# Copyright © 2018 AT&T, Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Global configuration default values that can be inherited by
# all subcharts.
#################################################################
global:
  # Change to an unused port prefix range to prevent port conflicts
  # with other instances running within the same k8s cluster
  nodePortPrefix: 302

  # image pull policy
  pullPolicy: Always

  # default mount path root directory referenced
  # by persistent volumes and log files
  persistence:
    mountPath: /dockerdata-nfs

  # flag to enable debugging - application support required
  debugEnabled: true

#################################################################
# Secrets metaconfig
#################################################################
secrets:
  - uid: 'db-root-password'
    type: password
    externalSecret: '{{ tpl (default "" .Values.config.db.rootPasswordExternalSecret) . }}'
    password: '{{ .Values.config.db.rootPassword }}'
  - uid: 'db-user-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
    login: '{{ .Values.config.db.userName }}'
    password: '{{ .Values.config.db.userPassword }}'
  - uid: 'http-user-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.config.httpCredsExternalSecret) . }}'
    login: '{{ .Values.config.httpUser }}'
    password: '{{ .Values.config.dgUserPassword }}'
  - uid: 'admin-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.config.adminCredsExternalSecret) . }}'
    login: '{{ .Values.config.adminUser }}'
    password: '{{ .Values.config.dgUserPassword }}'
  - uid: 'node-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.config.nodeCredsExternalSecret) . }}'
    login: '{{ .Values.config.nodeUser }}'
    password: '{{ .Values.config.dgUserPassword }}'
  - uid: 'restconf-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.config.restconfCredsExternalSecret) . }}'
    login: '{{ .Values.config.restconfUser }}'
    password: '{{ .Values.config.restconfPassword }}'

#################################################################
# Application configuration defaults.
#################################################################
# application image
image: onap/ccsdk-dgbuilder-image:1.3.4
pullPolicy: Always

# flag to enable debugging - application support required
debugEnabled: false

# application configuration
config:
  db:
    dbName: sdnctl
    # unused for now to preserve the API
    rootPassword: openECOMP1.0
    # rootPasswordExternalSecret: some secret
    userName: sdnctl
    # unused for now to preserve the API
    userPassword: gamma
    # userCredentialsExternalSecret: some secret
  httpUser: dguser
  # unused for now to preserve the API
  httpPassword: cc03e747a6afbbcbf8be7668acfebee5
  # httpCredsExternalSecret: some secret
  adminUser: dguser
  # unused for now to preserve the API
  adminPassword: cc03e747a6afbbcbf8be7668acfebee5
  # adminCredsExternalSecret: some secret
  nodeUser: dguser
  # unused for now to preserve the API
  nodePassword: cc03e747a6afbbcbf8be7668acfebee5
  # nodeCredsExternalSecret: some secret
  restconfUser: admin
  # unused for now to preserve the API
  restconfPassword: admin
  # restconfCredsExternalSecret: some secret

  dbPodName: mysql-db
  dbServiceName: sdnc-dbhost
  # MD5 hash of dguser password ( default: test123 )
  dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5

# default number of instances
replicaCount: 1

nodeSelector: {}

affinity: {}

# probe configuration parameters
liveness:
  initialDelaySeconds: 10
  periodSeconds: 10
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true

readiness:
  initialDelaySeconds: 10
  periodSeconds: 10

service:
  type: NodePort
  name: dgbuilder
  portName: http
  externalPort: 3000
  internalPort: 3100
  nodePort: 28

ingress:
  enabled: false
  service:
    - baseaddr: "dgbuilder"
      name: "dgbuilder"
      port: 3000
  config:
    ssl: "redirect"

 # dependency / sub-chart configuration
certInitializer:
  nameOverride: dgbuilder-cert-initializer
  truststoreMountpath: /opt/onap/ccsdk/dgbuilder/certs
  fqdn: "sdnc"
  app_ns: "org.osaaf.aaf"
  fqi: "sdnc@sdnc.onap.org"
  fqi_namespace: org.onap.sdnc
  public_fqdn: "dgbuilder.onap.org"
  aafDeployFqi: "deployer@people.osaaf.org"
  aafDeployPass: demo123456!
  cadi_latitude: "38.0"
  cadi_longitude: "-72.0"
  credsPath: /opt/app/osaaf/local
  aaf_add_config: >
    cd /opt/app/osaaf/local;
    /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1 ;
    cp {{ .Values.fqi_namespace }}.crt node-cert.pem;
    cp {{ .Values.fqi_namespace }}.key node-key.pem;
    chmod go+r node-*.pem

#Resource Limit flavor -By Default using small
flavor: small
#segregation for different envionment (Small and Large)

resources:
  small:
    limits:
      cpu: 2
      memory: 4Gi
    requests:
      cpu: 1
      memory: 2Gi
  large:
    limits:
      cpu: 4
      memory: 8Gi
    requests:
      cpu: 2
      memory: 4Gi
  unlimited: {}

#Pods Service Account
serviceAccount:
  nameOverride: dgbuilder
  roles:
    - read