Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-17 14:57:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/harbor] Removal of hardcoded Google Key in ChartMuseum template for GCS Storage Backend (#13374)

Browse Source 
* [bitnami/harbor] Added support for Workload Identity in GCS storage backend

Signed-off-by: Sameer Dev <sameer.devv@gmail.com>

* [bitnami/harbor] Hardcode GCS Key removed for chartmuseum using encodedkey

    Signed-off-by: Sameer Dev <sameer.devv@gmail.com>

Signed-off-by: Sameer Dev <sameer.devv@gmail.com>

* [bitnami/harbor] Changed the default value of encodedkey to ""

Signed-off-by: Sameer Dev <sameer.devv@gmail.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

Signed-off-by: Sameer Dev <sameer.devv@gmail.com>
Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com>
Co-authored-by: Sameer Dev <sameerdev@gofynd.com>
Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com>
This commit is contained in:
Sameer Dev
2023-01-13 18:40:50 +05:30
committed by GitHub
parent a4837b114d
commit 6ea0ce6f9d
5 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/harbor/README.md
View File

@@ -194,7 +194,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `persistence.imageChartStorage.azure.storagePrefix` | Azure storage type setting: Storage prefix | `/azure/harbor/charts` |
| `persistence.imageChartStorage.azure.realm` | Azure storage type setting: Realm of the Azure account | `""` |
| `persistence.imageChartStorage.gcs.bucket` | GCS storage type setting: Bucket name | `bucketname` |
| `persistence.imageChartStorage.gcs.encodedkey` | GCS storage type setting: Base64 encoded key | `base64-encoded-json-key-file` |
| `persistence.imageChartStorage.gcs.encodedkey` | GCS storage type setting: Base64 encoded key | `""` |
| `persistence.imageChartStorage.gcs.rootdirectory` | GCS storage type setting: Root directory name | `""` |
| `persistence.imageChartStorage.gcs.chunksize` | GCS storage type setting: Chunk size name | `""` |
| `persistence.imageChartStorage.s3.region` | S3 storage type setting: Region | `us-west-1` |

2
bitnami/harbor/templates/chartmuseum/chartmuseum-cm-envvars.yaml
View File

@@ -73,7 +73,9 @@ data:
{{- else if eq .Values.persistence.imageChartStorage.type "gcs" }}
STORAGE: "google"
STORAGE_GOOGLE_BUCKET: {{ .Values.persistence.imageChartStorage.gcs.bucket }}
{{- if .Values.persistence.imageChartStorage.gcs.encodedkey }}
GOOGLE_APPLICATION_CREDENTIALS: /etc/chartmuseum/gcs-key.json
{{- end }}
{{- if .Values.persistence.imageChartStorage.gcs.rootdirectory }}
STORAGE_GOOGLE_PREFIX: {{ .Values.persistence.imageChartStorage.gcs.rootdirectory | quote }}
{{- end }}

4
bitnami/harbor/templates/chartmuseum/chartmuseum-dpl.yaml
View File

@@ -175,7 +175,7 @@ spec:
- name: chartmuseum-data
mountPath: /bitnami/data
subPath: {{ .Values.persistence.persistentVolumeClaim.chartmuseum.subPath }}
{{- if and .Values.persistence.enabled (eq .Values.persistence.imageChartStorage.type "gcs") }}
{{- if and (and .Values.persistence.enabled (eq .Values.persistence.imageChartStorage.type "gcs")) .Values.persistence.imageChartStorage.gcs.encodedkey }}
- name: gcs-key
mountPath: /etc/chartmuseum/gcs-key.json
subPath: gcs-key.json
@@ -206,7 +206,7 @@ spec:
{{- else }}
emptyDir: {}
{{- end }}
{{- if and .Values.persistence.enabled (eq .Values.persistence.imageChartStorage.type "gcs") }}
{{- if and (and .Values.persistence.enabled (eq .Values.persistence.imageChartStorage.type "gcs")) .Values.persistence.imageChartStorage.gcs.encodedkey }}
- name: gcs-key
secret:
secretName: {{ include "harbor.chartmuseum" . }}-secret

2
bitnami/harbor/templates/chartmuseum/chartmuseum-secret.yaml
View File

@@ -19,7 +19,7 @@ data:
{{- end }}
{{- if eq .Values.persistence.imageChartStorage.type "azure" }}
AZURE_STORAGE_ACCESS_KEY: {{ .Values.persistence.imageChartStorage.azure.accountkey | b64enc | quote }}
{{- else if eq .Values.persistence.imageChartStorage.type "gcs" }}
{{- else if and (eq .Values.persistence.imageChartStorage.type "gcs") .Values.persistence.imageChartStorage.gcs.encodedkey }}
GCS_KEY_DATA: {{ .Values.persistence.imageChartStorage.gcs.encodedkey | quote }}
{{- else if eq .Values.persistence.imageChartStorage.type "s3" }}
{{- if .Values.persistence.imageChartStorage.s3.secretkey }}

2
bitnami/harbor/values.yaml
View File

@@ -541,7 +541,7 @@ persistence:
bucket: bucketname
## The base64 encoded json file which contains the gcs key (file's content)
##
encodedkey: base64-encoded-json-key-file
encodedkey: ""
rootdirectory: ""
chunksize: ""
## Images/charts storage parameters when type is "s3"