# Copyright © 2020 Huawei Technologies Co., Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration defaults.
#################################################################
global:
  nodePortPrefix: 302
  nodePortPrefixExt: 304
  soCryptoImage: sdesbure/so_crypto:latest
  persistence:
    mountPath: /dockerdata-nfs
  security:
    aaf:
      enabled: false
  aaf:
    auth:
      header: ${AAF_AUTH}
#################################################################
# Secrets metaconfig
#################################################################
secrets:
  - uid: db-user-creds
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
    login: '{{ .Values.db.userName }}'
    password: '{{ .Values.db.userPassword }}'
    passwordPolicy: required
  - uid: db-admin-creds
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
    login: '{{ .Values.db.adminName }}'
    password: '{{ .Values.db.adminPassword }}'
    passwordPolicy: required
  - uid: server-actuator-creds
    name: '{{ include "common.release" . }}-so-cnf-actuator-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
    login: '{{ .Values.server.actuator.username }}'
    password: '{{ .Values.server.actuator.password }}'
    passwordPolicy: required
  - uid: so-aaf-creds
    name: '{{ include "common.release" . }}-so-cnf-aaf-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}'
    login: '{{ .Values.server.aaf.username }}'
    password: '{{ .Values.server.aaf.password }}'
    passwordPolicy: required
  - uid: so-aai-creds
    name: '{{ include "common.release" . }}-so-cnf-aai-creds'
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
    login: '{{ .Values.server.aai.username }}'
    password: '{{ .Values.server.aai.password }}'
    passwordPolicy: required
  - uid: cnf-adapter-mso-key
    name: '{{ include "common.release" . }}-so-cnf-mso-key'
    type: password
    externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}'
    password: '{{ .Values.mso.msoKey }}'
#secretsFilePaths: |
#  - 'my file 1'
#  - '{{ include "templateThatGeneratesFileName" . }}'
#################################################################
# Application configuration defaults.
#################################################################
image: onap/so/mso-cnf-adapter:1.7.11
pullPolicy: Always

readinessCheck:
  wait_for:
    jobs:
      - '{{ include "common.release" . }}-so-mariadb-config-job'

db:
  userName: so_user
  userPassword: so_User123
  # userCredsExternalSecret: some secret
  adminName: so_admin
  adminPassword: so_Admin123
  # adminCredsExternalSecret: some secret
server:
  aaf:
    username: so@so.onap.org
    password: demo123456
  # aafCredsExternalSecret: some secret
  aai:
    username: aai@aai.onap.org
    password: demo123456!
    auth: ${AAI_AUTH}
  # aaiCredsExternalSecret: some secret
  actuator:
    username: mso_admin
    password: password1$
  # actuatorCredsExternalSecret: some secret
mso:
  msoKey: 07a7159d3bf51a0e53be7a8f89699be7
  # msoKeySecret: some secret
  adapters:
    requestDb:
      auth: ${REQUEST_AUTH}
replicaCount: 1
minReadySeconds: 10
containerPort: &containerPort 8090
logPath: ./logs/cnf/
app: cnf-adapter
service:
  type: ClusterIP
  ports:
    - name: http-api
      port: *containerPort
updateStrategy:
  type: RollingUpdate
  maxUnavailable: 1
  maxSurge: 1
soHelpers:
  nameOverride: so-cnf-cert-init
  certInitializer:
    nameOverride: so-cnf-cert-init
    credsPath: /opt/app/osaaf/local
  cadi:
    apiEnforcement: org.onap.so.openStackAdapterPerm
  containerPort: *containerPort
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
  small:
    limits:
      memory: 4Gi
      cpu: 2000m
    requests:
      memory: 1Gi
      cpu: 500m
  large:
    limits:
      memory: 8Gi
      cpu: 4000m
    requests:
      memory: 2Gi
      cpu: 1000m
  unlimited: {}
livenessProbe:
  path: /manage/health
  port: 8090
  scheme: HTTP
  initialDelaySeconds: 600
  periodSeconds: 60
  timeoutSeconds: 10
  successThreshold: 1
  failureThreshold: 3
ingress:
  enabled: false
nodeSelector: {}
tolerations: []
affinity: {}