# Copyright 2018 Intel Corporation, Inc
# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

#################################################################
# Global configuration defaults.
#################################################################
global:
  nodePortPrefix: 302
  loggingRepository: docker.elastic.co
  loggingImage: beats/filebeat:5.5.0
  persistence: {}
  envsubstImage: dibi/envsubst
  aafEnabled: true

flavor: small

#################################################################
# AAF part
#################################################################
certInitializer:
  nameOverride: aaf-sms-cert-init
  aafDeployFqi: deployer@people.osaaf.org
  aafDeployPass: demo123456!
  # aafDeployCredsExternalSecret: some secret
  fqdn: aaf-sms
  fqi: aaf-sms@aaf-sms.onap.org
  public_fqdn: aaf-sms.onap.org
  cadi_longitude: "0.0"
  cadi_latitude: "0.0"
  app_ns: org.osaaf.aaf
  mountPath: /opt/app/osaaf
  keystore: truststoreONAPall.jks
  keystore_pass: changeit
  root_ca_alias: onaptestca
  root_ca_name: aaf_root_ca.cer
  permission_user: 1000
  permission_group: 1000
  aaf_add_config: >
    cd {{ .Values.mountPath }}/local;
    keytool -exportcert -rfc -file {{ .Values.root_ca_name }} -keystore {{ .Values.keystore }}
    -alias {{ .Values.root_ca_alias }} -storepass {{ .Values.keystore_pass }};
    chown -R {{.Values.permission_user}}:{{.Values.permission_group}}
    {{ .Values.mountPath }};

#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
image: onap/aaf/sms:4.0.2
pullPolicy: Always

# flag to enable debugging - application support required
debugEnabled: false

# application configuration
# Example:
config:
  smsdbaddress: "http://aaf-sms-db:8200"
  cafile: "/opt/app/osaaf/local/aaf_root_ca.cer"
  servercert: "/opt/app/osaaf/local/org.onap.aaf-sms.crt"
  serverkey: "/opt/app/osaaf/local/org.onap.aaf-sms.key"
  password: "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA=="

# subchart configuration
vault:
  nameOverride: smsdb

# default number of instances
replicaCount: 1

nodeSelector: {}

affinity: {}

# probe configuration parameters
liveness:
  initialDelaySeconds: 10
  periodSeconds: 30
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true

readiness:
  initialDelaySeconds: 10
  periodSeconds: 30

service:
  type: ClusterIP
  name: aaf-sms
  portName: aaf-sms
  internalPort: 10443
  externalPort: 10443

#define value for aaf-sms-quorumclient subchart
aaf-sms-quorumclient:
  service:
    name: aaf-sms

persistence:
  enabled: true
  volumeReclaimPolicy: Retain
  accessMode: ReadWriteOnce
  size: 1Gi
  mountPath: /dockerdata-nfs
  mountSubPath: sms/auth

ingress:
  enabled: false

secrets:
  - uid: aai-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.aaiUsername }}'
    password: '{{ .Values.oofCreds.aaiPassword }}'
    passwordPolicy: required
  - uid: conductor-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.conductorUsername }}'
    password: '{{ .Values.oofCreds.conductorPassword }}'
    passwordPolicy: required
  - uid: sdnc-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.sdncUsername }}'
    password: '{{ .Values.oofCreds.sdncPassword }}'
    passwordPolicy: required
  - uid: music-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.musicUsername }}'
    password: '{{ .Values.oofCreds.musicPassword }}'
    passwordPolicy: required
  - uid: aaf-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.aafUsername }}'
    password: '{{ .Values.oofCreds.aafPassword }}'
    passwordPolicy: required
  - uid: policy-plat-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.policyPlatUsername }}'
    password: '{{ .Values.oofCreds.policyPlatPassword }}'
    passwordPolicy: required
  - uid: policy-cli-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.policyCliUsername }}'
    password: '{{ .Values.oofCreds.policyCliPassword }}'
    passwordPolicy: required
  - uid: osdf-placement-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.osdfPlacementUsername }}'
    password: '{{ .Values.oofCreds.osdfPlacementPassword }}'
    passwordPolicy: required
  - uid: osdf-placement-so-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.osdfPlacementSOUsername }}'
    password: '{{ .Values.oofCreds.osdfPlacementSOPassword }}'
    passwordPolicy: required
  - uid: osdf-placement-vfc-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.osdfPlacementVFCUsername }}'
    password: '{{ .Values.oofCreds.osdfPlacementVFCPassword }}'
    passwordPolicy: required
  - uid: osdf-cm-scheduler-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.osdfCMSchedulerUsername }}'
    password: '{{ .Values.oofCreds.osdfCMSchedulerPassword }}'
    passwordPolicy: required
  - uid: config-db-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.configDbUsername }}'
    password: '{{ .Values.oofCreds.configDbPassword }}'
    passwordPolicy: required
  - uid: osdf-pci-opt-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.osdfPCIOptUsername }}'
    password: '{{ .Values.oofCreds.osdfPCIOptPassword }}'
    passwordPolicy: required
  - uid: osdf-opt-engine-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.osdfOptEngineUsername }}'
    password: '{{ .Values.oofCreds.osdfOptEnginePassword }}'
    passwordPolicy: required
  - uid: so-creds
    type: basicAuth
    login: '{{ .Values.oofCreds.soUsername }}'
    password: '{{ .Values.oofCreds.soPassword }}'
    passwordPolicy: required

oofCreds:
  aaiUsername: oof@oof.onap.org
  aaiPassword: demo123456!

  conductorUsername: admin1
  conductorPassword: plan.15

  sdncUsername: admin
  sdncPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U

  musicUsername: conductor
  musicPassword: c0nduct0r

  aafUsername: aaf_admin@people.osaaf.org
  aafPassword: demo123456!

  policyPlatUsername: healthcheck
  policyPlatPassword: zb!XztG34

  policyCliUsername: healthcheck
  policyCliPassword: zb!XztG34

  osdfPlacementUsername: test
  osdfPlacementPassword: testpwd

  osdfPlacementSOUsername: so_test
  osdfPlacementSOPassword: so_testpwd

  osdfPlacementVFCUsername: vfc_test
  osdfPlacementVFCPassword: vfc_testpwd

  osdfCMSchedulerUsername: test1
  osdfCMSchedulerPassword: testpwd1

  configDbUsername: osdf
  configDbPassword: passwd

  osdfPCIOptUsername: pci_test
  osdfPCIOptPassword: pci_testpwd

  osdfOptEngineUsername: opt_test
  osdfOptEnginePassword: opt_testpwd

  soUsername: apihBpmn
  soPassword: password1$

# Configure resource requests and limits
resources:
  small:
    limits:
      cpu: 100m
      memory: 400Mi
    requests:
      cpu: 25m
      memory: 10Mi
  large:
    limits:
      cpu: 400m
      memory: 1Gi
    requests:
      cpu: 25m
      memory: 100Mi
  unlimited: {}