aboutsummaryrefslogtreecommitdiffstats
path: root/.gitlint
blob: 736878050b9c1b4f28fb4889456ee2b3247f2d38 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13

[title-match-regex]
regex=^\[[A-Z\d-]+]\[*[\w\d-]*]* [A-Z]+[\S ]*$

[body-match-regex]
regex=.{20,}

[ignore-by-title]
regex=^Release(.*)
ignore=title-match-regex,body-min-length

[ignore-body-lines]
regex=^(Issue-ID|Signed-off-by|Change-Id|Reported-by|Depends-on|Co-authored-by|Fixes|Acked-by|Reviewed-by|CC)
a> 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 
# Copyright © 2018 AT&T USA
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration defaults.
#################################################################
global:
  nodePortPrefix: 302
  nodePortPrefixExt: 304
  repository: nexus3.onap.org:10001
  readinessRepository: oomk8s
  readinessImage: readiness-check:2.0.2
  loggingRepository: docker.elastic.co
  loggingImage: beats/filebeat:5.5.0
  soBaseImage: onap/so/base-image:1.0
  mariadbGalera:
    nameOverride: mariadb-galera
    serviceName: mariadb-galera
    servicePort: "3306"
    # mariadbRootPassword: secretpassword
    # rootPasswordExternalSecret: some secret
    #This flag allows SO to instantiate its own mariadb-galera cluster,
    #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
    localCluster: false
  persistence:
    mountPath: /dockerdata-nfs
  #This configuration specifies Service and port for SDNC OAM interface
  sdncOamService: sdnc-oam
  sdncOamPort: 8282
  #This configuration will run the migration. The configurations are for backing up the data
  #from DB and then restoring it to the present versions preferred DB.
  migration:
    enabled: false
    dbHost: mariadb-galera
    dbPort: 3306
    dbUser: root
    dbPassword: secretpassword
    # dbCredsExternalSecret: some secret
  msbEnabled: true
  security:
    aaf:
      enabled: false
  aaf:
    auth:
      header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
      encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
  app:
    siteName: onapheat
    auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
    defaultCloudOwner: onap
    cadi:
      cadiLoglevel: DEBUG
      cadiKeyFile: /app/client/org.onap.so.keyfile
      cadiTrustStore: /app/client/org.onap.so.trust.jks
      cadiTruststorePassword: enc:MFpuxKeYK6Eo6QXjDUjtOBbp0FthY7SB4mKSIJm_RWC
      cadiLatitude: 38.4329
      cadiLongitude: -90.43248
      aafEnv: IST
      aafApiVersion: 2.1
      aafRootNs: org.onap.so
      aafLocateUrl: https://aaf-locate.onap:8095
      aafUrl: https://aaf-locate.onap:8095/locate/org.osaaf.aaf.service:2.1
    msoKey: 07a7159d3bf51a0e53be7a8f89699be7
  client:
    certs:
      truststore: /app/client/org.onap.so.trust.jks
      keystore: /app/client/org.onap.so.jks
      trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI
      keyStorePassword: c280b25hcA==
  certificates:
    path: /etc/ssl/certs
    share_path: /usr/local/share/ca-certificates/

#################################################################
# Secrets metaconfig
#################################################################
secrets:
  - uid: db-root-pass
    name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass'
    type: password
    externalSecret: '{{ ternary .Values.global.mariadbGalera.rootPasswordExternalSecret (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.rootPasswordExternalSecret) .Values.global.mariadbGalera.localCluster }}'
    password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
  - uid: db-backup-creds
    name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
    type: basicAuth
    externalSecret: '{{ ternary .Values.global.migration.dbCredsExternalSecret "migrationDisabled" .Values.global.migration.enabled }}'
    login: '{{ ternary .Values.global.migration.dbUser "migrationDisabled" .Values.global.migration.enabled }}'
    password: '{{ ternary .Values.global.migration.dbPassword "migrationDisabled" .Values.global.migration.enabled }}'
    passwordPolicy: required
    annotations:
      helm.sh/hook: pre-upgrade,pre-install
      helm.sh/hook-weight: "0"
      helm.sh/hook-delete-policy: before-hook-creation
  - uid: db-user-creds
    name: &dbUserCredsSecretName '{{ include "common.release" . }}-so-db-user-creds'
    type: basicAuth
    externalSecret: '{{ .Values.dbCreds.userCredsExternalSecret }}'
    login: '{{ .Values.dbCreds.userName }}'
    password: '{{ .Values.dbCreds.userPassword }}'
    passwordPolicy: generate
  - uid: db-admin-creds
    name: &dbAdminCredsSecretName '{{ include "common.release" . }}-so-db-admin-creds'
    type: basicAuth
    externalSecret: '{{ .Values.dbCreds.adminCredsExternalSecret }}'
    login: '{{ .Values.dbCreds.adminName }}'
    password: '{{ .Values.dbCreds.adminPassword }}'
    passwordPolicy: generate
  - uid: "so-onap-certs"
    name: &so-certs '{{ include "common.release" . }}-so-certs'
    externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
    type: generic
    filePaths:
      - resources/config/certificates/onap-ca.crt
      - resources/config/certificates/msb-ca.crt

#################################################################
# Application configuration defaults.
#################################################################

dbSecrets: &dbSecrets
  userCredsExternalSecret: *dbUserCredsSecretName
  adminCredsExternalSecret: *dbAdminCredsSecretName

# unused in this, just to pass to subcharts
dbCreds:
  userName: so_user
  adminName: so_admin

repository: nexus3.onap.org:10001
image: onap/so/api-handler-infra:1.6.0
pullPolicy: Always
replicaCount: 1
minReadySeconds: 10
containerPort: 8080
logPath: ./logs/apih/
app: api-handler-infra
service:
    type: NodePort
    nodePort: 77
    internalPort: 8080
    externalPort: 8080
    portName: so-apih-port
updateStrategy:
    type: RollingUpdate
    maxUnavailable: 1
    maxSurge: 1
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
persistence:
  certificatesPath: /certificates
resources:
  small:
    limits:
      cpu: 2000m
      memory: 4Gi
    requests:
      cpu: 500m
      memory: 1Gi
  large:
    limits:
      cpu: 4000m
      memory: 8Gi
    requests:
      cpu: 1000m
      memory: 2Gi
  unlimited: {}
livenessProbe:
    path: /manage/health
    scheme: HTTP
    initialDelaySeconds: 600
    periodSeconds: 60
    timeoutSeconds: 10
    successThreshold: 1
    failureThreshold: 3

nodeSelector: {}
affinity: {}

# application configuration
config:
  logstashServiceName: log-ls
  logstashPort: 5044

#Used only if localCluster is enabled. Instantiates SO's own cassandra cluster
#helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \
#                                                       --set so.global.mariadbGalera.localCluster=true \
#                                                       --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
#                                                       --set so.global.mariadbGalera.serviceName=so-mariadb-galera
mariadb-galera:
  config:
    mariadbRootPasswordExternalSecret: *dbRootPassSecretName
  nameOverride: so-mariadb-galera
  replicaCount: 1
  service:
    name: so-mariadb-galera
  persistence:
    mountSubPath: so/mariadb-galera/data
    enabled: true

ingress:
  enabled: false
  service:
    - baseaddr: "so"
      name: "so"
      port: 8080
  config:
    ssl: "none"

mso:
  adapters:
    requestDb:
      auth: Basic YnBlbDpwYXNzd29yZDEk
  config:
    cadi:
      aafId: so@so.onap.org
      aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
      apiEnforcement: org.onap.so.apihPerm
      noAuthn: /manage/health
  camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
  sdc:
    client:
      auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24
  aai:
    auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F
  so:
    operationalEnv:
      dmaap:
        auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
  health:
    auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=

so-bpmn-infra:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  cds:
    auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
  aai:
    auth: 221187EFA3AD4E33600DE0488F287099934CE65C3D0697BCECC00BB58E784E07CD74A24581DC31DBC086FF63DF116378776E9BE3D1325885
  mso:
    key: 07a7159d3bf51a0e53be7a8f89699be7
    adapters:
      requestDb:
        auth: Basic YnBlbDpwYXNzd29yZDEk
      db:
        auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF
        password: wLg4sjrAFUS8rfVfdvTXeQ==
      po:
        auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF
    config:
      cadi:
        aafId: so@so.onap.org
        aaafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.bpmnPerm
        noAuthn: /manage/health
    sdnc:
      password: 1D78CFC35382B6938A989066A7A7EAEF4FE933D2919BABA99EB4763737F39876C333EE5F
    sniro:
      auth: test:testpwd
      endpoint: http://replaceme:28090/optimizationInstance/V1/create
    oof:
      auth: test:testpwd
  so:
    vnfm:
      adapter:
        auth: Basic dm5mbTpwYXNzd29yZDEk

so-catalog-db-adapter:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  mso:
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.catalogDbAdapterPerm
        noAuthn: /manage/health
    adapters:
      db:
        auth: Basic YnBlbDpwYXNzd29yZDEk

so-monitoring:
  certSecret: *so-certs
  db:
    <<: *dbSecrets

so-openstack-adapter:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  aaf:
    auth:
      encrypted: 7F182B0C05D58A23A1C4966B9CDC9E0B8BC5CD53BC8C7B4083D869F8D53E9BDC3EFD55C94B1D3F
  aai:
    auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
  org:
    onap:
      so:
        adapters:
          bpelauth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E
          valet:
            basic_auth: bXNvOkphY2tkYXdzIGxvdmUgbXkgYmlnIHNwaGlueCBvZiBxdWFydHouCg==
  mso:
    msoKey: 07a7159d3bf51a0e53be7a8f89699be7
    auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4
    basicUser: poBpmn
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.openStackAdapterPerm
        noAuthn: /manage/health
    db:
      auth: Basic YnBlbDpwYXNzd29yZDEk

so-request-db-adapter:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  mso:
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.requestDbAdapterPerm
        noAuthn: /manage/health
    adapters:
      requestDb:
        auth: Basic YnBlbDpwYXNzd29yZDEk

so-sdc-controller:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  aai:
    auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
  mso:
    msoKey: 07a7159d3bf51a0e53be7a8f89699be7
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.sdcControllerPerm
        noAuthn: /manage/health
    asdc:
      config:
        key: 566B754875657232314F5548556D3665
    requestDb:
      auth: Basic YnBlbDpwYXNzd29yZDEk
    asdc-connections:
      asdc-controller1:
        password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F

so-sdnc-adapter:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  org:
    onap:
      so:
        adapters:
          sdnc:
            bpelauth: 4C18603C5AE7E3A42A6CED95CDF9C0BA9B2109B3725747662E5D34E5FDF63DA9ADEBB08185098F14699195FDE9475100
            sdncauth: ED07A7EE5F099FA53369C3DF2240AD68A00154676EEDBC6F8C16BAA83B1912941B8941ABD48683D2C1072DA7040659692DE936A59BBF42A038CF71DE67B4A375190071EC76EA657801B033C135
            network:
                encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
  mso:
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.sdncAdapterPerm
        noAuthn: /manage/health
    adapters:
      requestDb:
        auth: Basic YnBlbDpwYXNzd29yZDEk
    rest:
      aafEncrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456

so-ve-vnfm-adapter:
  certSecret: *so-certs

so-vfc-adapter:
  certSecret: *so-certs
  db:
    <<: *dbSecrets
  mso:
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.vfcAdapterPerm
        noAuthn: /manage/health
    adapters:
      requestDb:
        auth: Basic YnBlbDpwYXNzd29yZDEk

so-vnfm-adapter:
  certSecret: *so-certs
  aaf:
    auth:
      username: so@so.onap.org
      password: 8DB1C939BFC6A35C3832D0E52E452D0E05AE2537AF142CECD125FF827C05A972FDD0F4700547DA
  aai:
    auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
  sdc:
    username: mso
    password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
    key: 566B754875657232314F5548556D3665
  mso:
    key: 07a7159d3bf51a0e53be7a8f89699be7
    config:
      cadi:
        aafId: so@so.onap.org
        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
        apiEnforcement: org.onap.so.vnfmAdapterPerm
        noAuthn: /manage/health

so-mariadb:
  db:
    rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
    rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
    backupCredsExternalSecret: *dbBackupCredsSecretName
    userCredsExternalSecret: *dbUserCredsSecretName
    adminCredsExternalSecret: *dbAdminCredsSecretName