# Copyright © 2018 AT&T USA
# Copyright © 2020 Huawei
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration defaults.
#################################################################
global:
  nodePortPrefix: 302
  nodePortPrefixExt: 304
  persistence:
    mountPath: /dockerdata-nfs
  security:
    aaf:
      enabled: false
  aaf:
    auth:
      header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
  mariadbGalera:
    serviceName: mariadb-galera
    servicePort: '3306'

readinessCheck:
  wait_for:
    jobs:
      - '{{ include "common.release" . }}-so-mariadb-config-job'

#################################################################
# Secrets metaconfig
#################################################################
secrets:
  - uid: db-user-creds
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
    login: '{{ .Values.db.userName }}'
    password: '{{ .Values.db.userPassword }}'
    passwordPolicy: required
  - uid: db-admin-creds
    type: basicAuth
    externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
    login: '{{ .Values.db.adminName }}'
    password: '{{ .Values.db.adminPassword }}'
    passwordPolicy: required

#secretsFilePaths: |
#  - 'my file 1'
#  - '{{ include "templateThatGeneratesFileName" . }}'

#################################################################
# Application configuration defaults.
#################################################################
image: onap/so/sdc-controller:1.9.0
pullPolicy: Always

db:
  userName: so_user
  userPassword: so_User123
  # userCredsExternalSecret: some secret
  adminName: so_admin
  adminPassword: so_Admin123
  # adminCredsExternalSecret: some secret

aai:
  auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
mso:
  msoKey: 07a7159d3bf51a0e53be7a8f89699be7
  requestDb:
    auth: Basic YnBlbDpwYXNzd29yZDEk
  asdc:
    config:
      key: 566B754875657232314F5548556D3665
  asdc-connections:
    asdc-controller1:
      password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F

replicaCount: 1
minReadySeconds: 10
containerPort: &containerPort 8085
logPath: ./logs/sdc/
app: sdc-controller
service:
    type: ClusterIP
    internalPort: *containerPort
    externalPort: *containerPort
    portName: so-sdc-port
updateStrategy:
    type: RollingUpdate
    maxUnavailable: 1
    maxSurge: 1

#################################################################
# soHelpers part
#################################################################
soHelpers:
  nameOverride: so-sdc-cert-init
  certInitializer:
    nameOverride: so-sdc-cert-init
    credsPath: /opt/app/osaaf/local
  cadi:
    apiEnforcement: org.onap.so.sdcControllerPerm
  containerPort: *containerPort

# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
  small:
    limits:
      memory: 4Gi
      cpu: 2000m
    requests:
      memory: 1Gi
      cpu: 500m
  large:
    limits:
      memory: 8Gi
      cpu: 4000m
    requests:
      memory: 2Gi
      cpu: 1000m
  unlimited: {}
livenessProbe:
    path: /manage/health
    port: 8085
    scheme: HTTP
    initialDelaySeconds: 600
    periodSeconds: 60
    timeoutSeconds: 10
    successThreshold: 1
    failureThreshold: 3
ingress:
  enabled: false
nodeSelector: {}
tolerations: []
affinity: {}

#Pods Service Account
serviceAccount:
  nameOverride: so-sdc-controller
  roles:
    - read