Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-04 06:47:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a0ef400a7adfcf3cd95ae70d47c102ed3ea6e4e1
charts/bitnami/harbor/values.yaml
Bitnami Containers 0c6ddc2317 [bitnami/harbor] Release 10.0.4 updating components versions 
Signed-off-by: Bitnami Containers <containers@bitnami.com>
2021-05-23 08:02:38 +00:00

2799 lines
79 KiB
YAML
Raw Blame History

## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
## Bitnami Harbor Core image
## ref: https://hub.docker.com/r/bitnami/harbor-core/tags/
##
coreImage:
registry: docker.io
repository: bitnami/harbor-core
tag: 2.2.2-debian-10-r1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Portal image
## ref: https://hub.docker.com/r/bitnami/harbor-portal/tags/
##
portalImage:
registry: docker.io
repository: bitnami/harbor-portal
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
## - myRegistryKeySecretName
##
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Job Service image
## ref: https://hub.docker.com/r/bitnami/harbor-jobservice/tags/
##
jobserviceImage:
registry: docker.io
repository: bitnami/harbor-jobservice
tag: 2.2.2-debian-10-r1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami ChartMuseum image
## ref: https://hub.docker.com/r/bitnami/chartmuseum/tags/
##
chartMuseumImage:
registry: docker.io
repository: bitnami/chartmuseum
tag: 0.13.1-debian-10-r65
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Registry image
## ref: https://hub.docker.com/r/bitnami/harbor-registry/tags/
##
registryImage:
registry: docker.io
repository: bitnami/harbor-registry
tag: 2.2.2-debian-10-r1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Registryctl image
## ref: https://hub.docker.com/r/bitnami/harbor-registryctl/tags/
##
registryctlImage:
registry: docker.io
repository: bitnami/harbor-registryctl
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Trivy image
## ref: https://hub.docker.com/r/bitnami/harbor-trivy-adapter/tags/
##
trivyImage:
registry: docker.io
repository: bitnami/harbor-adapter-trivy
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Clair image
## ref: https://hub.docker.com/r/bitnami/harbor-clair/tags/
##
clairImage:
registry: docker.io
repository: bitnami/harbor-clair
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
## - myRegistryKeySecretName
##
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Adapter Clair image
## ref: https://hub.docker.com/r/bitnami/harbor-adapter-clair/tags/
##
clairAdapterImage:
registry: docker.io
repository: bitnami/harbor-adapter-clair
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Notary Server image
## ref: https://hub.docker.com/r/bitnami/harbor-notary-server/tags/
##
notaryServerImage:
registry: docker.io
repository: bitnami/harbor-notary-server
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Harbor Notary Signer image
## ref: https://hub.docker.com/r/bitnami/harbor-notary-signer/tags/
##
notarySignerImage:
registry: docker.io
repository: bitnami/harbor-notary-signer
tag: 2.2.2-debian-10-r2
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## Bitnami Nginx image
## ref: https://hub.docker.com/r/bitnami/nginx/tags/
##
nginxImage:
registry: docker.io
repository: bitnami/nginx
tag: 1.19.10-debian-10-r34
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
## - myRegistryKeySecretName
##
## Set to true if you would like to see extra information on logs
## It turns BASH and/or NAMI debugging in the image
##
debug: false
## String to partially override common.names.fullname template (will maintain the release name)
##
nameOverride:
## String to fully override common.names.fullname template
##
fullnameOverride:
## Force target Kubernetes version (using Helm capabilites if not set)
##
kubeVersion:
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: "10"
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
pullSecrets: []
## - myRegistryKeySecretName
## Init containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 100m
## memory: 128Mi
##
requests: {}
## cpu: 100m
## memory: 128Mi
##
## The internal TLS used for harbor components secure communicating. In order to enable https
## in each components tls cert files need to provided in advance.
##
internalTLS:
enabled: false
## The custom ca bundle secret, the secret must contain key named "ca.crt"
## which will be injected into the trust store for chartmuseum, clair, core, jobservice, registry, trivy components
##
# caBundleSecretName: ""
## Service parameters
##
service:
## K8s service type
## Allowed values are "ClusterIP", "NodePort" or "LoadBalancer"
##
type: LoadBalancer
## TLS parameters
##
tls:
## Enable TLS for external access
## Note: When type is "Ingress" and TLS is disabled, the port must be included
## in the command when pulling/pushing images.
## ref: https://github.com/goharbor/harbor/issues/5291
##
enabled: true
## Existing secret name containing your own TLS certificates.
## The secret contains keys named:
## "tls.crt" - the certificate (required)
## "tls.key" - the private key (required)
## "ca.crt" - the certificate of CA (optional)
## Self-signed TLS certificates will be used otherwise.
##
existingSecret: ''
## By default, the Notary service will use the same certificate described above.
## Fill the name of secret if you want to use a separated on for Notary.
##
notaryExistingSecret: ''
## The common name used to automatically generate the certificates.
## Mandatory when "secretName" is not provided or type is not "Ingress".
##
commonName: 'core.harbor.domain'
## Service parameters when type is "clusterIP"
##
ports:
## The service port Harbor listens on when serving with HTTP
##
http: 80
## The service port Harbor listens on when serving with HTTPS
##
https: 443
## The service port Notary listens on. Only needed when notary.enabled
## is set to true
##
notary: 4443
## Service parameters when type is "nodePort"
##
nodePorts:
http:
https:
notary:
loadBalancerIP:
annotations: {}
loadBalancerSourceRanges: []
externalTrafficPolicy:
## Ingress parameters
##
ingress:
enabled: false
## Ingress Path type
##
pathType: ImplementationSpecific
## Override API Version (automatically detected if not set)
##
apiVersion:
## Set this to true in order to add the corresponding annotations for cert-manager
##
certManager: false
## The list of hostnames to be covered with this ingress record
##
hosts:
core: core.harbor.domain
notary: notary.harbor.domain
## Set to the type of ingress controller if it has specific requirements.
## leave as `default` for most ingress controllers.
## set to `gce` if using the GCE ingress controller
## set to `ncp` if using the NCP (NSX-T Container Plugin) ingress controller
##
controller: default
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
##
annotations:
ingress.kubernetes.io/ssl-redirect: 'true'
ingress.kubernetes.io/proxy-body-size: '0'
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
nginx.ingress.kubernetes.io/proxy-body-size: '0'
## The external URL for Harbor core service. It is used to
## 1) populate the docker/helm commands showed on portal
## 2) populate the token service URL returned to docker/notary client
##
## Format: protocol://domain[:port]. Usually:
## 1) if "service.type" is "ingress", the "domain" should be
## the value of "ingress.hosts.core"
## 2) if "service.type" is "clusterIP", the "domain" should be
## the value of "service.clusterIP.name"
## 3) if "service.type" is "nodePort", the "domain" should be
## the IP address of k8s node. If Harbor is deployed behind the proxy,
## set it as the URL of proxy
##
externalURL: https://core.harbor.domain
## SecurityContext configuration
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
containerSecurityContext:
runAsUser: 1001
runAsNonRoot: true
podSecurityContext:
fsGroup: 1001
## The persistence is enabled by default and a default StorageClass
## is needed in the k8s cluster to provision volumes dynamically.
## Specify another StorageClass in the "storageClass" or set "existingClaim"
## if you have already existing persistent volumes to use
##
## For storing images and charts, you can also use "azure", "gcs", "s3",
## "swift" or "oss". Set it in the "imageChartStorage" section
##
persistence:
enabled: true
## Resource Policy
## Setting it to "keep" to avoid removing PVCs during a helm delete operation
##
resourcePolicy: 'keep'
persistentVolumeClaim:
registry:
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
##
existingClaim: ''
## Specify the "storageClass" used to provision the volume.
## Set it to "-" to disable dynamic provisioning
##
storageClass: ''
subPath: ''
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
##
existingClaim: ''
## Specify the "storageClass" used to provision the volume.
## Set it to "-" to disable dynamic provisioning
##
storageClass: ''
subPath: ''
accessMode: ReadWriteOnce
size: 1Gi
chartmuseum:
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
##
existingClaim: ''
## Specify the "storageClass" used to provision the volume.
## Set it to "-" to disable dynamic provisioning
##
storageClass: ''
subPath: ''
accessMode: ReadWriteOnce
size: 5Gi
trivy:
storageClass: ''
accessMode: ReadWriteOnce
size: 5Gi
## Define which storage backend is used for registry and chartmuseum to store
## images and charts.
## ref: https://github.com/docker/distribution/blob/master/docs/configuration.md#storage
##
imageChartStorage:
## Name of a secret containing the CA bundle
##
caBundleSecretName:
## Specify whether to disable `redirect` for images and chart storage, for
## backends which not supported it (such as using MinIO(R) for `s3` storage type), please disable
## it. To disable redirects, simply set `disableredirect` to `true` instead.
## ref: https://github.com/docker/distribution/blob/master/docs/configuration.md#redirect
##
disableredirect: false
## Specify the type of storage. Allowed values are [ filesystem | azure | gcs | s3 | swift | oss ]
##
type: filesystem
## Images/charts storage parameters when type is "filesystem"
##
filesystem:
rootdirectory: /storage
maxthreads:
## Images/charts storage parameters when type is "azure"
##
azure:
accountname: accountname
accountkey: base64encodedaccountkey
container: containername
storagePrefix: /azure/harbor/charts
## Example realm
# realm: core.windows.net
realm:
## Images/charts storage parameters when type is "gcs"
##
gcs:
bucket: bucketname
## The base64 encoded json file which contains the gcs key (file's content)
##
encodedkey: base64-encoded-json-key-file
rootdirectory:
chunksize:
## Images/charts storage parameters when type is "s3"
##
s3:
region: us-west-1
bucket: bucketname
accesskey:
secretkey:
regionendpoint:
encrypt:
keyid:
secure:
v4auth:
chunksize:
rootdirectory:
storageclass:
sse:
## Images/charts storage parameters when type is "swift"
##
swift:
authurl: https://storage.myprovider.com/v3/auth
username:
password:
container:
region:
tenant:
tenantid:
domain:
domainid:
trustid:
insecureskipverify:
chunksize:
prefix:
secretkey:
accesskey:
authversion:
endpointtype:
tempurlcontainerkey:
tempurlmethods:
## Images/charts storage parameters when type is "oss"
##
oss:
accesskeyid:
accesskeysecret:
region:
bucket:
endpoint:
internal:
encrypt:
secure:
chunksize:
rootdirectory:
secretkey:
## The log level used for Harbor services. Allowed values are [ fatal | error | warn | info | debug | trace ]
##
logLevel: debug
## Option to force users to specify passwords (core.secret, harborAdminPassword, and secretKey). That is required for 'helm upgrade' to work properly.
## If it is not forced, random values will be generated.
##
forcePassword: false
## The initial password of Harbor admin. Change it from portal after launching Harbor
##
harborAdminPassword:
## If expose the service via Ingress, the NGINX server will not be used
##
## The proxy settings for updating clair vulnerabilities from the Internet and replicating
## artifacts from/to the registries that cannot be reached directly
##
proxy:
httpProxy: ''
httpsProxy: ''
noProxy: 127.0.0.1,localhost,.local,.internal
components:
- core
- jobservice
- clair
- trivy
nginx:
## NGINX container command (using container default if not set)
##
command:
## NGINX container args (using container default if not set)
##
args:
replicas: 1
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## NGINX containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
##
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## When setting up Harbor behind another reverse proxy, such as a nginx instance, set this value to true
## if the reverse proxy already provides the 'X-Forwarded-Proto' header field.
## This is, for example, the case for the OpenShift HAProxy router.
##
behindReverseProxy: false
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## NGINX containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Harbor Portal parameters
##
portal:
## Harbor portal container command (using container default if not set)
##
command:
## Harbor portal container args (using container default if not set)
##
args:
replicas: 1
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## Use TLS in the container
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Harbor Portal containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
##
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Harbor Portal containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Harbor Core parameters
##
core:
## Harbor core container command (using container default if not set)
##
command:
## Harbor core container args (using container default if not set)
##
args:
## UAA Authentication Options
## If you're using UAA for authentication behind a self-signed
## certificate you will need to provide the CA Cert.
## Set uaaSecretName below to provide a pre-created secret that
## contains a base64 encoded CA Certificate named `ca.crt`.
##
uaaSecretName:
## The secret key used for encryption. Must be a string of 16 chars.
##
# secretKey: "not-a-secure-string"
secretKey:
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
replicas: 1
## Use TLS in the container
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Custom Startup probe
##
customStartupProbe: {}
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Harbor Core containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
# cpu: 500m
# memory: 1Gi
requests: {}
# cpu: 250m
# memory: 256Mi
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Secret is used when core server communicates with other components.
## If a secret key is not specified, Helm will generate one.
## Must be a string of 16 chars.
##
secret: ''
## Fill the name of a kubernetes secret if you want to use your own
## TLS certificate and private key for token encryption/decryption.
## The secret must contain keys named:
## "tls.crt" - the certificate
## "tls.key" - the private key
## The default key pair will be used if it isn't set
##
secretName: ''
## The CSRF key. Will be generated automatically if it isn't specified
##
csrfKey: ''
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Harbor Core containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
startupProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 30
successThreshold: 1
## Harbor Jobservice parameters
##
jobservice:
## Harbor Jobservice container command (using container default if not set)
##
command:
## Harbor Jobservice container args (using container default if not set)
##
args:
replicas: 1
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
maxJobWorkers: 10
## The logger for jobs: "file", "database" or "stdout"
##
jobLogger: file
## Use TLS in the container
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Harbor Jobservice containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
##
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Secret is used when job service communicates with other components.
## If a secret key is not specified, Helm will generate one.
## Must be a string of 16 chars.
##
secret: ''
## Harbor Jobservice containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
registry:
replicas: 1
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## Use TLS in the containers
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## Harbor Registry main container parameters
##
server:
## Container command (using container default if not set)
##
command:
## Container args (using container default if not set)
##
args:
## An array to add extra env vars
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Harbor Registry containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
## Harbor Registry containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Harbor Registryctl parameters
##
controller:
## Container command (using container default if not set)
##
command:
## Container args (using container default if not set)
##
args:
## An array to add extra env vars
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Harbor Registryctl containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
## Harbor Registryctl containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Extra volumes to add to the deployment
##
extraVolumes: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Secret is used to secure the upload state from client
## and registry storage backend.
## See: https://github.com/docker/distribution/blob/master/docs/configuration.md#http
## If a secret key is not specified, Helm will generate one.
## Must be a string of 16 chars.
##
secret: ''
## If true, the registry returns relative URLs in Location headers. The client is responsible for resolving the correct URL.
##
relativeurls: false
credentials:
username: 'harbor_registry_user'
password: 'harbor_registry_password'
## If you update the username or password of registry, make sure use cli tool htpasswd to generate the bcrypt hash
## e.g. "htpasswd -nbBC10 $username $password"
##
htpasswd: 'harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m'
middleware:
enabled: false
type: cloudFront
cloudFront:
baseurl: example.cloudfront.net
keypairid: KEYPAIRID
duration: 3000s
ipfilteredby: none
## The secret key that should be present is CLOUDFRONT_KEY_DATA, which should be the encoded private key
## that allows access to CloudFront
##
privateKeySecret: 'my-secret'
## Chartmuseum parameters
##
chartmuseum:
enabled: true
## Chartmuseum container command (using container default if not set)
##
command:
## Chartmuseum container args (using container default if not set)
##
args:
replicas: 1
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## Set the use of the Redis(TM) cache.
##
useRedisCache: true
## Set the absolute URL to access the chartmuseum repository and the
## endpoint where it will be available.
##
absoluteUrl: false
chartRepoName: 'chartsRepo'
depth: 1
logJson: false
disableMetrics: false
disableApi: false
disableStatefiles: false
allowOverwrite: true
anonymousGet: false
## Use TLS in the container
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## Optional parameters for ChartMuseum not used by default.
## ref: https://chartmuseum.com/docs/#other-cli-options
##
contextPath:
indexLimit:
chartPostFormFieldName:
provPostFormFieldName:
maxStorageObjects:
maxUploadSize:
storageTimestampTolerance: "1s"
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## An array to add extra env vars to chartmuseum
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Chartmuseum containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
# cpu: 500m
# memory: 1Gi
requests: {}
# cpu: 250m
# memory: 256Mi
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Chartmuseum containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 20
failureThreshold: 10
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 20
failureThreshold: 10
successThreshold: 1
## Clair parameters
##
clair:
enabled: false
replicas: 1
## Use TLS in the container
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## The http(s) proxy used to update vulnerabilities database from internet
##
httpProxy:
httpsProxy:
## The interval of clair updaters, the unit is hour, set to 0 to
## disable the updaters
##
updatersInterval: 12
## Harbor needs Clair adapter to communicate with Clair API.
##
adapter:
## Clair adapter container command (using container default if not set)
##
command:
## Clair adapter container args (using container default if not set)
##
args:
## An array to add extra env vars
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## Clair containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Clair containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
# cpu: 500m
# memory: 1Gi
requests: {}
# cpu: 250m
# memory: 256Mi
## Clair main container properties
##
server:
## Clair container command (using container default if not set)
##
command:
## Clair container args (using container default if not set)
##
args:
## Clair containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## An array to add extra env vars
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## Clair containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
##
## Extra volumes to add to the deployment
##
extraVolumes: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Trivy adapter parameters
##
trivy:
## enabled the flag to enable Trivy scanner
##
enabled: true
## replicas the number of Pod replicas
##
replicas: 1
## Harbor Trivy container command (using container default if not set)
##
command:
## Harbor Trivy container args (using container default if not set)
##
args:
## Use TLS in the container
##
tls:
## Name of a secret containing the certificates
## Otherwise, it will generate a cert automatically
##
existingSecret:
## Update strategy
##
updateStrategy:
type: RollingUpdate
## debugMode the flag to enable Trivy debug mode with more verbose scanning log
##
debugMode: false
## vulnType a comma-separated list of vulnerability types. Possible values are `os` and `library`.
##
vulnType: 'os,library'
## Automount service account token
##
automountServiceAccountToken: false
## severity a comma-separated list of severities to be checked
##
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
## ignoreUnfixed the flag to display only fixed vulnerabilities
##
ignoreUnfixed: false
## insecure the flag to skip verifying registry certificate
##
insecure: false
## gitHubToken the GitHub access token to download Trivy DB
##
## Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
## It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
## in the local file system (`/home/scanner/.cache/trivy/db/trivy.db`). In addition, the database contains the update
## timestamp so Trivy can detect whether it should download a newer version from the Internet or use the cached one.
## Currently, the database is updated every 12 hours and published as a new release to GitHub.
##
## Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
## for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
## requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
## https://developer.github.com/v3/#rate-limiting
##
## You can create a GitHub token by following the instructions in
## https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
##
gitHubToken: ''
## skipUpdate the flag to disable Trivy DB downloads from GitHub
## You might want to set the value of this flag to `true` in test or CI/CD environments to avoid GitHub rate limiting issues.
## If the value is set to `true` you have to manually download the `trivy.db` file and mount it in the
## `/home/scanner/.cache/trivy/db/trivy.db` path.
##
skipUpdate: false
cacheDir: '/bitnami/harbor-adapter-trivy/.cache'
resources:
requests:
cpu: 200m
memory: 512Mi
limits:
cpu: 1
memory: 1Gi
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Trivy containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Notary parameters
##
notary:
enabled: true
server:
## Notary server container command (using container default if not set)
##
command:
## Notary server container args (using container default if not set)
##
args:
replicas: 1
## Notary server containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## HostAliases to add to the deployment
##
hostAliases: []
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
## Notary server containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Extra volumes to add to the deployment
##
extraVolumes: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
signer:
## Notary signer container command (using container default if not set)
##
command:
## Notary signer container args (using container default if not set)
##
args:
replicas: 1
## Update strategy - only really applicable for deployments with RWO PVs attached
## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the
## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will
## terminate the single previous pod, so that the new, incoming pod can attach to the PV
##
updateStrategy:
type: RollingUpdate
## An array to add extra env vars
## For example:
##
extraEnvVars: []
# - name: BEARER_AUTH
# value: true
## ConfigMap with extra environment variables
##
extraEnvVarsCM:
## Secret with extra environment variables
##
extraEnvVarsSecret:
## Extra volume mounts to add to the container
##
extraVolumeMounts: []
## Notary signer containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
##
limits: {}
## cpu: 500m
## memory: 1Gi
##
requests: {}
## cpu: 250m
## memory: 256Mi
## Extra volumes to add to the deployment
##
extraVolumes: []
## HostAliases to add to the deployment
##
hostAliases: []
## Extra init containers to add to the deployment
##
initContainers: []
## Extra sidecar containers to add to the deployment
##
sidecars: []
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""
## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## Node affinity type
## Allowed values: soft, hard
##
type: ""
## Node label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## Node label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod extra labels. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Pod annotations. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Notary signer containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## lifecycleHooks for the container to automate configuration before or after startup.
##
lifecycleHooks:
## Custom Liveness probe
##
customLivenessProbe: {}
## Custom Rediness probe
##
customReadinessProbe: {}
## Fill the name of a kubernetes secret if you want to use your own
## TLS certificate authority, certificate and private key for notary
## communications.
## The secret must contain keys named ca.crt, tls.crt and tls.key that
## contain the CA, certificate and private key.
## They will be generated if not set.
##
secretName: ''
## Common annotations to add to all Harbor resources (sub-charts are not considered). Evaluated as a template
##
commonAnnotations: {}
## Common labels to add to all Harbor resources (sub-charts are not considered). Evaluated as a template
##
commonLabels: {}
## Redis(TM) chart configuration
## ref: https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml
##
redis:
enabled: true
nameOverride:
## image:
## tag:
## Use password authentication
##
auth:
enabled: false
## Redis(TM) password (both master and replica)
## Defaults to a random 10-character alphanumeric string if not set and auth.enabled is true.
## It should always be set using the password value or in the existingSecret to avoid issues
## with Harbor.
## The password value is ignored if existingSecret is set
# password:
##
## Cluster settings
##
architecture: standalone
##
## Redis(TM) Master parameters
##
master:
persistence:
enabled: true
replica:
persistence:
enabled: true
## If the Redis(TM) included in the chart is disabled, Harbor will use below
## Redis(TM) parameters to connect to an external Redis(TM) server.
## Support for both Redis(TM) and Redis+Sentinel(TM)
##
externalRedis:
## Redis(TM) host
##
host: localhost
## Redis(TM) port number
##
port: 6379
## Redis(TM) sentinel configuration
## If sentinel is enabled the below sentinel configurations are used as the hostname
##
sentinel:
enabled: false
masterSet: 'mymaster'
## Configure redis sentinel hostnames in the following pattern
## <host_sentinal1>:<port_sentinel1>,<host_sentinal2>:<port_sentinel2>,<host_sentinal2>:<port_sentinel3>
##
hosts: ''
## Redis(TM) password
##
password: ''
coreDatabaseIndex: '0'
jobserviceDatabaseIndex: '1'
registryDatabaseIndex: '2'
chartmuseumDatabaseIndex: '3'
clairAdapterDatabaseIndex: '4'
trivyAdapterDatabaseIndex: '5'
## PostgreSQL chart configuration
## ref: https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml
##
postgresql:
enabled: true
nameOverride:
postgresqlUsername: postgres
postgresqlPassword: not-secure-database-password
## Name of existing secret to use for PostgreSQL passwords.
## If an existingSecret is used it will overwrite postgresqlUsername and postgresqlPassword.
## The secret has to contain at least the key postgresql-postgres-password.
##
## Example Secret:
## apiVersion: v1
## kind: Secret
## metadata:
## name: mysecret
## type: Opaque
## data:
## postgresqlUsername: YWRtaW4=
## postgresqlPassword: MWYyZDFlMmU2N2Rm
# existingSecret: secret
postgresqlExtendedConf:
maxConnections: 1024
replication:
enabled: false
persistence:
enabled: true
## PostgreSQL initdb initdbScripts
##
initdbScripts:
initial-notaryserver.sql: |
CREATE DATABASE notaryserver;
CREATE USER server;
alter user server with encrypted password 'password';
GRANT ALL PRIVILEGES ON DATABASE notaryserver TO server;
initial-notarysigner.sql: |
CREATE DATABASE notarysigner;
CREATE USER signer;
alter user signer with encrypted password 'password';
GRANT ALL PRIVILEGES ON DATABASE notarysigner TO signer;
initial-registry.sql: |
CREATE DATABASE registry ENCODING 'UTF8';
\c registry;
CREATE TABLE schema_migrations(version bigint not null primary key, dirty boolean not null);
## If the PostgreSQL database included in the chart is disabled, Harbor will
## use below parameters to connect to an external PostgreSQL server.
##
externalDatabase:
## Database host
##
host: localhost
## non-root Username for portal Database
##
user: bn_harbor
## Database password
##
password: ''
## Database port number
##
port: 5432
## External database ssl mode
##
sslmode: disable
## External database name for core
##
coreDatabase:
## External database name for clair
##
clairDatabase:
## if not set, database.external.user is used
##
clairUsername:
## if not set, database.external.password is used
##
clairPassword:
## External database name for notaryserver
##
notaryServerDatabase:
## if not set, database.external.user is used
##
notaryServerUsername:
## if not set, database.external.password is used
##
notaryServerPassword:
## External database name for notarysigner
##
notarySignerDatabase:
## if not set, database.external.user is used
##
notarySignerUsername:
## if not set, database.external.password is used
##
notarySignerPassword:
## Array with extra yaml to deploy with the chart. Evaluated as a template
##
extraDeploy: []
Reference in New Issue View Git Blame Copy Permalink