mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-29 05:35:43 +01:00
Make Helm Chart support Harbor 1.5.0
Update the helm chart of Harbor to use 1.5 image. Specifically `1.5.0-chart-patch` to include the fix to #4496 (for integration reason this fix will not be merge to release branch). Verified against kubenetes v1.10.0
This commit is contained in:
parent
3917512d3e
commit
065fbfa1a1
@ -1,6 +1,6 @@
|
|||||||
name: harbor
|
name: harbor
|
||||||
version: 0.1.2
|
version: 0.2.0
|
||||||
appVersion: 1.4.0
|
appVersion: 1.5.0
|
||||||
description: An Enterprise-class Docker Registry by VMware
|
description: An Enterprise-class Docker Registry by VMware
|
||||||
keywords:
|
keywords:
|
||||||
- vmware
|
- vmware
|
||||||
|
@ -2,5 +2,8 @@ dependencies:
|
|||||||
- name: postgresql
|
- name: postgresql
|
||||||
repository: https://kubernetes-charts.storage.googleapis.com
|
repository: https://kubernetes-charts.storage.googleapis.com
|
||||||
version: 0.9.1
|
version: 0.9.1
|
||||||
digest: sha256:e89ecacdca0cc0414763a586832bf7ca3d57bd25ac8e1a08e41080b610eb5a7d
|
- name: redis
|
||||||
generated: 2018-03-09T15:34:27.167977722-06:00
|
repository: https://kubernetes-charts.storage.googleapis.com
|
||||||
|
version: 3.2.5
|
||||||
|
digest: sha256:e0f18247038eaab8d8e88ebb4abf4ea59778a8654528957957534adf6337915b
|
||||||
|
generated: 2018-05-16T11:34:09.070799886+08:00
|
||||||
|
@ -2,3 +2,6 @@ dependencies:
|
|||||||
- name: postgresql
|
- name: postgresql
|
||||||
version: 0.9.1
|
version: 0.9.1
|
||||||
repository: https://kubernetes-charts.storage.googleapis.com
|
repository: https://kubernetes-charts.storage.googleapis.com
|
||||||
|
- name: redis
|
||||||
|
version: 3.2.5
|
||||||
|
repository: https://kubernetes-charts.storage.googleapis.com
|
||||||
|
@ -46,12 +46,6 @@ so it can match Harbor service FQDN and Notary service FQDN.
|
|||||||
{{- printf "notary-%s" .Values.externalDomain -}}
|
{{- printf "notary-%s" .Values.externalDomain -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{/*
|
|
||||||
The internal service name of Notary server.
|
|
||||||
notary-server hostname is not configurable in Harbor 1.4.0.
|
|
||||||
Once Harbor 1.5.x is released, use this instead:
|
|
||||||
{{- printf "%s-notary-server" (include "harbor.fullname") -}}
|
|
||||||
*/}}
|
|
||||||
{{- define "harbor.notaryServiceName" -}}
|
{{- define "harbor.notaryServiceName" -}}
|
||||||
{{- printf "%s" "notary-server" -}}
|
{{- printf "%s-notary-server" (include "harbor.fullname" .) -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
@ -54,6 +54,7 @@ data:
|
|||||||
CLAIR_DB_PORT: "5432"
|
CLAIR_DB_PORT: "5432"
|
||||||
CLAIR_DB: "{{ .Values.clair.postgresDatabase }}"
|
CLAIR_DB: "{{ .Values.clair.postgresDatabase }}"
|
||||||
CLAIR_DB_USERNAME: "{{ .Values.clair.postgresUser }}"
|
CLAIR_DB_USERNAME: "{{ .Values.clair.postgresUser }}"
|
||||||
|
CLAIR_URL: "http://{{ template "harbor.fullname" . }}-clair:6060"
|
||||||
UAA_ENDPOINT: ""
|
UAA_ENDPOINT: ""
|
||||||
UAA_CLIENTID: ""
|
UAA_CLIENTID: ""
|
||||||
UAA_CLIENTSECRET: ""
|
UAA_CLIENTSECRET: ""
|
||||||
|
@ -22,14 +22,14 @@ spec:
|
|||||||
- name: clair
|
- name: clair
|
||||||
image: {{ .Values.clair.image.repository }}:{{ .Values.clair.image.tag }}
|
image: {{ .Values.clair.image.repository }}:{{ .Values.clair.image.tag }}
|
||||||
imagePullPolicy: {{ .Values.clair.image.pullPolicy }}
|
imagePullPolicy: {{ .Values.clair.image.pullPolicy }}
|
||||||
args: ["-insecure-tls", "-config", "/config/config.yaml"]
|
args: ["-insecure-tls", "-config", "/etc/clair/config.yaml"]
|
||||||
resources:
|
resources:
|
||||||
{{ toYaml .Values.clair.resources | indent 10 }}
|
{{ toYaml .Values.clair.resources | indent 10 }}
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 6060
|
- containerPort: 6060
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: clair-config
|
- name: clair-config
|
||||||
mountPath: /config/config.yaml
|
mountPath: /etc/clair/config.yaml
|
||||||
subPath: config.yaml
|
subPath: config.yaml
|
||||||
volumes:
|
volumes:
|
||||||
- name: clair-config
|
- name: clair-config
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: clair
|
name: "{{ template "harbor.fullname" . }}-clair"
|
||||||
labels:
|
labels:
|
||||||
{{ include "harbor.labels" . | indent 4 }}
|
{{ include "harbor.labels" . | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
|
@ -5,9 +5,17 @@ metadata:
|
|||||||
labels:
|
labels:
|
||||||
{{ include "harbor.labels" . | indent 4 }}
|
{{ include "harbor.labels" . | indent 4 }}
|
||||||
data:
|
data:
|
||||||
app.conf: |+
|
config.yml: |+
|
||||||
appname = jobservice
|
protocol: "http"
|
||||||
runmode = prod
|
port: 8080
|
||||||
|
worker_pool:
|
||||||
[prod]
|
workers: {{ .Values.jobservice.maxWorkers }}
|
||||||
httpport = 8080
|
backend: "redis"
|
||||||
|
redis_pool:
|
||||||
|
redis_url: "{{ .Release.Name }}-redis-master:{{ .Values.redis.master.port }}"
|
||||||
|
namespace: "harbor_job_service_namespace"
|
||||||
|
logger:
|
||||||
|
path: "/var/log/jobs"
|
||||||
|
level: "INFO"
|
||||||
|
archive_period: 14 #days
|
||||||
|
admin_server: "http://{{ template "harbor.fullname" . }}-adminserver"
|
||||||
|
@ -29,32 +29,19 @@ spec:
|
|||||||
env:
|
env:
|
||||||
- name: LOG_LEVEL
|
- name: LOG_LEVEL
|
||||||
value: debug
|
value: debug
|
||||||
- name: CONFIG_PATH
|
|
||||||
value: /etc/jobservice/app.conf
|
|
||||||
- name: GODEBUG
|
- name: GODEBUG
|
||||||
value: netdns=cgo
|
value: netdns=cgo
|
||||||
- name: ADMINSERVER_URL
|
|
||||||
value: "http://{{ template "harbor.fullname" . }}-adminserver"
|
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8080
|
- containerPort: 8080
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: jobservice-config
|
- name: jobservice-config
|
||||||
mountPath: /etc/jobservice/app.conf
|
mountPath: /etc/jobservice/config.yml
|
||||||
subPath: app.conf
|
subPath: config.yml
|
||||||
- name: jobservice-secrets
|
|
||||||
mountPath: /etc/jobservice/key
|
|
||||||
subPath: key
|
|
||||||
- name: job-logs
|
- name: job-logs
|
||||||
mountPath: /var/log/jobs
|
mountPath: /var/log/jobs
|
||||||
volumes:
|
volumes:
|
||||||
- name: jobservice-config
|
- name: jobservice-config
|
||||||
configMap:
|
configMap:
|
||||||
name: "{{ template "harbor.fullname" . }}-jobservice"
|
name: "{{ template "harbor.fullname" . }}-jobservice"
|
||||||
- name: jobservice-secrets
|
|
||||||
secret:
|
|
||||||
secretName: "{{ template "harbor.fullname" . }}-jobservice"
|
|
||||||
items:
|
|
||||||
- key: secretKey
|
|
||||||
path: key
|
|
||||||
- name: job-logs
|
- name: job-logs
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
@ -43,7 +43,7 @@ data:
|
|||||||
"type": "remote",
|
"type": "remote",
|
||||||
"hostname": "{{ template "harbor.fullname" . }}-notary-signer",
|
"hostname": "{{ template "harbor.fullname" . }}-notary-signer",
|
||||||
"port": "7899",
|
"port": "7899",
|
||||||
"tls_ca_file": "/config/notary-signer-ca.crt",
|
"tls_ca_file": "./notary-signer-ca.crt",
|
||||||
"key_algorithm": "ecdsa"
|
"key_algorithm": "ecdsa"
|
||||||
},
|
},
|
||||||
"logging": {
|
"logging": {
|
||||||
|
@ -19,6 +19,21 @@ spec:
|
|||||||
{{ include "harbor.labels" . | indent 8 }}
|
{{ include "harbor.labels" . | indent 8 }}
|
||||||
component: notary-db
|
component: notary-db
|
||||||
spec:
|
spec:
|
||||||
|
initContainers:
|
||||||
|
- name: move-init-scripts
|
||||||
|
image: alpine:3.6
|
||||||
|
imagePullPolicy: IfNotPresent
|
||||||
|
command: [
|
||||||
|
"sh",
|
||||||
|
"-ce",
|
||||||
|
"ls -l /configmap/docker-entrypoint-initdb.d/* &&
|
||||||
|
cp -L /configmap/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d/"
|
||||||
|
]
|
||||||
|
volumeMounts:
|
||||||
|
- name: notary-db-config
|
||||||
|
mountPath: /configmap/docker-entrypoint-initdb.d
|
||||||
|
- name: notary-db-init
|
||||||
|
mountPath: /docker-entrypoint-initdb.d
|
||||||
containers:
|
containers:
|
||||||
- name: notary-db
|
- name: notary-db
|
||||||
image: {{ .Values.notary.db.image.repository }}:{{ .Values.notary.db.image.tag }}
|
image: {{ .Values.notary.db.image.repository }}:{{ .Values.notary.db.image.tag }}
|
||||||
@ -33,30 +48,36 @@ spec:
|
|||||||
{{ toYaml .Values.notary.db.resources | indent 10 }}
|
{{ toYaml .Values.notary.db.resources | indent 10 }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: notary-db-config
|
- name: notary-db-config
|
||||||
|
mountPath: /configmap/docker-entrypoint-initdb.d
|
||||||
|
- name: notary-db-init
|
||||||
mountPath: /docker-entrypoint-initdb.d
|
mountPath: /docker-entrypoint-initdb.d
|
||||||
- name: notary-db
|
- name: notary-db-data
|
||||||
mountPath: /var/lib/mysql
|
mountPath: /var/lib/mysql
|
||||||
volumes:
|
volumes:
|
||||||
- name: notary-db-config
|
- name: notary-db-config
|
||||||
configMap:
|
configMap:
|
||||||
name: "{{ template "harbor.fullname" . }}-notary-db"
|
name: "{{ template "harbor.fullname" . }}-notary-db"
|
||||||
|
- name: notary-db-init
|
||||||
|
emptyDir: {}
|
||||||
{{- if not .Values.persistence.enabled }}
|
{{- if not .Values.persistence.enabled }}
|
||||||
- name: notary-db
|
- name: notary-db-data
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if .Values.persistence.enabled }}
|
{{- if .Values.persistence.enabled }}
|
||||||
volumeClaimTemplates:
|
volumeClaimTemplates:
|
||||||
- metadata:
|
- metadata:
|
||||||
name: notary-db
|
name: notary-db-data
|
||||||
spec:
|
spec:
|
||||||
accessModes: [{{ .Values.notary.db.volumes.data.accessMode | quote }}]
|
accessModes: [{{ .Values.notary.db.volumes.data.accessMode | quote }}]
|
||||||
|
{{- if .Values.notary.db.volumes.data.storageClass }}
|
||||||
{{- if (eq "-" .Values.notary.db.volumes.data.storageClass) }}
|
{{- if (eq "-" .Values.notary.db.volumes.data.storageClass) }}
|
||||||
storageClassName: ""
|
storageClassName: ""
|
||||||
{{- else }}
|
{{- else }}
|
||||||
storageClassName: "{{ .Values.notary.db.volumes.data.storageClass }}"
|
storageClassName: "{{ .Values.notary.db.volumes.data.storageClass }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: {{ .Values.adminserver.volumes.data.size | quote }}
|
storage: {{ .Values.notary.db.volumes.data.size | quote }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{ end }}
|
{{ end }}
|
@ -29,7 +29,7 @@ spec:
|
|||||||
value: "mysql://server:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notaryserver?parseTime=True"
|
value: "mysql://server:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notaryserver?parseTime=True"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: notary-config
|
- name: notary-config
|
||||||
mountPath: /config
|
mountPath: /etc/notary
|
||||||
- name: root-certificate
|
- name: root-certificate
|
||||||
mountPath: /root.crt
|
mountPath: /root.crt
|
||||||
subPath: root.crt
|
subPath: root.crt
|
||||||
|
@ -31,7 +31,7 @@ spec:
|
|||||||
value: {{ .Values.notary.signer.env.NOTARY_SIGNER_DEFAULTALIAS }}
|
value: {{ .Values.notary.signer.env.NOTARY_SIGNER_DEFAULTALIAS }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: notary-config
|
- name: notary-config
|
||||||
mountPath: /config
|
mountPath: /etc/notary
|
||||||
volumes:
|
volumes:
|
||||||
- name: notary-config
|
- name: notary-config
|
||||||
configMap:
|
configMap:
|
||||||
|
@ -23,7 +23,7 @@ spec:
|
|||||||
image: {{ .Values.registry.image.repository }}:{{ .Values.registry.image.tag }}
|
image: {{ .Values.registry.image.repository }}:{{ .Values.registry.image.tag }}
|
||||||
imagePullPolicy: {{ .Values.registry.image.pullPolicy }}
|
imagePullPolicy: {{ .Values.registry.image.pullPolicy }}
|
||||||
resources:
|
resources:
|
||||||
{{ toYaml .Values.mysql.resources | indent 10 }}
|
{{ toYaml .Values.registry.resources | indent 10 }}
|
||||||
args: ["serve", "/etc/registry/config.yml"]
|
args: ["serve", "/etc/registry/config.yml"]
|
||||||
env:
|
env:
|
||||||
- name: REGISTRY_HTTP_SECRET
|
- name: REGISTRY_HTTP_SECRET
|
||||||
@ -55,7 +55,7 @@ spec:
|
|||||||
{{- if and (not .Values.registry.objectStorage) .Values.persistence.enabled }}
|
{{- if and (not .Values.registry.objectStorage) .Values.persistence.enabled }}
|
||||||
volumeClaimTemplates:
|
volumeClaimTemplates:
|
||||||
- metadata:
|
- metadata:
|
||||||
name: "registry-data"
|
name: registry-data
|
||||||
labels:
|
labels:
|
||||||
{{ include "harbor.labels" . | indent 8 }}
|
{{ include "harbor.labels" . | indent 8 }}
|
||||||
spec:
|
spec:
|
||||||
|
@ -38,8 +38,6 @@ spec:
|
|||||||
value: "1"
|
value: "1"
|
||||||
- name: ADMINSERVER_URL
|
- name: ADMINSERVER_URL
|
||||||
value: "http://{{ template "harbor.fullname" . }}-adminserver"
|
value: "http://{{ template "harbor.fullname" . }}-adminserver"
|
||||||
- name: CLAIR_DB_HOST
|
|
||||||
value: "{{ template "harbor.fullname" . }}-clair-pg"
|
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8080
|
- containerPort: 8080
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
|
@ -26,10 +26,10 @@
|
|||||||
# cpu: 100m
|
# cpu: 100m
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
enabled: false
|
enabled: true
|
||||||
|
|
||||||
# The tag for Harbor docker images.
|
# The tag for Harbor docker images.
|
||||||
harborImageTag: &harbor_image_tag v1.4.0
|
harborImageTag: &harbor_image_tag v1.5.0-chart-patch
|
||||||
|
|
||||||
# The FQDN for Harbor service.
|
# The FQDN for Harbor service.
|
||||||
externalDomain: harbor.my.domain
|
externalDomain: harbor.my.domain
|
||||||
@ -98,6 +98,7 @@ jobservice:
|
|||||||
tag: *harbor_image_tag
|
tag: *harbor_image_tag
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
secret: not-a-secure-secret
|
secret: not-a-secure-secret
|
||||||
|
maxWorkers: 50
|
||||||
# resources:
|
# resources:
|
||||||
# requests:
|
# requests:
|
||||||
# memory: 256Mi
|
# memory: 256Mi
|
||||||
@ -196,7 +197,7 @@ mysql:
|
|||||||
registry:
|
registry:
|
||||||
image:
|
image:
|
||||||
repository: vmware/registry-photon
|
repository: vmware/registry-photon
|
||||||
tag: v2.6.2-v1.4.0
|
tag: v2.6.2-v1.5.0-chart-patch
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
httpSecret: not-a-secure-secret
|
httpSecret: not-a-secure-secret
|
||||||
logLevel: info
|
logLevel: info
|
||||||
@ -265,7 +266,7 @@ clair:
|
|||||||
enabled: true
|
enabled: true
|
||||||
image:
|
image:
|
||||||
repository: vmware/clair-photon
|
repository: vmware/clair-photon
|
||||||
tag: v2.0.1-v1.4.0
|
tag: v2.0.1-v1.5.0-chart-patch
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
## The following needs to match the credentials
|
## The following needs to match the credentials
|
||||||
## in the `postgresql` configuration under the
|
## in the `postgresql` configuration under the
|
||||||
@ -301,17 +302,31 @@ postgresql:
|
|||||||
persistence:
|
persistence:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
|
## Settings for redis dependency.
|
||||||
|
## see https://github.com/kubernetes/charts/tree/master/stable/redis
|
||||||
|
## for further configurables.
|
||||||
|
redis:
|
||||||
|
# Update needed in the cm that defines redis_url if usePassword is set to true.
|
||||||
|
usePassword: false
|
||||||
|
cluster:
|
||||||
|
enabled: false
|
||||||
|
master:
|
||||||
|
persistence:
|
||||||
|
# TODO: There is a perm issue: Can't open the append-only file: Permission denied
|
||||||
|
# TODO: Setting it to false is a temp workaround. Will re-visit this problem.
|
||||||
|
enabled: false
|
||||||
|
|
||||||
notary:
|
notary:
|
||||||
enabled: true
|
enabled: true
|
||||||
server:
|
server:
|
||||||
image:
|
image:
|
||||||
repository: vmware/notary-server-photon
|
repository: vmware/notary-server-photon
|
||||||
tag: v0.5.1-v1.4.0
|
tag: v0.5.1-v1.5.0-chart-patch
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
signer:
|
signer:
|
||||||
image:
|
image:
|
||||||
repository: vmware/notary-signer-photon
|
repository: vmware/notary-signer-photon
|
||||||
tag: v0.5.1-v1.4.0
|
tag: v0.5.1-v1.5.0-chart-patch
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
NOTARY_SIGNER_DEFAULTALIAS: defaultalias
|
NOTARY_SIGNER_DEFAULTALIAS: defaultalias
|
||||||
|
Loading…
Reference in New Issue
Block a user