persistence: enabled: true externalProtocol: https # The FQDN for Harbor service externalDomain: hub.wodcloud.local # The Port for Harbor service, leave empty if the service # is to be bound to port 80/443 externalPort: harborAdminPassword: "passwd" authenticationMode: "db_auth" selfRegistration: "on" ldap: url: "ldaps://ldapserver" searchDN: "" searchPassword: "" baseDN: "" filter: "(objectClass=person)" uid: "uid" scope: "2" timeout: "5" verifyCert: "True" email: host: "smtp.mydomain.com" port: "25" username: "sample_admin@mydomain.com" password: "password" ssl: "false" insecure: "false" from: "admin " identity: "" # The secret key used for encryption. Must be a string of 16 chars. secretKey: "nQImBn5SVCHL7ehq" # These annotations allow the registry to work behind the nginx # ingress controller. ingress: enabled: true annotations: tls: # Fill the secretName if you want to use the certificate of # yourself when Harbor serves with HTTPS. A certificate will # be generated automatically by the chart if leave it empty secretName: "" istio: enabled: false # The tag for Harbor docker images. harborImageTag: &harbor_image_tag v1.6.0 adminserver: image: repository: goharbor/harbor-adminserver tag: *harbor_image_tag pullPolicy: IfNotPresent volumes: config: storageClass: "storageos" accessMode: ReadWriteOnce size: 1Gi # resources: # requests: # memory: 256Mi # cpu: 100m nodeSelector: {} tolerations: [] affinity: {} jobservice: image: repository: goharbor/harbor-jobservice tag: *harbor_image_tag pullPolicy: IfNotPresent secret: "BBRQwySksiHZqJUh" maxWorkers: 50 # resources: # requests: # memory: 256Mi # cpu: 100m nodeSelector: {} tolerations: [] affinity: {} ui: image: repository: goharbor/harbor-ui tag: *harbor_image_tag pullPolicy: IfNotPresent secret: "BBRQwySksiHZqJUh" # resources: # requests: # memory: 256Mi # cpu: 100m nodeSelector: {} tolerations: [] affinity: {} busybox: image: repository: busybox tag: 1.29 # TODO: change the style to be same with redis database: # if external database is used, set "type" to "external" # and fill the connection informations in "external" section type: internal internal: image: repository: goharbor/harbor-db tag: *harbor_image_tag pullPolicy: IfNotPresent # the superuser password of database password: "passwd" volumes: data: storageClass: "storageos" accessMode: ReadWriteOnce size: 5Gi # resources: # requests: # memory: 256Mi # cpu: 100m nodeSelector: {} tolerations: [] affinity: {} external: host: "192.168.0.1" port: "5432" username: "user" password: "password" coreDatabase: "registry" clairDatabase: "clair" notaryServerDatabase: "notary_server" notarySignerDatabase: "notary_signer" registry: image: repository: registry tag: 2.6.2 pullPolicy: IfNotPresent httpSecret: "BBRQwySksiHZqJUh" logLevel: info hostpath: /etc/kubernetes/data/registry storage: # specify the type of storage: "filesystem", "azure", "gcs", "s3", "swift", # "oss" and fill the information needed in the corresponding section type: filesystem filesystem: rootdirectory: /var/lib/registry #maxthreads: 100 azure: accountname: accountname accountkey: base64encodedaccountkey container: containername #realm: core.windows.net gcs: bucket: bucketname # TODO: support the keyfile of gcs #keyfile: /path/to/keyfile #rootdirectory: /gcs/object/name/prefix #chunksize: 5242880 s3: region: us-west-1 bucket: bucketname #accesskey: awsaccesskey #secretkey: awssecretkey #regionendpoint: http://myobjects.local #encrypt: false #keyid: mykeyid #secure: true #v4auth: true #chunksize: 5242880 #rootdirectory: /s3/object/name/prefix #storageclass: STANDARD swift: authurl: https://storage.myprovider.com/v3/auth username: username password: password container: containername #region: fr #tenant: tenantname #tenantid: tenantid #domain: domainname #domainid: domainid #trustid: trustid #insecureskipverify: false #chunksize: 5M #prefix: #secretkey: secretkey #accesskey: accesskey #authversion: 3 #endpointtype: public #tempurlcontainerkey: false #tempurlmethods: oss: accesskeyid: accesskeyid accesskeysecret: accesskeysecret region: regionname bucket: bucketname #endpoint: endpoint #internal: false #encrypt: false #secure: true #chunksize: 10M #rootdirectory: rootdirectory ## Persist data to a persistent volume volumes: data: # storageClass: "-" accessMode: ReadWriteOnce size: 5Gi # resources: # requests: # memory: 256Mi # cpu: 100m # nodeSelector: # kubernetes.io/hostname: 172.31.14.41 tolerations: [] affinity: {} chartmuseum: enabled: true image: repository: chartmuseum/chartmuseum tag: v0.7.1 pullPolicy: IfNotPresent volumes: data: storageClass: "storageos" accessMode: ReadWriteOnce size: 5Gi # resources: # requests: # memory: 256Mi # cpu: 100m nodeSelector: {} tolerations: [] affinity: {} clair: enabled: true image: repository: quay.io/coreos/clair tag: 2.0.6 pullPolicy: IfNotPresent volumes: pgData: storageClass: "storageos" accessMode: ReadWriteOnce size: 1Gi # resources: # requests: # memory: 256Mi # cpu: 100m nodeSelector: {} tolerations: [] affinity: {} redis: image: repository: redis tag: 4.0.1-alpine pullPolicy: IfNotPresent # if external Redis is used, set "external.enabled" to "true" # and fill the connection informations in "external" section. # or the internal Redis will be used usePassword: false password: "passwd" cluster: enabled: false master: persistence: # TODO: There is a perm issue: Can't open the append-only file: Permission denied # TODO: Setting it to false is a temp workaround. Will re-visit this problem. enabled: false external: enabled: false host: "192.168.0.2" port: "6379" databaseIndex: "0" usePassword: false password: "passwd" notary: enabled: true server: image: repository: notary tag: server-0.5.0 pullPolicy: IfNotPresent signer: image: repository: notary tag: signer-0.5.0 pullPolicy: IfNotPresent env: NOTARY_SIGNER_DEFAULTALIAS: defaultalias # The TLS certificate for Notary Signer. Will auto generate them if unspecified here. caCrt: tlsCrt: tlsKey: nodeSelector: {} tolerations: [] affinity: {}