Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-29 16:27:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
da68be8e951225133c7dfb572d5101ca3d61c5ae
charts/bitnami/harbor/templates/internal/internal-crt-secret.yaml
Felipe V.C. Serafim da68be8e95 Add copyright header (#17300) 
* Add copyright header

Signed-off-by: sfelipe <sfelipe@vmware.com>

* Remove copyright from vib runtime_parameters files

Signed-off-by: sfelipe <sfelipe@vmware.com>

* Add copyright header for pinniped-auth.sh

Signed-off-by: sfelipe <sfelipe@vmware.com>

* Update templates copyright header format

Signed-off-by: sfelipe <sfelipe@vmware.com>

---------

Signed-off-by: sfelipe <sfelipe@vmware.com>
2023-06-26 10:28:56 +02:00

114 lines
5.2 KiB
YAML
Raw Blame History

{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if .Values.internalTLS.enabled }}
{{- $ca := genCA "harbor-internal-ca" 365 }}
{{- if not .Values.core.tls.existingSecret }}
{{- $secretName := printf "%s-crt" (include "harbor.core" .) }}
{{- $cn := include "harbor.core" . }}
{{- $cert := genSignedCert $cn (list "127.0.0.1") (list "localhost" $cn) 365 $ca }}
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
app.kubernetes.io/component: core
type: kubernetes.io/tls
data:
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}
{{- if not .Values.jobservice.tls.existingSecret }}
{{- $secretName := printf "%s-crt" (include "harbor.jobservice" .) }}
{{- $cn := include "harbor.jobservice" . }}
{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
app.kubernetes.io/component: jobservice
type: kubernetes.io/tls
data:
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}
{{- if not .Values.registry.tls.existingSecret }}
{{- $secretName := printf "%s-crt" (include "harbor.registry" .) }}
{{- $cn := include "harbor.registry" . }}
{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
app.kubernetes.io/component: registry
type: kubernetes.io/tls
data:
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}
{{- if not .Values.portal.tls.existingSecret }}
{{- $secretName := printf "%s-crt" (include "harbor.portal" .) }}
{{- $cn := include "harbor.portal" . }}
{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
app.kubernetes.io/component: portal
type: kubernetes.io/tls
data:
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}
{{- if and .Values.trivy.enabled (not .Values.trivy.tls.existingSecret) }}
{{- $secretName := printf "%s-crt" (include "harbor.trivy" .) }}
{{- $cn := include "harbor.trivy" . }}
{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
app.kubernetes.io/component: trivy
type: kubernetes.io/tls
data:
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink