Merge branch 'dev' into release-v2.1

.beagle.yml

+platform: 10.11.92.34
+
+clone:
+  git:
+    image: registry.cn-qingdao.aliyuncs.com/wod/devops-git:1.0
+    dns: 
+      - 223.5.5.5
+
+pipeline:
+
+  charts:
+    image: registry.cn-qingdao.aliyuncs.com/wod/alpine:3.12
+    pull: true
+    dns: 
+      - 223.5.5.5
+    volumes:
+      - /data/downloads/k8s/charts/:/charts
+    environment:
+      - TGZ_TARGET=harbor-v2.1.1.tgz
+    commands:
+      - rm -rf .git
+      - tar -zcvf $TGZ_TARGET .
+      - mv $TGZ_TARGET /charts/$TGZ_TARGET
+    when:
+      branch: 
+        release-v2.1
+
+  ansible-amd64:
+    image: registry.cn-qingdao.aliyuncs.com/wod/ansible-kubernetes-image:v1.20.2
+    pull: true
+    dns: 
+      - 223.5.5.5
+    commands:
+      - cp -r ./ansible/main.yaml /etc/ansible/linux/main.yaml
+      - cd ansible
+      - >-
+        ansible-playbook /etc/ansible/linux/main.yaml
+        --extra-vars
+        '{
+        "TARGET_ARCH":"amd64",
+        "TARGET_VERSION":"v2.1.1"
+        }'
+        --extra-vars "@images.yaml"
+    when:
+      branch: 
+        release-v2.1
+
+  ansible-arm64:
+    image: registry.cn-qingdao.aliyuncs.com/wod/ansible-kubernetes-image:v1.20.2
+    pull: true
+    dns: 
+      - 223.5.5.5
+    commands:
+      - cp -r ./ansible/main.yaml /etc/ansible/linux/main.yaml
+      - cd ansible
+      - >-
+        ansible-playbook /etc/ansible/linux/main.yaml
+        --extra-vars
+        '{
+        "TARGET_ARCH":"arm64",
+        "TARGET_VERSION":"v2.1.1"
+        }'
+        --extra-vars "@images.yaml"
+    when:
+      branch: 
+        release-v2.1
+
+  ansible-ppc64le:
+    image: registry.cn-qingdao.aliyuncs.com/wod/ansible-kubernetes-image:v1.20.2
+    pull: true
+    dns: 
+      - 223.5.5.5
+    commands:
+      - cp -r ./ansible/main.yaml /etc/ansible/linux/main.yaml
+      - cd ansible
+      - >-
+        ansible-playbook /etc/ansible/linux/main.yaml
+        --extra-vars
+        '{
+        "TARGET_ARCH":"ppc64le",
+        "TARGET_VERSION":"v2.1.1"
+        }'
+        --extra-vars "@images.yaml"
+    when:
+      branch: 
+        release-v2.1
\ No newline at end of file

Chart.yaml

 apiVersion: v1
-name: harbor
+name: beagle-harbor
 version: 1.5.3
 appVersion: 2.1.3
 description: An open source trusted cloud native registry that stores, signs, and scans content

ansible/images.yaml

+IMAGES:
+  - repo: harbor-portal
+    tag: "v2.1.1"
+  - repo: harbor-core
+    tag: "v2.1.1"
+  - repo: harbor-jobservice
+    tag: "v2.1.1"
+  - repo: harbor-db
+    tag: "v2.1.1"
+  - repo: harbor-registryctl
+    tag: "v2.1.1"
+  - repo: harbor-chartmuseum
+    tag: "v2.1.1"
+  - repo: harbor-clair
+    tag: "v2.1.1"
+  - repo: harbor-clair-adapter
+    tag: "v2.1.1"
+  - repo: harbor-trivy-adapter
+    tag: "v2.1.1"
+  - repo: harbor-notary-server
+    tag: "v2.1.1"
+  - repo: harbor-notary-signer
+    tag: "v2.1.1"
+  - repo: registry
+    tag: "2.7.1"
+  - repo: redis
+    tag: "6.0.9"
\ No newline at end of file

ansible/main.yaml

+- hosts: all
+  gather_facts: False
+  vars:
+    REGISTRY_DATA_PATH: '/data/downloads/k8s/registry/{{ TARGET_ARCH }}'
+    REGISTRY_DATA_FILE: "images-harbor-{{ TARGET_VERSION }}.tar.gz"
+  roles:
+  - role: wod.registry
+  - role: wod.registry-cache
+    CACHE_IMAGES: '{{ IMAGES }}'
+  - role: wod.tgz
\ No newline at end of file

templates/_helpers.tpl

@@ -22,6 +22,9 @@ heritage: {{ .Release.Service }}
 release: {{ .Release.Name }}
 chart: {{ .Chart.Name }}
 app: "{{ template "harbor.name" . }}"
+{{- if .Values.commonLabels}}
+{{ toYaml .Values.commonLabels }}
+{{- end }}
 {{- end -}}
 
 {{/* matchLabels */}}

templates/core/core-dpl.yaml

@@ -14,7 +14,7 @@ spec:
   template:
     metadata:
       labels:
-{{ include "harbor.matchLabels" . | indent 8 }}
+{{ include "harbor.labels" . | indent 8 }}
         component: core
       annotations:
         checksum/configmap: {{ include (print $.Template.BasePath "/core/core-cm.yaml") . | sha256sum }}

templates/ingress/ingresshost.yaml

+{{- if .Capabilities.APIVersions.Has "bcc.bd-apaas.com/v1alpha1" -}}
+---
+apiVersion: bcc.bd-apaas.com/v1alpha1
+kind: IngressHost
+metadata:
+  name: "{{ template "harbor.ingress" . }}-core"
+  annotations:
+    {{- with .Values.expose.ingress.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    {{ include "harbor.labels" . | nindent 4 }}
+spec:
+  host: "{{ .Values.expose.ingress.hosts.core }}" 
+---
+apiVersion: bcc.bd-apaas.com/v1alpha1
+kind: IngressHost
+metadata:
+  name: "{{ template "harbor.ingress" . }}-notary"
+  annotations:
+    {{- with .Values.expose.ingress.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    {{ include "harbor.labels" . | nindent 4 }}
+spec:
+  host: "{{ .Values.expose.ingress.hosts.notary }}" 
+{{- end -}}

templates/ingress/ingressroute.yaml

-{{- if .Capabilities.APIVersions.Has "bcc.bd-apaas.com/v1alpha1/IngressRoute" -}}
+{{- if .Capabilities.APIVersions.Has "bcc.bd-apaas.com/v1alpha1" -}}
 ---
 apiVersion: bcc.bd-apaas.com/v1alpha1
 kind: IngressRoute
@@ -31,6 +31,8 @@ spec:
         port: {{ template "harbor.core.servicePort" . }}
     - match: Host(`{{ .Values.expose.ingress.hosts.core }}`) && PathPrefix(`/v2/`)
       kind: Rule
+      middlewares:
+        - name: "{{ template "harbor.ingress" . }}-https"
       services:
       - name: {{ template "harbor.core" . }}
         port: {{ template "harbor.core.servicePort" . }}

templates/ingress/middleware.yaml

+{{- if .Capabilities.APIVersions.Has "bcc.bd-apaas.com/v1alpha1" -}}
+apiVersion: bcc.bd-apaas.com/v1alpha1
+kind: Middleware
+metadata:
+  name: "{{ template "harbor.ingress" . }}-https"
+spec:
+  headers:
+    customRequestHeaders:
+      X-Forwarded-Proto: "https"
+{{- end -}}
\ No newline at end of file

templates/portal/deployment.yaml

@@ -14,7 +14,7 @@ spec:
   template:
     metadata:
       labels:
-{{ include "harbor.matchLabels" . | indent 8 }}
+{{ include "harbor.labels" . | indent 8 }}
         component: portal
       annotations:
 {{- if and .Values.internalTLS.enabled (eq .Values.internalTLS.certSource "auto") }}

values-aliyun.yaml

@@ -16,37 +16,37 @@ persistence:
   persistentVolumeClaim:
     registry:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 5Gi
     chartmuseum:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 5Gi
     jobservice:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 1Gi
     database:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 1Gi
     redis:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 1Gi
     trivy:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 5Gi  

values-arm.yaml

@@ -16,37 +16,37 @@ persistence:
   persistentVolumeClaim:
     registry:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 5Gi
     chartmuseum:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 5Gi
     jobservice:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 1Gi
     database:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 1Gi
     redis:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 1Gi
     trivy:
       existingClaim: ""
-      storageClass: ""
+      storageClass: "hostpath"
       subPath: ""
       accessMode: ReadWriteOnce
       size: 5Gi  
@@ -72,24 +72,24 @@ secretKey: "IpTIscRIgmerlare"
 
 portal:
   image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-harbor-portal-arm64
-    tag: v2.1.1
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
+    tag: v2.1.1-arm64
 
 core:
   image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-harbor-core-arm64
-    tag: v2.1.1
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
+    tag: v2.1.1-arm64
 
 jobservice:
   image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-harbor-jobservice-arm64
-    tag: v2.1.1
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
+    tag: v2.1.1-arm64
 
 registry:
   registry:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-registry-arm64
-      tag: 2.7.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
+      tag: 2.7.1-arm64
     resources:
       limits:
         memory: 4Gi
@@ -97,15 +97,16 @@ registry:
         memory: 256Mi
   controller:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-harbor-registryctl-arm64
-      tag: v2.1.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
+      tag: v2.1.1-arm64
 
 chartmuseum:
   image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-chartmuseum-arm64
-    tag: v2.1.1
-  nodeSelector:
-    harbor: enabled  
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
+    tag: v2.1.1-arm64
+  nodeSelector: {}
+  # nodeSelector:
+  #   harbor: enabled
   storageSpec:
     type: hostPath
     emptyDir: {}
@@ -115,34 +116,34 @@ chartmuseum:
 clair:
   clair:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-clair-arm64
-      tag: v2.1.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
+      tag: v2.1.1-arm64
   adapter:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-clair-adapter-arm64
-      tag: v2.1.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
+      tag: v2.1.1-arm64
 
 trivy:
   image:
-    repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-trivy-adapter-arm64
-    tag: v2.1.1
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
+    tag: v2.1.1-arm64
 
 notary:
   server:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-notary-server-arm64
-      tag: v2.1.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
+      tag: v2.1.1-arm64
   signer:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-notary-signer-arm64
-      tag: v2.1.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
+      tag: v2.1.1-arm64
 
 database:
   type: internal
   internal:
     image:
-      repository: registry.cn-qingdao.aliyuncs.com/wod/awecloud-harbor-db-arm64
-      tag: v2.1.1
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
+      tag: v2.1.1-arm64
     password: "spaceIN511"
     resources:
       limits:
@@ -155,4 +156,4 @@ redis:
   internal:
     image:
       repository: registry.cn-qingdao.aliyuncs.com/wod/redis
-      tag: 4.0.14-alpine
+      tag: 6.0.9-arm64
\ No newline at end of file

values-ppc64le.yaml

+expose:
+  type: ingress
+  tls:
+    enabled: false
+  ingress:
+    hosts:
+      core: hub.wodcloud.local
+      notary: notary.wodcloud.local
+    annotations:
+      ingress.kubernetes.io/proxy-body-size: "0"
+
+externalURL: https://hub.wodcloud.local
+
+persistence:
+  enabled: true
+  persistentVolumeClaim:
+    registry:
+      existingClaim: ""
+      storageClass: "hostpath"
+      subPath: ""
+      accessMode: ReadWriteOnce
+      size: 5Gi
+    chartmuseum:
+      existingClaim: ""
+      storageClass: "hostpath"
+      subPath: ""
+      accessMode: ReadWriteOnce
+      size: 5Gi
+    jobservice:
+      existingClaim: ""
+      storageClass: "hostpath"
+      subPath: ""
+      accessMode: ReadWriteOnce
+      size: 1Gi
+    database:
+      existingClaim: ""
+      storageClass: "hostpath"
+      subPath: ""
+      accessMode: ReadWriteOnce
+      size: 1Gi
+    redis:
+      existingClaim: ""
+      storageClass: "hostpath"
+      subPath: ""
+      accessMode: ReadWriteOnce
+      size: 1Gi
+    trivy:
+      existingClaim: ""
+      storageClass: "hostpath"
+      subPath: ""
+      accessMode: ReadWriteOnce
+      size: 5Gi  
+  imageChartStorage:
+    # s3 , filesystem
+    type: filesystem
+    s3:
+      accesskey: AKIAIOSFODNN7EXAMPLE
+      secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+      region: us-east-1
+      regionendpoint: http://minio.wodcloud.local
+      bucket: registry
+      encrypt: false
+      v4auth: true
+      chunksize: '5242880'
+      rootdirectory: /      
+
+imagePullPolicy: IfNotPresent
+
+logLevel: info
+harborAdminPassword: "spaceIN511"
+secretKey: "IpTIscRIgmerlare"
+
+portal:
+  image:
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
+    tag: v2.1.3-ppc64le
+
+core:
+  image:
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
+    tag: v2.1.3-ppc64le
+
+jobservice:
+  image:
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
+    tag: v2.1.3-ppc64le
+
+registry:
+  registry:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/registry
+      tag: 2.7.1-ppc64le
+    resources:
+      limits:
+        memory: 4Gi
+      requests:
+        memory: 256Mi
+  controller:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
+      tag: v2.1.3-ppc64le
+
+chartmuseum:
+  image:
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
+    tag: v2.1.1-ppc64le
+  nodeSelector: {}
+  # nodeSelector:
+  #   harbor: enabled
+  storageSpec:
+    type: hostPath
+    emptyDir: {}
+    hostPath:
+      root: /data    
+
+clair:
+  clair:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
+      tag: v2.1.1-ppc64le
+  adapter:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
+      tag: v2.1.1-ppc64le
+
+trivy:
+  image:
+    repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
+    tag: v2.1.1-ppc64le
+
+notary:
+  server:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
+      tag: v2.1.1-ppc64le
+  signer:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
+      tag: v2.1.1-ppc64le
+
+database:
+  type: internal
+  internal:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
+      tag: v2.1.3-ppc64le
+    password: "spaceIN511"
+    resources:
+      limits:
+        memory: 4Gi
+      requests:
+        memory: 256Mi
+
+redis:
+  type: internal
+  internal:
+    image:
+      repository: registry.cn-qingdao.aliyuncs.com/wod/redis
+      tag: 6.0.9-ppc64le
\ No newline at end of file

values.yaml

@@ -742,3 +742,6 @@ redis:
     password: ""
   ## Additional deployment annotations
   podAnnotations: {}
+
+commonLabels:
+  app.bd-apaas.com/cluster-component: registry
\ No newline at end of file