#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.
#

{{- if .Values.components.broker }}
apiVersion: v1
kind: ConfigMap
metadata:
  name: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}"
  namespace: {{ template "pulsar.namespace" . }}
  labels:
    {{- include "pulsar.standardLabels" . | nindent 4 }}
    component: {{ .Values.broker.component }}
data:
  # Metadata settings
  zookeeperServers: "{{ template "pulsar.zookeeper.connect" . }}{{ .Values.metadataPrefix }}"
  {{- if .Values.pulsar_metadata.configurationStore }}
  configurationStoreServers: "{{ template "pulsar.configurationStore.connect" . }}{{ .Values.pulsar_metadata.configurationStoreMetadataPrefix }}"
  {{- end }}
  {{- if not .Values.pulsar_metadata.configurationStore }}
  configurationStoreServers: "{{ template "pulsar.zookeeper.connect" . }}{{ .Values.metadataPrefix }}"
  {{- end }}

  # Broker settings
  clusterName: {{ template "pulsar.cluster.name" . }}
  exposeTopicLevelMetricsInPrometheus: "true"
  numHttpServerThreads: "8"
  zooKeeperSessionTimeoutMillis: "30000"
  statusFilePath: "{{ template "pulsar.home" . }}/status"

  # Tiered storage settings
  {{- if .Values.broker.storageOffload.driver }}
  {{- if eq .Values.broker.storageOffload.driver "aws-s3" }}
  managedLedgerOffloadDriver: "{{ .Values.broker.storageOffload.driver }}" 
  s3ManagedLedgerOffloadBucket: "{{ .Values.broker.storageOffload.bucket }}" 
  s3ManagedLedgerOffloadRegion: "{{ .Values.broker.storageOffload.region }}" 
  {{- if .Values.broker.storageOffload.managedLedgerOffloadAutoTriggerSizeThresholdBytes }}
  PULSAR_PREFIX_managedLedgerOffloadThresholdInBytes: "{{ .Values.broker.storageOffload.managedLedgerOffloadAutoTriggerSizeThresholdBytes }}" 
  {{- end }} 
  {{- if .Values.broker.storageOffload.managedLedgerOffloadDeletionLagMs }}
  PULSAR_PREFIX_managedLedgerOffloadDeletionLagInMillis: "{{ .Values.broker.storageOffload.managedLedgerOffloadDeletionLagMs }}" 
  {{- end }}
  {{- if .Values.broker.storageOffload.maxBlockSizeInBytes }}
  s3ManagedLedgerOffloadMaxBlockSizeInBytes: "{{ .Values.broker.storageOffload.maxBlockSizeInBytes }}" 
  {{- end }}
  {{- if .Values.broker.storageOffload.readBufferSizeInBytes }}
  s3ManagedLedgerOffloadReadBufferSizeInBytes: "{{ .Values.broker.storageOffload.readBufferSizeInBytes }}" 
  {{- end }}
  {{- end }}
  {{- if eq .Values.broker.storageOffload.driver "google-cloud-storage" }}
  managedLedgerOffloadDriver: "{{ .Values.broker.storageOffload.driver }}" 
  gcsManagedLedgerOffloadBucket: "{{ .Values.broker.storageOffload.bucket }}"
  gcsManagedLedgerOffloadRegion: "{{ .Values.broker.storageOffload.region }}"
  gcsManagedLedgerOffloadServiceAccountKeyFile: "/pulsar/gcp-service-account/{{ .Values.broker.storageOffload.gcsServiceAccountJsonFile }}"
  {{- if .Values.broker.storageOffload.managedLedgerOffloadAutoTriggerSizeThresholdBytes }}
  PULSAR_PREFIX_managedLedgerOffloadThresholdInBytes: "{{ .Values.broker.storageOffload.managedLedgerOffloadAutoTriggerSizeThresholdBytes }}" 
  {{- end }} 
  {{- if .Values.broker.storageOffload.managedLedgerOffloadDeletionLagMs }}
  PULSAR_PREFIX_managedLedgerOffloadDeletionLagInMillis: "{{ .Values.broker.storageOffload.managedLedgerOffloadDeletionLagMs }}" 
  {{- end }}
  {{- if .Values.broker.storageOffload.maxBlockSizeInBytes }}
  gcsManagedLedgerOffloadMaxBlockSizeInBytes: "{{ .Values.broker.storageOffload.maxBlockSizeInBytes }}" 
  {{- end }}
  {{- if .Values.broker.storageOffload.readBufferSizeInBytes }}
  gcsManagedLedgerOffloadReadBufferSizeInBytes: "{{ .Values.broker.storageOffload.readBufferSizeInBytes }}" 
  {{- end }}
  {{- end }}
  {{- if eq .Values.broker.storageOffload.driver "azureblob" }}
  managedLedgerOffloadDriver: "{{ .Values.broker.storageOffload.driver }}" 
  managedLedgerOffloadBucket: "{{ .Values.broker.storageOffload.bucket }}"
  {{- if .Values.broker.storageOffload.managedLedgerOffloadAutoTriggerSizeThresholdBytes }}
  PULSAR_PREFIX_managedLedgerOffloadThresholdInBytes: "{{ .Values.broker.storageOffload.managedLedgerOffloadAutoTriggerSizeThresholdBytes }}" 
  {{- end }} 
  {{- if .Values.broker.storageOffload.managedLedgerOffloadDeletionLagMs }}
  PULSAR_PREFIX_managedLedgerOffloadDeletionLagInMillis: "{{ .Values.broker.storageOffload.managedLedgerOffloadDeletionLagMs }}" 
  {{- end }}
  {{- if .Values.broker.storageOffload.maxBlockSizeInBytes }}
  managedLedgerOffloadMaxBlockSizeInBytes: "{{ .Values.broker.storageOffload.maxBlockSizeInBytes }}" 
  {{- end }}
  {{- end }}
  {{- end }}

  # Function Worker Settings
  # function worker configuration
  {{- if not .Values.components.functions }}
  functionsWorkerEnabled: "false"
  {{- end }}
  {{- if .Values.components.functions }}
  functionsWorkerEnabled: "true"
  {{- if .Values.functions.useBookieAsStateStore }}
  PF_stateStorageServiceUrl: "bk://{{ template "pulsar.fullname" . }}-{{ .Values.bookkeeper.component }}:{{ .Values.bookkeeper.ports.statestore }}"
  {{- end }}
  PF_functionRuntimeFactoryClassName: "org.apache.pulsar.functions.runtime.kubernetes.KubernetesRuntimeFactory"
  PF_pulsarFunctionsCluster: {{ template "pulsar.cluster.name" . }}
  PF_connectorsDirectory: ./connectors
  PF_containerFactory: k8s
  PF_numFunctionPackageReplicas: "{{ .Values.broker.configData.managedLedgerDefaultEnsembleSize }}"
  # support version >= 2.5.0
  PF_functionRuntimeFactoryConfigs_pulsarRootDir: {{ template "pulsar.home" . }}
  PF_kubernetesContainerFactory_pulsarRootDir: {{ template "pulsar.home" . }}
  PF_functionRuntimeFactoryConfigs_pulsarDockerImageName: "{{ template "pulsar.imageFullName" (dict "image" .Values.images.functions "root" .) }}"
  PF_functionRuntimeFactoryConfigs_submittingInsidePod: "true"
  PF_functionRuntimeFactoryConfigs_installUserCodeDependencies: "true"
  PF_functionRuntimeFactoryConfigs_jobNamespace: {{ template "pulsar.namespace" . }}
  PF_functionRuntimeFactoryConfigs_expectedMetricsCollectionInterval: "30"
  {{- if not (and .Values.tls.enabled .Values.tls.broker.enabled .Values.tls.function_instance.enabled) }}
  PF_functionRuntimeFactoryConfigs_pulsarAdminUrl: "http://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.http }}/"
  PF_functionRuntimeFactoryConfigs_pulsarServiceUrl: "pulsar://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsar }}/"
  {{- else }}
  PF_functionRuntimeFactoryConfigs_pulsarAdminUrl: "https://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.https }}/"
  PF_functionRuntimeFactoryConfigs_pulsarServiceUrl: "pulsar+ssl://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsarssl }}/"
  {{- end }}
  PF_functionRuntimeFactoryConfigs_changeConfigMap: "{{ template "pulsar.fullname" . }}-{{ .Values.functions.component }}-config"
  PF_functionRuntimeFactoryConfigs_changeConfigMapNamespace: {{ template "pulsar.namespace" . }}
  # support version < 2.5.0
  PF_kubernetesContainerFactory_pulsarDockerImageName: "{{ template "pulsar.imageFullName" (dict "image" .Values.images.functions "root" .) }}"
  PF_kubernetesContainerFactory_submittingInsidePod: "true"
  PF_kubernetesContainerFactory_installUserCodeDependencies: "true"
  PF_kubernetesContainerFactory_jobNamespace: {{ template "pulsar.namespace" . }}
  PF_kubernetesContainerFactory_expectedMetricsCollectionInterval: "30"
  {{- if not (and .Values.tls.enabled .Values.tls.broker.enabled .Values.tls.function_instance.enabled) }}
  PF_kubernetesContainerFactory_pulsarAdminUrl: "http://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.http }}/"
  PF_kubernetesContainerFactory_pulsarServiceUrl: "pulsar://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsar }}/"
  {{- else }}
  PF_kubernetesContainerFactory_pulsarAdminUrl: "https://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.https }}/"
  PF_kubernetesContainerFactory_pulsarServiceUrl: "pulsar+ssl://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsarssl }}/"
  {{- end }}
  PF_kubernetesContainerFactory_changeConfigMap: "{{ template "pulsar.fullname" . }}-{{ .Values.functions.component }}-config"
  PF_kubernetesContainerFactory_changeConfigMapNamespace: {{ template "pulsar.namespace" . }}
  {{- end }}

  # prometheus needs to access /metrics endpoint
  webServicePort: "{{ .Values.broker.ports.http }}"
  {{- if or (not .Values.tls.enabled) (not .Values.tls.broker.enabled) }}
  brokerServicePort: "{{ .Values.broker.ports.pulsar }}"
  {{- end }}
  {{- if and .Values.tls.enabled .Values.tls.broker.enabled }}
  brokerServicePortTls: "{{ .Values.broker.ports.pulsarssl }}"
  webServicePortTls: "{{ .Values.broker.ports.https }}"
  # TLS Settings
  tlsCertificateFilePath: "/pulsar/certs/broker/tls.crt"
  tlsKeyFilePath: "/pulsar/certs/broker/tls.key"
  tlsTrustCertsFilePath: "/pulsar/certs/ca/ca.crt"
  {{- end }}

  # Authentication Settings
  {{- if .Values.auth.authentication.enabled }}
  authenticationEnabled: "true"
  {{- if .Values.auth.authorization.enabled }}
  authorizationEnabled: "true"
  superUserRoles: {{ .Values.auth.superUsers | values | compact | sortAlpha | join "," }}
  {{- if .Values.auth.useProxyRoles }}
  proxyRoles: {{ .Values.auth.superUsers.proxy }}
  {{- end }}
  {{- end }}
  {{- if eq .Values.auth.authentication.provider "jwt" }}
  # token authentication configuration
  authenticationProviders: "org.apache.pulsar.broker.authentication.AuthenticationProviderToken"
  brokerClientAuthenticationParameters: "file:///pulsar/tokens/broker/token"
  brokerClientAuthenticationPlugin: "org.apache.pulsar.client.impl.auth.AuthenticationToken"
  {{- if .Values.auth.authentication.jwt.usingSecretKey }}
  tokenSecretKey: "file:///pulsar/keys/token/secret.key"
  {{- else }}
  tokenPublicKey: "file:///pulsar/keys/token/public.key"
  {{- end }}
  {{- end }}
  {{- end }}

  {{- if and .Values.tls.enabled .Values.tls.bookie.enabled }}
  # bookkeeper tls settings
  bookkeeperTLSClientAuthentication: "true"
  bookkeeperTLSKeyFileType: "PEM"
  bookkeeperTLSKeyFilePath: "/pulsar/certs/broker/tls.key"
  bookkeeperTLSCertificateFilePath: "/pulsar/certs/broker/tls.crt"
  bookkeeperTLSTrustCertsFilePath: "/pulsar/certs/ca/ca.crt"
  bookkeeperTLSTrustCertTypes: "PEM"
  PULSAR_PREFIX_bookkeeperTLSClientAuthentication: "true"
  PULSAR_PREFIX_bookkeeperTLSKeyFileType: "PEM"
  PULSAR_PREFIX_bookkeeperTLSKeyFilePath: "/pulsar/certs/broker/tls.key"
  PULSAR_PREFIX_bookkeeperTLSCertificateFilePath: "/pulsar/certs/broker/tls.crt"
  PULSAR_PREFIX_bookkeeperTLSTrustCertsFilePath: "/pulsar/certs/ca/ca.crt"
  PULSAR_PREFIX_bookkeeperTLSTrustCertTypes: "PEM"
  # https://github.com/apache/bookkeeper/pull/2300
  bookkeeperUseV2WireProtocol: "false"
  {{- end }}
{{ toYaml .Values.broker.configData | indent 2 }}
{{- end }}