# ============LICENSE_START======================================================= # Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. # Modifications Copyright (C) 2022 Bell Canada. All rights reserved. # Modification (C) 2023-2024 Deutsche Telekom. All rights reserved. # Modifications Copyright © 2024 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= ################################################################# # Global configuration defaults. ################################################################# global: nodePortPrefix: 304 persistence: {} postgres: useInPolicy: false mariadbGalera: useInPolicy: true ################################################################# # Secrets metaconfig ################################################################# secrets: - uid: db-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' login: '{{ .Values.db.user }}' password: '{{ .Values.db.password }}' passwordPolicy: required - uid: restserver-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}' login: '{{ .Values.restServer.user }}' password: '{{ .Values.restServer.password }}' passwordPolicy: required ################################################################# # Application configuration defaults. ################################################################# # application image image: onap/policy-api:3.1.3 pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false # application configuration db: user: policy-user password: policy_user service: name: policy-mariadb pgName: policy-pg-primary internalPort: 3306 internalPgPort: 5432 restServer: user: policyadmin password: zb!XztG34 # default number of instances replicaCount: 1 nodeSelector: {} affinity: {} # probe configuration parameters liveness: initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: initialDelaySeconds: 10 periodSeconds: 120 api: /policy/api/v1/healthcheck successThreshold: 1 failureThreshold: 3 timeout: 120 service: type: ClusterIP name: policy-api internalPort: 6969 ports: - name: http port: 6969 ingress: enabled: false serviceMesh: authorizationPolicy: authorizedPrincipals: - serviceAccount: policy-pap-read flavor: small resources: small: limits: cpu: "1" memory: "1Gi" requests: cpu: "0.5" memory: "1Gi" large: limits: cpu: "2" memory: "2Gi" requests: cpu: "1" memory: "2Gi" unlimited: {} securityContext: user_id: 100 group_id: 102 dirSizes: emptyDir: sizeLimit: 1Gi logDir: sizeLimit: 500Mi #Pods Service Account serviceAccount: nameOverride: policy-api roles: - read metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. # The default operator for prometheus enforces the below label. labels: release: prometheus enabled: true port: policy-api interval: 60s isHttps: false basicAuth: enabled: true externalSecretNameSuffix: policy-api-user-creds externalSecretUserKey: login externalSecretPasswordKey: password selector: app: '{{ include "common.name" . }}' chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' release: '{{ include "common.release" . }}' heritage: '{{ .Release.Service }}'