# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file provides defaults for deckhand

labels:
  node_selector_key: ucp-control-plane
  node_selector_value: enabled

images:
  deckhand: quay.io/attcomdev/deckhand:latest
  dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
  db_init: docker.io/postgres:9.5
  db_sync: docker.io/postgres:9.5
  ks_user: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
  ks_service: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
  ks_endpoints: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
  pull_policy: "IfNotPresent"

release_group: null

network:
  ingress:
    public: true
  port: 9000
  node_port: 31902
  enable_node_port: false

dependencies:
  db_init:
    services:
    - service: postgresql
      endpoint: internal
  db_sync:
    jobs:
    - deckhand-db-init
    services:
    - service: postgresql
      endpoint: internal
  ks_user:
    services:
    - service: identity
      endpoint: internal
  ks_service:
    services:
    - service: identity
      endpoint: internal
  ks_endpoints:
    jobs:
    - deckhand-ks-service
    services:
    - service: identity
      endpoint: internal
  deckhand:
    jobs:
    - deckhand-ks-endpoints
    - deckhand-ks-user
    - deckhand-ks-endpoints
    services:
    - service: identity
      endpoint: internal
    - service: key_manager
      endpoint: internal

# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
  cluster_domain_suffix: cluster.local
  identity:
    name: keystone
    auth:
      user:
        region_name: RegionOne
        role: admin
        project_name: service
        project_domain_name: default
        user_domain_name: default
        username: deckhand
        password: password
      admin:
        region_name: RegionOne
        project_name: admin
        password: password
        username: admin
        user_domain_name: default
        project_domain_name: default
    hosts:
      default: keystone-api
      public: keystone
    path:
      default: /v3
    scheme:
      default: http
    port:
      admin:
        default: 35357
      api:
        default: 80
    host_fqdn_override:
      default: null
  deckhand:
    name: deckhand
    hosts:
      default: deckhand-int
      public: deckhand-api
    port:
      api:
        default: 9000
    path:
      default: /api/v1.0
    scheme:
      default: http
    host_fqdn_override:
      default: null
  postgresql:
    name: postgresql
    auth:
      admin:
        username: deckhand
        password: password
      user:
        username: deckhand
        password: password
    hosts:
      default: postgresql
    path: /deckhand
    scheme: postgresql+psycopg2
    port:
      postgresql:
        default: 5432
    host_fqdn_override:
      default: null
  key_manager:
    name: barbican
    hosts:
      default: barbican-api
      public: barbican
    host_fqdn_override:
      default: null
    path:
      default: /v1
    scheme:
      default: http
    port:
      api:
        default: 9311
        public: 80
  oslo_cache:
    hosts:
      default: memcached
    host_fqdn_override:
      default: null
    port:
      memcache:
        default: 11211

secrets:
  identity:
    admin: deckhand-keystone-admin
    user: deckhand-keystone-user
  postgresql:
    admin: deckhand-db-admin
    user: deckhand-db-user

database:
  postgresql:
    db_name: deckhand
    db_root_user: postgres

conf:
  policy:
    admin_api: role:admin
    deckhand:create_cleartext_documents: rule:admin_api
    deckhand:create_encrypted_documents: rule:admin_api
    deckhand:list_cleartext_documents: rule:admin_api
    deckhand:list_encrypted_documents: rule:admin_api
    deckhand:show_revision: rule:admin_api
    deckhand:list_revisions: rule:admin_api
    deckhand:delete_revisions: rule:admin_api
    deckhand:show_revision_diff: rule:admin_api
    deckhand:create_tag: rule:admin_api
    deckhand:show_tag: rule:admin_api
    deckhand:list_tags: rule:admin_api
    deckhand:delete_tag: rule:admin_api
    deckhand:delete_tags: rule:admin_api
  paste:
    filter:authtoken:
      paste.filter_factory: keystonemiddleware.auth_token:filter_factory
    filter:debug:
      use: egg:oslo.middleware#debug
    filter:cors:
      paste.filter_factory: oslo_middleware.cors:filter_factory
      oslo_config_project: deckhand
    filter:request_id:
      paste.filter_factory: oslo_middleware:RequestId.factory
    app:api:
      paste.app_factory: deckhand.service:deckhand_app_factory
    pipeline:deckhand_api:
      pipeline: authtoken api
  deckhand:
    DEFAULT:
      debug: true
      log_file: deckhand.log
      use_stderr: true
      use_syslog: true
    database:
      connection:
    keystone_authtoken:
      delay_auth_decision: true
      auth_type: password
      auth_version: v3
      memcache_security_strategy: ENCRYPT
    oslo_policy:
      policy_file: policy.yaml
      policy_default_rule: default
      policy_dirs: policy.d
  logging:
    loggers:
      keys: 'root, deckhand'
    handlers:
      keys: 'file, null, syslog'
    formatters:
      keys: 'simple, context'
    logger_deckhand:
      level: DEBUG
      handlers: file
      qualname: deckhand
    logger_root:
      level: WARNING
      handlers: null
    handler_file:
      class: FileHandler
      level: DEBUG
      args: "('deckhand.log', 'w+')"
      formatter: context
    handler_null:
      class: 'logging.NullHandler'
      formatter: context
      args: '()'
    handler_syslog:
      class: 'handlers.SysLogHandler'
      level: ERROR
      args: "('/dev/log', handlers.SysLogHandler.LOG_USER)"
    formatter_context:
      class: 'oslo_log.formatters.ContextFormatter'
    formatter_simple:
      format: "%(asctime)s.%(msecs)03d %(process)d %(levelname)s: %(message)s"
pod:
  mounts:
    deckhand_db_init:
      init_container: null
      deckhand_db_init:
    deckhand_db_sync:
      init_container: null
      deckhand_db_sync:
    deckhand:
      init_container: null
      deckhand:
  lifecycle:
    upgrades:
      deployments:
        revision_history: 3
        pod_replacement_strategy: RollingUpdate
        rolling_update:
          max_unavailable: 1
          max_surge: 3
    termination_grace_period:
      deckhand:
        timeout: 30
  replicas:
    deckhand: 1
  resources:
    enabled: false
    api:
      limits:
        memory: "128Mi"
        cpu: "100m"
      requests:
        memory: "128Mi"
        cpu: "100m"
    jobs:
      ks_user:
        limits:
          memory: "128Mi"
          cpu: "100m"
        requests:
          memory: "128Mi"
          cpu: "100m"
      ks_service:
        limits:
          memory: "128Mi"
          cpu: "100m"
        requests:
          memory: "128Mi"
          cpu: "100m"
      ks_endpoints:
        limits:
          memory: "128Mi"
          cpu: "100m"
        requests:
          memory: "128Mi"
          cpu: "100m"
manifests:
  configmap_bin: true
  configmap_etc: true
  deployment: true
  job_db_init: true
  job_db_sync: true
  job_ks_endpoints: true
  job_ks_service: true
  job_ks_user: true
  secret_db: true
  secret_keystone: true
  service_api: true
  ingress_api: true
  service: true
  service_ingress: true