[bitnami/harbor] - Allow to use existing secrets (#14341)

* [bitnami/harbor] add existingSecret feature Signed-off-by: dje4om <dje4om@gmail.com> * [bitnami/harbor] add ExistingSecret documentation Signed-off-by: dje4om <dje4om@gmail.com> * [bitnami/harbor] bump chart version Signed-off-by: dje4om <dje4om@gmail.com> Signed-off-by: dje4om <dje4om@gmail.com>
2026-04-02 07:17:26 +08:00 · 2023-01-17 09:33:48 +01:00
parent 853d450e65
commit d6b029a867
10 changed files with 113 additions and 3 deletions
--- a/bitnami/harbor/values.yaml
+++ b/bitnami/harbor/values.yaml
@@ -1347,6 +1347,28 @@ core:
  ## @param core.secretName Fill the name of a kubernetes secret if you want to use your own TLS certificate and private key for token encryption/decryption. The secret must contain two keys named: `tls.crt` - the certificate and `tls.key` - the private key. The default key pair will be used if it isn't set
  ##
  secretName: ""
+  ## @param core.existingSecret Existing secret for core
+  ## The secret must contain the keys:
+  ## `secret` (required),
+  ## `secretKey` (required),
+  ##
+  existingSecret: ""
+  ## @param core.existingEnvVarsSecret Existing secret for core envvars
+  ## The secret must contain the keys:
+  ## `CSRF_KEY` (required),
+  ## `HARBOR_ADMIN_PASSWORD` (required),
+  ## `POSTGRESQL_PASSWORD` (required),
+  ## `REGISTRY_CREDENTIAL_USERNAME` (required),
+  ## `REGISTRY_CREDENTIAL_PASSWORD` (required),
+  ## `_REDIS_URL_CORE` (optional),
+  ## `_REDIS_URL_REG` (optional),
+  ##
+  ## If you do not know how to start, let the chart generate a full secret for you before defining an existingEnvVarsSecret
+  ## Notes:
+  ##   As a EnvVars secret, this secret also store redis config urls
+  ##   The HARBOR_ADMIN_PASSWORD is only required at initial deployment, once the password is set in database, it is not used anymore
+  ##
+  existingEnvVarsSecret: ""
  ## @param core.csrfKey The CSRF key. Will be generated automatically if it isn't specified
  ##
  csrfKey: ""
@@ -1636,6 +1658,11 @@ jobservice:
  ## Must be a string of 16 chars.
  ##
  secret: ""
+  ## @param jobservice.existingSecret Existing secret for jobservice
+  ## The secret must contain the keys:
+  ## `secret` (required),
+  ##
+  existingSecret: ""
  ## Use TLS in the container
  ##
  tls:
@@ -1878,6 +1905,13 @@ registry:
  ## Must be a string of 16 chars.
  ##
  secret: ""
+  ## @param registry.existingSecret Existing secret for registry
+  ## The secret must contain the keys:
+  ## `REGISTRY_HTPASSWD` (required),
+  ## `REGISTRY_HTTP_SECRET` (required),
+  ## `REGISTRY_REDIS_PASSWORD` (optional),
+  ##
+  existingSecret: ""
  ## @param registry.relativeurls Make the registry return relative URLs in Location headers. The client is responsible for resolving the correct URL.
  ##
  relativeurls: false