# Copyright (c) 2017 Amdocs, Bell Canada
# Modifications Copyright (c) 2018 AT&T
# Modifications Copyright (c) 2020 Nokia, Orange
# Modifications Copyright (c) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Default values for aai.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global: # global defaults
  nodePortPrefix: 302
  repository: nexus3.onap.org:10001
  dockerhubRepository: docker.io
  busyboxImage: busybox

  readinessImage: onap/oom/readiness:3.0.1

  loggingRepository: docker.elastic.co
  loggingImage: beats/filebeat:5.5.0

  restartPolicy: Always

  aafEnabled: true
  msbEnabled: true
  centralizedLoggingEnabled: true

  cassandra:
    #This will instantiate AAI cassandra cluster, default:shared cassandra.
    localCluster: false

    #Service Name of the cassandra cluster to connect to.
    #Override it to aai-cassandra if localCluster is enabled.
    serviceName: cassandra

    #This should be same as shared cassandra instance or if localCluster is enabled
    #then it should be same as aai-cassandra replicaCount
    replicas: 3

    #Cassanara login details
    username: cassandra
    password: cassandra

  aai:
    serviceName: aai
  babel:
    serviceName: aai-babel
  aaiElasticsearch:
    serviceName: aai-elasticsearch
  resources:
    serviceName: aai-resources
  sparkyBe:
    serviceName: aai-sparky-be
  dataRouter:
    serviceName: aai-data-router
  gizmo:
    serviceName: aai-gizmo
  modelloader:
    serviceName: aai-modelloader
  searchData:
    serviceName: aai-search-data
  traversal:
    serviceName: aai-traversal
  graphadmin:
    serviceName: aai-graphadmin
  spike:
    serviceName: aai-spike

  initContainers:
    enabled: true
  # Specifies a list of jobs to be run
  jobs:
    # When enabled, it will create the schema based on oxm and edge rules
    createSchema:
      enabled: true
    # When enabled, it will create the widget models via REST API to haproxy
    updateQueryData:
      enabled: true
    #migration using helm hooks
    migration:
      enabled: false
      remoteCassandra:
        enabled: false
        storage:
          backend: cassandra
          hostname: 10.10.10.10
          connectionTimeout: 100000
          cacheSize: 1000000
          keyConsistent: true

          #If backend is cql or cassandra it should be keyspace name
          #else backend is hbase it should be hbase table name
          name: aaigraph

       ## CQL driver specific properties for janusgraph
       #  cql:
       #    #Name of the Cassandra Cluster
       #    cluster: someclustername
       #    readConsistency: QUORUM
       #    writeConsistency: QUORUM
       #    replicationFactor: 3
       #    localConsistencyForSysOps: true

       ## Cassandra driver specific properties for janusgraph
          cassandra:
            #Name of the Cassandra Cluster
            clusterName: aai-cluster
            localDataCenter: Pod lab
            readConsistency: LOCAL_QUORUM
            writeConsistency: LOCAL_QUORUM
            replicationFactor: 3

        #storage:
        #  backend: cassandra
        #  hostname: somehost1,somehost2,somehost3
        #  connectionTimeout: 100000
        #  cacheSize: 1000000
        #  clusterName: someClusterName
        #  localDataCenter: someDataCenter
        #  keyConsistent: true
        #  #If backend is cql or cassandra it should be keyspace name
        #  #else backend is hbase it should be hbase table name
        #  name: your_hbase_table_or_keyspace_name

        ## CQL driver specific properties for janusgraph
        #  cql:
        #    #Name of the Cassandra Cluster
        #    cluster: someclustername
        #    readConsistency: QUORUM
        #    writeConsistency: QUORUM
        #    replicationFactor: 3
        #    localConsistencyForSysOps: true

        ## Cassandra driver specific properties for janusgraph
        #  cassandra:
        #    #Name of the Cassandra Cluster
        #    cluster: someclustername
        #    readConsistency: LOCAL_QUORUM
        #    writeConsistency: LOCAL_QUORUM
        #    replicationFactor: 3


  # Common configuration for resources traversal and graphadmin
  config:
    # User information for the admin user in container
    userId: 1000
    groupId: 1000

    # Specifies that the cluster connected to a dynamic
    # cluster being spinned up by kubernetes deployment
    cluster:
      cassandra:
        dynamic: true

    # If cluster.cassandra.dynamic is set to false
    # Then the following configuration should be uncommented
    # This is if you are planning to connect to a existing
    # Cassandra cluster instead of doing the deployment
    #storage:
    #  backend: cassandra
    #  hostname: somehost1,somehost2,somehost3
    #  connectionTimeout: 100000
    #  cacheSize: 1000000
    #  clusterName: someClusterName
    #  localDataCenter: someDataCenter
    #  keyConsistent: true
    #  # If backend is cql or cassandra it should be keyspace name
    #  # else backend is hbase it should be hbase table name
    #  name: your_hbase_table_or_keyspace_name

    #  # CQL driver specific properties for janusgraph
    #  cql:
    #    # Name of the Cassandra Cluster
    #    cluster: someclustername
    #    readConsistency: QUORUM
    #    writeConsistency: QUORUM
    #    replicationFactor: 3
    #    localConsistencyForSysOps: true

    #  # Cassandra driver specific properties for janusgraph
    #  cassandra:
    #    # Name of the Cassandra Cluster
    #    cluster: someclustername
    #    readConsistency: LOCAL_QUORUM
    #    writeConsistency: LOCAL_QUORUM
    #    replicationFactor: 3

    # Specifies if the basic authorization is enabled
    basic:
      auth:
        enabled: true
        username: AAI
        passwd: AAI

    # Active spring profiles for the resources microservice
    # aaf-auth profile will be automatically set if aaf enabled is set to true
    profiles:
      active: production,dmaap #,aaf-auth

    # Notification event specific properties
    notification:
      eventType: AAI-EVENT
      domain: dev

    # Schema specific properties that include supported versions of api
    schema:
      # Specifies if the connection should be one way ssl, two way ssl or no auth
      # will be set to no-auth if tls is disabled
      service:
        client: one-way-ssl
      # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
      translator:
        list: schema-service
      source:
        # Specifies which folder to take a look at
        name: onap
      uri:
        # Base URI Path of the application
        base:
          path: /aai
      version:
        # Current version of the REST API
        api:
          default: v24
        # Specifies which version the depth parameter is configurable
        depth: v11
        # List of all the supported versions of the API
        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26
        # Specifies from which version related link should appear
        related:
          link: v11
        # Specifies from which version the app root change happened
        app:
          root: v11
        # Specifies from which version the xml namespace changed
        namespace:
          change: v12
        # Specifies from which version the edge label appeared in API
        edge:
          label: v12

    # Keystore configuration password and filename
    keystore:
      filename: aai_keystore
      passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit

    # Truststore configuration password and filename
    truststore:
      filename: aai_keystore
      passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit

    # Specifies a list of files to be included in auth volume
    auth:
      files:
        - aai_keystore

    # Specifies which clients should always default to realtime graph connection
    realtime:
      clients: SDNC,MSO,SO,robot-ete

    # Logback debug enabled
    logback:
      console:
        # If enabled, container will print all logback to standard output
        # This will make debugging much easier but it should only be done
        # when debugging the issue and changed back as it can affect performance
        # since when this is enabled, it prints a lot of information to console
        enabled: false

aai-babel:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-graphadmin:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-modelloader:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-resources:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-schema-service:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-sparky-be:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-traversal:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'

#################################################################
# Certificate configuration
#################################################################
certInitializer:
  nameOverride: aai-cert-initializer
  aafDeployFqi: deployer@people.osaaf.org
  aafDeployPass: demo123456!
  # aafDeployCredsExternalSecret: some secret
  fqdn: "aai"
  app_ns: "org.osaaf.aaf"
  fqi_namespace: "org.onap.aai"
  fqi: "aai@aai.onap.org"
  public_fqdn: "aaf.osaaf.org"
  cadi_longitude: "0.0"
  cadi_latitude: "0.0"
  credsPath: /opt/app/osaaf/local
  aaf_add_config: |
    echo "*** transform AAF certs into pem files"
    mkdir -p {{ .Values.credsPath }}/certs
    keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
      -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
      -alias ca_local_0 \
      -storepass $cadi_truststore_password
    openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
      -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
      -passin pass:$cadi_keystore_password_p12 \
      -passout pass:$cadi_keystore_password_p12
    echo "*** generating needed file"
    cat {{ .Values.credsPath }}/certs/cert.pem \
        {{ .Values.credsPath }}/certs/cacert.pem \
        {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
        > {{ .Values.credsPath }}/certs/fullchain.pem;
    chown 1001 {{ .Values.credsPath }}/certs/*

# application image
dockerhubRepository: registry.hub.docker.com
image: aaionap/haproxy:1.4.2
pullPolicy: Always

flavor: small
flavorOverride: small

# flag to enable debugging - application support required
debugEnabled: false

# application configuration
config:
  logstashServiceName: log-ls
  logstashPort: 5044

# default number of instances
replicaCount: 1

nodeSelector: {}

affinity: {}

# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns
haproxy:
  requestBlocking:
    enabled: false
    customConfigs: []

# probe configuration parameters
liveness:
  initialDelaySeconds: 10
  periodSeconds: 10
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true

#This section is used when localCluster is enabled. AAI will create its own cassandra cluster for its specific use.
#Below command will instantiate the aai cassandra instances:
#helm deploy demo local/onap --version=4.0.0 --namespace onap --set aai.enabled=true \
#                            --set aai.global.cassandra.localCluster=true \
#                            --set aai.global.cassandra.serviceName=aai-cassandra
cassandra:
  nameOverride: aai-cassandra
  serviceAccount:
    nameOverride: aai-cassandra
  replicaCount: 3
  service:
    name: aai-cassandra
  persistence:
    mountSubPath: aai/cassandra
    enabled: true

readiness:
  initialDelaySeconds: 10
  periodSeconds: 10

service:
  type: NodePort
  portName: http
  externalPort: 8443
  internalPort: 8443
  nodePort: 33
  # POLICY hotfix - Note this must be temporary
  # See https://jira.onap.org/browse/POLICY-510
  aaiServiceClusterIp:
  externalPlainPort: 80
  internalPlainPort: 8080
  nodeport: 33

ingress:
  enabled: false
  service:
    - baseaddr: "aai.api"
      name: "aai"
      port: 8443
      config:
       ssl: "redirect"

resources:
  small:
    limits:
      cpu: 2
      memory: 4Gi
    requests:
      cpu: 1
      memory: 1Gi
  large:
    limits:
      cpu: 4
      memory: 8Gi
    requests:
      cpu: 2
      memory: 2Gi
  unlimited: {}

#Pods Service Account
serviceAccount:
  nameOverride: aai
  roles:
    - read