Merge pull request #5254 from ywk253100/180704_chart_db

Modify chart to support master branch

contrib/helm/harbor/requirements.lock

@@ -1,7 +1,4 @@
 dependencies:
-- name: postgresql
-  repository: https://kubernetes-charts.storage.googleapis.com
-  version: 0.9.1
 - name: redis
   repository: https://kubernetes-charts.storage.googleapis.com
   version: 3.2.5

contrib/helm/harbor/requirements.yaml

@@ -1,7 +1,4 @@
 dependencies:
-- name: postgresql
-  version: 0.9.1
-  repository: https://kubernetes-charts.storage.googleapis.com
 - name: redis
   version: 3.2.5
   repository: https://kubernetes-charts.storage.googleapis.com

contrib/helm/harbor/templates/_helpers.tpl

@@ -57,3 +57,87 @@ so it can match Harbor service FQDN and Notary service FQDN.
 {{- define "harbor.notaryServiceName" -}}
 {{- printf "%s-notary-server" (include "harbor.fullname" .) -}}
 {{- end -}}
+
+{{- define "harbor.database.host" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- template "harbor.fullname" . }}-database
+  {{- else -}}
+    {{- .Values.database.external.host -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.port" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "5432" -}}
+  {{- else -}}
+    {{- .Values.database.external.port -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.username" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "postgres" -}}
+  {{- else -}}
+    {{- .Values.database.external.username -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.password" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- .Values.database.internal.password | b64enc | quote -}}
+  {{- else -}}
+    {{- .Values.database.external.password | b64enc | quote -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.rawPassword" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- .Values.database.internal.password -}}
+  {{- else -}}
+    {{- .Values.database.external.password -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.coreDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "registry" -}}
+  {{- else -}}
+    {{- .Values.database.external.coreDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.clairDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "postgres" -}}
+  {{- else -}}
+    {{- .Values.database.external.clairDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.notaryServerDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "notaryserver" -}}
+  {{- else -}}
+    {{- .Values.database.external.notaryServerDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.notarySignerDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "notarysigner" -}}
+  {{- else -}}
+    {{- .Values.database.external.notarySignerDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.clair" -}}
+postgres://{{ template "harbor.database.username" . }}:{{ template "harbor.database.rawPassword" . }}@{{ template "harbor.database.host" . }}:{{ template "harbor.database.port" . }}/{{ template "harbor.database.clairDatabase" . }}?sslmode=disable
+{{- end -}}
+
+{{- define "harbor.database.notaryServer" -}}
+postgres://{{ template "harbor.database.username" . }}:{{ template "harbor.database.rawPassword" . }}@{{ template "harbor.database.host" . }}:{{ template "harbor.database.port" . }}/{{ template "harbor.database.notaryServerDatabase" . }}?sslmode=disable
+{{- end -}}
+
+{{- define "harbor.database.notarySigner" -}}
+postgres://{{ template "harbor.database.username" . }}:{{ template "harbor.database.rawPassword" . }}@{{ template "harbor.database.host" . }}:{{ template "harbor.database.port" . }}/{{ template "harbor.database.notarySignerDatabase" . }}?sslmode=disable
+{{- end -}}

contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml

@@ -6,14 +6,10 @@ metadata:
 {{ include "harbor.labels" . | indent 4 }}
     component: adminserver
 data:
-  {{ if .Values.mysql.host -}}
+  POSTGRESQL_HOST: "{{ template "harbor.database.host" . }}"
-  MYSQL_HOST: "{{ .Values.mysql.host }}"
+  POSTGRESQL_PORT: "{{ template "harbor.database.port" . }}"
-  {{ else -}}
+  POSTGRESQL_USERNAME: "{{ template "harbor.database.username" . }}"
-  MYSQL_HOST: "{{ template "harbor.fullname" . }}-mysql"
+  POSTGRESQL_DATABASE: "{{ template "harbor.database.coreDatabase" . }}"
-  {{ end -}}
-  MYSQL_PORT: "{{ .Values.mysql.port }}"
-  MYSQL_USR: "{{ .Values.mysql.user }}"
-  MYSQL_DATABASE: "{{ .Values.mysql.database }}"
   EMAIL_HOST: "{{ .Values.adminserver.emailHost }}"
   EMAIL_PORT: "{{ .Values.adminserver.emailPort }}"
   EMAIL_USR: "{{ .Values.adminserver.emailUser }}"
@@ -40,7 +36,7 @@ data:
   LDAP_SCOPE: "{{ .Values.adminserver.ldap.scope }}"
   LDAP_TIMEOUT: "{{ .Values.adminserver.ldap.timeout }}"
   LDAP_VERIFY_CERT: "{{ .Values.adminserver.ldap.verifyCert }}"
-  DATABASE_TYPE: "mysql"
+  DATABASE_TYPE: "postgresql"
   PROJECT_CREATION_RESTRICTION: "everyone"
   VERIFY_REMOTE_CERT: "off"
   MAX_JOB_WORKERS: "3"
@@ -50,10 +46,10 @@ data:
   ADMIRAL_URL: "NA"
   RESET: "false"
   WITH_CLAIR: "{{ .Values.clair.enabled }}"
-  CLAIR_DB_HOST: "{{ .Release.Name }}-postgresql"
+  CLAIR_DB_HOST: "{{ template "harbor.database.host" . }}"
-  CLAIR_DB_PORT: "5432"
+  CLAIR_DB_PORT: "{{ template "harbor.database.port" . }}"
-  CLAIR_DB: "{{ .Values.clair.postgresDatabase }}"
+  CLAIR_DB_USERNAME: "{{ template "harbor.database.username" . }}"
-  CLAIR_DB_USERNAME: "{{ .Values.clair.postgresUser }}"
+  CLAIR_DB: "{{ template "harbor.database.clairDatabase" . }}"
   CLAIR_URL: "http://{{ template "harbor.fullname" . }}-clair:6060"
   UAA_ENDPOINT: ""
   UAA_CLIENTID: ""

contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml

@@ -10,12 +10,12 @@ data:
   secretKey: {{ .Values.secretKey | b64enc | quote }}
   EMAIL_PWD: {{ .Values.adminserver.emailPwd | b64enc | quote }}
   HARBOR_ADMIN_PASSWORD: {{ .Values.adminserver.adminPassword | b64enc | quote }}
-  MYSQL_PWD: {{ .Values.mysql.pass | b64enc | quote }}
+  POSTGRESQL_PASSWORD: {{ template "harbor.database.password" . }}
   JOBSERVICE_SECRET: {{ .Values.jobservice.secret | b64enc | quote }}
   UI_SECRET: {{ .Values.ui.secret | b64enc | quote }}
 {{- if eq .Values.adminserver.authenticationMode "ldap_auth" }} 
   LDAP_SEARCH_PWD: {{ .Values.adminserver.ldap.searchPwd | b64enc | quote }} 
 {{- end }}
 {{ if .Values.clair.enabled }}
-  CLAIR_DB_PASSWORD: {{ .Values.clair.postgresPassword | b64enc | quote }}
+  CLAIR_DB_PASSWORD: {{ template "harbor.database.password" . }}
 {{ end }}

contrib/helm/harbor/templates/clair/clair-cm.yaml

@@ -12,7 +12,7 @@ data:
       database:
         type: pgsql
         options:
-          source: "postgresql://{{ .Values.clair.postgresUser }}:{{ .Values.clair.postgresPassword }}@{{ .Release.Name }}-postgresql:5432/{{ .Values.clair.postgresDatabase }}?sslmode=disable"
+          source: "{{ template "harbor.database.clair" . }}"
           # Number of elements kept in the cache
           # Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
           cachesize: 16384

contrib/helm/harbor/templates/database/database-secret.yaml

@@ -0,0 +1,11 @@
+{{- if eq .Values.database.type "internal" -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ template "harbor.fullname" . }}-database"
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+type: Opaque
+data:
+  POSTGRES_PASSWORD: {{ template "harbor.database.password" . }}
+{{- end -}}

contrib/helm/harbor/templates/database/database-ss.yaml

@@ -0,0 +1,70 @@
+{{- if eq .Values.database.type "internal" -}}
+apiVersion: apps/v1beta2
+kind: StatefulSet
+metadata:
+  name: "{{ template "harbor.fullname" . }}-database"
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+    component: database
+spec:
+  replicas: 1
+  serviceName: "{{ template "harbor.fullname" . }}-database"
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: database
+  template:
+    metadata:
+      labels:
+{{ include "harbor.labels" . | indent 8 }}
+        component: database
+    spec:
+      containers:
+      - name: database
+        image: {{ .Values.database.internal.image.repository }}:{{ .Values.database.internal.image.tag }}
+        imagePullPolicy: {{ .Values.database.internal.image.pullPolicy }}
+        resources:
+{{ toYaml .Values.database.internal.resources | indent 10 }}
+        envFrom:
+          - secretRef:
+              name: "{{ template "harbor.fullname" . }}-database"
+        volumeMounts:
+        - name: database-data
+          mountPath: /var/lib/postgresql/data
+      {{- if not .Values.persistence.enabled }}
+      volumes:
+      - name: "database-data"
+        emptyDir: {}
+      {{- end -}}
+    {{- with .Values.database.internal.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.database.internal.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.database.internal.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+  {{- if .Values.persistence.enabled }}
+  volumeClaimTemplates:
+  - metadata:
+      name: "database-data"
+      labels:
+{{ include "harbor.labels" . | indent 8 }}
+    spec:
+      accessModes: [{{ .Values.database.internal.volumes.data.accessMode | quote }}]
+      {{- if .Values.database.internal.volumes.data.storageClass }}
+      {{- if (eq "-" .Values.database.internal.volumes.data.storageClass) }}
+      storageClassName: ""
+      {{- else }}
+      storageClassName: "{{ .Values.database.internal.volumes.data.storageClass }}"
+      {{- end }}
+      {{- end }}
+      resources:
+        requests:
+          storage: {{ .Values.database.internal.volumes.data.size | quote }}
+  {{- end -}}
+  {{- end -}}

contrib/helm/harbor/templates/database/database-svc.yaml

@@ -1,12 +1,14 @@
+{{- if eq .Values.database.type "internal" -}}
 apiVersion: v1
 kind: Service
 metadata:
-  name: "{{ template "harbor.fullname" . }}-mysql"
+  name: "{{ template "harbor.fullname" . }}-database"
   labels:
 {{ include "harbor.labels" . | indent 4 }}
 spec:
   ports:
-    - port: 3306
+    - port: 5432
   selector:
 {{ include "harbor.matchLabels" . | indent 4 }}
-    component: mysql
+    component: database
+{{- end -}}

contrib/helm/harbor/templates/mysql/mysql-secret.yaml

@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ template "harbor.fullname" . }}-mysql"
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-type: Opaque
-data:
-  mysqlRootPassword: {{ .Values.mysql.pass | b64enc | quote }}

contrib/helm/harbor/templates/mysql/mysql-ss.yaml

@@ -1,71 +0,0 @@
-apiVersion: apps/v1beta2
-kind: StatefulSet
-metadata:
-  name: "{{ template "harbor.fullname" . }}-mysql"
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: mysql
-spec:
-  replicas: 1
-  serviceName: "{{ template "harbor.fullname" . }}-mysql"
-  selector:
-    matchLabels:
-{{ include "harbor.matchLabels" . | indent 6 }}
-      component: mysql
-  template:
-    metadata:
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-        component: mysql
-    spec:
-      containers:
-      - name: mysql
-        image: {{ .Values.mysql.image.repository }}:{{ .Values.mysql.image.tag }}
-        imagePullPolicy: {{ .Values.mysql.image.pullPolicy }}
-        resources:
-{{ toYaml .Values.mysql.resources | indent 10 }}
-        env:
-          - name: MYSQL_ROOT_PASSWORD
-            valueFrom:
-              secretKeyRef:
-               name: "{{ template "harbor.fullname" . }}-mysql"
-               key: mysqlRootPassword
-        volumeMounts:
-        - name: mysql-data
-          mountPath: /var/lib/mysql
-      {{- if not .Values.persistence.enabled }}
-      volumes:
-      - name: "mysql-data"
-        emptyDir: {}
-      {{- end -}}
-    {{- with .Values.mysql.nodeSelector }}
-      nodeSelector:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-    {{- with .Values.mysql.affinity }}
-      affinity:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-    {{- with .Values.mysql.tolerations }}
-      tolerations:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-  {{- if .Values.persistence.enabled }}
-  volumeClaimTemplates:
-  - metadata:
-      name: "mysql-data"
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-    spec:
-      accessModes: [{{ .Values.mysql.volumes.data.accessMode | quote }}]
-      {{- if .Values.mysql.volumes.data.storageClass }}
-      {{- if (eq "-" .Values.mysql.volumes.data.storageClass) }}
-      storageClassName: ""
-      {{- else }}
-      storageClassName: "{{ .Values.mysql.volumes.data.storageClass }}"
-      {{- end }}
-      {{- end }}
-      resources:
-        requests:
-          storage: {{ .Values.mysql.volumes.data.size | quote }}
-  {{- end -}}

contrib/helm/harbor/templates/notary/notary-cm.yaml

@@ -1,23 +1,4 @@
 {{ if .Values.notary.enabled }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ template "harbor.fullname" . }}-notary-db
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: notary-db
-data:
-  initial-notaryserver.sql: |
-    CREATE DATABASE IF NOT EXISTS `notaryserver`;
-    CREATE USER "server"@"%" IDENTIFIED BY "{{ .Values.notary.db.password }}";
-    GRANT ALL PRIVILEGES ON `notaryserver`.* TO "server"@"%"
-  initial-notarysigner.sql: |
-    CREATE DATABASE IF NOT EXISTS `notarysigner`;
-    CREATE USER "signer"@"%" IDENTIFIED BY "{{ .Values.notary.db.password }}";
-    GRANT ALL PRIVILEGES ON `notarysigner`.* TO "signer"@"%";
-
----
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -34,7 +15,7 @@ data:
 {{ .Values.notary.signer.tlsCrt | default $cert.Cert | indent 4 }}
   notary-signer.key: |
 {{ .Values.notary.signer.tlsKey | default $cert.Key  | indent 4 }}
-  server-config.json: |
+  server-config.postgres.json: |
     {
       "server": {
         "http_addr": ":4443"
@@ -50,8 +31,8 @@ data:
         "level": "debug"
       },
       "storage": {
-        "backend": "mysql",
+        "backend": "postgres",
-        "db_url": "server:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notaryserver?parseTime=True"
+        "db_url": "{{ template "harbor.database.notaryServer" . }}"
       },
       "auth": {
           "type": "token",
@@ -63,7 +44,7 @@ data:
           }
       }
     }
-  signer-config.json: |
+  signer-config.postgres.json: |
     {
       "server": {
         "grpc_addr": ":7899",
@@ -74,8 +55,8 @@ data:
         "level": "debug"
       },
       "storage": {
-        "backend": "mysql",
+        "backend": "postgres",
-        "db_url": "signer:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notarysigner?parseTime=True",
+        "db_url": "{{ template "harbor.database.notarySigner" . }}",
         "default_alias": "defaultalias"
       }
     }

contrib/helm/harbor/templates/notary/notary-db.yaml

@@ -1,83 +0,0 @@
-{{ if .Values.notary.enabled }}
-apiVersion: apps/v1beta2
-kind: StatefulSet
-metadata:
-  name: {{ template "harbor.fullname" . }}-notary-db
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: notary-db
-spec:
-  replicas: 1
-  serviceName: "{{ template "harbor.fullname" . }}-notary-db"
-  selector:
-    matchLabels:
-{{ include "harbor.matchLabels" . | indent 6 }}
-      component: notary-db
-  template:
-    metadata:
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-        component: notary-db
-    spec:
-      initContainers: 
-      - name: move-init-scripts
-        image: alpine:3.6
-        imagePullPolicy: IfNotPresent
-        command: [
-          "sh",
-          "-ce",
-          "ls -l /configmap/docker-entrypoint-initdb.d/* &&
-           cp -L /configmap/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d/"
-        ]
-        volumeMounts:
-        - name: notary-db-config
-          mountPath: /configmap/docker-entrypoint-initdb.d
-        - name: notary-db-init
-          mountPath: /docker-entrypoint-initdb.d
-      containers:
-      - name: notary-db
-        image: {{ .Values.notary.db.image.repository }}:{{ .Values.notary.db.image.tag }}
-        imagePullPolicy: {{ .Values.notary.db.image.pullPolicy }}
-        args: ["--innodb_file_per_table"]
-        env:
-          - name: TERM
-            value: "dumb"
-          - name: MYSQL_ALLOW_EMPTY_PASSWORD
-            value: "true"
-        resources:
-{{ toYaml .Values.notary.db.resources | indent 10 }}
-        volumeMounts:
-        - name: notary-db-config
-          mountPath: /configmap/docker-entrypoint-initdb.d
-        - name: notary-db-init
-          mountPath: /docker-entrypoint-initdb.d
-        - name: notary-db-data
-          mountPath: /var/lib/mysql
-      volumes:
-      - name: notary-db-config
-        configMap:
-          name: "{{ template "harbor.fullname" . }}-notary-db"
-      - name: notary-db-init
-        emptyDir: {}
-      {{- if not .Values.persistence.enabled }}
-      - name: notary-db-data
-        emptyDir: {}
-      {{- end -}}
-  {{- if .Values.persistence.enabled }}
-  volumeClaimTemplates:
-  - metadata:
-      name: notary-db-data
-    spec:
-      accessModes: [{{ .Values.notary.db.volumes.data.accessMode | quote }}]
-      {{- if .Values.notary.db.volumes.data.storageClass }}
-      {{- if (eq "-" .Values.notary.db.volumes.data.storageClass) }}
-      storageClassName: ""
-      {{- else }}
-      storageClassName: "{{ .Values.notary.db.volumes.data.storageClass }}"
-      {{- end }}
-      {{- end }}
-      resources:
-        requests:
-          storage: {{ .Values.notary.db.volumes.data.size | quote }}
-  {{- end -}}
-{{ end }}

contrib/helm/harbor/templates/notary/notary-server.yaml

@@ -25,8 +25,10 @@ spec:
         resources:
 {{ toYaml .Values.notary.server.resources | indent 10 }}
         env:
+        - name: MIGRATIONS_PATH
+          value: migrations/server/postgresql
         - name: DB_URL
-          value: "mysql://server:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notaryserver?parseTime=True"
+          value: {{ template "harbor.database.notaryServer" . }}
         volumeMounts:
         - name: notary-config
           mountPath: /etc/notary

contrib/helm/harbor/templates/notary/notary-signer.yaml

@@ -25,8 +25,10 @@ spec:
         resources:
 {{ toYaml .Values.notary.signer.resources | indent 10 }}
         env:
+        - name: MIGRATIONS_PATH
+          value: migrations/signer/postgresql
         - name: DB_URL
-          value: "mysql://signer:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notarysigner?parseTime=True"
+          value: {{ template "harbor.database.notarySigner" . }}
         - name: NOTARY_SIGNER_DEFAULTALIAS
           value: {{ .Values.notary.signer.env.NOTARY_SIGNER_DEFAULTALIAS }}
         volumeMounts:

contrib/helm/harbor/templates/notary/notary-svc.yaml

@@ -1,19 +1,4 @@
 {{ if .Values.notary.enabled }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "harbor.fullname" . }}-notary-db
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-spec:
-  ports:
-  - port: 3306
-  selector:
-{{ include "harbor.matchLabels" . | indent 4 }}
-    component: notary-db
-
----
 apiVersion: v1
 kind: Service
 metadata:

contrib/helm/harbor/values.yaml

@@ -182,33 +182,39 @@ ui:
   tolerations: []
   affinity: {}
 
-## MySQL Settings. Currently Harbor does not support an external
+database:
-## MySQL server, only their own image. Until this is fixed, do not
+  # if external database is used, set "type" to "external"
-## Change the settings below.
+  # and fill the connection informations in "external" section
-#
+  type: internal
-mysql:
+  internal:
-  image:
+    image:
-    repository: vmware/harbor-db
+      repository: vmware/harbor-db
-    tag: *harbor_image_tag
+      tag: *harbor_image_tag
-    pullPolicy: IfNotPresent
+      pullPolicy: IfNotPresent
-  # If left blank will use the included mysql service name.
+    # the superuser password of database
-  host: ~
+    password: "changeit"
-  port: 3306
+    volumes:
-  user: "root"
+      data:
-  pass: "registry"
+        # storageClass: "-"
-  database: "registry"
+        accessMode: ReadWriteOnce
-  volumes:
+        size: 1Gi
-    data:
+    # resources:
-      # storageClass: "-"
+    #  requests:
-      accessMode: ReadWriteOnce
+    #    memory: 256Mi
-      size: 1Gi
+    #    cpu: 100m
-  # resources:
+    nodeSelector: {}
-  #  requests:
+    tolerations: []
-  #    memory: 256Mi
+    affinity: {}
-  #    cpu: 100m
+  external:
-  nodeSelector: {}
+    host: "192.168.0.1"
-  tolerations: []
+    port: "5432"
-  affinity: {}
+    username: "user"
+    password: "password"
+    coreDatabase: "registry"
+    clairDatabase: "clair"
+    notaryServerDatabase: "notary_server"
+    notarySignerDatabase: "notary_signer"
+
 
 registry:
   image:
@@ -283,15 +289,9 @@ registry:
 clair:
   enabled: true
   image:
-    repository: vmware/clair-photon
+    repository: ywk253100/clair-photon
     tag: v2.0.1-v1.5.0-chart-patch
     pullPolicy: IfNotPresent
-## The following needs to match the credentials
-## in the `postgresql` configuration under the
-## `postgresql` namespace below.
-  postgresPassword: not-a-secure-password
-  postgresUser: clair
-  postgresDatabase: clair
 # resources:
 #  requests:
 #    memory: 256Mi
@@ -313,16 +313,6 @@ clair:
   tolerations: []
   affinity: {}
 
-## Settings for postgresql dependency.
-## see https://github.com/kubernetes/charts/tree/master/stable/postgresql
-## for further configurables.
-postgresql:
-  postgresUser: clair
-  postgresPassword: not-a-secure-password
-  postgresDatabase: clair
-  persistence:
-    enabled: false
-
 ## Settings for redis dependency.
 ## see https://github.com/kubernetes/charts/tree/master/stable/redis
 ## for further configurables.
@@ -355,21 +345,6 @@ notary:
     caCrt:
     tlsCrt:
     tlsKey:
-  db:
-    image:
-      repository: vmware/mariadb-photon
-      tag: *harbor_image_tag
-      pullPolicy: IfNotPresent
-    password: not-a-secure-password
-    volumes:
-      data:
-        # storageClass: "-"
-        accessMode: ReadWriteOnce
-        size: 1Gi
-    # resources:
-    #  requests:
-    #    memory: 256Mi
-    #    cpu: 100m
   nodeSelector: {}
   tolerations: []
   affinity: {}