From 7ded15f40d164d3e214037ff303a16582facdd69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20J=2E=20Salmer=C3=B3n-Garc=C3=ADa?= Date: Wed, 23 Mar 2022 15:14:51 +0100 Subject: [PATCH] [bitnami/external-dns] feat: :sparkles: Add support for config overrides JSON (#9534) Signed-off-by: Javier Salmeron Garcia --- bitnami/harbor/Chart.yaml | 2 +- bitnami/harbor/README.md | 2 ++ bitnami/harbor/templates/_helpers.tpl | 8 +++++ .../core/core-config-override-secret.yaml | 18 +++++++++++ bitnami/harbor/templates/core/core-dpl.yaml | 7 +++++ bitnami/harbor/values.yaml | 30 ++++++++++++++++++- 6 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 bitnami/harbor/templates/core/core-config-override-secret.yaml diff --git a/bitnami/harbor/Chart.yaml b/bitnami/harbor/Chart.yaml index e64c8ad90d..1a62d7c54e 100644 --- a/bitnami/harbor/Chart.yaml +++ b/bitnami/harbor/Chart.yaml @@ -34,4 +34,4 @@ sources: - https://github.com/bitnami/bitnami-docker-harbor-registry - https://github.com/bitnami/bitnami-docker-harbor-registryctl - https://goharbor.io/ -version: 12.1.5 +version: 12.2.0 diff --git a/bitnami/harbor/README.md b/bitnami/harbor/README.md index 9723a20c3b..b55c16d8ec 100644 --- a/bitnami/harbor/README.md +++ b/bitnami/harbor/README.md @@ -422,6 +422,8 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua | `core.extraEnvVars` | Array with extra environment variables to add Harbor Core pods | `[]` | | `core.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Core pods | `""` | | `core.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Core pods | `""` | +| `core.configOverwriteJson` | String containing a JSON with configuration overrides | `""` | +| `core.configOverwriteJsonSecret` | Secret containing the JSON configuration overrides | `""` | | `core.containerPorts.http` | Harbor Core HTTP container port | `8080` | | `core.containerPorts.https` | Harbor Core HTTPS container port | `8443` | | `core.containerPorts.metrics` | Harbor Core metrics container port | `8001` | diff --git a/bitnami/harbor/templates/_helpers.tpl b/bitnami/harbor/templates/_helpers.tpl index 0862d9b2e9..2229ffdd53 100644 --- a/bitnami/harbor/templates/_helpers.tpl +++ b/bitnami/harbor/templates/_helpers.tpl @@ -31,6 +31,14 @@ Set the http prefix if the externalURl doesn't have it secretName: {{ .Values.internalTLS.caBundleSecret }} {{- end -}} +{{- define "harbor.coreOverridesJsonSecret" -}} +{{- if .Values.core.configOverwriteJsonSecret -}} +{{- print .Values.core.configOverwriteJsonSecret }} +{{- else }} +{{- printf "%s-config-override" (include "harbor.core" .) -}} +{{- end -}} +{{- end -}} + {{- define "harbor.caBundleVolumeMount" -}} - name: ca-bundle-certs mountPath: /harbor_cust_cert/custom-ca.crt diff --git a/bitnami/harbor/templates/core/core-config-override-secret.yaml b/bitnami/harbor/templates/core/core-config-override-secret.yaml new file mode 100644 index 0000000000..65c6f4e41c --- /dev/null +++ b/bitnami/harbor/templates/core/core-config-override-secret.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.core.configOverwriteJson (not .Values.core.configOverwriteJsonSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-config-override" (include "harbor.core" .) }} + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + app.kubernetes.io/component: core + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + overrides.json: {{ include "common.tplvalues.render" ( dict "value" .Values.core.configOverwriteJson "context" $ ) | b64enc | quote }} +{{- end }} diff --git a/bitnami/harbor/templates/core/core-dpl.yaml b/bitnami/harbor/templates/core/core-dpl.yaml index 259b5820db..c0f9c9d980 100644 --- a/bitnami/harbor/templates/core/core-dpl.yaml +++ b/bitnami/harbor/templates/core/core-dpl.yaml @@ -106,6 +106,13 @@ spec: secretKeyRef: name: {{ include "harbor.jobservice" . }} key: secret + {{- if or .Values.core.configOverwriteJson .Values.core.configOverwriteJsonSecret }} + - name: CONFIG_OVERWRITE_JSON + valueFrom: + secretKeyRef: + name: {{ include "harbor.coreOverridesJsonSecret" . }} + key: overrides.json + {{- end }} {{- if .Values.internalTLS.enabled }} - name: INTERNAL_TLS_ENABLED value: "true" diff --git a/bitnami/harbor/values.yaml b/bitnami/harbor/values.yaml index b5b78b1d32..9b47247aeb 100644 --- a/bitnami/harbor/values.yaml +++ b/bitnami/harbor/values.yaml @@ -2,6 +2,7 @@ ## Global Docker image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value ## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## ## @param global.imageRegistry Global Docker image registry ## @param global.imagePullSecrets Global Docker registry secret names as an array @@ -17,6 +18,7 @@ global: storageClass: "" ## @section Common Parameters +## ## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) ## @@ -55,6 +57,7 @@ diagnosticMode: - infinity ## @section Harbor common parameters +## ## @param adminPassword The initial password of Harbor admin. Change it from portal after launching Harbor ## @@ -120,6 +123,7 @@ ipFamily: enabled: true ## @section Traffic Exposure Parameters +## ## @param exposureType The way to expose Harbor. Allowed values are [ ingress \| proxy ] ## Use "proxy" to use a deploy NGINX proxy in front of Harbor services @@ -183,7 +187,6 @@ service: ## extraPorts: [] - ingress: ## Configure the ingress resource that allows you to access Harbor Core ## ref: https://kubernetes.io/docs/user-guide/ingress/ @@ -373,6 +376,7 @@ ingress: secrets: [] ## @section Persistence Parameters +## ## The persistence is enabled by default and a default StorageClass ## is needed in the k8s cluster to provision volumes dynamically. @@ -609,6 +613,7 @@ persistence: secretkey: "" ## @section Volume Permissions parameters +## ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node @@ -655,6 +660,7 @@ volumePermissions: runAsUser: 0 ## @section NGINX Parameters +## nginx: ## Bitnami NGINX image @@ -919,6 +925,7 @@ nginx: extraVolumes: [] ## @section Harbor Portal Parameters +## portal: ## Bitnami Harbor Portal image @@ -1178,6 +1185,7 @@ portal: https: 443 ## @section Harbor Core Parameters +## core: ## Bitnami Harbor Core image @@ -1249,6 +1257,14 @@ core: ## @param core.extraEnvVarsSecret Secret containing extra environment variables (in case of sensitive data) for Harbor Core pods ## extraEnvVarsSecret: "" + ## @param core.configOverwriteJson String containing a JSON with configuration overrides + ## Source: https://goharbor.io/docs/latest/install-config/configure-user-settings-cli/#harbor-user-settings + ## + configOverwriteJson: "" + ## @param core.configOverwriteJsonSecret Secret containing the JSON configuration overrides + ## Source: https://goharbor.io/docs/latest/install-config/configure-user-settings-cli/#harbor-user-settings + ## + configOverwriteJsonSecret: "" ## @param core.containerPorts.http Harbor Core HTTP container port ## @param core.containerPorts.https Harbor Core HTTPS container port ## @param core.containerPorts.metrics Harbor Core metrics container port @@ -1458,6 +1474,7 @@ core: metrics: 8001 ## @section Harbor Jobservice Parameters +## jobservice: ## Bitnami Harbor Jobservice image @@ -1735,6 +1752,7 @@ jobservice: metrics: 8001 ## @section Harbor Registry Parameters +## ## Registry Parameters ## @@ -2187,6 +2205,7 @@ registry: https: 8443 ## @section ChartMuseum Parameters +## chartmuseum: ## Bitnami ChartMuseum image @@ -2496,6 +2515,7 @@ chartmuseum: https: 443 ## @section Clair Parameters +## clair: ## @param clair.enabled Enable Clair scanner. Add it as an additional interrogation service by following https://goharbor.io/docs/latest/administration/vulnerability-scanning/pluggable-scanners @@ -2910,6 +2930,7 @@ clair: health: 6061 ## @section Notary Parameters +## ## Notary Parameters ## @@ -3410,6 +3431,7 @@ notary: signer: 7899 ## @section Harbor Adapter Trivy Parameters +## trivy: ## Bitnami Harbor Adapter Trivy image @@ -3717,6 +3739,7 @@ trivy: https: 8443 ## @section Harbor Exporter Parameters +## exporter: ## Bitnami Harbor Exporter image @@ -3949,6 +3972,7 @@ exporter: metrics: 8001 ## @section PostgreSQL Parameters +## ## PostgreSQL chart configuration ## ref: https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml @@ -4032,6 +4056,7 @@ externalDatabase: notarySignerPassword: "" ## @section Redis™ parameters +## ## Redis™ chart configuration ## ref: https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml @@ -4049,6 +4074,7 @@ redis: ## It should always be set using the password value or in the existingSecret to avoid issues ## with Harbor. ## The password value is ignored if existingSecret is set + ## password: "" existingSecret: "" architecture: standalone @@ -4086,8 +4112,10 @@ externalRedis: hosts: "" ## @section Harbor metrics parameters +## metrics: ## @param metrics.enabled Whether or not to enable metrics for different + ## enabled: false ## @param metrics.path Path where metrics are exposed ##