Skip to content

H
harbor
Commit 7d41e5ec authored by 舒成's avatar 舒成
Browse files
Options

update

parent a06d036a
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 8772 additions and 8772 deletions
.beagle.yml
View file @ 7d41e5ec
kind: pipeline
name: docker
trigger:
branch:
- release-v2.1
platform:
runner: 10.11.92.34
volumes:
- name: charts
host:
path: /data/downloads/k8s/charts
- name: docker
host:
path: /var/run/docker.sock
steps:
- name: charts
image: registry.cn-qingdao.aliyuncs.com/wod/helm:v3.6.0
volumes:
- name: charts
path: /charts
commands:
- helm package . -d /charts/
- name: ansible-amd64
image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
commands:
- >-
ansible-playbook /etc/ansible/linux/main.yml
--extra-vars
'{
"REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
"REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
"TARGET_ARCH":"amd64",
"TARGET_VERSION":"v2.1.3"
}'
--extra-vars "@ansible/images.yaml"
- name: ansible-arm64
image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
commands:
- >-
ansible-playbook /etc/ansible/linux/main.yml
--extra-vars
'{
"REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
"REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
"TARGET_ARCH":"arm64",
"TARGET_VERSION":"v2.1.3"
}'
--extra-vars "@ansible/images.yaml"
- name: ansible-ppc64le
image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
commands:
- >-
ansible-playbook /etc/ansible/linux/main.yml
--extra-vars
'{
"REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
"REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
"TARGET_ARCH":"ppc64le",
"TARGET_VERSION":"v2.1.3"
}'
--extra-vars "@ansible/images.yaml"
---
kind: secret
name: REGISTRY_USER_ALIYUN
get:
name: USERNAME
path: devops-registry-aliyun
---
kind: secret
name: REGISTRY_PASSWORD_ALIYUN
get:
name: PASSWORD
path: devops-registry-aliyun
kind: pipeline
name: docker
trigger:
branch:
- release-v2.1
platform:
runner: 10.11.92.34
volumes:
- name: charts
host:
path: /data/downloads/k8s/charts
- name: docker
host:
path: /var/run/docker.sock
steps:
- name: charts
image: registry.cn-qingdao.aliyuncs.com/wod/helm:v3.6.0
volumes:
- name: charts
path: /charts
commands:
- helm package . -d /charts/
- name: ansible-amd64
image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
commands:
- >-
ansible-playbook /etc/ansible/linux/main.yml
--extra-vars
'{
"REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
"REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
"TARGET_ARCH":"amd64",
"TARGET_VERSION":"v2.1.3"
}'
--extra-vars "@ansible/images.yaml"
- name: ansible-arm64
image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
commands:
- >-
ansible-playbook /etc/ansible/linux/main.yml
--extra-vars
'{
"REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
"REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
"TARGET_ARCH":"arm64",
"TARGET_VERSION":"v2.1.3"
}'
--extra-vars "@ansible/images.yaml"
- name: ansible-ppc64le
image: registry.cn-qingdao.aliyuncs.com/wod/ansible-image:v1.0
commands:
- >-
ansible-playbook /etc/ansible/linux/main.yml
--extra-vars
'{
"REGISTRY_DATA_PATH": "/data/downloads/k8s/registry/{{ TARGET_ARCH }}",
"REGISTRY_DATA_FILE": "images-harbor-{{ TARGET_VERSION }}.tar.gz",
"TARGET_ARCH":"ppc64le",
"TARGET_VERSION":"v2.1.3"
}'
--extra-vars "@ansible/images.yaml"
---
kind: secret
name: REGISTRY_USER_ALIYUN
get:
name: USERNAME
path: devops-registry-aliyun
---
kind: secret
name: REGISTRY_PASSWORD_ALIYUN
get:
name: PASSWORD
path: devops-registry-aliyun
.github/workflows/integration.yaml
View file @ 7d41e5ec
name: Integration test
on:
pull_request:
push:
jobs:
integration-test:
runs-on: ubuntu-latest
strategy:
matrix:
k8s_version: [v1.18.2, v1.17.5, v1.16.9]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Docker
uses: docker-practice/actions-setup-docker@0.0.1
with:
docker_version: 18.09
docker_channel: stable
docker_daemon_json: '{"insecure-registries":["0.0.0.0/0"]}'
- name: Create kind cluster
uses: helm/kind-action@v1.0.0-rc.1
with:
version: v0.8.1
node_image: kindest/node:${{ matrix.k8s_version }}
cluster_name: kind-cluster-${{ matrix.k8s_version }}
config: test/integration/kind-cluster.yaml
- name: Install Nginx ingress controller
run: |
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/ingress-nginx-2.3.0/deploy/static/provider/kind/deploy.yaml
kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=120s
- name: Set up Go 1.13
uses: actions/setup-go@v2
with:
go-version: 1.13
- name: Cache go mod
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Set /etc/hosts
run: |
sudo -- sh -c "echo '127.0.0.1 harbor.local' >> /etc/hosts"
sudo -- sh -c "echo '127.0.0.1 notary.harbor.local' >> /etc/hosts"
- name: Run integration tests
working-directory: ./test
run:
name: Integration test
on:
pull_request:
push:
jobs:
integration-test:
runs-on: ubuntu-latest
strategy:
matrix:
k8s_version: [v1.18.2, v1.17.5, v1.16.9]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Docker
uses: docker-practice/actions-setup-docker@0.0.1
with:
docker_version: 18.09
docker_channel: stable
docker_daemon_json: '{"insecure-registries":["0.0.0.0/0"]}'
- name: Create kind cluster
uses: helm/kind-action@v1.0.0-rc.1
with:
version: v0.8.1
node_image: kindest/node:${{ matrix.k8s_version }}
cluster_name: kind-cluster-${{ matrix.k8s_version }}
config: test/integration/kind-cluster.yaml
- name: Install Nginx ingress controller
run: |
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/ingress-nginx-2.3.0/deploy/static/provider/kind/deploy.yaml
kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=120s
- name: Set up Go 1.13
uses: actions/setup-go@v2
with:
go-version: 1.13
- name: Cache go mod
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Set /etc/hosts
run: |
sudo -- sh -c "echo '127.0.0.1 harbor.local' >> /etc/hosts"
sudo -- sh -c "echo '127.0.0.1 notary.harbor.local' >> /etc/hosts"
- name: Run integration tests
working-directory: ./test
run:
go test -v -timeout 30m github.com/goharbor/harbor-helm/integration
\ No newline at end of file
.github/workflows/lint.yaml
View file @ 7d41e5ec
name: Lint
on:
pull_request:
push:
jobs:
lint:
runs-on: ubuntu-latest
strategy:
matrix:
helm_version: [3.2.3, 2.16.8]
steps:
- name: Checkout
uses: actions/checkout@v2
with:
path: harbor
- name: Set up Helm
uses: azure/setup-helm@v1
with:
version: '${{ matrix.helm_version }}'
- name: Helm version
run:
helm version -c
- name: Run lint
working-directory: ./harbor
run:
helm lint .
- name: Update dependency
working-directory: ./harbor
run:
helm dependency update .
- name: Run template for ingress expose
working-directory: ./harbor
run:
helm template --set "expose.type=ingress" --output-dir $(mktemp -d -t output-XXXXXXXXXX) .
- name: Run template for nodePort expose
working-directory: ./harbor
run:
name: Lint
on:
pull_request:
push:
jobs:
lint:
runs-on: ubuntu-latest
strategy:
matrix:
helm_version: [3.2.3, 2.16.8]
steps:
- name: Checkout
uses: actions/checkout@v2
with:
path: harbor
- name: Set up Helm
uses: azure/setup-helm@v1
with:
version: '${{ matrix.helm_version }}'
- name: Helm version
run:
helm version -c
- name: Run lint
working-directory: ./harbor
run:
helm lint .
- name: Update dependency
working-directory: ./harbor
run:
helm dependency update .
- name: Run template for ingress expose
working-directory: ./harbor
run:
helm template --set "expose.type=ingress" --output-dir $(mktemp -d -t output-XXXXXXXXXX) .
- name: Run template for nodePort expose
working-directory: ./harbor
run:
helm template --set "expose.type=nodePort,expose.tls.auto.commonName=127.0.0.1" --output-dir $(mktemp -d -t output-XXXXXXXXXX) .
\ No newline at end of file
.github/workflows/unittest.yaml
View file @ 7d41e5ec
name: Unit test
on:
pull_request:
push:
jobs:
unit-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Helm 3.2.3
uses: azure/setup-helm@v1
with:
version: '3.2.3'
- name: Set up Go 1.13
uses: actions/setup-go@v2
with:
go-version: 1.13
- name: Cache go mod
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Run unit tests
working-directory: ./test
run:
go test -v github.com/goharbor/harbor-helm/unittest
name: Unit test
on:
pull_request:
push:
jobs:
unit-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Helm 3.2.3
uses: azure/setup-helm@v1
with:
version: '3.2.3'
- name: Set up Go 1.13
uses: actions/setup-go@v2
with:
go-version: 1.13
- name: Cache go mod
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Run unit tests
working-directory: ./test
run:
go test -v github.com/goharbor/harbor-helm/unittest
.gitignore
View file @ 7d41e5ec
charts/*
charts/*
requirements.lock
\ No newline at end of file
.helmignore
View file @ 7d41e5ec
docs/*
.git/*
.gitignore
CONTRIBUTING.md
.travis.yaml
test/*
raws/*
.beagle.yml
CONTRIBUTING.md
Deploy.md
.github/*
docs/*
.git/*
.gitignore
CONTRIBUTING.md
.travis.yaml
test/*
raws/*
.beagle.yml
CONTRIBUTING.md
Deploy.md
.github/*
values-operator.yaml
\ No newline at end of file
CONTRIBUTING.md
View file @ 7d41e5ec
# Contributing to Helm Chart for Harbor
Please follow [Harbor contributing guide](https://github.com/goharbor/harbor/blob/master/CONTRIBUTING.md) to learn how to make code contribution.
## Contributers
Thanks very much to all contributers who submitted pull requests to Helm Chart for Harbor.
- [Paul Czarkowski @paulczar](https://github.com/paulczar)
- [Luca Innocenti Mirri @lucaim](https://github.com/lucaim)
- [Steven Arnott @ArcticSnowman](https://github.com/ArcticSnowman)
- [Alex M @draeron](https://github.com/draeron)
- [SangJun Yun](https://github.com/YunSangJun)
# Contributing to Helm Chart for Harbor
Please follow [Harbor contributing guide](https://github.com/goharbor/harbor/blob/master/CONTRIBUTING.md) to learn how to make code contribution.
## Contributers
Thanks very much to all contributers who submitted pull requests to Helm Chart for Harbor.
- [Paul Czarkowski @paulczar](https://github.com/paulczar)
- [Luca Innocenti Mirri @lucaim](https://github.com/lucaim)
- [Steven Arnott @ArcticSnowman](https://github.com/ArcticSnowman)
- [Alex M @draeron](https://github.com/draeron)
- [SangJun Yun](https://github.com/YunSangJun)
Chart.yaml
View file @ 7d41e5ec
apiVersion: v1
name: beagle-harbor
version: 2.1.3
appVersion: 2.1.3
description: An open source trusted cloud native registry that stores, signs, and scans content
keywords:
- docker
- registry
- harbor
home: https://goharbor.io
icon: https://raw.githubusercontent.com/goharbor/website/master/static/img/logos/harbor-icon-color.png
sources:
- https://github.com/goharbor/harbor
- https://github.com/goharbor/harbor-helm
maintainers:
- name: Wenkai Yin
email: yinw@vmware.com
- name: Weiwei He
email: hweiwei@vmware.com
- name: Qian Deng
email: dengq@vmware.com
engine: gotpl
apiVersion: v1
name: beagle-harbor
version: 2.1.3
appVersion: 2.1.3
description: An open source trusted cloud native registry that stores, signs, and scans content
keywords:
- docker
- registry
- harbor
home: https://goharbor.io
icon: https://raw.githubusercontent.com/goharbor/website/master/static/img/logos/harbor-icon-color.png
sources:
- https://github.com/goharbor/harbor
- https://github.com/goharbor/harbor-helm
maintainers:
- name: Wenkai Yin
email: yinw@vmware.com
- name: Weiwei He
email: hweiwei@vmware.com
- name: Qian Deng
email: dengq@vmware.com
engine: gotpl
Deploy.md
View file @ 7d41e5ec
# harbor
## install
```bash
# 1.install
kubectl create ns devops
helm install \
--namespace=devops \
harbor \
/etc/kubernetes/helm/beagle-harbor \
-f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml
# uninstall
helm uninstall \
--namespace=devops \
harbor
# update
helm upgrade \
--namespace=devops \
harbor \
/etc/kubernetes/helm/beagle-harbor \
-f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml
# template
helm template \
--namespace=devops \
harbor \
/etc/kubernetes/helm/beagle-harbor \
-f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml > /etc/kubernetes/helm/beagle-harbor/dist.yaml
# package
helm package . -d C:/Tmp/Charts
```
## images x86_64
```bash
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor
registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.3
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-db
registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.3
# registry
registry.cn-qingdao.aliyuncs.com/wod/registry:2.7.1
# gitlab.wodcloud.com/cloud/chartmuseum
registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum:v2.1.3
# gitlab.wodcloud.com/cloud/clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair:v2.1.3
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-scanner-clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter:v2.1.3
# gitlab.wodcloud.com/cloud/harbor-scanner-trivy
registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter:v2.1.3
# gitlab.wodcloud.com/cloud/notary
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer:v2.1.3
# redis
registry.cn-qingdao.aliyuncs.com/wod/redis:6.0.9
```
## images arm64
```bash
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor
registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-db
registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.3-arm64
# registry
registry.cn-qingdao.aliyuncs.com/wod/registry:2.7.1-arm64
# gitlab.wodcloud.com/cloud/chartmuseum
registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-scanner-clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/harbor-scanner-trivy
registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/notary
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer:v2.1.3-arm64
# redis
registry.cn-qingdao.aliyuncs.com/wod/redis:6.0.9-arm64
```
# harbor
## install
```bash
# 1.install
kubectl create ns devops
helm install \
--namespace=devops \
harbor \
/etc/kubernetes/helm/beagle-harbor \
-f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml
# uninstall
helm uninstall \
--namespace=devops \
harbor
# update
helm upgrade \
--namespace=devops \
harbor \
/etc/kubernetes/helm/beagle-harbor \
-f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml
# template
helm template \
--namespace=devops \
harbor \
/etc/kubernetes/helm/beagle-harbor \
-f /etc/kubernetes/helm/beagle-harbor/values-overrides.yaml > /etc/kubernetes/helm/beagle-harbor/dist.yaml
# package
helm package . -d C:/Tmp/Charts
```
## images x86_64
```bash
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor
registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.3
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-db
registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.3
# registry
registry.cn-qingdao.aliyuncs.com/wod/registry:2.7.1
# gitlab.wodcloud.com/cloud/chartmuseum
registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum:v2.1.3
# gitlab.wodcloud.com/cloud/clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair:v2.1.3
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-scanner-clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter:v2.1.3
# gitlab.wodcloud.com/cloud/harbor-scanner-trivy
registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter:v2.1.3
# gitlab.wodcloud.com/cloud/notary
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server:v2.1.3
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer:v2.1.3
# redis
registry.cn-qingdao.aliyuncs.com/wod/redis:6.0.9
```
## images arm64
```bash
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor
registry.cn-qingdao.aliyuncs.com/wod/harbor-portal:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-core:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-db
registry.cn-qingdao.aliyuncs.com/wod/harbor-db:v2.1.3-arm64
# registry
registry.cn-qingdao.aliyuncs.com/wod/registry:2.7.1-arm64
# gitlab.wodcloud.com/cloud/chartmuseum
registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/awecloud-goharbor-harbor-scanner-clair
registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/harbor-scanner-trivy
registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter:v2.1.3-arm64
# gitlab.wodcloud.com/cloud/notary
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server:v2.1.3-arm64
registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer:v2.1.3-arm64
# redis
registry.cn-qingdao.aliyuncs.com/wod/redis:6.0.9-arm64
```
LICENSE
View file @ 7d41e5ec
This diff is collapsed.
REAME.md
View file @ 7d41e5ec
This source diff could not be displayed because it is too large. You can view the blob instead.
ansible/images.yaml
View file @ 7d41e5ec
IMAGES:
- repo: harbor-portal
tag: "v2.1.3"
- repo: harbor-core
tag: "v2.1.3"
- repo: harbor-jobservice
tag: "v2.1.3"
- repo: harbor-db
tag: "v2.1.3"
- repo: harbor-registryctl
tag: "v2.1.3"
- repo: harbor-chartmuseum
tag: "v2.1.3"
- repo: harbor-clair
tag: "v2.1.3"
- repo: harbor-clair-adapter
tag: "v2.1.3"
- repo: harbor-trivy-adapter
tag: "v2.1.3"
- repo: harbor-notary-server
tag: "v2.1.3"
- repo: harbor-notary-signer
tag: "v2.1.3"
- repo: registry
tag: "2.7.1"
- repo: redis
IMAGES:
- repo: harbor-portal
tag: "v2.1.3"
- repo: harbor-core
tag: "v2.1.3"
- repo: harbor-jobservice
tag: "v2.1.3"
- repo: harbor-db
tag: "v2.1.3"
- repo: harbor-registryctl
tag: "v2.1.3"
- repo: harbor-chartmuseum
tag: "v2.1.3"
- repo: harbor-clair
tag: "v2.1.3"
- repo: harbor-clair-adapter
tag: "v2.1.3"
- repo: harbor-trivy-adapter
tag: "v2.1.3"
- repo: harbor-notary-server
tag: "v2.1.3"
- repo: harbor-notary-signer
tag: "v2.1.3"
- repo: registry
tag: "2.7.1"
- repo: redis
tag: "6.0.9"
\ No newline at end of file
cert/tls.crt
View file @ 7d41e5ec
-----BEGIN CERTIFICATE-----
MIIE0zCCArugAwIBAgIJAPY/OzLMeVq2MA0GCSqGSIb3DQEBCwUAMAAwHhcNMTkw
NDE4MDIyNzM3WhcNMjkwNDE1MDIyNzM3WjAAMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEA3xlUJs2b/aI2NLoy4OIQ+dn/yMb/O99iKDRyZKpH8rSOmS+o
F9unmSAzL65XA/v6nY0OLI/dASDjkqkBpIdTGzogR5f8UiB6osuEY7V71XZdzWLr
PjnJq6ZLAaoKmwG80W5+Wd6V8PygOx52mkr1w7IWKz+1ZLI5izbppon7XVGVRaAT
RvNZDiJ6CeJpcJ5H723lkf5RvJWatZLCYIYDbRfTiKsyQ/SlRcv5BVfHg/LJSH9Q
LGRhPMARldl9wyZCwZZDHxheI4a+26aa8MY3u9st/l0/Oo6VCTGpMiEhiGF2LVjp
UWq/+BP4SFEvJfq/DuinI139W/5aZZ7/HwRPlmYU6pXTRLyIg7jd+19fJwR7X37q
w0o8t06FhjmrCzaYCUjoReqDmHaNmZN/ddvG7jZWBu+jNh0YavsyQyCIVmv6yqSc
jPiD9uivxqTwjJidIBRfuUrz3aERQ7cQgf0qhqjIzflzHbFKhILocBWq7zyNl9hr
vUGT/WZcw0t/OtM72SPaplmTgVbbQRxf2VHzyptGIvtydlXK8thxOMpXo4e+Sl8d
1gdQcC4oisN9F29oNs8P5yFQP//xYuv8C607nCj1DzrId5avG/NVfKB/fbDKEFgN
2WhHInTzPLEcjF4fErcUAEuWW0buX/6FHCG3iTtrqyD92KTVDfN1J56rrcsCAwEA
AaNQME4wHQYDVR0OBBYEFFhNhTo4UAC2PUsf8jYaWj160vGEMB8GA1UdIwQYMBaA
FFhNhTo4UAC2PUsf8jYaWj160vGEMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggIBAMAsEtVlELMwdtcifHeOT0kOmf5wo9In/eFSgscCzBMDaRx2B3q36AoS
Il7XWAZpevaR7W7yeARKaAshBLhygUqLD0zWbKlSN9Hprd1wdpM0ffyPpN5dxOYA
er04y12GRnCbMYqi4cvztP4TinXqq2yHSYhLbO9qkI5gbWVxkRuIcMKvixddllNY
Q3obJaDDHmovM3+g/G+1YFgt4qES38XnJ7BrSshHnn5EIQh286xfJriyrK2hHbLJ
qz0YuF6G3DXPeWGgXvj0Hipc0f8UDZkKkk/eGEI6vEkytyvoepoZI2XbAf/ZMy5n
KwuhEn4hhkFMwWaSWp/h0QdMCaxk4BVSOqmNVaLSB7+FjsIj4CasFotYiyJ2gpRB
Nf8QaS4bz0Tn1eBbC8ksj+e3ZWeX2b5wVMjql9jTt2X1ICs8KKe3vEBkjqT2AUi2
52TtKzm73aWrz/GPy/Q2LCor3Fh9FGVSBOBBDXGy6MJpNHJnYVH9EENFGOh85ol1
2pADOBB5vAU/kLB5LHPj2kue/FMiHaNnrSYIGrMlBSX2jj9EYa1uuUH+pd4MBj1F
5uH8ORiaQ6ht2+WHklxic1Rj5yTYQwVlH70CBOn+qVEdo63yQwzAMJKFIwlGUQEX
jiljgc86q4cZtUTFrcwMidbk+8Q6+JbDVg7HV/+pnC+wnv197kwe
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIE0zCCArugAwIBAgIJAPY/OzLMeVq2MA0GCSqGSIb3DQEBCwUAMAAwHhcNMTkw
NDE4MDIyNzM3WhcNMjkwNDE1MDIyNzM3WjAAMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEA3xlUJs2b/aI2NLoy4OIQ+dn/yMb/O99iKDRyZKpH8rSOmS+o
F9unmSAzL65XA/v6nY0OLI/dASDjkqkBpIdTGzogR5f8UiB6osuEY7V71XZdzWLr
PjnJq6ZLAaoKmwG80W5+Wd6V8PygOx52mkr1w7IWKz+1ZLI5izbppon7XVGVRaAT
RvNZDiJ6CeJpcJ5H723lkf5RvJWatZLCYIYDbRfTiKsyQ/SlRcv5BVfHg/LJSH9Q
LGRhPMARldl9wyZCwZZDHxheI4a+26aa8MY3u9st/l0/Oo6VCTGpMiEhiGF2LVjp
UWq/+BP4SFEvJfq/DuinI139W/5aZZ7/HwRPlmYU6pXTRLyIg7jd+19fJwR7X37q
w0o8t06FhjmrCzaYCUjoReqDmHaNmZN/ddvG7jZWBu+jNh0YavsyQyCIVmv6yqSc
jPiD9uivxqTwjJidIBRfuUrz3aERQ7cQgf0qhqjIzflzHbFKhILocBWq7zyNl9hr
vUGT/WZcw0t/OtM72SPaplmTgVbbQRxf2VHzyptGIvtydlXK8thxOMpXo4e+Sl8d
1gdQcC4oisN9F29oNs8P5yFQP//xYuv8C607nCj1DzrId5avG/NVfKB/fbDKEFgN
2WhHInTzPLEcjF4fErcUAEuWW0buX/6FHCG3iTtrqyD92KTVDfN1J56rrcsCAwEA
AaNQME4wHQYDVR0OBBYEFFhNhTo4UAC2PUsf8jYaWj160vGEMB8GA1UdIwQYMBaA
FFhNhTo4UAC2PUsf8jYaWj160vGEMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggIBAMAsEtVlELMwdtcifHeOT0kOmf5wo9In/eFSgscCzBMDaRx2B3q36AoS
Il7XWAZpevaR7W7yeARKaAshBLhygUqLD0zWbKlSN9Hprd1wdpM0ffyPpN5dxOYA
er04y12GRnCbMYqi4cvztP4TinXqq2yHSYhLbO9qkI5gbWVxkRuIcMKvixddllNY
Q3obJaDDHmovM3+g/G+1YFgt4qES38XnJ7BrSshHnn5EIQh286xfJriyrK2hHbLJ
qz0YuF6G3DXPeWGgXvj0Hipc0f8UDZkKkk/eGEI6vEkytyvoepoZI2XbAf/ZMy5n
KwuhEn4hhkFMwWaSWp/h0QdMCaxk4BVSOqmNVaLSB7+FjsIj4CasFotYiyJ2gpRB
Nf8QaS4bz0Tn1eBbC8ksj+e3ZWeX2b5wVMjql9jTt2X1ICs8KKe3vEBkjqT2AUi2
52TtKzm73aWrz/GPy/Q2LCor3Fh9FGVSBOBBDXGy6MJpNHJnYVH9EENFGOh85ol1
2pADOBB5vAU/kLB5LHPj2kue/FMiHaNnrSYIGrMlBSX2jj9EYa1uuUH+pd4MBj1F
5uH8ORiaQ6ht2+WHklxic1Rj5yTYQwVlH70CBOn+qVEdo63yQwzAMJKFIwlGUQEX
jiljgc86q4cZtUTFrcwMidbk+8Q6+JbDVg7HV/+pnC+wnv197kwe
-----END CERTIFICATE-----
cert/tls.key
View file @ 7d41e5ec
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEA3xlUJs2b/aI2NLoy4OIQ+dn/yMb/O99iKDRyZKpH8rSOmS+o
F9unmSAzL65XA/v6nY0OLI/dASDjkqkBpIdTGzogR5f8UiB6osuEY7V71XZdzWLr
PjnJq6ZLAaoKmwG80W5+Wd6V8PygOx52mkr1w7IWKz+1ZLI5izbppon7XVGVRaAT
RvNZDiJ6CeJpcJ5H723lkf5RvJWatZLCYIYDbRfTiKsyQ/SlRcv5BVfHg/LJSH9Q
LGRhPMARldl9wyZCwZZDHxheI4a+26aa8MY3u9st/l0/Oo6VCTGpMiEhiGF2LVjp
UWq/+BP4SFEvJfq/DuinI139W/5aZZ7/HwRPlmYU6pXTRLyIg7jd+19fJwR7X37q
w0o8t06FhjmrCzaYCUjoReqDmHaNmZN/ddvG7jZWBu+jNh0YavsyQyCIVmv6yqSc
jPiD9uivxqTwjJidIBRfuUrz3aERQ7cQgf0qhqjIzflzHbFKhILocBWq7zyNl9hr
vUGT/WZcw0t/OtM72SPaplmTgVbbQRxf2VHzyptGIvtydlXK8thxOMpXo4e+Sl8d
1gdQcC4oisN9F29oNs8P5yFQP//xYuv8C607nCj1DzrId5avG/NVfKB/fbDKEFgN
2WhHInTzPLEcjF4fErcUAEuWW0buX/6FHCG3iTtrqyD92KTVDfN1J56rrcsCAwEA
AQKCAgEAk8q8s4PrvYby79UVlWJNKqceykwBkxE1fjrYORWQ2hiAirxGV5+8lDT/
k6ujm1EWwb5K0HxxRKkb+PEa1HqNNHE6JxNpJKK9exDlYAQ+x7dFBqVr/2nazmo4
MB8MLYlmIztWWoSYwe8o2mEg4q+bxYs5Imdu7AkhE7dJ63hm23gLMfeMLalRqopu
XBPwE5nXP6aGuUNHtG1K8tQJDlZY+LEbAeOfReNQhT9NdRukYSW579vfKblJrSvz
ulg89sVm3cWEK5pB6rj9wJbK94voKftVqbbuBwWjd1a9pibKhwVBe2L2FWhpSZc5
F/coC7njTaYT6tr91y5VhhJhIZQCf/vv4Zl5XhFHs5VTZNbM/OfqyFQLYXVJO48K
F7tmazAEQQBQwVZqH9C9NQdzPHWmc38Okhtc1wzaqn/rg9+1sgAMD8hWCtQJUe97
b9ymh5A0Z4QXKpyFT0b+pXcD1jRha07UtkX+/zLJ9HpAXcUmzkG+j5CXNpnxsIq5
fJFeq3hBj9w6n4h+50M4W0Fse5YoEUsc3B0fz8BlQBb+YJLFLNH34MH8p1l0ZDYJ
yae0psxlBijg4OPZ+WCBa+jtFW4LiWgEcxwgz8w+hEOAQr2a1Dc7w8jd+Y4IK8Um
lTVs5dbp4mOmPMlRv/GM7kDudFqbMg3YFwXg3QbquVqLZzEzjVkCggEBAPJKZbCW
YfLejkS/fkRyV3VIb54mKwQHoMWub88tPgGuXzjsJyd5QTQ58PpUjXrLHmn8lS2+
viE8GJylKwN1yMlZw40+kZhpHUpCWx/2ZKjAqvqA9OOKo2fv6Hd/wOAnU4CtioC1
pri7lKFYXoP8DtQVwHYvIzCRqDnhc4mwJDqzTC9xduI+svxzl4xH82fx0jrPiFY+
/wOdXjyfIPjyhHC4jPTWbairwXS9dBjSl128aIRT580/yXE/SYAugg05jKtg5zQA
So13MTezXRHXdO0di3tEMHGREEkFpeVnnPQvCCedK0DV36iNwiWc8pwdfLMVneTt
DKwZedCx+o/7ev0CggEBAOu48DGEJJJzHxVR5mY1K2AlZyYtpTOWehK1zX74JvM3
YxN4nd+Zx5n9uSPmmKzqF3TU+44RVtdJK6ejoFE8dMDTNWaSLW/ZDmN1nT0njvOn
IWJn59ynOChWWKZgXZ/9UqGR7Pt6OxSkkex9c/fYBsMX/xusdXQigeogl0iOYVFW
gXIiiLRLHpHJsK/uNxIizj0hTYYn7uD7PRENwFRcCYf8J1eUFbd6DuCVWeQCKWgf
Nd2tSWoi0Vylj4uUX8Iw0tjLNMD5CREJEk4GSv4EDSmvUdv1LiBKJCL2lEcgoPeC
oOD2iCc5KqgnmQraRilFFk8RVXA9PWZGY3C0b6TVmmcCggEANZO2AOKALlCAbTtb
FI+kP08RP4t5H58AMjZsiweaGo0QiWnPDq+Fd6MIYpKn5mtcAlvUMRVovbioSJtN
c6psB/pNf8JCN82mqHEb7WlywM46AMLbZCWYFLe8VBBv+iE4GdBGPEfu4hK4vyTn
YZAvRz64HGo4Adlztbjg76V/nWtggW05uLXcpm55KJAQhv+2WULjBw9PHOGDoSwf
Am2+U567rLht70prsQDj10laJ2QuSHS1YXGlfeFcw3eFUp9TN+JpvdoCol2lCIgl
IHjgZj6ORWfCvpoxW7RgBuZukqCD0R60HdYtavxN3jtiepsapA83pxO0JapMgZWZ
rpURkQKCAQBOcEv9Liu9T/GX9pjkiezVIZ0hZy8B66DTeQvYpFrRtCyT3h8quNFi
vLtO5v0HDR6hEf5jWAG9wet07U37ulJfl+i9KQdVoLTZA9o+71ryWTsSs+DD3CEj
yxfUxVxiULmeaiChzhq608h7GYPthUU6xlFttAWhj5oLfqzYyAg6OL76a+Nxm02g
1ayl3m8U6eAXF23kpoUm+HNpqVnGuJmzVoUA75YKZ+NreEdhSBbfPwN9sJwtZUil
u7H4kHcM95Ix8eysCjKqKIqezBlITbDTnjNvLjcbJ5C+0a6lvIXT1vQR5/eGlc9M
BWE360pNkV/LD8mOf9Jepi2Q43oDL9EhAoIBAQDTWImfy0K9gGzA2rPy169mWYQK
OlcnD3+hQq6x51Zn1e/texFeVlhHn4rrnRdCFOAp47uFkJ2m72GCVD74EwQucK9y
AD5jorqgVHqCKZdkHjb2V60Mzm6g3rtL9WJXFVLvNBb/QGB2vgHVOO0zqiqGZj4e
Ex7l2m//5SE4DLtn70J9CgG1HtXCS8dWrGPL1pzDnk8VXtnoXzb0LChLUFEgZRmh
cV6AFHEK2H8wBHviNyehsRQiDkl2AiWOcJNvkzW68ck2nJjRWyPYK1JL3NCKpB3Q
OohrP0fHcWAXMW97wFXZhRfnQfDxxIOlj3McYT0AlanXd0F4NGc2Nvmphx04
-----END RSA PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEA3xlUJs2b/aI2NLoy4OIQ+dn/yMb/O99iKDRyZKpH8rSOmS+o
F9unmSAzL65XA/v6nY0OLI/dASDjkqkBpIdTGzogR5f8UiB6osuEY7V71XZdzWLr
PjnJq6ZLAaoKmwG80W5+Wd6V8PygOx52mkr1w7IWKz+1ZLI5izbppon7XVGVRaAT
RvNZDiJ6CeJpcJ5H723lkf5RvJWatZLCYIYDbRfTiKsyQ/SlRcv5BVfHg/LJSH9Q
LGRhPMARldl9wyZCwZZDHxheI4a+26aa8MY3u9st/l0/Oo6VCTGpMiEhiGF2LVjp
UWq/+BP4SFEvJfq/DuinI139W/5aZZ7/HwRPlmYU6pXTRLyIg7jd+19fJwR7X37q
w0o8t06FhjmrCzaYCUjoReqDmHaNmZN/ddvG7jZWBu+jNh0YavsyQyCIVmv6yqSc
jPiD9uivxqTwjJidIBRfuUrz3aERQ7cQgf0qhqjIzflzHbFKhILocBWq7zyNl9hr
vUGT/WZcw0t/OtM72SPaplmTgVbbQRxf2VHzyptGIvtydlXK8thxOMpXo4e+Sl8d
1gdQcC4oisN9F29oNs8P5yFQP//xYuv8C607nCj1DzrId5avG/NVfKB/fbDKEFgN
2WhHInTzPLEcjF4fErcUAEuWW0buX/6FHCG3iTtrqyD92KTVDfN1J56rrcsCAwEA
AQKCAgEAk8q8s4PrvYby79UVlWJNKqceykwBkxE1fjrYORWQ2hiAirxGV5+8lDT/
k6ujm1EWwb5K0HxxRKkb+PEa1HqNNHE6JxNpJKK9exDlYAQ+x7dFBqVr/2nazmo4
MB8MLYlmIztWWoSYwe8o2mEg4q+bxYs5Imdu7AkhE7dJ63hm23gLMfeMLalRqopu
XBPwE5nXP6aGuUNHtG1K8tQJDlZY+LEbAeOfReNQhT9NdRukYSW579vfKblJrSvz
ulg89sVm3cWEK5pB6rj9wJbK94voKftVqbbuBwWjd1a9pibKhwVBe2L2FWhpSZc5
F/coC7njTaYT6tr91y5VhhJhIZQCf/vv4Zl5XhFHs5VTZNbM/OfqyFQLYXVJO48K
F7tmazAEQQBQwVZqH9C9NQdzPHWmc38Okhtc1wzaqn/rg9+1sgAMD8hWCtQJUe97
b9ymh5A0Z4QXKpyFT0b+pXcD1jRha07UtkX+/zLJ9HpAXcUmzkG+j5CXNpnxsIq5
fJFeq3hBj9w6n4h+50M4W0Fse5YoEUsc3B0fz8BlQBb+YJLFLNH34MH8p1l0ZDYJ
yae0psxlBijg4OPZ+WCBa+jtFW4LiWgEcxwgz8w+hEOAQr2a1Dc7w8jd+Y4IK8Um
lTVs5dbp4mOmPMlRv/GM7kDudFqbMg3YFwXg3QbquVqLZzEzjVkCggEBAPJKZbCW
YfLejkS/fkRyV3VIb54mKwQHoMWub88tPgGuXzjsJyd5QTQ58PpUjXrLHmn8lS2+
viE8GJylKwN1yMlZw40+kZhpHUpCWx/2ZKjAqvqA9OOKo2fv6Hd/wOAnU4CtioC1
pri7lKFYXoP8DtQVwHYvIzCRqDnhc4mwJDqzTC9xduI+svxzl4xH82fx0jrPiFY+
/wOdXjyfIPjyhHC4jPTWbairwXS9dBjSl128aIRT580/yXE/SYAugg05jKtg5zQA
So13MTezXRHXdO0di3tEMHGREEkFpeVnnPQvCCedK0DV36iNwiWc8pwdfLMVneTt
DKwZedCx+o/7ev0CggEBAOu48DGEJJJzHxVR5mY1K2AlZyYtpTOWehK1zX74JvM3
YxN4nd+Zx5n9uSPmmKzqF3TU+44RVtdJK6ejoFE8dMDTNWaSLW/ZDmN1nT0njvOn
IWJn59ynOChWWKZgXZ/9UqGR7Pt6OxSkkex9c/fYBsMX/xusdXQigeogl0iOYVFW
gXIiiLRLHpHJsK/uNxIizj0hTYYn7uD7PRENwFRcCYf8J1eUFbd6DuCVWeQCKWgf
Nd2tSWoi0Vylj4uUX8Iw0tjLNMD5CREJEk4GSv4EDSmvUdv1LiBKJCL2lEcgoPeC
oOD2iCc5KqgnmQraRilFFk8RVXA9PWZGY3C0b6TVmmcCggEANZO2AOKALlCAbTtb
FI+kP08RP4t5H58AMjZsiweaGo0QiWnPDq+Fd6MIYpKn5mtcAlvUMRVovbioSJtN
c6psB/pNf8JCN82mqHEb7WlywM46AMLbZCWYFLe8VBBv+iE4GdBGPEfu4hK4vyTn
YZAvRz64HGo4Adlztbjg76V/nWtggW05uLXcpm55KJAQhv+2WULjBw9PHOGDoSwf
Am2+U567rLht70prsQDj10laJ2QuSHS1YXGlfeFcw3eFUp9TN+JpvdoCol2lCIgl
IHjgZj6ORWfCvpoxW7RgBuZukqCD0R60HdYtavxN3jtiepsapA83pxO0JapMgZWZ
rpURkQKCAQBOcEv9Liu9T/GX9pjkiezVIZ0hZy8B66DTeQvYpFrRtCyT3h8quNFi
vLtO5v0HDR6hEf5jWAG9wet07U37ulJfl+i9KQdVoLTZA9o+71ryWTsSs+DD3CEj
yxfUxVxiULmeaiChzhq608h7GYPthUU6xlFttAWhj5oLfqzYyAg6OL76a+Nxm02g
1ayl3m8U6eAXF23kpoUm+HNpqVnGuJmzVoUA75YKZ+NreEdhSBbfPwN9sJwtZUil
u7H4kHcM95Ix8eysCjKqKIqezBlITbDTnjNvLjcbJ5C+0a6lvIXT1vQR5/eGlc9M
BWE360pNkV/LD8mOf9Jepi2Q43oDL9EhAoIBAQDTWImfy0K9gGzA2rPy169mWYQK
OlcnD3+hQq6x51Zn1e/texFeVlhHn4rrnRdCFOAp47uFkJ2m72GCVD74EwQucK9y
AD5jorqgVHqCKZdkHjb2V60Mzm6g3rtL9WJXFVLvNBb/QGB2vgHVOO0zqiqGZj4e
Ex7l2m//5SE4DLtn70J9CgG1HtXCS8dWrGPL1pzDnk8VXtnoXzb0LChLUFEgZRmh
cV6AFHEK2H8wBHviNyehsRQiDkl2AiWOcJNvkzW68ck2nJjRWyPYK1JL3NCKpB3Q
OohrP0fHcWAXMW97wFXZhRfnQfDxxIOlj3McYT0AlanXd0F4NGc2Nvmphx04
-----END RSA PRIVATE KEY-----
conf/clair.yaml
View file @ 7d41e5ec
clair:
database:
type: pgsql
options:
source: "{{ template "harbor.database.clair" . }}"
# Number of elements kept in the cache
# Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
cachesize: 16384
api:
# API server port
port: 6060
healthport: 6061
# Deadline before an API request will respond with a 503
timeout: 300s
updater:
interval: {{ .Values.clair.updatersInterval }}h
clair:
database:
type: pgsql
options:
source: "{{ template "harbor.database.clair" . }}"
# Number of elements kept in the cache
# Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
cachesize: 16384
api:
# API server port
port: 6060
healthport: 6061
# Deadline before an API request will respond with a 503
timeout: 300s
updater:
interval: {{ .Values.clair.updatersInterval }}h
conf/notary-server.json
View file @ 7d41e5ec
{
"server": {
"http_addr": ":4443"
},
"trust_service": {
"type": "remote",
"hostname": "{{ template "harbor.notary-signer" . }}",
"port": "7899",
"tls_ca_file": "/etc/ssl/notary/ca.crt",
"key_algorithm": "ecdsa"
},
"logging": {
"level": "{{ .Values.logLevel }}"
},
"storage": {
"backend": "postgres",
"db_url": "{{ template "harbor.database.notaryServer" . }}"
},
"auth": {
"type": "token",
"options": {
"realm": "{{ .Values.externalURL }}.{{ $.Values.global.host }}/service/token",
"service": "harbor-notary",
"issuer": "harbor-token-issuer",
"rootcertbundle": "/root.crt"
}
}
{
"server": {
"http_addr": ":4443"
},
"trust_service": {
"type": "remote",
"hostname": "{{ template "harbor.notary-signer" . }}",
"port": "7899",
"tls_ca_file": "/etc/ssl/notary/ca.crt",
"key_algorithm": "ecdsa"
},
"logging": {
"level": "{{ .Values.logLevel }}"
},
"storage": {
"backend": "postgres",
"db_url": "{{ template "harbor.database.notaryServer" . }}"
},
"auth": {
"type": "token",
"options": {
"realm": "{{ .Values.externalURL }}.{{ $.Values.global.host }}/service/token",
"service": "harbor-notary",
"issuer": "harbor-token-issuer",
"rootcertbundle": "/root.crt"
}
}
}
\ No newline at end of file
conf/notary-signer.json
View file @ 7d41e5ec
{
"server": {
"grpc_addr": ":7899",
"tls_cert_file": "/etc/ssl/notary/tls.crt",
"tls_key_file": "/etc/ssl/notary/tls.key"
},
"logging": {
"level": "{{ .Values.logLevel }}"
},
"storage": {
"backend": "postgres",
"db_url": "{{ template "harbor.database.notarySigner" . }}",
"default_alias": "defaultalias"
}
{
"server": {
"grpc_addr": ":7899",
"tls_cert_file": "/etc/ssl/notary/tls.crt",
"tls_key_file": "/etc/ssl/notary/tls.key"
},
"logging": {
"level": "{{ .Values.logLevel }}"
},
"storage": {
"backend": "postgres",
"db_url": "{{ template "harbor.database.notarySigner" . }}",
"default_alias": "defaultalias"
}
}
\ No newline at end of file
docs/High Availability.md
View file @ 7d41e5ec
---
title: Harbor High Availability Guide
---
## Goal
Deploy Harbor on K8S via helm to make it highly available, that is, if one of node that has Harbor's container running becomes un accessible. Users does not experience interrupt of service of Harbor.
## Prerequisites
- Kubernetes cluster 1.10+
- Helm 2.10.0+
- High available ingress controller (Harbor does not manage the external endpoint)
- High available PostgreSQL database (Harbor does not handle the deployment of HA of database)
- High available Redis (Harbor does not handle the deployment of HA of Redis)
- PVC that can be shared across nodes or external object storage
## Architecture
Most of Harbor's components are stateless now. So we can simply increase the replica of the pods to make sure the components are distributed to multiple worker nodes, and leverage the "Service" mechanism of K8S to ensure the connectivity across pods.
As for storage layer, it is expected that the user provide high available PostgreSQL, Redis cluster for application data and PVCs or object storage for storing images and charts.
![HA](img/ha.png)
## Usage
### Download Chart
Download Harbor helm chart:
```bash
helm repo add harbor https://helm.goharbor.io
helm fetch harbor/harbor --untar
```
### Configuration
Configure the followings items in `values.yaml`, you can also set them as parameters via `--set` flag during running `helm install`:
- **Ingress rule**
Configure the `expose.ingress.hosts.core` and `expose.ingress.hosts.notary`.
- **External URL**
Configure the `externalURL`.
- **External PostgreSQL**
Set the `database.type` to `external` and fill the information in `database.external` section.
Four empty databases should be created manually for `Harbor core`, `Clair`, `Notary server` and `Notary signer` and configure them in the section. Harbor will create tables automatically when starting up.
- **External Redis**
Set the `redis.type` to `external` and fill the information in `redis.external` section.
As the Redis client used by Harbor's upstream projects doesn't support `Sentinel`, Harbor can only work with a single entry point Redis. You can refer to this [guide](https://community.pivotal.io/s/article/How-to-setup-HAProxy-and-Redis-Sentinel-for-automatic-failover-between-Redis-Master-and-Slave-servers) to setup a HAProxy before the Redis to expose a single entry point.
- **Storage**
By default, a default `StorageClass` is needed in the K8S cluster to provision volumes to store images, charts and job logs.
If you want to specify the `StorageClass`, set `persistence.persistentVolumeClaim.registry.storageClass`, `persistence.persistentVolumeClaim.chartmuseum.storageClass` and `persistence.persistentVolumeClaim.jobservice.storageClass`.
If you use `StorageClass`, for both default or specified one, set `persistence.persistentVolumeClaim.registry.accessMode`, `persistence.persistentVolumeClaim.chartmuseum.accessMode` and `persistence.persistentVolumeClaim.jobservice.accessMode` as `ReadWriteMany`, and make sure that the persistent volumes must can be shared cross different nodes.
You can also use the existing PVCs to store data, set `persistence.persistentVolumeClaim.registry.existingClaim`, `persistence.persistentVolumeClaim.chartmuseum.existingClaim` and `persistence.persistentVolumeClaim.jobservice.existingClaim`.
If you have no PVCs that can be shared across nodes, you can use external object storage to store images and charts and store the job logs in database. Set the `persistence.imageChartStorage.type` to the value you want to use and fill the corresponding section and set `jobservice.jobLogger` to `database`.
- **Replica**
Set `portal.replicas`, `core.replicas`, `jobservice.replicas`, `registry.replicas`, `chartmuseum.replicas`, `clair.replicas`, `notary.server.replicas` and `notary.signer.replicas` to `n`(`n`>=2).
### Installation
Install the Harbor helm chart with a release name `my-release`:
helm 2:
```bash
helm install --name my-release .
```
helm 3:
```
helm install my-release .
```
---
title: Harbor High Availability Guide
---
## Goal
Deploy Harbor on K8S via helm to make it highly available, that is, if one of node that has Harbor's container running becomes un accessible. Users does not experience interrupt of service of Harbor.
## Prerequisites
- Kubernetes cluster 1.10+
- Helm 2.10.0+
- High available ingress controller (Harbor does not manage the external endpoint)
- High available PostgreSQL database (Harbor does not handle the deployment of HA of database)
- High available Redis (Harbor does not handle the deployment of HA of Redis)
- PVC that can be shared across nodes or external object storage
## Architecture
Most of Harbor's components are stateless now. So we can simply increase the replica of the pods to make sure the components are distributed to multiple worker nodes, and leverage the "Service" mechanism of K8S to ensure the connectivity across pods.
As for storage layer, it is expected that the user provide high available PostgreSQL, Redis cluster for application data and PVCs or object storage for storing images and charts.
![HA](img/ha.png)
## Usage
### Download Chart
Download Harbor helm chart:
```bash
helm repo add harbor https://helm.goharbor.io
helm fetch harbor/harbor --untar
```
### Configuration
Configure the followings items in `values.yaml`, you can also set them as parameters via `--set` flag during running `helm install`:
- **Ingress rule**
Configure the `expose.ingress.hosts.core` and `expose.ingress.hosts.notary`.
- **External URL**
Configure the `externalURL`.
- **External PostgreSQL**
Set the `database.type` to `external` and fill the information in `database.external` section.
Four empty databases should be created manually for `Harbor core`, `Clair`, `Notary server` and `Notary signer` and configure them in the section. Harbor will create tables automatically when starting up.
- **External Redis**
Set the `redis.type` to `external` and fill the information in `redis.external` section.
As the Redis client used by Harbor's upstream projects doesn't support `Sentinel`, Harbor can only work with a single entry point Redis. You can refer to this [guide](https://community.pivotal.io/s/article/How-to-setup-HAProxy-and-Redis-Sentinel-for-automatic-failover-between-Redis-Master-and-Slave-servers) to setup a HAProxy before the Redis to expose a single entry point.
- **Storage**
By default, a default `StorageClass` is needed in the K8S cluster to provision volumes to store images, charts and job logs.
If you want to specify the `StorageClass`, set `persistence.persistentVolumeClaim.registry.storageClass`, `persistence.persistentVolumeClaim.chartmuseum.storageClass` and `persistence.persistentVolumeClaim.jobservice.storageClass`.
If you use `StorageClass`, for both default or specified one, set `persistence.persistentVolumeClaim.registry.accessMode`, `persistence.persistentVolumeClaim.chartmuseum.accessMode` and `persistence.persistentVolumeClaim.jobservice.accessMode` as `ReadWriteMany`, and make sure that the persistent volumes must can be shared cross different nodes.
You can also use the existing PVCs to store data, set `persistence.persistentVolumeClaim.registry.existingClaim`, `persistence.persistentVolumeClaim.chartmuseum.existingClaim` and `persistence.persistentVolumeClaim.jobservice.existingClaim`.
If you have no PVCs that can be shared across nodes, you can use external object storage to store images and charts and store the job logs in database. Set the `persistence.imageChartStorage.type` to the value you want to use and fill the corresponding section and set `jobservice.jobLogger` to `database`.
- **Replica**
Set `portal.replicas`, `core.replicas`, `jobservice.replicas`, `registry.replicas`, `chartmuseum.replicas`, `clair.replicas`, `notary.server.replicas` and `notary.signer.replicas` to `n`(`n`>=2).
### Installation
Install the Harbor helm chart with a release name `my-release`:
helm 2:
```bash
helm install --name my-release .
```
helm 3:
```
helm install my-release .
```
docs/Upgrade.md
View file @ 7d41e5ec
---
title: Upgrade Guide
---
This guide is used to upgrade Harbor deployed by chart since version 0.3.0.
## Notes
- As the database schema may change between different versions of Harbor, there is a progress to migrate the schema during the upgrade and the downtime cannot be avoid
- The database schema cannot be downgraded automatically, so the `helm rollback` is not supported
## Upgrade
### 1. Backup database
Backup the database used by Harbor in case the upgrade process fails.
### 2. Download new chart
Download the latest version of Harbor chart.
### 3. Configure new chart
Configure the new chart to make sure that the configuration items have the same values with the old one.
> Note: if TLS is enabled and the certificate is generated by chart automatically, a new certificate will be generated and overwrite the old one during the upgrade, this may cause some issues if you have distributed the certificate. You can follow the below steps to configure the new chart to use the old certificate:
1) Get the secret name which certificate is stored in:
```bash
kubectl get secret
```
Find the secret whose name ends with `-harbor-ingress` (expose service via `Ingress`) or `-harbor-nginx`(expose service via `ClusterIP` or `NodePort`)
2) Export the secret as yaml file:
```bash
kubectl get secret <secret-name-from-step-1> -o yaml > secret.yaml
```
3) Rename the secret by setting `metadata.name` in `secret.yaml`
4) Create a new secret:
```bash
kubectl create -f secret.yaml
```
5) Configure the chart to use the new secret by setting `expose.tls.secretName` as the value you set in step **3**
### 4. Upgrade
Run upgrade command:
```bash
helm upgrade release-name --force .
```
> The `--force` is necessary if upgrade from version 0.3.0 due to issue [#30](https://github.com/goharbor/harbor-helm/issues/30).
## Known issues
- The job logs will be lost if you upgrade from version 0.3.0 as the logs are store in a `emptyDir` in 0.3.0.
---
title: Upgrade Guide
---
This guide is used to upgrade Harbor deployed by chart since version 0.3.0.
## Notes
- As the database schema may change between different versions of Harbor, there is a progress to migrate the schema during the upgrade and the downtime cannot be avoid
- The database schema cannot be downgraded automatically, so the `helm rollback` is not supported
## Upgrade
### 1. Backup database
Backup the database used by Harbor in case the upgrade process fails.
### 2. Download new chart
Download the latest version of Harbor chart.
### 3. Configure new chart
Configure the new chart to make sure that the configuration items have the same values with the old one.
> Note: if TLS is enabled and the certificate is generated by chart automatically, a new certificate will be generated and overwrite the old one during the upgrade, this may cause some issues if you have distributed the certificate. You can follow the below steps to configure the new chart to use the old certificate:
1) Get the secret name which certificate is stored in:
```bash
kubectl get secret
```
Find the secret whose name ends with `-harbor-ingress` (expose service via `Ingress`) or `-harbor-nginx`(expose service via `ClusterIP` or `NodePort`)
2) Export the secret as yaml file:
```bash
kubectl get secret <secret-name-from-step-1> -o yaml > secret.yaml
```
3) Rename the secret by setting `metadata.name` in `secret.yaml`
4) Create a new secret:
```bash
kubectl create -f secret.yaml
```
5) Configure the chart to use the new secret by setting `expose.tls.secretName` as the value you set in step **3**
### 4. Upgrade
Run upgrade command:
```bash
helm upgrade release-name --force .
```
> The `--force` is necessary if upgrade from version 0.3.0 due to issue [#30](https://github.com/goharbor/harbor-helm/issues/30).
## Known issues
- The job logs will be lost if you upgrade from version 0.3.0 as the logs are store in a `emptyDir` in 0.3.0.
docs/_index.md
View file @ 7d41e5ec
---
title: Managing Harbor with Helm
weight: 50
---
---
title: Managing Harbor with Helm
weight: 50
---
This documentation focuses on deploying and managing Harbor via [Helm](https://helm.sh). For general documentation for Harbor, please see the [Harbor docs](https://goharbor.io/docs).
\ No newline at end of file
raws/values-aliyun.yaml
View file @ 7d41e5ec
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.wodcloud.local
notary: notary.wodcloud.local
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.wodcloud.local
persistence:
enabled: true
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
# s3 , filesystem
type: filesystem
s3:
accesskey: AKIAIOSFODNN7EXAMPLE
secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
region: us-east-1
regionendpoint: http://minio.wodcloud.local
bucket: registry
encrypt: false
v4auth: true
chunksize: '5242880'
rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v2.1.3
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v2.1.3
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v2.1.3
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v2.1.3
chartmuseum:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
tag: v2.1.3
nodeSelector: {}
# nodeSelector:
# harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
clair:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
tag: v2.1.3
adapter:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
tag: v2.1.3
trivy:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
tag: v2.1.3
notary:
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
tag: v2.1.3
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
tag: v2.1.3
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v2.1.3
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.wodcloud.local
notary: notary.wodcloud.local
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.wodcloud.local
persistence:
enabled: true
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
# s3 , filesystem
type: filesystem
s3:
accesskey: AKIAIOSFODNN7EXAMPLE
secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
region: us-east-1
regionendpoint: http://minio.wodcloud.local
bucket: registry
encrypt: false
v4auth: true
chunksize: '5242880'
rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v2.1.3
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v2.1.3
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v2.1.3
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v2.1.3
chartmuseum:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
tag: v2.1.3
nodeSelector: {}
# nodeSelector:
# harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
clair:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
tag: v2.1.3
adapter:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
tag: v2.1.3
trivy:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
tag: v2.1.3
notary:
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
tag: v2.1.3
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
tag: v2.1.3
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v2.1.3
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
tag: 6.0.9
\ No newline at end of file
raws/values-arm.yaml
View file @ 7d41e5ec
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.wodcloud.local
notary: notary.wodcloud.local
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.wodcloud.local
persistence:
enabled: true
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
# s3 , filesystem
type: filesystem
s3:
accesskey: AKIAIOSFODNN7EXAMPLE
secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
region: us-east-1
regionendpoint: http://minio.wodcloud.local
bucket: registry
encrypt: false
v4auth: true
chunksize: '5242880'
rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v2.1.3-arm64
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v2.1.3-arm64
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v2.1.3-arm64
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1-arm64
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v2.1.3-arm64
chartmuseum:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
tag: v2.1.3-arm64
nodeSelector: {}
# nodeSelector:
# harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
clair:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
tag: v2.1.3-arm64
adapter:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
tag: v2.1.3-arm64
trivy:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
tag: v2.1.3-arm64
notary:
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
tag: v2.1.3-arm64
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
tag: v2.1.3-arm64
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v2.1.3-arm64
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.wodcloud.local
notary: notary.wodcloud.local
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.wodcloud.local
persistence:
enabled: true
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
# s3 , filesystem
type: filesystem
s3:
accesskey: AKIAIOSFODNN7EXAMPLE
secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
region: us-east-1
regionendpoint: http://minio.wodcloud.local
bucket: registry
encrypt: false
v4auth: true
chunksize: '5242880'
rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v2.1.3-arm64
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v2.1.3-arm64
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v2.1.3-arm64
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1-arm64
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v2.1.3-arm64
chartmuseum:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
tag: v2.1.3-arm64
nodeSelector: {}
# nodeSelector:
# harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
clair:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
tag: v2.1.3-arm64
adapter:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
tag: v2.1.3-arm64
trivy:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
tag: v2.1.3-arm64
notary:
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
tag: v2.1.3-arm64
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
tag: v2.1.3-arm64
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v2.1.3-arm64
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
tag: 6.0.9-arm64
\ No newline at end of file
raws/values-pg.yaml
View file @ 7d41e5ec
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.test.wodcloud.com
notary: notary.test.wodcloud.com
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.test.wodcloud.com
persistence:
enabled: true
imageChartStorage:
# s3 , filesystem
type: filesystem
filesystem:
rootdirectory: /data
#s3:
# accesskey: AKIAIOSFODNN7EXAMPLE
# secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
# region: us-east-1
# regionendpoint: https://minio.sxwh.local
# bucket: registry
# encrypt: false
# v4auth: true
# chunksize: '5242880'
# rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v1.8.2
replicas: 1
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v1.8.2
replicas: 1
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v1.8.2
replicas: 1
maxJobWorkers: 10
jobLogger: file
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
nodeSelector:
harbor: enabled
storageSpec:
# type: emptyDir , hostPath , volumeClaimTemplate
type: hostPath
emptyDir: {}
hostPath:
root: /data
volumeClaimTemplate:
spec:
storageClassName: rook-ceph-block
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 100Gi
selector: {}
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v1.8.2
replicas: 1
chartmuseum:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum-photon
tag: v0.9.0-v1.8.2
replicas: 1
nodeSelector:
harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/clair-photon
tag: v2.0.8-v1.8.2
replicas: 1
notary:
enabled: true
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server-photon
tag: v0.6.1-v1.8.2
replicas: 1
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer-photon
tag: v0.6.1-v1.8.2
replicas: 1
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v1.8.2
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
nodeSelector:
harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
volumeClaimTemplate:
spec:
storageClassName: rook-ceph-block
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 20Gi
selector: {}
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.test.wodcloud.com
notary: notary.test.wodcloud.com
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.test.wodcloud.com
persistence:
enabled: true
imageChartStorage:
# s3 , filesystem
type: filesystem
filesystem:
rootdirectory: /data
#s3:
# accesskey: AKIAIOSFODNN7EXAMPLE
# secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
# region: us-east-1
# regionendpoint: https://minio.sxwh.local
# bucket: registry
# encrypt: false
# v4auth: true
# chunksize: '5242880'
# rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v1.8.2
replicas: 1
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v1.8.2
replicas: 1
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v1.8.2
replicas: 1
maxJobWorkers: 10
jobLogger: file
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
nodeSelector:
harbor: enabled
storageSpec:
# type: emptyDir , hostPath , volumeClaimTemplate
type: hostPath
emptyDir: {}
hostPath:
root: /data
volumeClaimTemplate:
spec:
storageClassName: rook-ceph-block
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 100Gi
selector: {}
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v1.8.2
replicas: 1
chartmuseum:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum-photon
tag: v0.9.0-v1.8.2
replicas: 1
nodeSelector:
harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/clair-photon
tag: v2.0.8-v1.8.2
replicas: 1
notary:
enabled: true
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server-photon
tag: v0.6.1-v1.8.2
replicas: 1
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer-photon
tag: v0.6.1-v1.8.2
replicas: 1
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v1.8.2
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
nodeSelector:
harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
volumeClaimTemplate:
spec:
storageClassName: rook-ceph-block
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 20Gi
selector: {}
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
tag: 4.0.14-alpine
\ No newline at end of file
raws/values-ppc64le.yaml
View file @ 7d41e5ec
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.wodcloud.local
notary: notary.wodcloud.local
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.wodcloud.local
persistence:
enabled: true
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
# s3 , filesystem
type: filesystem
s3:
accesskey: AKIAIOSFODNN7EXAMPLE
secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
region: us-east-1
regionendpoint: http://minio.wodcloud.local
bucket: registry
encrypt: false
v4auth: true
chunksize: '5242880'
rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v2.1.3-ppc64le
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v2.1.3-ppc64le
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v2.1.3-ppc64le
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1-ppc64le
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v2.1.3-ppc64le
chartmuseum:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
tag: v2.1.1-ppc64le
nodeSelector: {}
# nodeSelector:
# harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
clair:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
tag: v2.1.1-ppc64le
adapter:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
tag: v2.1.1-ppc64le
trivy:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
tag: v2.1.1-ppc64le
notary:
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
tag: v2.1.1-ppc64le
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
tag: v2.1.1-ppc64le
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v2.1.3-ppc64le
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.wodcloud.local
notary: notary.wodcloud.local
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.wodcloud.local
persistence:
enabled: true
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: "hostpath"
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
# s3 , filesystem
type: filesystem
s3:
accesskey: AKIAIOSFODNN7EXAMPLE
secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
region: us-east-1
regionendpoint: http://minio.wodcloud.local
bucket: registry
encrypt: false
v4auth: true
chunksize: '5242880'
rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v2.1.3-ppc64le
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v2.1.3-ppc64le
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v2.1.3-ppc64le
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1-ppc64le
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v2.1.3-ppc64le
chartmuseum:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-chartmuseum
tag: v2.1.1-ppc64le
nodeSelector: {}
# nodeSelector:
# harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
clair:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair
tag: v2.1.1-ppc64le
adapter:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-clair-adapter
tag: v2.1.1-ppc64le
trivy:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-trivy-adapter
tag: v2.1.1-ppc64le
notary:
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-server
tag: v2.1.1-ppc64le
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-notary-signer
tag: v2.1.1-ppc64le
database:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-db
tag: v2.1.3-ppc64le
password: "spaceIN511"
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
tag: 6.0.9-ppc64le
\ No newline at end of file
raws/values-stolon.yaml
View file @ 7d41e5ec
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.test.wodcloud.com
notary: notary.test.wodcloud.com
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.test.wodcloud.com
persistence:
enabled: true
imageChartStorage:
# s3 , filesystem
type: filesystem
filesystem:
rootdirectory: /data
#s3:
# accesskey: AKIAIOSFODNN7EXAMPLE
# secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
# region: us-east-1
# regionendpoint: https://minio.sxwh.local
# bucket: registry
# encrypt: false
# v4auth: true
# chunksize: '5242880'
# rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v1.8.2
replicas: 1
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v1.8.2
replicas: 1
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v1.8.2
replicas: 1
maxJobWorkers: 10
jobLogger: file
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
nodeSelector:
harbor: enabled
storageSpec:
# type: emptyDir , hostPath , volumeClaimTemplate
type: hostPath
emptyDir: {}
hostPath:
root: /data
volumeClaimTemplate:
spec:
storageClassName: rook-ceph-block
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 100Gi
selector: {}
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v1.8.2
replicas: 1
chartmuseum:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum-photon
tag: v0.9.0-v1.8.2
replicas: 1
nodeSelector:
harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/clair-photon
tag: v2.0.8-v1.8.2
replicas: 1
notary:
enabled: true
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server-photon
tag: v0.6.1-v1.8.2
replicas: 1
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer-photon
tag: v0.6.1-v1.8.2
replicas: 1
database:
type: external
external:
host: "stolon-proxy.devops"
port: "5432"
username: "postgres"
password: "spaceIN511"
coreDatabase: "hub_registry"
clairDatabase: "hub_clair"
notaryServerDatabase: "hub_notary_server"
notarySignerDatabase: "hub_notary_signer"
sslmode: "disable"
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
expose:
type: ingress
tls:
enabled: false
ingress:
hosts:
core: hub.test.wodcloud.com
notary: notary.test.wodcloud.com
annotations:
ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://hub.test.wodcloud.com
persistence:
enabled: true
imageChartStorage:
# s3 , filesystem
type: filesystem
filesystem:
rootdirectory: /data
#s3:
# accesskey: AKIAIOSFODNN7EXAMPLE
# secretkey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
# region: us-east-1
# regionendpoint: https://minio.sxwh.local
# bucket: registry
# encrypt: false
# v4auth: true
# chunksize: '5242880'
# rootdirectory: /
imagePullPolicy: IfNotPresent
logLevel: info
harborAdminPassword: "spaceIN511"
secretKey: "IpTIscRIgmerlare"
portal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-portal
tag: v1.8.2
replicas: 1
core:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-core
tag: v1.8.2
replicas: 1
jobservice:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-jobservice
tag: v1.8.2
replicas: 1
maxJobWorkers: 10
jobLogger: file
registry:
registry:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/registry
tag: 2.7.1
resources:
limits:
memory: 4Gi
requests:
memory: 256Mi
nodeSelector:
harbor: enabled
storageSpec:
# type: emptyDir , hostPath , volumeClaimTemplate
type: hostPath
emptyDir: {}
hostPath:
root: /data
volumeClaimTemplate:
spec:
storageClassName: rook-ceph-block
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 100Gi
selector: {}
controller:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/harbor-registryctl
tag: v1.8.2
replicas: 1
chartmuseum:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/chartmuseum-photon
tag: v0.9.0-v1.8.2
replicas: 1
nodeSelector:
harbor: enabled
storageSpec:
type: hostPath
emptyDir: {}
hostPath:
root: /data
clair:
enabled: true
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/clair-photon
tag: v2.0.8-v1.8.2
replicas: 1
notary:
enabled: true
server:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-server-photon
tag: v0.6.1-v1.8.2
replicas: 1
signer:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/notary-signer-photon
tag: v0.6.1-v1.8.2
replicas: 1
database:
type: external
external:
host: "stolon-proxy.devops"
port: "5432"
username: "postgres"
password: "spaceIN511"
coreDatabase: "hub_registry"
clairDatabase: "hub_clair"
notaryServerDatabase: "hub_notary_server"
notarySignerDatabase: "hub_notary_signer"
sslmode: "disable"
redis:
type: internal
internal:
image:
repository: registry.cn-qingdao.aliyuncs.com/wod/redis
tag: 4.0.14-alpine
\ No newline at end of file
raws/values.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/NOTES.txt
View file @ 7d41e5ec
Please wait for several minutes for Harbor deployment to complete.
Then you should be able to visit the Harbor portal at {{ .Values.externalURL }}.{{ $.Values.global.host }}
For more details, please visit https://github.com/goharbor/harbor
Please wait for several minutes for Harbor deployment to complete.
Then you should be able to visit the Harbor portal at {{ .Values.externalURL }}.{{ $.Values.global.host }}
For more details, please visit https://github.com/goharbor/harbor
templates/_helpers.tpl
View file @ 7d41e5ec
This diff is collapsed.
templates/chartmuseum/chartmuseum-cm.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/chartmuseum/chartmuseum-dpl.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/chartmuseum/chartmuseum-pvc.yaml
View file @ 7d41e5ec
{{- if .Values.chartmuseum.enabled }}
{{- $persistence := .Values.persistence -}}
{{- if $persistence.enabled }}
{{- $chartmuseum := $persistence.persistentVolumeClaim.chartmuseum -}}
{{- if and (not $chartmuseum.existingClaim) (eq $persistence.imageChartStorage.type "filesystem") }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "harbor.chartmuseum" . }}
{{- if eq $persistence.resourcePolicy "keep" }}
annotations:
helm.sh/resource-policy: keep
{{- end }}
labels:
{{ include "harbor.labels" . | indent 4 }}
component: chartmuseum
spec:
accessModes:
- {{ $chartmuseum.accessMode }}
resources:
requests:
storage: {{ $chartmuseum.size }}
{{- if $chartmuseum.storageClass }}
{{- if eq "-" $chartmuseum.storageClass }}
storageClassName: ""
{{- else }}
storageClassName: {{ $chartmuseum.storageClass }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.chartmuseum.enabled }}
{{- $persistence := .Values.persistence -}}
{{- if $persistence.enabled }}
{{- $chartmuseum := $persistence.persistentVolumeClaim.chartmuseum -}}
{{- if and (not $chartmuseum.existingClaim) (eq $persistence.imageChartStorage.type "filesystem") }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "harbor.chartmuseum" . }}
{{- if eq $persistence.resourcePolicy "keep" }}
annotations:
helm.sh/resource-policy: keep
{{- end }}
labels:
{{ include "harbor.labels" . | indent 4 }}
component: chartmuseum
spec:
accessModes:
- {{ $chartmuseum.accessMode }}
resources:
requests:
storage: {{ $chartmuseum.size }}
{{- if $chartmuseum.storageClass }}
{{- if eq "-" $chartmuseum.storageClass }}
storageClassName: ""
{{- else }}
storageClassName: {{ $chartmuseum.storageClass }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
\ No newline at end of file
templates/chartmuseum/chartmuseum-secret.yaml
View file @ 7d41e5ec
{{- if .Values.chartmuseum.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: "{{ template "harbor.chartmuseum" . }}"
labels:
{{ include "harbor.labels" . | indent 4 }}
type: Opaque
data:
CACHE_REDIS_PASSWORD: {{ include "harbor.redis.password" . | b64enc | quote }}
{{- $storage := .Values.persistence.imageChartStorage }}
{{- $storageType := $storage.type }}
{{- if eq $storageType "azure" }}
AZURE_STORAGE_ACCESS_KEY: {{ $storage.azure.accountkey | b64enc | quote }}
{{- else if eq $storageType "gcs" }}
# TODO support the keyfile of gcs
{{- else if eq $storageType "s3" }}
{{- if $storage.s3.secretkey }}
AWS_SECRET_ACCESS_KEY: {{ $storage.s3.secretkey | b64enc | quote }}
{{- end }}
{{- else if eq $storageType "swift" }}
OS_PASSWORD: {{ $storage.swift.password | b64enc | quote }}
{{- else if eq $storageType "oss" }}
ALIBABA_CLOUD_ACCESS_KEY_SECRET: {{ $storage.oss.accesskeysecret | b64enc | quote }}
{{- end }}
{{- if .Values.chartmuseum.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: "{{ template "harbor.chartmuseum" . }}"
labels:
{{ include "harbor.labels" . | indent 4 }}
type: Opaque
data:
CACHE_REDIS_PASSWORD: {{ include "harbor.redis.password" . | b64enc | quote }}
{{- $storage := .Values.persistence.imageChartStorage }}
{{- $storageType := $storage.type }}
{{- if eq $storageType "azure" }}
AZURE_STORAGE_ACCESS_KEY: {{ $storage.azure.accountkey | b64enc | quote }}
{{- else if eq $storageType "gcs" }}
# TODO support the keyfile of gcs
{{- else if eq $storageType "s3" }}
{{- if $storage.s3.secretkey }}
AWS_SECRET_ACCESS_KEY: {{ $storage.s3.secretkey | b64enc | quote }}
{{- end }}
{{- else if eq $storageType "swift" }}
OS_PASSWORD: {{ $storage.swift.password | b64enc | quote }}
{{- else if eq $storageType "oss" }}
ALIBABA_CLOUD_ACCESS_KEY_SECRET: {{ $storage.oss.accesskeysecret | b64enc | quote }}
{{- end }}
{{- end }}
\ No newline at end of file
templates/chartmuseum/chartmuseum-svc.yaml
View file @ 7d41e5ec
{{- if .Values.chartmuseum.enabled }}
apiVersion: v1
kind: Service
metadata:
name: "{{ template "harbor.chartmuseum" . }}"
labels:
{{ include "harbor.labels" . | indent 4 }}
spec:
ports:
- port: {{ template "harbor.chartmuseum.servicePort" . }}
targetPort: {{ template "harbor.chartmuseum.containerPort" . }}
selector:
{{ include "harbor.matchLabels" . | indent 4 }}
component: chartmuseum
{{- if .Values.chartmuseum.enabled }}
apiVersion: v1
kind: Service
metadata:
name: "{{ template "harbor.chartmuseum" . }}"
labels:
{{ include "harbor.labels" . | indent 4 }}
spec:
ports:
- port: {{ template "harbor.chartmuseum.servicePort" . }}
targetPort: {{ template "harbor.chartmuseum.containerPort" . }}
selector:
{{ include "harbor.matchLabels" . | indent 4 }}
component: chartmuseum
{{- end }}
\ No newline at end of file
templates/chartmuseum/chartmuseum-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/clair/clair-dpl.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/clair/clair-secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/clair/clair-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/clair/clair-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/core/core-cm.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/core/core-dpl.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/core/core-secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/core/core-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/core/core-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/database/database-secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/database/database-ss.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/database/database-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/ingress/ingress.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/ingress/ingresshost.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/ingress/ingressroute.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/ingress/middleware.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/ingress/secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/internal/auto-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/jobservice/jobservice-cm-env.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/jobservice/jobservice-cm.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/jobservice/jobservice-dpl.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/jobservice/jobservice-pvc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/jobservice/jobservice-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/jobservice/jobservice-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/nginx/configmap-http.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/nginx/configmap-https.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/nginx/deployment.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/nginx/secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/nginx/service.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/notary/notary-secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/notary/notary-server.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/notary/notary-signer.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/notary/notary-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/portal/configmap.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/portal/deployment.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/portal/service.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/portal/tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/redis/service.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/redis/statefulset.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/registry/registry-cm.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/registry/registry-dpl.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/registry/registry-pvc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/registry/registry-secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/registry/registry-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/registry/registry-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/trivy/trivy-secret.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/trivy/trivy-sts.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/trivy/trivy-svc.yaml
View file @ 7d41e5ec
This diff is collapsed.
templates/trivy/trivy-tls.yaml
View file @ 7d41e5ec
This diff is collapsed.
test/go.mod
View file @ 7d41e5ec
This diff is collapsed.
test/go.sum
View file @ 7d41e5ec
This diff is collapsed.
test/install_helm.sh
View file @ 7d41e5ec
This diff is collapsed.
test/integration/base.go
View file @ 7d41e5ec
This diff is collapsed.
test/integration/ingress_test.go
View file @ 7d41e5ec
This diff is collapsed.
test/integration/kind-cluster.yaml
View file @ 7d41e5ec
This diff is collapsed.
test/integration/node_port_test.go
View file @ 7d41e5ec
This diff is collapsed.
test/test.go
View file @ 7d41e5ec
package test
package test
test/unittest/trivy_stateful_set_test.go
View file @ 7d41e5ec
This diff is collapsed.
test/verify.sh
View file @ 7d41e5ec
This diff is collapsed.
values-operator.yaml
View file @ 7d41e5ec
global:
hub: registry.cn-qingdao.aliyuncs.com/wod
imagePullPolicy: "IfNotPresent"
imageArch: amd64
global:
hub: registry.cn-qingdao.aliyuncs.com/wod
imagePullPolicy: "IfNotPresent"
imageArch: amd64
host: wodcloud.local
\ No newline at end of file
values.yaml
View file @ 7d41e5ec
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment