expose:
  type: ingress
  tls:
    enabled: false
  ingress:
    hosts:
      core: hub.ywtest.wodcloud.com 
      notary: notary.ywtest.wodcloud.com
    # set to the type of ingress controller if it has specific requirements.
    # leave as `default` for most ingress controllers.
    # set to `gce` if using the GCE ingress controller
    # set to `ncp` if using the NCP (NSX-T Container Plugin) ingress controller
    controller: default
    annotations:
      ingress.kubernetes.io/ssl-redirect: "true"
      ingress.kubernetes.io/proxy-body-size: "0"
      nginx.ingress.kubernetes.io/ssl-redirect: "true"
      nginx.ingress.kubernetes.io/proxy-body-size: "0"
  clusterIP:
    name: harbor
    ports:
      httpPort: 80
      httpsPort: 443
      notaryPort: 4443
    annotations: {}
    sourceRanges: []
externalURL: https://hub.ywtest.wodcloud.com

internalTLS:
  enabled: false

persistence:
  enabled: false
  # Setting it to "keep" to avoid removing PVCs during a helm delete
  # operation. Leaving it empty will delete PVCs after the chart deleted
  # (this does not apply for PVCs that are created for internal database
  # and redis components, i.e. they are never deleted automatically)
  resourcePolicy: "keep"
  persistentVolumeClaim:
    registry:
      # Use the existing PVC which must be created manually before bound,
      # and specify the "subPath" if the PVC is shared with other components
      existingClaim: ""
      # Specify the "storageClass" used to provision the volume. Or the default
      # StorageClass will be used(the default).
      # Set it to "-" to disable dynamic provisioning
      storageClass: ""
      subPath: ""
      accessMode: ReadWriteOnce
      size: 5Gi
    chartmuseum:
      existingClaim: ""
      storageClass: ""
      subPath: ""
      accessMode: ReadWriteOnce
      size: 5Gi
    jobservice:
      existingClaim: ""
      storageClass: ""
      subPath: ""
      accessMode: ReadWriteOnce
      size: 1Gi
    # If external database is used, the following settings for database will
    # be ignored
    database:
      existingClaim: ""
      storageClass: ""
      subPath: ""
      accessMode: ReadWriteOnce
      size: 1Gi
    # If external Redis is used, the following settings for Redis will
    # be ignored
    redis:
      existingClaim: ""
      storageClass: ""
      subPath: ""
      accessMode: ReadWriteOnce
      size: 1Gi
    trivy:
      existingClaim: ""
      storageClass: ""
      subPath: ""
      accessMode: ReadWriteOnce
      size: 5Gi
  # Define which storage backend is used for registry and chartmuseum to store
  imageChartStorage:
    disableredirect: false
    type: filesystem
    filesystem:
      rootdirectory: /data
      #maxthreads: 100

imagePullPolicy: IfNotPresent

imagePullSecrets:

updateStrategy:
  type: RollingUpdate
logLevel: info

harborAdminPassword: "spaceIN511"
secretKey: "not-a-secure-key"

caSecretName: ""

proxy:
  httpProxy:
  httpsProxy:
  noProxy: 127.0.0.1,localhost,.local,.internal
  components:
    - core
    - jobservice
    - clair
    - trivy

# If expose the service via "ingress", the Nginx will not be used
nginx:
  image:
    repository: reg.local:5000/wod/nginx-photon
    tag: v2.1.0
  serviceAccountName: ""
  replicas: 1
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}

portal:
  image:
    repository: reg.local:5000/wod/harbor-portal
    tag: v2.1.0
  serviceAccountName: ""
  replicas: 1
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}

core:
  image:
    repository: reg.local:5000/wod/harbor-core
    tag: v2.1.0
  serviceAccountName: ""
  replicas: 1
  startupProbe:
    initialDelaySeconds: 10
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}
  secret: ""
  secretName: ""
  xsrfKey: ""

jobservice:
  image:
    repository: reg.local:5000/wod/harbor-jobservice
    tag: v2.1.0
  replicas: 1
  serviceAccountName: ""
  maxJobWorkers: 10
  jobLogger: file
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}
  secret: ""

registry:
  serviceAccountName: ""
  registry:
    image:
      repository: reg.local:5000/wod/registry-photon
      tag: v2.1.0
  controller:
    image:
      repository: reg.local:5000/wod/harbor-registryctl
      tag: v2.1.0

  replicas: 1
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}
  secret: ""
  relativeurls: false
  credentials:
    username: "harbor_registry_user"
    password: "harbor_registry_password"
    htpasswd: "harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m"

  middleware:
    enabled: false
    type: cloudFront
    cloudFront:
      baseurl: example.cloudfront.net
      keypairid: KEYPAIRID
      duration: 3000s
      ipfilteredby: none
      # The secret key that should be present is CLOUDFRONT_KEY_DATA, which should be the encoded private key
      # that allows access to CloudFront
      privateKeySecret: "my-secret"

chartmuseum:
  enabled: true
  serviceAccountName: ""
  absoluteUrl: false
  image:
    repository: reg.local:5000/wod/chartmuseum-photon
    tag: v2.1.0
  replicas: 1
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}

clair:
  enabled: true
  serviceAccountName: ""
  clair:
    image:
      repository: reg.local:5000/wod/clair-photon
      tag: v2.1.0
  adapter:
    image:
      repository: reg.local:5000/wod/clair-adapter-photon
      tag: v2.1.0
  replicas: 1
  updatersInterval: 12
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}

trivy:
  enabled: true
  image:
    repository: reg.local:5000/wod/trivy-adapter-photon
    tag: v2.1.0
  serviceAccountName: ""
  replicas: 1
  debugMode: false
  vulnType: "os,library"
  severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
  ignoreUnfixed: false
  insecure: false
  gitHubToken: ""
  skipUpdate: false
  resources:
    requests:
      cpu: 200m
      memory: 512Mi
    limits:
      cpu: 1
      memory: 1Gi
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}

notary:
  enabled: true
  server:
    serviceAccountName: ""
    image:
      repository: reg.local:5000/wod/notary-server-photon
      tag: v2.1.0
    replicas: 1
  signer:
    serviceAccountName: ""
    image:
      repository: reg.local:5000/wod/notary-signer-photon
      tag: v2.1.0
    replicas: 1
  nodeSelector: {}
  tolerations: []
  affinity: {}
  podAnnotations: {}
  secretName: ""

database:
  type: internal
  internal:
    serviceAccountName: ""
    image:
      repository: reg.local:5000/wod/harbor-db
      tag: v2.1.0
    password: "spaceIN511"
    nodeSelector: {}
    tolerations: []
    affinity: {}
  external:
    host: "harbor-db.devops"
    port: "5432"
    username: "postgres"
    password: "spaceIN511"
    coreDatabase: "registry"
    clairDatabase: "clair"
    notaryServerDatabase: "notary_server"
    notarySignerDatabase: "notary_signer"
  podAnnotations: {}

redis:
  type: internal
  internal:
    serviceAccountName: ""
    image:
      repository: reg.local:5000/wod/redis-photon
      tag: v2.1.0
    nodeSelector: {}
    tolerations: []
    affinity: {}
  external:
    coreDatabaseIndex: "0"
    jobserviceDatabaseIndex: "1"
    registryDatabaseIndex: "2"
    chartmuseumDatabaseIndex: "3"
    clairAdapterIndex: "4"
    trivyAdapterIndex: "5"
    password: ""
  podAnnotations: {}