdpPapTopic.segmentBytes }}
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+  name: {{ .Values.config.policyHeartbeatTopic.name }}
+  labels:
+    strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+  partitions: {{ .Values.config.policyHeartbeatTopic.partitions }}
+  config:
+    retention.ms: {{ .Values.config.policyHeartbeatTopic.retentionMs }}
+    segment.bytes: {{ .Values.config.policyHeartbeatTopic.segmentBytes }}
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+  name: {{ .Values.config.policyNotificationTopic.name }}
+  labels:
+    strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+  partitions: {{ .Values.config.policyNotificationTopic.partitions }}
+  config:
+    retention.ms: {{ .Values.config.policyNotificationTopic.retentionMs }}
+    segment.bytes: {{ .Values.config.policyNotificationTopic.segmentBytes }}
+{{- end }}
diff --git a/kubernetes/policy/templates/policy-kafka-user.yaml b/kubernetes/policy/templates/policy-kafka-user.yaml
new file mode 100644
index 0000000000..1bc7ab1d3a
--- /dev/null
+++ b/kubernetes/policy/templates/policy-kafka-user.yaml
@@ -0,0 +1,41 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if .Values.config.useStrimziKafka }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+  name: {{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}
+  labels:
+    strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+  authentication:
+    type: scram-sha-512
+  authorization:
+    type: simple
+    acls:
+    - resource:
+        type: group
+        name: {{ .Values.config.acRuntimeTopic.consumer.groupId }}
+      operation: Read
+    - resource:
+        type: topic
+        name: {{ .Values.config.acRuntimeTopic.name }}
+      operation: Read
+    - resource:
+        type: topic
+        name: {{ .Values.config.acRuntimeTopic.name }}
+      operation: Write
+{{- end }}
-- 
cgit 1.2.3-korg