Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-29 16:27:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Sync with official Harbor chart

Browse Source
This commit is contained in:
Marcos Bjoerkelund
2019-07-17 13:34:09 +02:00
parent c76d5687c8
commit aa2b138f87
6 changed files with 72 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bitnami/harbor/README.md
View File

@@ -109,7 +109,7 @@ The following table lists the configurable parameters of the Harbor chart and th
| **Expose** |
| `service.type` | The way how to expose the service: `Ingress`, `ClusterIP`, `NodePort` or `LoadBalancer` | `ingress` |
| `service.tls.enabled` | Enable the tls or not | `true` |
| `service.ingress.controller` | The ingress controller type. Currently supports `default` and `gce` | `default` |
| `service.ingress.controller` | The ingress controller type. Currently supports `default`, `gce` and `ncp` | `default` |
| `service.tls.secretName` | Fill the name of secret if you want to use your own TLS certificate and private key. The secret must contain two keys named `tls.crt` and `tls.key` that contain the certificate and private key to use for TLS. Will be generated automatically if not set | `nil` |
| `service.tls.notarySecretName` | By default, the Notary service will use the same cert and key as described above. Fill the name of secret if you want to use a separated one. Only needed when the `service.type` is `ingress`. | `nil` |
| `service.tls.commonName` | The common name used to generate the certificate, it's necessary when the `service.type` is `ClusterIP` or `NodePort` and `service.tls.secretName` is null | `nil` |
@@ -131,6 +131,8 @@ The following table lists the configurable parameters of the Harbor chart and th
| `service.loadBalancer.ports.httpPort` | The service port Harbor listens on when serving with HTTP | `80` |
| `service.loadBalancer.ports.httpsPort` | The service port Harbor listens on when serving with HTTP | `30002` |
| `service.loadBalancer.ports.notaryPort` | The service port Notary listens on. Only needed when `notary.enabled` is set to `true` | `nil` |
| `service.loadBalancer.annotations` | The annotations attached to the loadBalancer service | {} |
| `service.loadBalancer.sourceRanges` | List of IP address ranges to assign to loadBalancerSourceRanges | [] |
| **Persistence** |
| `persistence.enabled` | Enable the data persistence or not | `true` |
| `persistence.resourcePolicy` | Setting it to `keep` to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `keep` |

81
bitnami/harbor/templates/ingress/ingress.yaml
View File

@@ -1,6 +1,28 @@
{{- if eq .Values.service.type "Ingress" }}
{{- $ingress := .Values.service.ingress -}}
{{- $tls := .Values.service.tls -}}
{{- if eq .Values.expose.ingress.controller "gce" }}
{{- $_ := set . "portal_path" "/*" -}}
{{- $_ := set . "api_path" "/api/*" -}}
{{- $_ := set . "service_path" "/service/*" -}}
{{- $_ := set . "v2_path" "/v2/*" -}}
{{- $_ := set . "chartrepo_path" "/chartrepo/*" -}}
{{- $_ := set . "controller_path" "/c/*" -}}
{{- else if eq .Values.expose.ingress.controller "ncp" }}
{{- $_ := set . "portal_path" "/" -}}
{{- $_ := set . "api_path" "/api/.*" -}}
{{- $_ := set . "service_path" "/service/.*" -}}
{{- $_ := set . "v2_path" "/v2/.*" -}}
{{- $_ := set . "chartrepo_path" "/chartrepo/.*" -}}
{{- $_ := set . "controller_path" "/c/.*" -}}
{{- else }}
{{- $_ := set . "portal_path" "/" -}}
{{- $_ := set . "api_path" "/api/" -}}
{{- $_ := set . "service_path" "/service/" -}}
{{- $_ := set . "v2_path" "/v2/" -}}
{{- $_ := set . "chartrepo_path" "/chartrepo/" -}}
{{- $_ := set . "controller_path" "/c/" -}}
{{- end }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
@@ -34,73 +56,35 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- if eq .Values.service.ingress.controller "gce" }}
rules:
- http:
paths:
- path: /*
backend:
serviceName: "{{ template "harbor.portal" . }}"
servicePort: http
- path: /api/*
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /service/*
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /v2/*
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /chartrepo/*
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /c/*
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
{{- if $ingress.hosts.core }}
host: {{ $ingress.hosts.core }}
{{- end }}
{{- if .Values.notary.enabled }}
- http:
paths:
- path: /
backend:
serviceName: "{{ template "harbor.notary-server" . }}"
servicePort: notary-server
{{- if $ingress.hosts.notary }}
host: {{ $ingress.hosts.notary }}
{{- end }}
{{- if eq .Values.expose.ingress.controller "ncp" }}
backend:
serviceName: "{{ template "harbor.portal" . }}"
servicePort: http
{{- end }}
{{- else }}
rules:
- http:
paths:
- path: /
- path: {{ .portal_path }}
backend:
serviceName: "{{ template "harbor.portal" . }}"
servicePort: http
- path: /api/
- path: {{ .api_path }}
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /service/
- path: {{ .service_path }}
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /v2/
- path: {{ .v2_path }}
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /chartrepo/
- path: {{ .chartrepo_path }}
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
- path: /c/
- path: {{ .controller_path }}
backend:
serviceName: "{{ template "harbor.core" . }}"
servicePort: http
@@ -119,4 +103,3 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- end }}

4
bitnami/harbor/templates/nginx/deployment.yaml
View File

@@ -7,7 +7,7 @@ metadata:
{{- include "harbor.labels" . | nindent 4 }}
app.kubernetes.io/component: nginx
spec:
replicas: 1
replicas: {{ .Values.nginx.replicas }}
selector:
matchLabels: {{ include "harbor.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: nginx
@@ -109,4 +109,4 @@ spec:
{{- with .Values.nginx.tolerations }}
tolerations: {{ tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}

10
bitnami/harbor/templates/nginx/service.yaml
View File

@@ -55,8 +55,16 @@ spec:
{{- $loadBalancer := .Values.service.loadBalancer }}
name: {{ $loadBalancer.name }}
labels: {{ include "harbor.labels" . | nindent 4 }}
{{- with $loadBalancer.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: LoadBalancer
{{- with $loadBalancer.sourceRanges }}
loadBalancerSourceRanges:
{{- toYaml . | nindent 4 }}
{{- end }}
ports:
- name: http
port: {{ $loadBalancer.ports.httpPort }}
@@ -75,4 +83,4 @@ spec:
selector:
{{- include "harbor.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: nginx
{{- end }}
{{- end }}

13
bitnami/harbor/values-production.yaml
View File

@@ -253,7 +253,7 @@ service:
# described above. Fill the name of secret if you want to use a
# separated one. Only needed when the type is "ingress".
notarySecretName: ""
# The commmon name used to generate the certificate, it's necessary
# The common name used to generate the certificate, it's necessary
# when the type isn't "ingress" and "secretName" is null
commonName: ""
ingress:
@@ -263,6 +263,7 @@ service:
# set to the type of ingress controller if it has specific requirements.
# leave as `default` for most ingress controllers.
# set to `gce` if using the GCE ingress controller
# set to `ncp` if using the NCP (NSX-T Container Plugin) ingress controller
controller: default
annotations:
ingress.kubernetes.io/ssl-redirect: "true"
@@ -280,6 +281,8 @@ service:
# The service port Notary listens on. Only needed when notary.enabled
# is set to true
notaryPort: 4443
annotations: {}
sourceRanges: []
nodePort:
# The name of NodePort service
name: harbor
@@ -327,6 +330,14 @@ service:
# If Harbor is deployed behind the proxy, set it as the URL of proxy
externalURL: https://core.harbor.domain
## UAA Authentication Options
# If you're using UAA for authentication behind a self-signed
# certificate you will need to provide the CA Cert.
# Set uaaSecretName below to provide a pre-created secret that
# contains a base64 encoded CA Certificate named `ca.crt`.
# uaaSecretName:
## Kubernetes Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##

15
bitnami/harbor/values.yaml
View File

@@ -253,7 +253,7 @@ service:
# described above. Fill the name of secret if you want to use a
# separated one. Only needed when the type is "ingress".
notarySecretName: ""
# The commmon name used to generate the certificate, it's necessary
# The common name used to generate the certificate, it's necessary
# when the type isn't "ingress" and "secretName" is null
commonName: ""
ingress:
@@ -263,6 +263,7 @@ service:
# set to the type of ingress controller if it has specific requirements.
# leave as `default` for most ingress controllers.
# set to `gce` if using the GCE ingress controller
# set to `ncp` if using the NCP (NSX-T Container Plugin) ingress controller
controller: default
annotations:
ingress.kubernetes.io/ssl-redirect: "true"
@@ -280,6 +281,8 @@ service:
# The service port Notary listens on. Only needed when notary.enabled
# is set to true
notaryPort: 4443
annotations: {}
sourceRanges: []
nodePort:
# The name of NodePort service
name: harbor
@@ -311,6 +314,8 @@ service:
# The service port Notary listens on. Only needed when notary.enabled
# is set to true
notaryPort: 4443
annotations: {}
sourceRanges: []
# The external URL for Harbor core service. It is used to
# 1) populate the docker/helm commands showed on portal
@@ -327,6 +332,14 @@ service:
# If Harbor is deployed behind the proxy, set it as the URL of proxy
externalURL: https://core.harbor.domain
## UAA Authentication Options
# If you're using UAA for authentication behind a self-signed
# certificate you will need to provide the CA Cert.
# Set uaaSecretName below to provide a pre-created secret that
# contains a base64 encoded CA Certificate named `ca.crt`.
# uaaSecretName:
## Kubernetes Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##