Skip to content

H
harbor
Commit dd6c88c5 authored by 舒成's avatar 舒成
Browse files
Options

update

parent 9da96508
Show whitespace changes
Inline Side-by-side
Showing with 1313 additions and 9 deletions
dist.yaml 0 → 100644
View file @ dd6c88c5
---
# Source: harbor/templates/adminserver/adminserver-secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: "harbor-adminserver"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-adminserver
type: Opaque
data:
secretKey: "blFJbUJuNVNWQ0hMN2VocQ=="
EMAIL_PWD: "cGFzc3dvcmQ="
HARBOR_ADMIN_PASSWORD: "NTg3NzIwMTU="
POSTGRESQL_PASSWORD: "c3BhY2VJTjUxMQ=="
JOBSERVICE_SECRET: "QkJSUXd5U2tzaUhacUpVaA=="
UI_SECRET: "QkJSUXd5U2tzaUhacUpVaA=="
CLAIR_DB_PASSWORD: "c3BhY2VJTjUxMQ=="
---
# Source: harbor/templates/chartmuseum/chartmuseum-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: "harbor-chartmuseum"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
type: Opaque
data:
CACHE_REDIS_PASSWORD: ""
BASIC_AUTH_PASS: "QkJSUXd5U2tzaUhacUpVaA=="
---
# Source: harbor/templates/database/database-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: "harbor-database"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
type: Opaque
data:
POSTGRES_PASSWORD: "c3BhY2VJTjUxMQ=="
---
# Source: harbor/templates/jobservice/jobservice-secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: "harbor-jobservice"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
type: Opaque
data:
secretKey: "blFJbUJuNVNWQ0hMN2VocQ=="
JOBSERVICE_SECRET: "QkJSUXd5U2tzaUhacUpVaA=="
UI_SECRET: "QkJSUXd5U2tzaUhacUpVaA=="
---
# Source: harbor/templates/registry/registry-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: "harbor-registry"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
type: Opaque
data:
httpSecret: "QkJSUXd5U2tzaUhacUpVaA=="
---
# Source: harbor/templates/ui/ui-secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: "harbor-ui"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
type: Opaque
data:
secretKey: "blFJbUJuNVNWQ0hMN2VocQ=="
secret: "QkJSUXd5U2tzaUhacUpVaA=="
jobserviceSecret: "QkJSUXd5U2tzaUhacUpVaA=="
tokenServiceRootCertBundle: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM2ekNDQWRPZ0F3SUJBZ0lRTGh6a0EyN2Nhd1JKczl6d1hNeUxhREFOQmdrcWhraUc5dzBCQVFzRkFEQVIKTVE4d0RRWURWUVFERXdab1lYSmliM0l3SGhjTk1UZ3hNREU0TVRFd01EQTFXaGNOTVRreE1ERTRNVEV3TURBMQpXakFSTVE4d0RRWURWUVFERXdab1lYSmliM0l3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUM4ckV5TW80eTN0TVNhemRQWGZrOXlUczBydHRnQkgraTFLS2l5b3F1SGtFN2hiUmJZbXJGbzYzSmMKYmF3bk1mZnBUT1pEajVmb0hFaXR4TmlvVEdNR2tEMng0Uy9vd2hDSEs5cHplNFJtOTF3SjZrK2d1VWhnOXRHdwpDbFM1YmxYUVRrVXh3WUprSG9lbnkvZGFmNUU5ZzlSYkJtQ0hNSTFxS0V1T1UrSkhTZ3lYMmE3cHViNkgzQ1hICkJZSlEyVzJHTjJ5RmhudHlEcXhFRGpEVTd3QXBEcGdUeXh6dllkemlFdjdMYUE3Y2ZxQzJqUURMZmsrK2w1d2YKeGVONHk4NFlNV2ZEb0pkblpQNjQ3bVpZaGJ0aHVjWlRPMWI3RUprTEsyTkNJK0xCMnVHS3BiMGxVTnczMzlvdQpCWUlEaXdRRDg0V2lhdHZoZTd4TVZUY2wvUHI5QWdNQkFBR2pQekE5TUE0R0ExVWREd0VCL3dRRUF3SUZvREFkCkJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUlLd1lCQlFVSEF3SXdEQVlEVlIwVEFRSC9CQUl3QURBTkJna3EKaGtpRzl3MEJBUXNGQUFPQ0FRRUFPUVM0cEpsZHhscGFObnFiL2tUQ1lBaStLdi80cko3TjN1dFFCQit4UEJCMwpiTnQ1ZlpQemhkbEhyRHRTVWhCRGRHNzVpWitWcE1NVGtNanAwM0txYXhPcnZ1eXdpY2o1Q2hEOERFYURDM3JCClBsaE5UZE5HUzVtVURUUmloUkZYRklHdDBrQjh2cjNXUTRDY2VsT0NOdG1NSzNqN2l5R3o1MmxZR0tKMUFnZkwKVWFVVXZnSVVZTnFDR1ZwZG1FWDF0YTRUN2w2T3cvbmNJdkpSZEtHbDhNUTRSV0pvcWNpbEcrQk9udFB5MEo3SQpkOXZyUWxHSVowOGlyaTVyaERWbFBMYmR1YmpzTVJzWERhSGhxWWpiMjFZOHpiWWJWNnd1ZHlzRUVJSHJaNER4CnJ3NlY2UnZPYkpnUC9JK2dad01NanhmRTFNSGRrSVNkTXVBZ1RtVU5WUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
tokenServicePrivateKey: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBdkt4TWpLT010N1RFbXMzVDEzNVBjazdOSzdiWUFSL290U2lvc3FLcmg1Qk80VzBXCjJKcXhhT3R5WEcyc0p6SDM2VXptUTQrWDZCeElyY1RZcUV4akJwQTlzZUV2Nk1JUWh5dmFjM3VFWnZkY0NlcFAKb0xsSVlQYlJzQXBVdVc1VjBFNUZNY0dDWkI2SHA4djNXbitSUFlQVVd3WmdoekNOYWloTGpsUGlSMG9NbDltdQo2Ym0raDl3bHh3V0NVTmx0aGpkc2hZWjdjZzZzUkE0dzFPOEFLUTZZRThzYzcySGM0aEwreTJnTzNINmd0bzBBCnkzNVB2cGVjSDhYamVNdk9HREZudzZDWFoyVCt1TzVtV0lXN1libkdVenRXK3hDWkN5dGpRaVBpd2RyaGlxVzkKSlZEY045L2FMZ1dDQTRzRUEvT0ZvbXJiNFh1OFRGVTNKZno2L1FJREFRQUJBb0lCQUdMNFZ1ZG5XNGQ2TWErcQp6TGM3c04wYmJSRERSeWUvMzBnNFhkWG04dWVYMFdqNjJvTWhFbk1oSHNwUlZYN3gvVVBLYlBkL3VZV3VZSW1XCnVyZjk2ZXdsZWRkM2NyUThLSU5mZzZZVVl1M0lUK1Y3bmUySGcrb3BUdkZ6V2VJemVKeGVrbmw1TXJibU5PN1cKVlppSlZselliR3FiTzhOdXVwKzNKM3N2a1lFbTlSOUVFRXJWczFNZU9LeFp2azRtSVdyT05BdHVMTlM5VDFlKwpEbHdhWjhHQ1dMdUxwTkhMMnRjWGdPa0NocUpPQmV4RHkrdmsxc3RTd3VtRk1PanRSNHhBV1BiSms2QUVFVzhiCndhYjlKaW9PR0U4MFNYZHowVGVDV1lIZCt6Q2g0M2JlSXRSMUEzZXd1RG40ZlI0VEdyTTAwZ0M5L29XelM0RUwKQUFBVXNrRUNnWUVBeHVLYWxiQXRhN3JINXBpNjYyWDJjRmNTUnlOUjA3UmNTSlRzWXl5dWQ0ZUJFaE1WaU5RUQphcXlzTmdIR1ljdlN1bGVSYVdpYVVOT2tlRDNUdTk4aGhCRkdGU1ZpandZZXAzUW02RnFYOG52d1BDVklOTkttClVTNnZ1b0FPUjBySTA5bkJ4aktwZHZRRUJuVHE4THV4MHY1MWRIWEVrM0pHUVRxanhidFQ1bFVDZ1lFQTh0cnUKdFVVQVIvUGs3cmtuSTRLMGhucGZxNDlCa05RUXdKd3hPMk8xS2V6eEVXOGowTTBFOHg0VGZJUDNFNWxUdHh6VQpQZlJrVnpRblE4Z21hWEZDSnUxWktvL09oaUJ1am9kYnJKMzdCL24zTnZKRW45QnFrdGJBbTN5VTJPajdIZjVTCnpXdkw5WVFNRk85NVEvc0RNeGJjamtRYlByMitDdmNUUFR6UVdna0NnWUFMQi9pUkF1T1NEUnNYVkROUjZTYmgKRmtOQ1JOZytDTXZ4anFrSjJ5bVdJYUxzRUxqcURQRVlLWm1ucVRPS3F4WjJGWE5RU0dmK3dhNW1xTzg4aFdURApnWDNFb0gwMTk1M3RwY2llckordTZHYnJ2eG1oTEduaktOYkFYbWZzVmw2TE9aSEEzNEI4dzQ0Um1aeUtXNjdDClNERFZrODZpYXYwd2t3TVFiWko2dlFLQmdIM1YzelpoNklGZjZOR2hjcHc5ejVpV3RCZkxCT2dzV2ZuVGROY1gKRlBvQ1llN3NyWncxZjBrUjNucjRUZ0FEeEpMdkJ6S0svYXNKeFFha0lQTWwwbWNsT0x5TEF6SVFmL2l1UGx3MQpCNnZjWTdJKzJqd00zQXYxNXBzcWRGM29hcVhoNzdtdEQyUEo1aEM2L1JTeWJiZjlNbzhzendrMWU5Rm1zTHRjClZZRXhBb0dCQUo1ZjRlaGZQbDBhUTJ3ZzVoY25INCtDeTNwZjFDWDJQUkZmNGU5Q2cvVXFGMmNRQnA1TFNKdzQKZ0kyQ3hWMmRpdU1NMTdSbnZtMWl2ZGRvd0E1MnM2aTNad1JOSStxWDU0d2tzSUtucyt5VG90ek9pUEFoemUrNgpKU0lOVXc4ZUFzNTBmOVdTc21UbDl0RWNVN0t4TVRQbkltZTF5Rjl4TlJuQktQc01JZm1OCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg=="
---
# Source: harbor/templates/adminserver/adminserver-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: "harbor-adminserver"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-adminserver
data:
POSTGRESQL_HOST: "harbor-database"
POSTGRESQL_PORT: "5432"
POSTGRESQL_USERNAME: "postgres"
POSTGRESQL_DATABASE: "registry"
EMAIL_HOST: "smtp.mydomain.com"
EMAIL_PORT: "25"
EMAIL_USR: "sample_admin@mydomain.com"
EMAIL_SSL: "false"
EMAIL_FROM: "admin <sample_admin@mydomain.com>"
EMAIL_IDENTITY: ""
EMAIL_INSECURE: "false"
EXT_ENDPOINT: "https://harbor.wodcloud.com"
UI_URL: "http://harbor-ui"
JOBSERVICE_URL: "http://harbor-jobservice"
REGISTRY_URL: "http://harbor-registry:5000"
TOKEN_SERVICE_URL: "http://harbor-ui/service/token"
WITH_NOTARY: "true"
NOTARY_URL: "http://harbor-notary-server:4443"
LOG_LEVEL: "info"
IMAGE_STORE_PATH: "/" # This is a temporary hack.
AUTH_MODE: "db_auth"
SELF_REGISTRATION: "on"
LDAP_URL: "ldaps://ldapserver"
LDAP_SEARCH_DN: ""
LDAP_BASE_DN: ""
LDAP_FILTER: "(objectClass=person)"
LDAP_UID: "uid"
LDAP_SCOPE: "2"
LDAP_TIMEOUT: "5"
LDAP_VERIFY_CERT: "True"
DATABASE_TYPE: "postgresql"
PROJECT_CREATION_RESTRICTION: "everyone"
VERIFY_REMOTE_CERT: "off"
MAX_JOB_WORKERS: "3"
TOKEN_EXPIRATION: "30"
CFG_EXPIRATION: "5"
GODEBUG: "netdns=cgo"
ADMIRAL_URL: "NA"
RESET: "false"
WITH_CLAIR: "true"
CLAIR_DB_HOST: "harbor-database"
CLAIR_DB_PORT: "5432"
CLAIR_DB_USERNAME: "postgres"
CLAIR_DB: "postgres"
CLAIR_URL: "http://harbor-clair:6060"
UAA_ENDPOINT: ""
UAA_CLIENTID: ""
UAA_CLIENTSECRET: ""
UAA_VERIFY_CERT: "True"
REGISTRY_STORAGE_PROVIDER_NAME: "filesystem"
WITH_CHARTMUSEUM: "true"
CHART_REPOSITORY_URL: "http://harbor-chartmuseum"
---
# Source: harbor/templates/chartmuseum/chartmuseum-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: "harbor-chartmuseum"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
data:
PORT: "9999"
CACHE: "redis"
CACHE_REDIS_ADDR: "harbor-redis:6379"
CACHE_REDIS_DB: "0"
BASIC_AUTH_USER: "chart_controller"
DEPTH: "1"
STORAGE: "local"
STORAGE_LOCAL_ROOTDIR: "/chart_storage"
DEBUG: "false"
LOG_JSON: "true"
DISABLE_METRICS: "false"
DISABLE_API: "false"
DISABLE_STATEFILES: "false"
ALLOW_OVERWRITE: "true"
CHART_URL: ""
AUTH_ANONYMOUS_GET: "false"
TLS_CERT: ""
TLS_KEY: ""
CONTEXT_PATH: ""
INDEX_LIMIT: "0"
MAX_STORAGE_OBJECTS: "0"
MAX_UPLOAD_SIZE: "20971520"
CHART_POST_FORM_FIELD_NAME: "chart"
PROV_POST_FORM_FIELD_NAME: "prov"
---
# Source: harbor/templates/clair/clair-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: harbor-clair
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-clair
data:
config.yaml: |
clair:
database:
type: pgsql
options:
source: "postgres://postgres:spaceIN511@harbor-database:5432/postgres?sslmode=disable"
# Number of elements kept in the cache
# Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
cachesize: 16384
api:
# API server port
port: 6060
healthport: 6061
# Deadline before an API request will respond with a 503
timeout: 300s
updater:
interval: 12h
notifier:
attempts: 3
renotifyinterval: 2h
http:
endpoint: "http://harbor-ui/service/notifications/clair"
---
# Source: harbor/templates/jobservice/jobservice-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: "harbor-jobservice"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
data:
config.yml: |+
protocol: "http"
port: 8080
worker_pool:
workers: 50
backend: "redis"
redis_pool:
redis_url: "harbor-redis:6379/0"
namespace: "harbor_job_service_namespace"
logger:
path: "/var/log/jobs"
level: "INFO"
archive_period: 14 #days
admin_server: "http://harbor-adminserver"
---
# Source: harbor/templates/notary/notary-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: harbor-notary
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-notary
data:
notary-signer-ca.crt: |
-----BEGIN CERTIFICATE-----
MIIDAzCCAeugAwIBAgIRAJezuy9IauATwFDRanYM33owDQYJKoZIhvcNAQELBQAw
GzEZMBcGA1UEAxMQaGFyYm9yLW5vdGFyeS1jYTAeFw0xODEwMTgxMTAwMDVaFw0y
ODEwMTUxMTAwMDVaMBsxGTAXBgNVBAMTEGhhcmJvci1ub3RhcnktY2EwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLUeEUgREsFZ+r5x0OiWieMWrvjQJy
+SwJQ9e4OFa6dHaHVC70Mf9mlcYE0Kgj9MXTCDTI48JCq2fFzHApCM1Sr7s0Xm7g
IaYdx0BGU2ybzW72WXhVp4/r2JPZzt19zEhBjqtrZZDYLx+p7seJHd4YPruv4R2w
k0/SMY7kJuTRqwzQtQ8x9Qa8Dxc2ZGjR19t+yvJzI4/Nk7iBKZ5ulspqF+02avnw
ZVtg8xFgWct4IrOyxWO3sv0tAXppdEqU4SFxwPwuZJWKFg6CNADDZzDn1ajIdSYu
rzteVCH7qhSZO1xM+VJyU3WJphvQh4pZ5Q7comIGBu2yBdVTU3jpqudRAgMBAAGj
QjBAMA4GA1UdDwEB/wQEAwICpDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAcCG0K7/Zulet
4qnHq1X6VfGhchSBsxyLzNPEY1Y6OM1WyiThGlV1zJTCOKU4jS49/24eT/6re20m
XwdAVtoGXisK6RsR6iR6Y+THHMFSqNdwdnyuYlwmeYK+QbWEOOb0FzVNe8PzJB2w
Tg7b+HpxrNSTvf0U4I6BxQbe2Qjdyj4JIYcCCPqiR3yeY1BZkS3WG+vTnqPwgd0a
Hld2+GkB+bFEsl9rn4x3shP5QtS0ZtvXFiJh56Bp0608ibhoQVCCGf1K/MxE0gCE
4mQeaZPLamHVEuR0rSZ7gaklT78LSHDtkWR91Ai8ulHH7QwX7MgiEd1SMiJY7zg2
Qnka6VHgYA==
-----END CERTIFICATE-----
notary-signer.crt: |
-----BEGIN CERTIFICATE-----
MIIDBDCCAeygAwIBAgIRAOAVbcc/AWPNSiDvJ4vV4DEwDQYJKoZIhvcNAQELBQAw
GzEZMBcGA1UEAxMQaGFyYm9yLW5vdGFyeS1jYTAeFw0xODEwMTgxMTAwMDZaFw0y
ODEwMTUxMTAwMDZaMB8xHTAbBgNVBAMTFGhhcmJvci1ub3Rhcnktc2lnbmVyMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyacGm7wIAAf70W6F3BqHVc9
nKtgn3jXu8muBNJYDBmotNMKN64Qi6ZCJLryWWkMlYBJkD3col9dpZl5nzS16x7u
1PsW6xChAZEaYOpHHDnPxgpHCjnauDh6zlT5LWaM7f2p+HVb0/eCCYbSlH8jQ2uD
y8zUnE2Ff0uEUsYT6PTFsFWF9k8A6EwvIA7TfeGQks9RyZmtYGTX1rRnjimxnbf6
ghCzqJCsNJMNK1jcKSQ2isPnWPi3aCpRXURc6uipGdbBhFpCBdL9f2oQm8m6I6O8
7DRwR6UsH+Dr1b1KOmGnZ4sh4+ek0joPvDwd8b4oymlynCINwMjC+ONUXHAScQID
AQABoz8wPTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHCgamM9Ou3L
zIY3ZIAOgB4PL+9MA4qi8tmJmVUN2i2ZEQsoz3Jby5kb31lZsXX4IZzTo8LUSPrQ
XikiHqwfSIgasmnQMd3ZtIzvW2rH7jsExHnLE0yYpQaFUFoqHpsiPlgHsQFqVy91
ffGWgEWRBzf5zUVocGhr7IGT9E2a0ckD80/nijLyvRVXNAcvOd3qlu2S8J/HKkeW
YS2LMfidjKIkDt/8HyVQwV6Ebt8o2558Rv7qS6WxwqYS5Xaau8YLzH+UCAfdpS+S
tlhRQMtfViUboW4UY6s/oUFvB+f1Fk1HUU+zBg/anWWQAwO6+X3zY2wuDIfrgBwf
0+eB5olU6UI=
-----END CERTIFICATE-----
notary-signer.key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqyacGm7wIAAf70W6F3BqHVc9nKtgn3jXu8muBNJYDBmotNMK
N64Qi6ZCJLryWWkMlYBJkD3col9dpZl5nzS16x7u1PsW6xChAZEaYOpHHDnPxgpH
CjnauDh6zlT5LWaM7f2p+HVb0/eCCYbSlH8jQ2uDy8zUnE2Ff0uEUsYT6PTFsFWF
9k8A6EwvIA7TfeGQks9RyZmtYGTX1rRnjimxnbf6ghCzqJCsNJMNK1jcKSQ2isPn
WPi3aCpRXURc6uipGdbBhFpCBdL9f2oQm8m6I6O87DRwR6UsH+Dr1b1KOmGnZ4sh
4+ek0joPvDwd8b4oymlynCINwMjC+ONUXHAScQIDAQABAoIBAQCcF8OJTCKOXO7D
L6mwFOOCzP0xNRATgYfoCeE/HoQUzRYTjOIltAf9BW4Px7yeFPPYKb9t4S2nnShw
js/ghpdfz79s2W+mhW0CW89eEm02bfd0HA18YxV6rHA8XD1BzeS8bXwmUQqmAHdF
rwPBUU7c/2Kdbbt+rikR1tLhFywzagRF+LzTaQZ4R2II9JqbuHTeQhGNFapApPUR
WC9WytBJKQNJ9Ep+o8YZkuuANAeGYRKxAJC8lGsN8/582lh3sekSvGjHjSqGh+dq
adpr+7/V3NcBoss1CXwVKiouHeotlovOSjQdbcveAD5awXSkzrjoMRuqaTp9iZw0
37p6BhU9AoGBAM6ThTHXLZLqNuBt2drUI7gfCp3e+/uKYaObj+xZr5lvxFb3zyd5
GLg2anRe3ciGQq3cP+3Fjji0wKTH+PACy7X4Q3iNm1q6E/6x5O0py5d2Y49Wrgzq
g29Kdxe3H3nKGBJnLaqkpUAaS080cZFNFDBIb2ehQwme+SppISe1Hay7AoGBANQZ
Vf9/R9ToYb/RT8w3glFTCbCrVnvdSdhSD1Djj8QjaPHBsEhyEXqUqvnLro4vMtIo
DsrzSUto/9+OVMc0jgA4t/rLdAgkw7g/U8BxskrpvbfQ+Vp8X5engLGyIJhCrcXb
xEce1lpn5la1xBFGMAsKapV+o3YVKJFtotEl6IDDAoGAGqAa98yTPC9h+VVPUgwr
umyN0sFN2yL/6LWBPGZm4rDsLoVsNts922hwGiWsEk9zwrLzrnLbHOX3OoXnyQ+j
MAYatCwUTQJU12wYZJURf6krternLhT/8dU4Ol9I+EqbBaw0z5y/C98Xu9K3nJHB
u2NqsIGxgUjzNossUdDfTUcCgYEAvm6JEj9bZUPIEAuElBz6ur3No3wSyF+lH759
1eibekU4wmdfOYyBOQgmguVnsm2aOaqRrZLGKhj6M+R9JeZ/4J8MQPdPFMi9mb3y
GoV6yVwYZOQSHjYxNd7E48bFETA9CbsJ/bkoSD+lRhEpG0FjfWY60ELFzQ2uQPSp
DRP2LzUCgYAU/qXXqxP8TsYo7qDXBQywILxQXOT0H6IsuTNx8h9xX3/C1WBpRBmW
pGMx9QLr2l3wxyPprmJmOKis11zQF3U8pCTKnhy1J9KTSaQXddhye3oweb/MWdGs
bbv5Ecd4bMS/chn2H0BOzHQsJNJ9fpnBPxhotI/uJ7P/ZpiFrJIkug==
-----END RSA PRIVATE KEY-----
server-config.postgres.json: |
{
"server": {
"http_addr": ":4443"
},
"trust_service": {
"type": "remote",
"hostname": "harbor-notary-signer",
"port": "7899",
"tls_ca_file": "./notary-signer-ca.crt",
"key_algorithm": "ecdsa"
},
"logging": {
"level": "debug"
},
"storage": {
"backend": "postgres",
"db_url": "postgres://postgres:spaceIN511@harbor-database:5432/notaryserver?sslmode=disable"
},
"auth": {
"type": "token",
"options": {
"realm": "https://harbor.wodcloud.com/service/token",
"service": "harbor-notary",
"issuer": "harbor-token-issuer",
"rootcertbundle": "/root.crt"
}
}
}
signer-config.postgres.json: |
{
"server": {
"grpc_addr": ":7899",
"tls_cert_file": "./notary-signer.crt",
"tls_key_file": "./notary-signer.key"
},
"logging": {
"level": "debug"
},
"storage": {
"backend": "postgres",
"db_url": "postgres://postgres:spaceIN511@harbor-database:5432/notarysigner?sslmode=disable",
"default_alias": "defaultalias"
}
}
---
# Source: harbor/templates/registry/registry-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: "harbor-registry"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
data:
config.yml: |+
version: 0.1
log:
level: info
fields:
service: registry
storage:
filesystem:
rootdirectory: /var/lib/registry
cache:
layerinfo: redis
maintenance:
uploadpurging:
enabled: false
delete:
enabled: true
redis:
addr: "harbor-redis:6379"
password:
db: 0
http:
addr: :5000
# set via environment variable
# secret: placeholder
debug:
addr: localhost:5001
auth:
token:
issuer: harbor-token-issuer
realm: "https://harbor.wodcloud.com/service/token"
rootcertbundle: /etc/registry/root.crt
service: harbor-registry
notifications:
endpoints:
- name: harbor
disabled: false
url: http://harbor-ui/service/notifications
timeout: 3000ms
threshold: 5
backoff: 1s
---
# Source: harbor/templates/ui/ui-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: "harbor-ui"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
data:
app.conf: |+
appname = Harbor
runmode = prod
enablegzip = true
[prod]
httpport = 8080
---
# Source: harbor/templates/adminserver/adminserver-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: "harbor-adminserver"
spec:
ports:
- port: 80
targetPort: 8080
selector:
release: harbor
app: harbor-adminserver
---
# Source: harbor/templates/chartmuseum/chartmuseum-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: "harbor-chartmuseum"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 80
targetPort: 9999
selector:
release: harbor
app: harbor-chartmuseum
---
# Source: harbor/templates/clair/clair-svc.yaml
# clair host isn't configurable yet. this creates a service
# to get it working for now.
# see https://github.com/vmware/harbor/issues/3250
apiVersion: v1
kind: Service
metadata:
name: "harbor-clair"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 6060
selector:
release: harbor
app: harbor-clair
---
# Source: harbor/templates/database/database-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: "harbor-database"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 5432
selector:
release: harbor
app: harbor-database
---
# Source: harbor/templates/jobservice/jobservice-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: "harbor-jobservice"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 80
targetPort: 8080
selector:
release: harbor
app: harbor-jobservice
---
# Source: harbor/templates/notary/notary-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: harbor-notary-server
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 4443
selector:
release: harbor
app: harbor-notary-server
---
apiVersion: v1
kind: Service
metadata:
name: harbor-notary-signer
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 7899
selector:
release: harbor
app: harbor-notary-signer
---
# Source: harbor/templates/redis/redis.svc.yml
---
apiVersion: v1
kind: Service
metadata:
name: harbor-redis
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-redis
spec:
selector:
release: harbor
app: harbor-redis
ports:
- name: redis
port: 6379
---
# Source: harbor/templates/registry/registry-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: "harbor-registry"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 5000
selector:
release: harbor
app: harbor-registry
---
# Source: harbor/templates/ui/ui-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: "harbor-ui"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
ports:
- port: 80
targetPort: 8080
selector:
release: harbor
app: harbor-ui
---
# Source: harbor/templates/clair/clair-dpl.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: harbor-clair
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-clair
version: v2.0.6
spec:
replicas: 1
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-clair
version: v2.0.6
spec:
containers:
- name: clair
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/clair:v2.0.6
imagePullPolicy: IfNotPresent
args: ["-insecure-tls", "-config", "/etc/clair/config.yaml"]
resources:
null
ports:
- containerPort: 6060
volumeMounts:
- name: clair-config
mountPath: /etc/clair/config.yaml
subPath: config.yaml
volumes:
- name: clair-config
configMap:
name: "harbor-clair"
items:
- key: config.yaml
path: config.yaml
---
# Source: harbor/templates/jobservice/jobservice-dpl.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: "harbor-jobservice"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-jobservice
spec:
replicas: 1
selector:
matchLabels:
release: harbor
app: harbor-jobservice
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-jobservice
spec:
containers:
- name: jobservice
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/harbor-jobservice:v1.6.0
imagePullPolicy: IfNotPresent
resources:
null
envFrom:
- secretRef:
name: "harbor-jobservice"
env:
- name: LOG_LEVEL
value: debug
- name: GODEBUG
value: netdns=cgo
ports:
- containerPort: 8080
volumeMounts:
- name: jobservice-config
mountPath: /etc/jobservice/config.yml
subPath: config.yml
- name: job-logs
mountPath: /var/log/jobs
volumes:
- name: jobservice-config
configMap:
name: "harbor-jobservice"
- name: job-logs
emptyDir: {}
---
# Source: harbor/templates/notary/notary-server.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: harbor-notary-server
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-notary-server
version: dev
spec:
replicas: 1
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-notary-server
version: dev
spec:
containers:
- name: notary-server
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/notary-server-photon:dev
imagePullPolicy: IfNotPresent
resources:
null
env:
- name: MIGRATIONS_PATH
value: migrations/server/postgresql
- name: DB_URL
value: postgres://postgres:spaceIN511@harbor-database:5432/notaryserver?sslmode=disable
volumeMounts:
- name: notary-config
mountPath: /etc/notary
- name: root-certificate
mountPath: /root.crt
subPath: tokenServiceRootCertBundle
volumes:
- name: notary-config
configMap:
name: "harbor-notary"
- name: root-certificate
secret:
secretName: "harbor-ui"
---
# Source: harbor/templates/notary/notary-signer.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: harbor-notary-signer
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-notary-signer
version: dev
spec:
replicas: 1
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-notary-signer
version: dev
spec:
containers:
- name: notary-signer
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/notary-signer-photon:dev
imagePullPolicy: IfNotPresent
resources:
null
env:
- name: MIGRATIONS_PATH
value: migrations/signer/postgresql
- name: DB_URL
value: postgres://postgres:spaceIN511@harbor-database:5432/notarysigner?sslmode=disable
- name: NOTARY_SIGNER_DEFAULTALIAS
value: defaultalias
volumeMounts:
- name: notary-config
mountPath: /etc/notary
volumes:
- name: notary-config
configMap:
name: "harbor-notary"
---
# Source: harbor/templates/redis/redis.dp.yml
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: harbor-redis
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-redis
version: 4.0.1-alpine
spec:
replicas: 1
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-redis
version: 4.0.1-alpine
spec:
containers:
- name: redis
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/redis:4.0.1-alpine
imagePullPolicy: IfNotPresent
args: ["--save","''","--appendonly","no"]
ports:
- name: redis
containerPort: 6379
---
# Source: harbor/templates/ui/ui-dpl.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: "harbor-ui"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-ui
version: v1.6.0
spec:
replicas: 1
template:
metadata:
labels:
release: harbor
app: harbor-ui
version: v1.6.0
spec:
containers:
- name: ui
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/harbor-ui:v1.6.0
imagePullPolicy: IfNotPresent
env:
- name: UI_SECRET
valueFrom:
secretKeyRef:
name: "harbor-ui"
key: secret
- name: JOBSERVICE_SECRET
valueFrom:
secretKeyRef:
name: "harbor-ui"
key: jobserviceSecret
- name: _REDIS_URL
value: harbor-redis:6379,100,
- name: GODEBUG
value: netdns=cgo
- name: LOG_LEVEL
value: debug
- name: CONFIG_PATH
value: /etc/ui/app.conf
- name: ENABLE_HARBOR_SCAN_ON_PUSH
value: "1"
- name: ADMINSERVER_URL
value: "http://harbor-adminserver"
- name: CHART_CACHE_DRIVER
value: "redis"
ports:
- containerPort: 8080
volumeMounts:
- name: ui-config
mountPath: /etc/ui/app.conf
subPath: app.conf
- name: ui-secrets-key
mountPath: /etc/ui/key
subPath: key
- name: ui-secrets-private-key
mountPath: /etc/ui/private_key.pem
subPath: tokenServicePrivateKey
- name: psc
mountPath: /etc/ui/token
volumes:
- name: ui-config
configMap:
name: "harbor-ui"
- name: ui-secrets-key
secret:
secretName: "harbor-ui"
items:
- key: secretKey
path: key
- name: ui-secrets-private-key
secret:
secretName: "harbor-ui"
- name: psc
emptyDir: {}
---
# Source: harbor/templates/adminserver/adminserver-ss.yaml
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: "harbor-adminserver"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-adminserver
version: v1.6.0
spec:
replicas: 1
serviceName: "harbor-adminserver"
selector:
matchLabels:
release: harbor
app: harbor-adminserver
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-adminserver
version: v1.6.0
spec:
containers:
- name: adminserver
image: "registry-vpc.cn-qingdao.aliyuncs.com/wod/harbor-adminserver:v1.6.0"
imagePullPolicy: "IfNotPresent"
resources:
null
envFrom:
- configMapRef:
name: "harbor-adminserver"
- secretRef:
name: "harbor-adminserver"
env:
- name: PORT
value: "8080"
- name: JSON_CFG_STORE_PATH
value: /etc/adminserver/config/config.json
- name: KEY_PATH
value: /etc/adminserver/key
ports:
- containerPort: 8080
volumeMounts:
- name: data
mountPath: /etc/adminserver/config
- name: adminserver-key
mountPath: /etc/adminserver/key
subPath: key
volumes:
- name: adminserver-key
secret:
secretName: "harbor-adminserver"
items:
- key: secretKey
path: key
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "storageos"
resources:
requests:
storage: "1Gi"
---
# Source: harbor/templates/chartmuseum/chartmuseum-ss.yaml
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: "harbor-chartmuseum"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-chartmuseum
version: v0.7.1
spec:
replicas: 1
serviceName: "harbor-chartmuseum"
selector:
matchLabels:
release: harbor
app: harbor-chartmuseum
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-chartmuseum
version: v0.7.1
spec:
containers:
- name: chartmuseum
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/chartmuseum:v0.7.1
imagePullPolicy: IfNotPresent
resources:
null
envFrom:
- configMapRef:
name: "harbor-chartmuseum"
- secretRef:
name: "harbor-chartmuseum"
ports:
- containerPort: 9999
# TODO: update it after moving the storage out of registry scope
volumeMounts:
- name: data
mountPath: /chart_storage
volumeClaimTemplates:
- metadata:
name: data
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "storageos"
resources:
requests:
storage: "5Gi"
---
# Source: harbor/templates/database/database-ss.yaml
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: "harbor-database"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-database
version: 1.29
spec:
replicas: 1
serviceName: "harbor-database"
selector:
matchLabels:
release: harbor
app: harbor-database
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-database
version: 1.29
spec:
initContainers:
- name: "remove-lost-found"
image: "registry-vpc.cn-qingdao.aliyuncs.com/wod/busybox:1.29"
command: ["rm", "-Rf", "/var/lib/postgresql/data/lost+found"]
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
containers:
- name: database
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/harbor-db:v1.6.0
imagePullPolicy: IfNotPresent
resources:
null
envFrom:
- secretRef:
name: "harbor-database"
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
volumeClaimTemplates:
- metadata:
name: "data"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "storageos"
resources:
requests:
storage: "1Gi"
---
# Source: harbor/templates/registry/registry-ss.yaml
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: "harbor-registry"
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-registry
version: 2.6.2
spec:
replicas: 1
serviceName: "harbor-registry"
selector:
matchLabels:
release: harbor
app: harbor-registry
template:
metadata:
labels:
heritage: Tiller
release: harbor
chart: harbor-0.2.0
app: harbor-registry
version: 2.6.2
spec:
containers:
- name: registry
image: registry-vpc.cn-qingdao.aliyuncs.com/wod/registry:2.6.2
imagePullPolicy: IfNotPresent
resources:
null
args: ["serve", "/etc/registry/config.yml"]
env:
- name: REGISTRY_HTTP_SECRET
valueFrom:
secretKeyRef:
name: "harbor-registry"
key: httpSecret
ports:
- containerPort: 5000
- containerPort: 5001
volumeMounts:
- name: registry-data
mountPath: /var/lib/registry
- name: registry-root-certificate
mountPath: /etc/registry/root.crt
subPath: tokenServiceRootCertBundle
- name: registry-config
mountPath: /etc/registry/config.yml
subPath: config.yml
volumes:
- name: registry-root-certificate
secret:
secretName: "harbor-ui"
- name: registry-config
configMap:
name: "harbor-registry"
- name: registry-data
hostPath:
path: /etc/kubernetes/data/registry
nodeSelector:
harbor-registry: enabled
kubernetes.io/hostname: 172.31.14.41
---
# Source: harbor/templates/istio/notary.gateway.yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: harbor-notary
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "notary-harbor.wodcloud.com"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: harbor-notary
spec:
hosts:
- "notary-harbor.wodcloud.com"
gateways:
- harbor-notary
http:
- route:
- destination:
host: harbor-notary-server
port:
number: 4443
---
# Source: harbor/templates/istio/ui.gateway.yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: harbor-ui
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "harbor.wodcloud.com"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: harbor-ui
spec:
hosts:
- "harbor.wodcloud.com"
gateways:
- harbor-ui
http:
- route:
- destination:
host: harbor-ui
port:
number: 80
---
# Source: harbor/templates/ingress/ingress.yaml
---
# Source: harbor/templates/ingress/secret.yaml
readme.md
View file @ dd6c88c5
......@@ -178,4 +178,16 @@ helm install \
# uninstall
helm delete harbor --purge
# update
helm upgrade harbor /etc/kubernetes/helm/harbor \
-f /etc/kubernetes/helm/harbor/values-overrides.yaml
# template
helm template \
/etc/kubernetes/helm/harbor \
--name=harbor \
--namespace=devops \
-f /etc/kubernetes/helm/harbor/values-overrides.yaml \
> /etc/kubernetes/helm/harbor/dist.yaml
```
\ No newline at end of file
templates/_helpers.tpl
View file @ dd6c88c5
......@@ -26,7 +26,6 @@ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
{{/* matchLabels */}}
{{- define "harbor.matchLabels" -}}
release: {{ .Release.Name }}
app: "{{ template "harbor.name" . }}"
{{- end -}}
{{- define "harbor.externalURL" -}}
......
templates/database/database-ss.yaml
View file @ dd6c88c5
......@@ -6,7 +6,7 @@ metadata:
labels:
{{ include "harbor.labels" . | indent 4 }}
app: harbor-database
version: {{ .Values.busybox.image.tag }}
version: {{ .Values.database.internal.image.tag }}
spec:
replicas: 1
serviceName: "{{ template "harbor.fullname" . }}-database"
......@@ -19,7 +19,7 @@ spec:
labels:
{{ include "harbor.labels" . | indent 8 }}
app: harbor-database
version: {{ .Values.busybox.image.tag }}
version: {{ .Values.database.internal.image.tag }}
spec:
initContainers:
- name: "remove-lost-found"
......
templates/istio/notary.gateway.yaml
View file @ dd6c88c5
......@@ -2,7 +2,7 @@
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: "{{ template "harbor.fullname" . }}"-notary
name: {{ template "harbor.fullname" . }}-notary
spec:
selector:
istio: ingressgateway # use istio default controller
......@@ -17,12 +17,12 @@ spec:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: "{{ template "harbor.fullname" . }}"-notary
name: {{ template "harbor.fullname" . }}-notary
spec:
hosts:
- "{{ template "harbor.notaryFQDN" . }}"
gateways:
- "{{ template "harbor.fullname" . }}"-notary
- {{ template "harbor.fullname" . }}-notary
http:
- route:
- destination:
......
templates/istio/ui.gateway.yaml
View file @ dd6c88c5
......@@ -2,7 +2,7 @@
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: "{{ template "harbor.fullname" . }}"-ui
name: {{ template "harbor.fullname" . }}-ui
spec:
selector:
istio: ingressgateway # use istio default controller
......@@ -17,12 +17,12 @@ spec:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: "{{ template "harbor.fullname" . }}"-ui
name: {{ template "harbor.fullname" . }}-ui
spec:
hosts:
- "{{ .Values.externalDomain }}"
gateways:
- "{{ template "harbor.fullname" . }}"-ui
- {{ template "harbor.fullname" . }}-ui
http:
- route:
- destination:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment