# TLS role -- set to true if microservice acts as server
# If true, an init container will retrieve a server cert
# and key from AAF and mount them in certDirectory.
tlsServer: false

global:
  centralizedLoggingEnabled: false
  cmpv2Enabled: true
  masterPassword: "test"


nameOverride: "dcae-ves-cmpv2-cert-corect-sans"
fullnameOverride: "dcae-ves-cmpv2-cert-corect-sans"


# CMPv2 certificate
# It is used only when:
# - certDirectory is set
# - global cmpv2Enabled flag is set to true
# - flag useCmpv2Certificates is set to true
# Disabled by default
useCmpv2Certificates: true
certificates:
  - mountPath: /opt/app/dcae-certificate/external
    commonName: dcae-ves-collector-cmpv2-cert
    dnsNames:
      - dcae-ves-collector-cmpv2-cert
      - ves-collector-cmpv2-cert
      - ves-cmpv2-cert
    keystore:
      outputType:
        - jks
      passwordSecretRef:
        name: ves-cmpv2-keystore-password
        key: password
        create: true

# service configuration
service:
  type: NodePort
  name: dcae-ves-collector-cmpv2-cert
  ports:
    - name: http
      port: 8443
      plain_port: 8080
      port_protocol: http
      nodePort: 18
      useNodePortExt: true


#Pods Service Account
serviceAccount:
  nameOverride: dcae-ves-cmpv2-cert-corect-sans
  roles:
    - read