NEDSS-Helm/charts/modernization-api/values.yaml at 5d7f9894cf3124b5833773381c8f9634887b9ba0 · CDCgov/NEDSS-Helm · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
replicaCount: 1

env: "prod"

image:
  repository: "quay.io/us-cdcgov/cdc-nbs-modernization/modernization-api"
  pullPolicy: IfNotPresent
  tag: "v1.4.0"

imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

serviceAccount:
  create: true
  annotations: {}
  name: ""

podAnnotations: {}

podSecurityContext: {}

securityContext: {}

service:
  type: ClusterIP
  port: 8080
  httpsPort: 443
  gatewayPort: 8000
  pageBuilderPort: 8095

pageBuilder:
  enabled: "false"
  page:
    library:
      enabled: "false"
    management:
      create:
        enabled: "false"
      edit:
        enabled: "false"

ingress:
  enabled: false
  className: "nginx"
  tls:
    - secretName: app.EXAMPLE_DOMAIN
      hosts:
        - app.EXAMPLE_DOMAIN

# determine whether or not to use istio-gateway for ingress (only 1 ingress should be used to prevent conflicts)
istioGatewayIngress:
  enabled: false
  host: app.EXAMPLE_DOMAIN
  gatewayNamespace: "istio-ingress"
  certificateName: ""
  certificateIssuerName: "letsencrypt-production"

traefikIngress:
  enabled: true
  bodySizeLimit:
    # Max request body size in bytes (100MB — matches NGINX proxy-body-size: 100m)
    maxRequestBodyBytes: 104857600


mTLS:
  enabled: true

nbsExternalName: app-classic.EXAMPLE_DOMAIN

resources:
  limits:
    memory: "4Gi"

autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80

nodeSelector: {}

tolerations: []

affinity: {}

ingressHost: "app.EXAMPLE_DOMAIN"

# The timezone to initialize the JVM with
timezone: "UTC"

elasticSearchHost: "http://elasticsearch.default.svc.cluster.local:9200"

jdbc:
  # jdbc.connectionString is passed in as an override and all values must be supplied.
  # Replace <db_endpoint>, <database>, <username>, and <password> in the following:
  # "jdbc:sqlserver://<db_endpoint>:1433;databaseName=<database>;user=<username>;password=<password>;encrypt=true;trustServerCertificate=true;"
  connectionString: "jdbc:sqlserver://EXAMPLE_DB_ENDPOINT:1433;databaseName=EXAMPLE_DB_NAME;user=EXAMPLE_ODSE_DB_USER;password=EXAMPLE_ODSE_DB_USER_PASSWORD;encrypt=true;trustServerCertificate=true;"
  user: "EXAMPLE_ODSE_DB_USER"
  password: "EXAMPLE_ODSE_DB_USER_PASSWORD"

security:
  # Used to encrypt JWT, needs to match between page builder and modernization-api
  # Random value can be generated by running: openssl rand -base64 64 | tr -d '\n'
  # Windows users, use git bash shell
  tokenSecret: "EXAMPLE_TOKEN_SECRET"
  # Used to encrypt search parameters
  # Random value can be generated by running: openssl rand -base64 32 | cut -c1-32
  parameterSecret: "EXAMPLE_PARAMETER_SECRET"

# OIDC settings
#  must be enabled and configured in nbs-gateway
oidc:
  enabled: "true"
  # specifies the uri for the OIDC issuer, defaults to https://ingressHost/auth/realms/nbs-users
  uri: ""

ui:
  # settings for modernized ui
  smarty:
    # The embedded API key, when blank the Smarty API will not be invoked.
    key:
  analytics:
    # The host name of the PostHog server to send analytics to
    host: "https://us.i.posthog.com"
    # The PostHog project key to associate frontend analytics with, when blank analytics will not be enabled
    key:
  defaults:
    # The default sizing of components
    sizing: "small"
  # feature flag configurations for modernized ui
  search:
    events:
      # Enables access to NBS6 Event Search
      enabled: true
    investigations:
      # Enables access to modernized Investigation search
      enabled: false
    laboratoryReports:
      # Enables access to modernized Laboratory search
      enabled: false
  patient:
    file:
      # Enables access to the modernized Patient File
      enabled: true
      # Enables presence of Merge History card in Patient File
      mergeHistory:
        enabled: false
    search:
      filters:
        # [deprecated]  Enables access to modernized Patient search filters. (marked for removal)
        enabled: true
  deduplication:
    # Enable access to Deduplication screens
    enabled: false
    merge:
      # Enable access to Deduplication merge screens
      enabled: false
  system:
    management:
      # Enable access to System Management screen
      enabled: false

# Override available for readiness and liveness probes: port, initialDelaySeconds, periodSeconds, failureThreshold
probes:
  readiness:
    enabled: true
  liveness:
    enabled: true