Adding LDAP authentication parameters to helm chart

This commit is contained in:
lucaim 2018-03-26 17:41:49 +02:00
parent 0c95bd6ffa
commit 05b9031327
3 changed files with 30 additions and 11 deletions

View File

@ -112,6 +112,16 @@ The following tables lists the configurable parameters of the Harbor chart and t
| `adminserver.key` | adminsever key | `not-a-secure-key` |
| `adminserver.emailPwd` | password for email | `not-a-secure-password` |
| `adminserver.harborAdminPassword` | password for admin user | `Harbor12345` |
| `adminserver.harborAuthenticationMode` | authentication mode for Harbor ( `db_auth` for local database, `ldap_auth` for LDAP, etc...) [Docs](https://github.com/vmware/harbor/blob/master/docs/user_guide.md#user-account) | `db_auth` |
| `adminserver.selfRegistration` | Allows users to register by themselves, otherwise only administrators can add users | `on` |
| `adminserver.authenticationLdapURL` | LDAP server URL for `ldap_auth` authentication | `ldaps://ldapserver` |
| `adminserver.authenticationLdapSearchDN` | LDAP Search DN | `` |
| `adminserver.authenticationLdapBaseDN` | LDAP Base DN | `` |
| `adminserver.authenticationLdapFilter` | LDAP Filter | `(objectClass=person)` |
| `adminserver.authenticationLdapUID` | LDAP UID | `uid` |
| `adminserver.authenticationLdapScope` | LDAP Scope | `2` |
| `adminserver.authenticationLdapTimeout` | LDAP Timeout | `5` |
| `adminserver.authenticationLdapVerifyCert` | LDAP Verify HTTPS Certificate | `True` |
| `adminserver.resources` | [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) to allocate for container | undefined |
| `adminserver.volumes` | used to create PVCs if persistence is enabled (see instructions in values.yaml) | see values.yaml |
| **Jobservice** |

View File

@ -29,17 +29,16 @@ data:
WITH_NOTARY: "{{ .Values.notary.enabled }}"
LOG_LEVEL: "info"
IMAGE_STORE_PATH: "/" # This is a temporary hack.
AUTH_MODE: "db_auth"
SELF_REGISTRATION: "on"
LDAP_URL: "ldaps://ldapserver"
LDAP_SEARCH_DN: ""
LDAP_BASE_DN: ""
LDAP_FILTER: "(objectClass=person)"
LDAP_UID: "uid"
LDAP_SCOPE: "2"
LDAP_TIMEOUT: "5"
LDAP_TIMEOUT: "5"
LDAP_VERIFY_CERT: "True"
AUTH_MODE: "{{ .Values.adminserver.harborAuthenticationMode }}"
SELF_REGISTRATION: "{{ .Values.adminserver.selfRegistration }}"
LDAP_URL: "{{ .Values.adminserver.authenticationLdapURL }}"
LDAP_SEARCH_DN: "{{ .Values.adminserver.authenticationLdapSearchDN }}"
LDAP_BASE_DN: "{{ .Values.adminserver.authenticationLdapBaseDN }}"
LDAP_FILTER: "{{ .Values.adminserver.authenticationLdapFilter }}"
LDAP_UID: "{{ .Values.adminserver.authenticationLdapUID }}"
LDAP_SCOPE: "{{ .Values.adminserver.authenticationLdapScope }}"
LDAP_TIMEOUT: "{{ .Values.adminserver.authenticationLdapTimeout }}"
LDAP_VERIFY_CERT: "{{ .Values.adminserver.authenticationLdapVerifyCert }}"
DATABASE_TYPE: "mysql"
PROJECT_CREATION_RESTRICTION: "everyone"
VERIFY_REMOTE_CERT: "off"

View File

@ -66,6 +66,16 @@ adminserver:
emailInsecure: "False"
emailPwd: not-a-secure-password
harborAdminPassword: Harbor12345
harborAuthenticationMode: "db_auth"
selfRegistration: "on"
authenticationLdapURL: "ldaps://ldapserver"
authenticationLdapSearchDN: ""
authenticationLdapBaseDN: ""
authenticationLdapFilter: "(objectClass=person)"
authenticationLdapUID: "uid"
authenticationLdapScope: "2"
authenticationLdapTimeout: "5"
authenticationLdapVerifyCert: "True"
## Persist data to a persistent volume
volumes:
config: