2.1.6

0970b3e0 · 舒成 · 7d41e5ec · 0970b3e0 · 0970b3e0 · 0970b3e0
Commit 0970b3e0 authored Nov 28, 2021 by 舒成
13 changed files
--- a/.beagle.yml
+++ b/.beagle.yml
@@ -35,7 +35,7 @@ steps:
          "REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
          "REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
          "TARGET_ARCH":"amd64",
-          "TARGET_VERSION":"v2.1.3"
+          "TARGET_VERSION":"v2.1.6"
        }'
        --extra-vars "@ansible/images.yaml"
@@ -49,7 +49,7 @@ steps:
          "REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
          "REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
          "TARGET_ARCH":"arm64",
-          "TARGET_VERSION":"v2.1.3"
+          "TARGET_VERSION":"v2.1.6"
        }'
        --extra-vars "@ansible/images.yaml"
@@ -63,7 +63,21 @@ steps:
          "REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
          "REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
          "TARGET_ARCH":"ppc64le",
-          "TARGET_VERSION":"v2.1.3"
+          "TARGET_VERSION":"v2.1.6"
+        }'
+        --extra-vars "@ansible/images.yaml"
+  - name: ansible-mips64le
+    image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
+    commands:
+      - >-
+        ansible-playbook /etc/ansible/linux/main.yml
+        --extra-vars
+        '{
+          "REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
+          "REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
+          "TARGET_ARCH":"mips64le",
+          "TARGET_VERSION":"v2.1.6"
        }'
        --extra-vars "@ansible/images.yaml"

--- a/.gitignore
+++ b/.gitignore
 charts/*
 requirements.lock
\ No newline at end of file
+beagle-*.tgz
\ No newline at end of file
--- a/Chart.yaml
+++ b/Chart.yaml
 apiVersion: v1
 name: beagle-harbor
-version: 2.1.3
+version: 2.1.6
-appVersion: 2.1.3
+appVersion: 2.1.6
 description: An open source trusted cloud native registry that stores, signs, and scans content
 keywords:
  - docker

--- a/Deploy.md
+++ b/Deploy.md
@@ -31,76 +31,96 @@ harbor \
 /etc/kubernetes/helm/beagle-harbor \
 -f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml > /etc/kubernetes/helm/beagle-harbor/dist.yaml
-# package
+# 5. Package
-helm package . -d C:/Tmp/Charts
+## 打包项目
+helm package .
+## 部署项目
+helm install \
+harbor \
+/etc/kubernetes/charts/beagle-harbor-2.1.6.tgz \
+--namespace devops \
+-f /etc/kubernetes/charts/beagle-harbor.yaml
+## 更新项目
+helm upgrade \
+harbor \
+/etc/kubernetes/charts/beagle-harbor-2.1.6.tgz \
+--namespace devops \
+-f /etc/kubernetes/charts/beagle-harbor.yaml
+## 删除项目
+helm uninstall \
+--namespace devops \
+harbor
 ```
 ## images x86_64
 ```bash
 # gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor
-registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.6
-registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.6
-registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.6
-registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.6
 # gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-db
-registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.6
 # registry
-registry.cn-qingdao.aliyuncs.com/wod/registry:2.7.1
+registry.cn-qingdao.aliyuncs.com/wod/registry:v2.7.1
 # gitlab.wodcloud.com/cloud/chartmuseum
-registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/chartmuseum:v0.12.0
 # gitlab.wodcloud.com/cloud/clair
-registry.cn-qingdao.aliyuncs.com/wod/harbor-clair:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/clair:v2.1.7
 # gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-scanner-clair
-registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-clair:v1.1.1
 # gitlab.wodcloud.com/cloud/harbor-scanner-trivy
-registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-trivy:v0.17.0
 # gitlab.wodcloud.com/cloud/notary
-registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/notary-server:v0.6.1
-registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer:v2.1.3
+registry.cn-qingdao.aliyuncs.com/wod/notary-signer:v0.6.1
 # redis
-registry.cn-qingdao.aliyuncs.com/wod/redis:6.0.9
+registry.cn-qingdao.aliyuncs.com/wod/redis:6.2.6
 ```
 ## images arm64
 ```bash
 # gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor
-registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.6-arm64
-registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.6-arm64
-registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.6-arm64
-registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.6-arm64
 # gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-db
-registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.6-arm64
 # registry
-registry.cn-qingdao.aliyuncs.com/wod/registry:2.7.1-arm64
+registry.cn-qingdao.aliyuncs.com/wod/registry:v2.7.1-arm64
 # gitlab.wodcloud.com/cloud/chartmuseum
-registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/chartmuseum:v0.12.0-arm64
 # gitlab.wodcloud.com/cloud/clair
-registry.cn-qingdao.aliyuncs.com/wod/harbor-clair:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/clair:v2.1.7-arm64
 # gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-scanner-clair
-registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-clair:v1.1.1-arm64
 # gitlab.wodcloud.com/cloud/harbor-scanner-trivy
-registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-trivy:v0.17.0-arm64
 # gitlab.wodcloud.com/cloud/notary
-registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/notary-server:v0.6.1-arm64
-registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer:v2.1.3-arm64
+registry.cn-qingdao.aliyuncs.com/wod/notary-signer:v0.6.1-arm64
 # redis
-registry.cn-qingdao.aliyuncs.com/wod/redis:6.0.9-arm64
+registry.cn-qingdao.aliyuncs.com/wod/redis:6.2.6-arm64
 ```
--- a/REAME.md
+++ b/REAME.md
@@ -271,7 +271,7 @@ The following table lists the configurable parameters of the Harbor chart and th
 | `clair.clair.image.repository`                                              | Repository for clair image                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `goharbor/clair-photon`                                                             |
 | `clair.clair.image.tag`                                                     | Tag for clair image                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | `dev`                                                                               |
 | `clair.clair.resources`                                                     | The [resources] to allocate for clair container                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                                                                     |
-| `clair.adapter.image.repository`                                            | Repository for clair adapter image                                                                                                                                                                                                                                                                                                                                                                                                                                                             | `goharbor/clair-adapter-photon`                                                     |
+| `clair.adapter.image.repository`                                            | Repository for clair adapter image                                                                                                                                                                                                                                                                                                                                                                                                                                                             | `goharbor/harbor-scanner-clair-photon`                                              |
 | `clair.adapter.image.tag`                                                   | Tag for clair adapter image                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | `dev`                                                                               |
 | `clair.adapter.resources`                                                   | The [resources] to allocate for clair adapter container                                                                                                                                                                                                                                                                                                                                                                                                                                        |                                                                                     |
 | `clair.replicas`                                                            | The replica count                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | `1`                                                                                 |

--- a/ansible/images.yaml
+++ b/ansible/images.yaml
 IMAGES:
  - repo: harbor-portal
-    tag: "v2.1.3"
+    tag: 'v2.1.6'
  - repo: harbor-core
-    tag: "v2.1.3"
+    tag: 'v2.1.6'
  - repo: harbor-jobservice
-    tag: "v2.1.3"
+    tag: 'v2.1.6'
  - repo: harbor-db
-    tag: "v2.1.3"
+    tag: 'v2.1.6'
  - repo: harbor-registryctl
-    tag: "v2.1.3"
+    tag: 'v2.1.6'
-  - repo: harbor-chartmuseum
+  - repo: chartmuseum
-    tag: "v2.1.3"
+    tag: 'v0.12.0'
-  - repo: harbor-clair
+  - repo: clair
-    tag: "v2.1.3"
+    tag: 'v2.1.7'
-  - repo: harbor-clair-adapter
+  - repo: harbor-scanner-clair
-    tag: "v2.1.3"
+    tag: 'v1.1.1'
-  - repo: harbor-trivy-adapter
+  - repo: harbor-scanner-trivy
-    tag: "v2.1.3"
+    tag: v0.17.0
-  - repo: harbor-notary-server
+  - repo: notary-server
-    tag: "v2.1.3"
+    tag: v0.6.1
-  - repo: harbor-notary-signer
+  - repo: notary-signer
-    tag: "v2.1.3"
+    tag: v0.6.1
  - repo: registry
-    tag: "2.7.1"
+    tag: 'v2.7.1'
  - repo: redis
-    tag: "6.0.9"
+    tag: '6.2.6'
\ No newline at end of file
--- a/raws/values-aliyun.yaml
+++ b/raws/values-aliyun.yaml
@@ -7,7 +7,7 @@ expose:
      core: hub.wodcloud.local
      notary: notary.wodcloud.local
    annotations:
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
 externalURL: https://hub.wodcloud.local
@@ -15,41 +15,41 @@ persistence:
  enabled: true
  persistentVolumeClaim:
    registry:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    chartmuseum:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    jobservice:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    database:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    redis:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    trivy:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
-      size: 5Gi  
+      size: 5Gi
  imageChartStorage:
    # s3 , filesystem
    type: filesystem
@@ -62,34 +62,34 @@ persistence:
      encrypt: false
      v4auth: true
      chunksize: '5242880'
-      rootdirectory: /      
+      rootdirectory: /
 imagePullPolicy: IfNotPresent
 logLevel: info
-harborAdminPassword: "spaceIN511"
+harborAdminPassword: 'spaceIN511'
-secretKey: "IpTIscRIgmerlare"
+secretKey: 'IpTIscRIgmerlare'
 portal:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
-    tag: v2.1.3
+    tag: v2.1.6
 core:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
-    tag: v2.1.3
+    tag: v2.1.6
 jobservice:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
-    tag: v2.1.3
+    tag: v2.1.6
 registry:
  registry:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
-      tag: 2.7.1
+      tag: v2.7.1
    resources:
      limits:
        memory: 4Gi
@@ -98,12 +98,12 @@ registry:
  controller:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
-      tag: v2.1.3
+      tag: v2.1.6
 chartmuseum:
  image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
+    repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum
-    tag: v2.1.3
+    tag: v2.1.6
  nodeSelector: {}
  # nodeSelector:
  #   harbor: enabled
@@ -111,40 +111,40 @@ chartmuseum:
    type: hostPath
    emptyDir: {}
    hostPath:
-      root: /data    
+      root: /data
 clair:
  clair:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
+      repository: registry.cn-qingdao.aliyuncs.com/wod/clair
-      tag: v2.1.3
+      tag: v2.1.6
  adapter:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-clair
-      tag: v2.1.3
+      tag: v2.1.6
 trivy:
  image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-trivy
-    tag: v2.1.3
+    tag: v2.1.6
 notary:
  server:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
+      repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server
-      tag: v2.1.3
+      tag: v2.1.6
  signer:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
+      repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer
-      tag: v2.1.3
+      tag: v2.1.6
 database:
  type: internal
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
-      tag: v2.1.3
+      tag: v2.1.6
-    password: "spaceIN511"
+    password: 'spaceIN511'
    resources:
      limits:
        memory: 4Gi
@@ -156,4 +156,4 @@ redis:
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/redis
-      tag: 6.0.9
+      tag: 6.2.6
\ No newline at end of file
--- a/raws/values-arm.yaml
+++ b/raws/values-arm.yaml
@@ -7,7 +7,7 @@ expose:
      core: hub.wodcloud.local
      notary: notary.wodcloud.local
    annotations:
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
 externalURL: https://hub.wodcloud.local
@@ -15,41 +15,41 @@ persistence:
  enabled: true
  persistentVolumeClaim:
    registry:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    chartmuseum:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    jobservice:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    database:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    redis:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    trivy:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
-      size: 5Gi  
+      size: 5Gi
  imageChartStorage:
    # s3 , filesystem
    type: filesystem
@@ -62,34 +62,34 @@ persistence:
      encrypt: false
      v4auth: true
      chunksize: '5242880'
-      rootdirectory: /      
+      rootdirectory: /
 imagePullPolicy: IfNotPresent
 logLevel: info
-harborAdminPassword: "spaceIN511"
+harborAdminPassword: 'spaceIN511'
-secretKey: "IpTIscRIgmerlare"
+secretKey: 'IpTIscRIgmerlare'
 portal:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
-    tag: v2.1.3-arm64
+    tag: v2.1.6-arm64
 core:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
-    tag: v2.1.3-arm64
+    tag: v2.1.6-arm64
 jobservice:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
-    tag: v2.1.3-arm64
+    tag: v2.1.6-arm64
 registry:
  registry:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
-      tag: 2.7.1-arm64
+      tag: v2.7.1-arm64
    resources:
      limits:
        memory: 4Gi
@@ -98,12 +98,12 @@ registry:
  controller:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
-      tag: v2.1.3-arm64
+      tag: v2.1.6-arm64
 chartmuseum:
  image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
+    repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum
-    tag: v2.1.3-arm64
+    tag: v2.1.6-arm64
  nodeSelector: {}
  # nodeSelector:
  #   harbor: enabled
@@ -111,40 +111,40 @@ chartmuseum:
    type: hostPath
    emptyDir: {}
    hostPath:
-      root: /data    
+      root: /data
 clair:
  clair:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
+      repository: registry.cn-qingdao.aliyuncs.com/wod/clair
-      tag: v2.1.3-arm64
+      tag: v2.1.6-arm64
  adapter:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-clair
-      tag: v2.1.3-arm64
+      tag: v2.1.6-arm64
 trivy:
  image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-trivy
-    tag: v2.1.3-arm64
+    tag: v2.1.6-arm64
 notary:
  server:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
+      repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server
-      tag: v2.1.3-arm64
+      tag: v2.1.6-arm64
  signer:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
+      repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer
-      tag: v2.1.3-arm64
+      tag: v2.1.6-arm64
 database:
  type: internal
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
-      tag: v2.1.3-arm64
+      tag: v2.1.6-arm64
-    password: "spaceIN511"
+    password: 'spaceIN511'
    resources:
      limits:
        memory: 4Gi
@@ -156,4 +156,4 @@ redis:
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/redis
-      tag: 6.0.9-arm64
+      tag: 6.2.6-arm64
\ No newline at end of file
--- a/raws/values-pg.yaml
+++ b/raws/values-pg.yaml
@@ -7,7 +7,7 @@ expose:
      core: hub.test.wodcloud.com
      notary: notary.test.wodcloud.com
    annotations:
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
 externalURL: https://hub.test.wodcloud.com
@@ -19,21 +19,21 @@ persistence:
    filesystem:
      rootdirectory: /data
    #s3:
-     # accesskey: AKIAIOSFODNN7EXAMPLE
+    # accesskey: AKIAIOSFODNN7EXAMPLE
-     # secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+    # secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
-     # region: us-east-1
+    # region: us-east-1
-     # regionendpoint: https://minio.sxwh.local
+    # regionendpoint: https://minio.sxwh.local
-     # bucket: registry
+    # bucket: registry
-     # encrypt: false
+    # encrypt: false
-     # v4auth: true
+    # v4auth: true
-     # chunksize: '5242880'
+    # chunksize: '5242880'
-     # rootdirectory: /
+    # rootdirectory: /
 imagePullPolicy: IfNotPresent
 logLevel: info
-harborAdminPassword: "spaceIN511"
+harborAdminPassword: 'spaceIN511'
-secretKey: "IpTIscRIgmerlare"
+secretKey: 'IpTIscRIgmerlare'
 portal:
  image:
@@ -59,14 +59,14 @@ registry:
  registry:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
-      tag: 2.7.1
+      tag: v2.7.1
    resources:
      limits:
        memory: 4Gi
      requests:
        memory: 256Mi
  nodeSelector:
-    harbor: enabled  
+    harbor: enabled
  storageSpec:
    # type: emptyDir , hostPath , volumeClaimTemplate
    type: hostPath
@@ -76,11 +76,11 @@ registry:
    volumeClaimTemplate:
      spec:
        storageClassName: rook-ceph-block
-        accessModes: ["ReadWriteOnce"]
+        accessModes: ['ReadWriteOnce']
        resources:
          requests:
            storage: 100Gi
-      selector: {}    
+      selector: {}
  controller:
    image:
@@ -95,12 +95,12 @@ chartmuseum:
    tag: v0.9.0-v1.8.2
  replicas: 1
  nodeSelector:
-    harbor: enabled  
+    harbor: enabled
  storageSpec:
    type: hostPath
    emptyDir: {}
    hostPath:
-      root: /data    
+      root: /data
 clair:
  enabled: true
@@ -128,7 +128,7 @@ database:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
      tag: v1.8.2
-    password: "spaceIN511"
+    password: 'spaceIN511'
    resources:
      limits:
        memory: 4Gi
@@ -140,11 +140,11 @@ database:
      type: hostPath
      emptyDir: {}
      hostPath:
-        root: /data         
+        root: /data
      volumeClaimTemplate:
        spec:
          storageClassName: rook-ceph-block
-          accessModes: ["ReadWriteOnce"]
+          accessModes: ['ReadWriteOnce']
          resources:
            requests:
              storage: 20Gi
@@ -155,4 +155,4 @@ redis:
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/redis
      tag: 4.0.14-alpine
\ No newline at end of file
--- a/raws/values-ppc64le.yaml
+++ b/raws/values-ppc64le.yaml
@@ -7,7 +7,7 @@ expose:
      core: hub.wodcloud.local
      notary: notary.wodcloud.local
    annotations:
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
 externalURL: https://hub.wodcloud.local
@@ -15,41 +15,41 @@ persistence:
  enabled: true
  persistentVolumeClaim:
    registry:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    chartmuseum:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    jobservice:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    database:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    redis:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    trivy:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
-      size: 5Gi  
+      size: 5Gi
  imageChartStorage:
    # s3 , filesystem
    type: filesystem
@@ -62,34 +62,34 @@ persistence:
      encrypt: false
      v4auth: true
      chunksize: '5242880'
-      rootdirectory: /      
+      rootdirectory: /
 imagePullPolicy: IfNotPresent
 logLevel: info
-harborAdminPassword: "spaceIN511"
+harborAdminPassword: 'spaceIN511'
-secretKey: "IpTIscRIgmerlare"
+secretKey: 'IpTIscRIgmerlare'
 portal:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
-    tag: v2.1.3-ppc64le
+    tag: v2.1.6-ppc64le
 core:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
-    tag: v2.1.3-ppc64le
+    tag: v2.1.6-ppc64le
 jobservice:
  image:
    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
-    tag: v2.1.3-ppc64le
+    tag: v2.1.6-ppc64le
 registry:
  registry:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
-      tag: 2.7.1-ppc64le
+      tag: v2.7.1-ppc64le
    resources:
      limits:
        memory: 4Gi
@@ -98,11 +98,11 @@ registry:
  controller:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
-      tag: v2.1.3-ppc64le
+      tag: v2.1.6-ppc64le
 chartmuseum:
  image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
+    repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum
    tag: v2.1.1-ppc64le
  nodeSelector: {}
  # nodeSelector:
@@ -111,31 +111,31 @@ chartmuseum:
    type: hostPath
    emptyDir: {}
    hostPath:
-      root: /data    
+      root: /data
 clair:
  clair:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
+      repository: registry.cn-qingdao.aliyuncs.com/wod/clair
      tag: v2.1.1-ppc64le
  adapter:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-clair
      tag: v2.1.1-ppc64le
 trivy:
  image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-scanner-trivy
    tag: v2.1.1-ppc64le
 notary:
  server:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
+      repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server
      tag: v2.1.1-ppc64le
  signer:
    image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
+      repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer
      tag: v2.1.1-ppc64le
 database:
@@ -143,8 +143,8 @@ database:
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
-      tag: v2.1.3-ppc64le
+      tag: v2.1.6-ppc64le
-    password: "spaceIN511"
+    password: 'spaceIN511'
    resources:
      limits:
        memory: 4Gi
@@ -156,4 +156,4 @@ redis:
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/redis
-      tag: 6.0.9-ppc64le
+      tag: 6.2.6-ppc64le
\ No newline at end of file
--- a/raws/values-stolon.yaml
+++ b/raws/values-stolon.yaml
@@ -7,7 +7,7 @@ expose:
      core: hub.test.wodcloud.com
      notary: notary.test.wodcloud.com
    annotations:
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
 externalURL: https://hub.test.wodcloud.com
@@ -19,21 +19,21 @@ persistence:
    filesystem:
      rootdirectory: /data
    #s3:
-     # accesskey: AKIAIOSFODNN7EXAMPLE
+    # accesskey: AKIAIOSFODNN7EXAMPLE
-     # secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+    # secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
-     # region: us-east-1
+    # region: us-east-1
-     # regionendpoint: https://minio.sxwh.local
+    # regionendpoint: https://minio.sxwh.local
-     # bucket: registry
+    # bucket: registry
-     # encrypt: false
+    # encrypt: false
-     # v4auth: true
+    # v4auth: true
-     # chunksize: '5242880'
+    # chunksize: '5242880'
-     # rootdirectory: /
+    # rootdirectory: /
 imagePullPolicy: IfNotPresent
 logLevel: info
-harborAdminPassword: "spaceIN511"
+harborAdminPassword: 'spaceIN511'
-secretKey: "IpTIscRIgmerlare"
+secretKey: 'IpTIscRIgmerlare'
 portal:
  image:
@@ -59,14 +59,14 @@ registry:
  registry:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
-      tag: 2.7.1
+      tag: v2.7.1
    resources:
      limits:
        memory: 4Gi
      requests:
        memory: 256Mi
  nodeSelector:
-    harbor: enabled  
+    harbor: enabled
  storageSpec:
    # type: emptyDir , hostPath , volumeClaimTemplate
    type: hostPath
@@ -76,11 +76,11 @@ registry:
    volumeClaimTemplate:
      spec:
        storageClassName: rook-ceph-block
-        accessModes: ["ReadWriteOnce"]
+        accessModes: ['ReadWriteOnce']
        resources:
          requests:
            storage: 100Gi
-      selector: {}    
+      selector: {}
  controller:
    image:
@@ -95,12 +95,12 @@ chartmuseum:
    tag: v0.9.0-v1.8.2
  replicas: 1
  nodeSelector:
-    harbor: enabled  
+    harbor: enabled
  storageSpec:
    type: hostPath
    emptyDir: {}
    hostPath:
-      root: /data    
+      root: /data
 clair:
  enabled: true
@@ -125,19 +125,19 @@ notary:
 database:
  type: external
  external:
-    host: "stolon-proxy.devops"
+    host: 'stolon-proxy.devops'
-    port: "5432"
+    port: '5432'
-    username: "postgres"
+    username: 'postgres'
-    password: "spaceIN511"
+    password: 'spaceIN511'
-    coreDatabase: "hub_registry"
+    coreDatabase: 'hub_registry'
-    clairDatabase: "hub_clair"
+    clairDatabase: 'hub_clair'
-    notaryServerDatabase: "hub_notary_server"
+    notaryServerDatabase: 'hub_notary_server'
-    notarySignerDatabase: "hub_notary_signer"
+    notarySignerDatabase: 'hub_notary_signer'
-    sslmode: "disable"
+    sslmode: 'disable'
 redis:
  type: internal
  internal:
    image:
      repository: registry.cn-qingdao.aliyuncs.com/wod/redis
      tag: 4.0.14-alpine
\ No newline at end of file
--- a/raws/values.yaml
+++ b/raws/values.yaml
@@ -20,17 +20,17 @@ expose:
    auto:
      # The common name used to generate the certificate, it's necessary
      # when the type isn't "ingress"
-      commonName: ""
+      commonName: ''
    secret:
      # The name of secret which contains keys named:
      # "tls.crt" - the certificate
      # "tls.key" - the private key
-      secretName: ""
+      secretName: ''
      # The name of secret which contains keys named:
      # "tls.crt" - the certificate
      # "tls.key" - the private key
      # Only needed when the "expose.type" is "ingress".
-      notarySecretName: ""
+      notarySecretName: ''
  ingress:
    hosts:
      core: core.harbor.domain
@@ -41,10 +41,10 @@ expose:
    # set to `ncp` if using the NCP (NSX-T Container Plugin) ingress controller
    controller: default
    annotations:
-      ingress.kubernetes.io/ssl-redirect: "true"
+      ingress.kubernetes.io/ssl-redirect: 'true'
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
-      nginx.ingress.kubernetes.io/ssl-redirect: "true"
+      nginx.ingress.kubernetes.io/ssl-redirect: 'true'
-      nginx.ingress.kubernetes.io/proxy-body-size: "0"
+      nginx.ingress.kubernetes.io/proxy-body-size: '0'
  clusterIP:
    # The name of ClusterIP service
    name: harbor
@@ -80,7 +80,7 @@ expose:
    # The name of LoadBalancer service
    name: harbor
    # Set the IP if the LoadBalancer supports assigning IP
-    IP: ""
+    IP: ''
    ports:
      # The service port Harbor listens on when serving with HTTP
      httpPort: 80
@@ -116,65 +116,65 @@ internalTLS:
  # 1) "auto" will generate cert automatically
  # 2) "manual" need provide cert file manually in following value
  # 3) "secret" internal certificates from secret
-  certSource: "auto"
+  certSource: 'auto'
  # The content of trust ca, only available when `certSource` is "manual"
-  trustCa: ""
+  trustCa: ''
  # core related cert configuration
  core:
    # secret name for core's tls certs
-    secretName: ""
+    secretName: ''
    # Content of core's TLS cert file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of core's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # jobservice related cert configuration
  jobservice:
    # secret name for jobservice's tls certs
-    secretName: ""
+    secretName: ''
    # Content of jobservice's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of jobservice's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # registry related cert configuration
  registry:
    # secret name for registry's tls certs
-    secretName: ""
+    secretName: ''
    # Content of registry's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of registry's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # portal related cert configuration
  portal:
    # secret name for portal's tls certs
-    secretName: ""
+    secretName: ''
    # Content of portal's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of portal's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # chartmuseum related cert configuration
  chartmuseum:
    # secret name for chartmuseum's tls certs
-    secretName: ""
+    secretName: ''
    # Content of chartmuseum's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of chartmuseum's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # clair related cert configuration
  clair:
    # secret name for clair's tls certs
-    secretName: ""
+    secretName: ''
    # Content of clair's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of clair's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # trivy related cert configuration
  trivy:
    # secret name for trivy's tls certs
-    secretName: ""
+    secretName: ''
    # Content of trivy's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of trivy's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
 # The persistence is enabled by default and a default StorageClass
 # is needed in the k8s cluster to provision volumes dynamicly.
@@ -189,51 +189,51 @@ persistence:
  # operation. Leaving it empty will delete PVCs after the chart deleted
  # (this does not apply for PVCs that are created for internal database
  # and redis components, i.e. they are never deleted automatically)
-  resourcePolicy: "keep"
+  resourcePolicy: 'keep'
  persistentVolumeClaim:
    registry:
      # Use the existing PVC which must be created manually before bound,
      # and specify the "subPath" if the PVC is shared with other components
-      existingClaim: ""
+      existingClaim: ''
      # Specify the "storageClass" used to provision the volume. Or the default
      # StorageClass will be used(the default).
      # Set it to "-" to disable dynamic provisioning
-      storageClass: ""
+      storageClass: ''
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    chartmuseum:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: ""
+      storageClass: ''
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    jobservice:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: ""
+      storageClass: ''
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    # If external database is used, the following settings for database will
    # be ignored
    database:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: ""
+      storageClass: ''
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    # If external Redis is used, the following settings for Redis will
    # be ignored
    redis:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: ""
+      storageClass: ''
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    trivy:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: ""
+      storageClass: ''
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
  # Define which storage backend is used for registry and chartmuseum to store
@@ -338,15 +338,15 @@ updateStrategy:
 logLevel: info
 # The initial password of Harbor admin. Change it from portal after launching Harbor
-harborAdminPassword: "Harbor12345"
+harborAdminPassword: 'Harbor12345'
 # The name of the secret which contains key named "ca.crt". Setting this enables the
 # download link on portal to download the certificate of CA when the certificate isn't
 # generated automatically
-caSecretName: ""
+caSecretName: ''
 # The secret key used for encryption. Must be a string of 16 chars.
-secretKey: "not-a-secure-key"
+secretKey: 'not-a-secure-key'
 # The proxy settings for updating clair vulnerabilities from the Internet and replicating
 # artifacts from/to the registries that cannot be reached directly
@@ -375,9 +375,9 @@ proxy:
 nginx:
  image:
    repository: goharbor/nginx-photon
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  replicas: 1
  # resources:
  #  requests:
@@ -392,9 +392,9 @@ nginx:
 portal:
  image:
    repository: goharbor/harbor-portal
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  replicas: 1
  # resources:
  #  requests:
@@ -409,9 +409,9 @@ portal:
 core:
  image:
    repository: goharbor/harbor-core
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  replicas: 1
  ## Startup probe values
  startupProbe:
@@ -429,24 +429,24 @@ core:
  # Secret is used when core server communicates with other components.
  # If a secret key is not specified, Helm will generate one.
  # Must be a string of 16 chars.
-  secret: ""
+  secret: ''
  # Fill the name of a kubernetes secret if you want to use your own
  # TLS certificate and private key for token encryption/decryption.
  # The secret must contain keys named:
  # "tls.crt" - the certificate
  # "tls.key" - the private key
  # The default key pair will be used if it isn't set
-  secretName: ""
+  secretName: ''
  # The XSRF key. Will be generated automatically if it isn't specified
-  xsrfKey: ""
+  xsrfKey: ''
 jobservice:
  image:
    repository: goharbor/harbor-jobservice
-    tag: v2.1.3
+    tag: v2.1.6
  replicas: 1
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  maxJobWorkers: 10
  # The logger for jobs: "file", "database" or "stdout"
  jobLogger: file
@@ -462,15 +462,15 @@ jobservice:
  # Secret is used when job service communicates with other components.
  # If a secret key is not specified, Helm will generate one.
  # Must be a string of 16 chars.
-  secret: ""
+  secret: ''
 registry:
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  registry:
    image:
      repository: goharbor/registry-photon
-      tag: v2.1.3
+      tag: v2.1.6
    # resources:
    #  requests:
    #    memory: 256Mi
@@ -478,7 +478,7 @@ registry:
  controller:
    image:
      repository: goharbor/harbor-registryctl
-      tag: v2.1.3
+      tag: v2.1.6
    # resources:
    #  requests:
@@ -495,15 +495,15 @@ registry:
  # See: https://github.com/docker/distribution/blob/master/docs/configuration.md#http
  # If a secret key is not specified, Helm will generate one.
  # Must be a string of 16 chars.
-  secret: ""
+  secret: ''
  # If true, the registry returns relative URLs in Location headers. The client is responsible for resolving the correct URL.
  relativeurls: false
  credentials:
-    username: "harbor_registry_user"
+    username: 'harbor_registry_user'
-    password: "harbor_registry_password"
+    password: 'harbor_registry_password'
    # If you update the username or password of registry, make sure use cli tool htpasswd to generate the bcrypt hash
    # e.g. "htpasswd -nbBC10 $username $password"
-    htpasswd: "harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m"
+    htpasswd: 'harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m'
  middleware:
    enabled: false
@@ -515,17 +515,17 @@ registry:
      ipfilteredby: none
      # The secret key that should be present is CLOUDFRONT_KEY_DATA, which should be the encoded private key
      # that allows access to CloudFront
-      privateKeySecret: "my-secret"
+      privateKeySecret: 'my-secret'
 chartmuseum:
  enabled: true
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  # Harbor defaults ChartMuseum to returning relative urls, if you want using absolute url you should enable it by change the following value to 'true'
  absoluteUrl: false
  image:
    repository: goharbor/chartmuseum-photon
-    tag: v2.1.3
+    tag: v2.1.6
  replicas: 1
  # resources:
  #  requests:
@@ -540,19 +540,19 @@ chartmuseum:
 clair:
  enabled: true
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  clair:
    image:
      repository: goharbor/clair-photon
-      tag: v2.1.3
+      tag: v2.1.6
    # resources:
    #  requests:
    #    memory: 256Mi
    #    cpu: 100m
  adapter:
    image:
-      repository: goharbor/clair-adapter-photon
+      repository: goharbor/harbor-scanner-clair-photon
-      tag: v2.1.3
+      tag: v2.1.6
    # resources:
    #  requests:
    #    memory: 256Mi
@@ -574,17 +574,17 @@ trivy:
    # repository the repository for Trivy adapter image
    repository: goharbor/trivy-adapter-photon
    # tag the tag for Trivy adapter image
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  # replicas the number of Pod replicas
  replicas: 1
  # debugMode the flag to enable Trivy debug mode with more verbose scanning log
  debugMode: false
  # vulnType a comma-separated list of vulnerability types. Possible values are `os` and `library`.
-  vulnType: "os,library"
+  vulnType: 'os,library'
  # severity a comma-separated list of severities to be checked
-  severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
+  severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
  # ignoreUnfixed the flag to display only fixed vulnerabilities
  ignoreUnfixed: false
  # insecure the flag to skip verifying registry certificate
@@ -604,7 +604,7 @@ trivy:
  #
  # You can create a GitHub token by following the instructions in
  # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
-  gitHubToken: ""
+  gitHubToken: ''
  # skipUpdate the flag to disable Trivy DB downloads from GitHub
  #
  # You might want to set the value of this flag to `true` in test or CI/CD environments to avoid GitHub rate limiting issues.
@@ -628,10 +628,10 @@ notary:
  enabled: true
  server:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
      repository: goharbor/notary-server-photon
-      tag: v2.1.3
+      tag: v2.1.6
    replicas: 1
    # resources:
    #  requests:
@@ -639,10 +639,10 @@ notary:
    #    cpu: 100m
  signer:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
      repository: goharbor/notary-signer-photon
-      tag: v2.1.3
+      tag: v2.1.6
    replicas: 1
    # resources:
    #  requests:
@@ -659,7 +659,7 @@ notary:
  # The secret must contain keys named ca.crt, tls.crt and tls.key that
  # contain the CA, certificate and private key.
  # They will be generated if not set.
-  secretName: ""
+  secretName: ''
 database:
  # if external database is used, set "type" to "external"
@@ -667,12 +667,12 @@ database:
  type: internal
  internal:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
      repository: goharbor/harbor-db
-      tag: v2.1.3
+      tag: v2.1.6
    # The initial superuser password for internal database
-    password: "changeit"
+    password: 'changeit'
    # resources:
    #  requests:
    #    memory: 256Mi
@@ -681,14 +681,14 @@ database:
    tolerations: []
    affinity: {}
  external:
-    host: "192.168.0.1"
+    host: '192.168.0.1'
-    port: "5432"
+    port: '5432'
-    username: "user"
+    username: 'user'
-    password: "password"
+    password: 'password'
-    coreDatabase: "registry"
+    coreDatabase: 'registry'
-    clairDatabase: "clair"
+    clairDatabase: 'clair'
-    notaryServerDatabase: "notary_server"
+    notaryServerDatabase: 'notary_server'
-    notarySignerDatabase: "notary_signer"
+    notarySignerDatabase: 'notary_signer'
    # "disable" - No SSL
    # "require" - Always SSL (skip verification)
    # "verify-ca" - Always SSL (verify that the certificate presented by the
@@ -696,7 +696,7 @@ database:
    # "verify-full" - Always SSL (verify that the certification presented by the
    # server was signed by a trusted CA and the server host name matches the one
    # in the certificate)
-    sslmode: "disable"
+    sslmode: 'disable'
  # The maximum number of connections in the idle connection pool.
  # If it <=0, no idle connections are retained.
  maxIdleConns: 50
@@ -713,10 +713,10 @@ redis:
  type: internal
  internal:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
      repository: goharbor/redis-photon
-      tag: v2.1.3
+      tag: v2.1.6
    # resources:
    #  requests:
    #    memory: 256Mi
@@ -728,20 +728,20 @@ redis:
    # support redis, redis+sentinel
    # addr for redis: <host_redis>:<port_redis>
    # addr for redis+sentinel: <host_sentinel1>:<port_sentinel1>,<host_sentinel2>:<port_sentinel2>,<host_sentinel3>:<port_sentinel3>
-    addr: "192.168.0.2:6379"
+    addr: '192.168.0.2:6379'
    # The name of the set of Redis instances to monitor, it must be set to support redis+sentinel
-    sentinelMasterSet: ""
+    sentinelMasterSet: ''
    # The "coreDatabaseIndex" must be "0" as the library Harbor
    # used doesn't support configuring it
-    coreDatabaseIndex: "0"
+    coreDatabaseIndex: '0'
-    jobserviceDatabaseIndex: "1"
+    jobserviceDatabaseIndex: '1'
-    registryDatabaseIndex: "2"
+    registryDatabaseIndex: '2'
-    chartmuseumDatabaseIndex: "3"
+    chartmuseumDatabaseIndex: '3'
-    clairAdapterIndex: "4"
+    clairAdapterIndex: '4'
-    trivyAdapterIndex: "5"
+    trivyAdapterIndex: '5'
-    password: ""
+    password: ''
  ## Additional deployment annotations
  podAnnotations: {}
 commonLabels:
  app.bd-apaas.com/cluster-component: registry
\ No newline at end of file
--- a/values.yaml
+++ b/values.yaml
@@ -20,17 +20,17 @@ expose:
    auto:
      # The common name used to generate the certificate, it's necessary
      # when the type isn't "ingress"
-      commonName: ""
+      commonName: ''
    secret:
      # The name of secret which contains keys named:
      # "tls.crt" - the certificate
      # "tls.key" - the private key
-      secretName: ""
+      secretName: ''
      # The name of secret which contains keys named:
      # "tls.crt" - the certificate
      # "tls.key" - the private key
      # Only needed when the "expose.type" is "ingress".
-      notarySecretName: ""
+      notarySecretName: ''
  ingress:
    hosts:
      core: hub
@@ -41,10 +41,10 @@ expose:
    # set to `ncp` if using the NCP (NSX-T Container Plugin) ingress controller
    controller: default
    annotations:
-      ingress.kubernetes.io/ssl-redirect: "true"
+      ingress.kubernetes.io/ssl-redirect: 'true'
-      ingress.kubernetes.io/proxy-body-size: "0"
+      ingress.kubernetes.io/proxy-body-size: '0'
-      nginx.ingress.kubernetes.io/ssl-redirect: "true"
+      nginx.ingress.kubernetes.io/ssl-redirect: 'true'
-      nginx.ingress.kubernetes.io/proxy-body-size: "0"
+      nginx.ingress.kubernetes.io/proxy-body-size: '0'
  clusterIP:
    # The name of ClusterIP service
    name: harbor
@@ -80,7 +80,7 @@ expose:
    # The name of LoadBalancer service
    name: harbor
    # Set the IP if the LoadBalancer supports assigning IP
-    IP: ""
+    IP: ''
    ports:
      # The service port Harbor listens on when serving with HTTP
      httpPort: 80
@@ -116,65 +116,65 @@ internalTLS:
  # 1) "auto" will generate cert automatically
  # 2) "manual" need provide cert file manually in following value
  # 3) "secret" internal certificates from secret
-  certSource: "auto"
+  certSource: 'auto'
  # The content of trust ca, only available when `certSource` is "manual"
-  trustCa: ""
+  trustCa: ''
  # core related cert configuration
  core:
    # secret name for core's tls certs
-    secretName: ""
+    secretName: ''
    # Content of core's TLS cert file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of core's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # jobservice related cert configuration
  jobservice:
    # secret name for jobservice's tls certs
-    secretName: ""
+    secretName: ''
    # Content of jobservice's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of jobservice's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # registry related cert configuration
  registry:
    # secret name for registry's tls certs
-    secretName: ""
+    secretName: ''
    # Content of registry's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of registry's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # portal related cert configuration
  portal:
    # secret name for portal's tls certs
-    secretName: ""
+    secretName: ''
    # Content of portal's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of portal's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # chartmuseum related cert configuration
  chartmuseum:
    # secret name for chartmuseum's tls certs
-    secretName: ""
+    secretName: ''
    # Content of chartmuseum's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of chartmuseum's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # clair related cert configuration
  clair:
    # secret name for clair's tls certs
-    secretName: ""
+    secretName: ''
    # Content of clair's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of clair's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
  # trivy related cert configuration
  trivy:
    # secret name for trivy's tls certs
-    secretName: ""
+    secretName: ''
    # Content of trivy's TLS key file, only available when `certSource` is "manual"
-    crt: ""
+    crt: ''
    # Content of trivy's TLS key file, only available when `certSource` is "manual"
-    key: ""
+    key: ''
 # The persistence is enabled by default and a default StorageClass
 # is needed in the k8s cluster to provision volumes dynamicly.
@@ -189,51 +189,51 @@ persistence:
  # operation. Leaving it empty will delete PVCs after the chart deleted
  # (this does not apply for PVCs that are created for internal database
  # and redis components, i.e. they are never deleted automatically)
-  resourcePolicy: "keep"
+  resourcePolicy: 'keep'
  persistentVolumeClaim:
    registry:
      # Use the existing PVC which must be created manually before bound,
      # and specify the "subPath" if the PVC is shared with other components
-      existingClaim: ""
+      existingClaim: ''
      # Specify the "storageClass" used to provision the volume. Or the default
      # StorageClass will be used(the default).
      # Set it to "-" to disable dynamic provisioning
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    chartmuseum:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
    jobservice:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    # If external database is used, the following settings for database will
    # be ignored
    database:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 10Gi
    # If external Redis is used, the following settings for Redis will
    # be ignored
    redis:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 1Gi
    trivy:
-      existingClaim: ""
+      existingClaim: ''
-      storageClass: "hostpath"
+      storageClass: 'hostpath'
-      subPath: ""
+      subPath: ''
      accessMode: ReadWriteOnce
      size: 5Gi
  # Define which storage backend is used for registry and chartmuseum to store
@@ -338,15 +338,15 @@ updateStrategy:
 logLevel: info
 # The initial password of Harbor admin. Change it from portal after launching Harbor
-harborAdminPassword: "spaceIN511"
+harborAdminPassword: 'spaceIN511'
 # The name of the secret which contains key named "ca.crt". Setting this enables the
 # download link on portal to download the certificate of CA when the certificate isn't
 # generated automatically
-caSecretName: ""
+caSecretName: ''
 # The secret key used for encryption. Must be a string of 16 chars.
-secretKey: "IpTIscRIgmerlare"
+secretKey: 'IpTIscRIgmerlare'
 # The proxy settings for updating clair vulnerabilities from the Internet and replicating
 # artifacts from/to the registries that cannot be reached directly
@@ -375,9 +375,9 @@ proxy:
 nginx:
  image:
    repository: nginx
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  replicas: 1
  # resources:
  #  requests:
@@ -392,9 +392,9 @@ nginx:
 portal:
  image:
    repository: harbor-portal
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  replicas: 1
  # resources:
  #  requests:
@@ -409,9 +409,9 @@ portal:
 core:
  image:
    repository: harbor-core
-    tag: v2.1.3
+    tag: v2.1.6
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  replicas: 1
  ## Startup probe values
  startupProbe:
@@ -429,24 +429,24 @@ core:
  # Secret is used when core server communicates with other components.
  # If a secret key is not specified, Helm will generate one.
  # Must be a string of 16 chars.
-  secret: ""
+  secret: ''
  # Fill the name of a kubernetes secret if you want to use your own
  # TLS certificate and private key for token encryption/decryption.
  # The secret must contain keys named:
  # "tls.crt" - the certificate
  # "tls.key" - the private key
  # The default key pair will be used if it isn't set
-  secretName: ""
+  secretName: ''
  # The XSRF key. Will be generated automatically if it isn't specified
-  xsrfKey: ""
+  xsrfKey: ''
 jobservice:
  image:
    repository: harbor-jobservice
-    tag: v2.1.3
+    tag: v2.1.6
  replicas: 1
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  maxJobWorkers: 10
  # The logger for jobs: "file", "database" or "stdout"
  jobLogger: file
@@ -462,15 +462,15 @@ jobservice:
  # Secret is used when job service communicates with other components.
  # If a secret key is not specified, Helm will generate one.
  # Must be a string of 16 chars.
-  secret: ""
+  secret: ''
 registry:
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  registry:
    image:
      repository: registry
-      tag: 2.7.1
+      tag: v2.7.1
    resources:
      limits:
        memory: 4Gi
@@ -479,7 +479,7 @@ registry:
  controller:
    image:
      repository: harbor-registryctl
-      tag: v2.1.3
+      tag: v2.1.6
    # resources:
    #  requests:
@@ -496,15 +496,15 @@ registry:
  # See: https://github.com/docker/distribution/blob/master/docs/configuration.md#http
  # If a secret key is not specified, Helm will generate one.
  # Must be a string of 16 chars.
-  secret: ""
+  secret: ''
  # If true, the registry returns relative URLs in Location headers. The client is responsible for resolving the correct URL.
  relativeurls: false
  credentials:
-    username: "harbor_registry_user"
+    username: 'harbor_registry_user'
-    password: "harbor_registry_password"
+    password: 'harbor_registry_password'
    # If you update the username or password of registry, make sure use cli tool htpasswd to generate the bcrypt hash
    # e.g. "htpasswd -nbBC10 $username $password"
-    htpasswd: "harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m"
+    htpasswd: 'harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m'
  middleware:
    enabled: false
@@ -516,22 +516,22 @@ registry:
      ipfilteredby: none
      # The secret key that should be present is CLOUDFRONT_KEY_DATA, which should be the encoded private key
      # that allows access to CloudFront
-      privateKeySecret: "my-secret"
+      privateKeySecret: 'my-secret'
 chartmuseum:
  enabled: true
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  # Harbor defaults ChartMuseum to returning relative urls, if you want using absolute url you should enable it by change the following value to 'true'
  absoluteUrl: false
  image:
-    repository: harbor-chartmuseum
+    repository: chartmuseum
-    tag: v2.1.3
+    tag: v0.12.0
  storageSpec:
    type: hostPath
    emptyDir: {}
    hostPath:
-      root: /data 
+      root: /data
  replicas: 1
  # resources:
  #  requests:
@@ -546,19 +546,19 @@ chartmuseum:
 clair:
  enabled: true
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  clair:
    image:
-      repository: harbor-clair
+      repository: clair
-      tag: v2.1.3
+      tag: v2.1.7
    # resources:
    #  requests:
    #    memory: 256Mi
    #    cpu: 100m
  adapter:
    image:
-      repository: harbor-clair-adapter
+      repository: harbor-scanner-clair
-      tag: v2.1.3
+      tag: v1.1.1
    # resources:
    #  requests:
    #    memory: 256Mi
@@ -578,19 +578,19 @@ trivy:
  enabled: true
  image:
    # repository the repository for Trivy adapter image
-    repository: harbor-trivy-adapter
+    repository: harbor-scanner-trivy
    # tag the tag for Trivy adapter image
-    tag: v2.1.3
+    tag: v0.17.0
  # set the service account to be used, default if left empty
-  serviceAccountName: ""
+  serviceAccountName: ''
  # replicas the number of Pod replicas
  replicas: 1
  # debugMode the flag to enable Trivy debug mode with more verbose scanning log
  debugMode: false
  # vulnType a comma-separated list of vulnerability types. Possible values are `os` and `library`.
-  vulnType: "os,library"
+  vulnType: 'os,library'
  # severity a comma-separated list of severities to be checked
-  severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
+  severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
  # ignoreUnfixed the flag to display only fixed vulnerabilities
  ignoreUnfixed: false
  # insecure the flag to skip verifying registry certificate
@@ -610,7 +610,7 @@ trivy:
  #
  # You can create a GitHub token by following the instructions in
  # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
-  gitHubToken: ""
+  gitHubToken: ''
  # skipUpdate the flag to disable Trivy DB downloads from GitHub
  #
  # You might want to set the value of this flag to `true` in test or CI/CD environments to avoid GitHub rate limiting issues.
@@ -634,10 +634,10 @@ notary:
  enabled: true
  server:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
-      repository: harbor-notary-server
+      repository: notary-server
-      tag: v2.1.3
+      tag: v0.6.1
    replicas: 1
    # resources:
    #  requests:
@@ -645,10 +645,10 @@ notary:
    #    cpu: 100m
  signer:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
-      repository: harbor-notary-signer
+      repository: notary-signer
-      tag: v2.1.3
+      tag: v0.6.1
    replicas: 1
    # resources:
    #  requests:
@@ -665,7 +665,7 @@ notary:
  # The secret must contain keys named ca.crt, tls.crt and tls.key that
  # contain the CA, certificate and private key.
  # They will be generated if not set.
-  secretName: ""
+  secretName: ''
 database:
  # if external database is used, set "type" to "external"
@@ -673,12 +673,12 @@ database:
  type: internal
  internal:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
      repository: harbor-db
-      tag: v2.1.3
+      tag: v2.1.6
    # The initial superuser password for internal database
-    password: "spaceIN511"
+    password: 'spaceIN511'
    resources:
      limits:
        memory: 4Gi
@@ -688,14 +688,14 @@ database:
    tolerations: []
    affinity: {}
  external:
-    host: "192.168.0.1"
+    host: '192.168.0.1'
-    port: "5432"
+    port: '5432'
-    username: "user"
+    username: 'user'
-    password: "password"
+    password: 'password'
-    coreDatabase: "registry"
+    coreDatabase: 'registry'
-    clairDatabase: "clair"
+    clairDatabase: 'clair'
-    notaryServerDatabase: "notary_server"
+    notaryServerDatabase: 'notary_server'
-    notarySignerDatabase: "notary_signer"
+    notarySignerDatabase: 'notary_signer'
    # "disable" - No SSL
    # "require" - Always SSL (skip verification)
    # "verify-ca" - Always SSL (verify that the certificate presented by the
@@ -703,7 +703,7 @@ database:
    # "verify-full" - Always SSL (verify that the certification presented by the
    # server was signed by a trusted CA and the server host name matches the one
    # in the certificate)
-    sslmode: "disable"
+    sslmode: 'disable'
  # The maximum number of connections in the idle connection pool.
  # If it <=0, no idle connections are retained.
  maxIdleConns: 50
@@ -720,10 +720,10 @@ redis:
  type: internal
  internal:
    # set the service account to be used, default if left empty
-    serviceAccountName: ""
+    serviceAccountName: ''
    image:
      repository: redis
-      tag: 6.0.9
+      tag: 6.2.6
    # resources:
    #  requests:
    #    memory: 256Mi
@@ -735,20 +735,20 @@ redis:
    # support redis, redis+sentinel
    # addr for redis: <host_redis>:<port_redis>
    # addr for redis+sentinel: <host_sentinel1>:<port_sentinel1>,<host_sentinel2>:<port_sentinel2>,<host_sentinel3>:<port_sentinel3>
-    addr: "192.168.0.2:6379"
+    addr: '192.168.0.2:6379'
    # The name of the set of Redis instances to monitor, it must be set to support redis+sentinel
-    sentinelMasterSet: ""
+    sentinelMasterSet: ''
    # The "coreDatabaseIndex" must be "0" as the library Harbor
    # used doesn't support configuring it
-    coreDatabaseIndex: "0"
+    coreDatabaseIndex: '0'
-    jobserviceDatabaseIndex: "1"
+    jobserviceDatabaseIndex: '1'
-    registryDatabaseIndex: "2"
+    registryDatabaseIndex: '2'
-    chartmuseumDatabaseIndex: "3"
+    chartmuseumDatabaseIndex: '3'
-    clairAdapterIndex: "4"
+    clairAdapterIndex: '4'
-    trivyAdapterIndex: "5"
+    trivyAdapterIndex: '5'
-    password: ""
+    password: ''
  ## Additional deployment annotations
  podAnnotations: {}
 commonLabels:
  app.bd-apaas.com/cluster-component: registry
\ No newline at end of file