# Service Config
image: __CONTAINER__
imagePullPolicy: IfNotPresent
service:
type: ClusterIP
port: 8080
apiPath: /api/notification/v1/
readinessProbeHttpPath: /api/notification/v1/actuator/health
livenessProbeHttpPath: /api/notification/v1/actuator/health
environmentVariables:
- name: APPLICATION_PORT
value: "{{ .Values.service.port }}"
- name: AWS_REGION
value: "{{ .Values.global.region }}"
- name: RESOURCE_PREFIX
value: "{{ .Values.global.resourcePrefix }}"
- name: JAVA_OPTS
value: "-Xms538M -Xmx900M"
- name: LOG_LEVEL
value: "{{ .Values.global.logLevel }}"
- name: SSM_ENABLED
value: "True"
- name: SSL_ENABLED
value: "false"
- name: ENTITLEMENTS_BASE_URL
value: "http://os-entitlements:8080"
- name: REGISTER_BASE_URL
value: http://os-register:8080
podAnnotations: {}
# Resource Config
replicaCount: 1
resources:
limits:
memory: 900M
requests:
cpu: 500m
memory: 900M
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Security Config
serviceAccountRole: arn:aws:iam::{{ .Values.global.accountID }}:role/osdu-{{ .Values.global.resourcePrefix }}-{{ include "common.name" . }}
cors:
maxAge: "60m"
allowCredentials: true
allowMethods:
- POST
- GET
- PATCH
- PUT
- DELETE
allowHeaders:
- Authorization
- Data-Partition-Id
- Correlation-Id
- Content-Type
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
allowedPrincipals:
- cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account
- cluster.local/ns/aws-binary-dms/sa/binary-dms
- cluster.local/ns/osdu-airflow/sa/airflow-dag-upload
- cluster.local/ns/osdu-ingest/sa/os-data-workflow
- cluster.local/ns/osdu-ingest/sa/os-ingestion-workflow
- cluster.local/ns/osdu-seismic-ddms/sa/os-seismic-store
- cluster.local/ns/osdu-well-delivery/sa/os-welldelivery
- cluster.local/ns/osdu-wellbore-ddms/sa/os-wellbore-ddms