From f1bb2efacf3744b7fd1f05761f3c43d6dda0249a Mon Sep 17 00:00:00 2001 From: Patrick Hermann Date: Tue, 20 Jan 2026 12:06:39 +0000 Subject: [PATCH] feat: feat/update-harbor --- apps/README.md | 31 +++-------- apps/harbor.yaml.gotmpl | 23 ++++++-- apps/minio.yaml.gotmpl | 2 +- apps/nginx.yaml.gotmpl | 2 +- apps/values/certificate.values.yaml.gotmpl | 2 +- apps/values/harbor.values.yaml.gotmpl | 55 ++++++++++++++++++- cicd/argocd.yaml.gotmpl | 2 +- cicd/values/certificate.values.yaml.gotmpl | 2 +- .../crossplane-functions.values.yaml.gotmpl | 2 +- 9 files changed, 85 insertions(+), 36 deletions(-) diff --git a/apps/README.md b/apps/README.md index 123207ef..1501d3fd 100644 --- a/apps/README.md +++ b/apps/README.md @@ -180,7 +180,7 @@ helmfiles: - domain: sthings-infra-dev.example.com - ingressClassName: nginx - createCertificateResource: true - - certicates: + - certificates: nginx: hostname: webserver domain: sthings-infra-dev.example.com @@ -333,29 +333,14 @@ EOF
HARBOR +### w/ INGRESS + CERT (INGRESS ANNOTATION - CERT-MANAGER) + ```bash -cat < harbor.yaml ---- -helmfiles: - - path: git::https://github.com/stuttgart-things/helm.git@apps/harbor.yaml - values: - - namespace: harbor - - enablePersistence: true - - storageClass: standard - - issuerName: selfsigned - - issuerKindCert: ClusterIssuer - - issuerKind: cluster-issuer - - hostname: harbor - - domain: 172.18.0.5.nip.io - - ingressClassName: nginx - - adminPassword: halloHarborTest123 - - pvSizeRegistry: 12Gi - - pvSizeTrivy: 5Gi - - pvSizeJobService: 1Gi -EOF -``` +export HARBOR_PASSWORD= -
+helmfile apply -f git::https://github.com/stuttgart-things/helm.git@apps/harbor.yaml.gotmpl \ +--state-values-set-string "namespace=harbor,domain=idp.kubermatic.sva.dev,issuerName=letsencrypt-prod,storageClass=vsphere-csi,adminPassword=${HARBOR_PASSWORD}" +```
MINIO @@ -399,7 +384,7 @@ helmfiles: - hostnameApi: artifacts - storageClass: openebs-hostpath - createCertificateResource: true - - certicates: + - certificates: api: hostname: artifacts domain: sthings-infra-dev.example.com diff --git a/apps/harbor.yaml.gotmpl b/apps/harbor.yaml.gotmpl index e6c88bff..e4f4aaa5 100644 --- a/apps/harbor.yaml.gotmpl +++ b/apps/harbor.yaml.gotmpl @@ -6,18 +6,28 @@ environments: - namespace: harbor - enablePersistence: true - storageClass: standard - - issuerName: selfsigned - - issuerKindCert: ClusterIssuer - - issuerKind: cluster-issuer - - hostname: harbor - - domain: 172.18.0.5.nip.io - ingressClassName: nginx - adminPassword: halloHarborTest123 - pvSizeRegistry: 12Gi - pvSizeTrivy: 5Gi - pvSizeJobService: 1Gi + - hostname: harbor + - domain: example.com + - issuerName: selfsigned + - issuerKind: ClusterIssuer + - issuerKindAnnotation: cluster-issuer + - createCertificateResource: false + - certificates: + harbor: + hostname: {{ .Values.hostname }} + domain: {{ .Values.domain }} + issuerName: {{ .Values.issuerName }} + issuerKind: {{ .Values.issuerKind }} + namespace: {{ .Values.namespace }} + secretName: {{ .Values.hostname }}.{{ .Values.domain }}-tls --- releases: +{{- if .Values.createCertificateResource }} - name: certificate-configuration installed: true namespace: {{ .Values.namespace }} @@ -25,14 +35,17 @@ releases: version: 0.3.15 values: - "values/certificate.values.yaml.gotmpl" +{{- end }} - name: harbor installed: true namespace: {{ .Values.namespace }} chart: bitnami/harbor version: {{ .Values.version }} +{{- if .Values.createCertificateResource }} needs: - {{ .Values.namespace }}/certificate-configuration +{{- end }} values: - "values/harbor.values.yaml.gotmpl" diff --git a/apps/minio.yaml.gotmpl b/apps/minio.yaml.gotmpl index 033c7305..829ee519 100644 --- a/apps/minio.yaml.gotmpl +++ b/apps/minio.yaml.gotmpl @@ -25,7 +25,7 @@ environments: - imageVolumePermissionsPullPolicy: IfNotPresent - imageVolumeContainerEnabled: false - createCertificateResource: false - - certicates: + - certificates: api: hostname: artifacts domain: 172.18.0.2.nip.io diff --git a/apps/nginx.yaml.gotmpl b/apps/nginx.yaml.gotmpl index e653d33a..6ef580ef 100644 --- a/apps/nginx.yaml.gotmpl +++ b/apps/nginx.yaml.gotmpl @@ -20,7 +20,7 @@ environments: - serviceNodePortHttp: "" - serviceNodePortHttps: "" - createCertificateResource: false - - certicates: + - certificates: nginx: hostname: webserver domain: 172.18.0.2.nip.io diff --git a/apps/values/certificate.values.yaml.gotmpl b/apps/values/certificate.values.yaml.gotmpl index 03e86b04..9eaebac9 100644 --- a/apps/values/certificate.values.yaml.gotmpl +++ b/apps/values/certificate.values.yaml.gotmpl @@ -1,6 +1,6 @@ --- customresources: -{{- range $k, $v := $.Values.certicates }} +{{- range $k, $v := $.Values.certificates }} {{ $k }}: apiVersion: cert-manager.io/v1 kind: Certificate diff --git a/apps/values/harbor.values.yaml.gotmpl b/apps/values/harbor.values.yaml.gotmpl index a2d3d50d..c1a79f6d 100644 --- a/apps/values/harbor.values.yaml.gotmpl +++ b/apps/values/harbor.values.yaml.gotmpl @@ -1,8 +1,49 @@ --- externalURL: {{ .Values.hostname }}.{{ .Values.domain }} -clusterDomain: {{ .Values.domain }} +clusterDomain: cluster.local adminPassword: {{ .Values.adminPassword }} +global: + imageRegistry: docker.io + +nginx: + image: + repository: bitnamilegacy/nginx + +portal: + image: + repository: bitnamilegacy/harbor-portal + +core: + image: + repository: bitnamilegacy/harbor-core + +jobservice: + image: + repository: bitnamilegacy/harbor-jobservice + +registry: + server: + image: + repository: bitnamilegacy/harbor-registry + controller: + image: + repository: bitnamilegacy/harbor-registryctl + +trivy: + image: + repository: bitnamilegacy/harbor-adapter-trivy + +exporter: + image: + repository: bitnamilegacy/harbor-exporter + +volumePermissions: + image: + repository: bitnamilegacy/os-shell + + + exposureType: ingress service: type: ClusterIP @@ -23,7 +64,9 @@ ingress: - {{ .Values.hostname }}.{{ .Values.domain }} secretName: {{ .Values.hostname }}.{{ .Values.domain }}-tls annotations: - cert-manager.io/{{ .Values.issuerKind }}: "{{ .Values.issuerName }}" + {{- if not .Values.createCertificateResource }} + cert-manager.io/{{ .Values.issuerKindAnnotation }}: "{{ .Values.issuerName }}" + {{- end }} ingress.kubernetes.io/ssl-redirect: "true" ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/ssl-redirect: "true" @@ -45,3 +88,11 @@ persistence: jobservice: size: {{ .Values.pvSizeJobService }} {{- end }} + +postgresql: + image: + repository: bitnamilegacy/postgresql + +redis: + image: + repository: bitnamilegacy/redis diff --git a/cicd/argocd.yaml.gotmpl b/cicd/argocd.yaml.gotmpl index a33e37b9..cfdf2f0f 100644 --- a/cicd/argocd.yaml.gotmpl +++ b/cicd/argocd.yaml.gotmpl @@ -15,7 +15,7 @@ environments: - ingressClassName: nginx - issuerName: selfsigned - issuerKind: ClusterIssuer - - certicates: + - certificates: argocd: hostname: {{ .Values.hostname }} domain: {{ .Values.domain }} diff --git a/cicd/values/certificate.values.yaml.gotmpl b/cicd/values/certificate.values.yaml.gotmpl index 03e86b04..9eaebac9 100644 --- a/cicd/values/certificate.values.yaml.gotmpl +++ b/cicd/values/certificate.values.yaml.gotmpl @@ -1,6 +1,6 @@ --- customresources: -{{- range $k, $v := $.Values.certicates }} +{{- range $k, $v := $.Values.certificates }} {{ $k }}: apiVersion: cert-manager.io/v1 kind: Certificate diff --git a/cicd/values/crossplane-functions.values.yaml.gotmpl b/cicd/values/crossplane-functions.values.yaml.gotmpl index 4858bbae..dc2f0fb9 100644 --- a/cicd/values/crossplane-functions.values.yaml.gotmpl +++ b/cicd/values/crossplane-functions.values.yaml.gotmpl @@ -8,4 +8,4 @@ customresources: name: {{ $fn.name | required (printf "functions.%s.name is required" $key) }} spec: package: {{ printf "%s:%s" $fn.image $fn.tag | required (printf "functions.%s.image and tag are required" $key) }} -{{- end }} \ No newline at end of file +{{- end }}