diff --git a/contrib/helm/harbor/README.md b/contrib/helm/harbor/README.md index 23fad1318..6e718d0cd 100644 --- a/contrib/helm/harbor/README.md +++ b/contrib/helm/harbor/README.md @@ -111,17 +111,17 @@ The following tables lists the configurable parameters of the Harbor chart and t | `adminserver.emailIdentity` | | "" | | `adminserver.key` | adminsever key | `not-a-secure-key` | | `adminserver.emailPwd` | password for email | `not-a-secure-password` | -| `adminserver.harborAdminPassword` | password for admin user | `Harbor12345` | -| `adminserver.harborAuthenticationMode` | authentication mode for Harbor ( `db_auth` for local database, `ldap_auth` for LDAP, etc...) [Docs](https://github.com/vmware/harbor/blob/master/docs/user_guide.md#user-account) | `db_auth` | +| `adminserver.adminPassword` | password for admin user | `Harbor12345` | +| `adminserver.authenticationMode` | authentication mode for Harbor ( `db_auth` for local database, `ldap_auth` for LDAP, etc...) [Docs](https://github.com/vmware/harbor/blob/master/docs/user_guide.md#user-account) | `db_auth` | | `adminserver.selfRegistration` | Allows users to register by themselves, otherwise only administrators can add users | `on` | -| `adminserver.authenticationLdapURL` | LDAP server URL for `ldap_auth` authentication | `ldaps://ldapserver` | -| `adminserver.authenticationLdapSearchDN` | LDAP Search DN | `` | -| `adminserver.authenticationLdapBaseDN` | LDAP Base DN | `` | -| `adminserver.authenticationLdapFilter` | LDAP Filter | `(objectClass=person)` | -| `adminserver.authenticationLdapUID` | LDAP UID | `uid` | -| `adminserver.authenticationLdapScope` | LDAP Scope | `2` | -| `adminserver.authenticationLdapTimeout` | LDAP Timeout | `5` | -| `adminserver.authenticationLdapVerifyCert` | LDAP Verify HTTPS Certificate | `True` | +| `adminserver.ldap.url` | LDAP server URL for `ldap_auth` authentication | `ldaps://ldapserver` | +| `adminserver.ldap.searchDN` | LDAP Search DN | `` | +| `adminserver.ldap.baseDN` | LDAP Base DN | `` | +| `adminserver.ldap.filter` | LDAP Filter | `(objectClass=person)` | +| `adminserver.ldap.uid` | LDAP UID | `uid` | +| `adminserver.ldap.scope` | LDAP Scope | `2` | +| `adminserver.ldap.timeout` | LDAP Timeout | `5` | +| `adminserver.ldap.verifyCert` | LDAP Verify HTTPS Certificate | `True` | | `adminserver.resources` | [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) to allocate for container | undefined | | `adminserver.volumes` | used to create PVCs if persistence is enabled (see instructions in values.yaml) | see values.yaml | | **Jobservice** | diff --git a/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml b/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml index 6f5a3aa79..90d62aff8 100644 --- a/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml +++ b/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml @@ -29,16 +29,16 @@ data: WITH_NOTARY: "{{ .Values.notary.enabled }}" LOG_LEVEL: "info" IMAGE_STORE_PATH: "/" # This is a temporary hack. - AUTH_MODE: "{{ .Values.adminserver.harborAuthenticationMode }}" + AUTH_MODE: "{{ .Values.adminserver.authenticationMode }}" SELF_REGISTRATION: "{{ .Values.adminserver.selfRegistration }}" - LDAP_URL: "{{ .Values.adminserver.authenticationLdapURL }}" - LDAP_SEARCH_DN: "{{ .Values.adminserver.authenticationLdapSearchDN }}" - LDAP_BASE_DN: "{{ .Values.adminserver.authenticationLdapBaseDN }}" - LDAP_FILTER: "{{ .Values.adminserver.authenticationLdapFilter }}" - LDAP_UID: "{{ .Values.adminserver.authenticationLdapUID }}" - LDAP_SCOPE: "{{ .Values.adminserver.authenticationLdapScope }}" - LDAP_TIMEOUT: "{{ .Values.adminserver.authenticationLdapTimeout }}" - LDAP_VERIFY_CERT: "{{ .Values.adminserver.authenticationLdapVerifyCert }}" + LDAP_URL: "{{ .Values.adminserver.ldap.url }}" + LDAP_SEARCH_DN: "{{ .Values.adminserver.ldap.searchDN }}" + LDAP_BASE_DN: "{{ .Values.adminserver.ldap.baseDN }}" + LDAP_FILTER: "{{ .Values.adminserver.ldap.filter }}" + LDAP_UID: "{{ .Values.adminserver.ldap.uid }}" + LDAP_SCOPE: "{{ .Values.adminserver.ldap.scope }}" + LDAP_TIMEOUT: "{{ .Values.adminserver.ldap.timeout }}" + LDAP_VERIFY_CERT: "{{ .Values.adminserver.ldap.verifyCert }}" DATABASE_TYPE: "mysql" PROJECT_CREATION_RESTRICTION: "everyone" VERIFY_REMOTE_CERT: "off" diff --git a/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml b/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml index 6014ca16f..fd2aff13f 100644 --- a/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml +++ b/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml @@ -9,7 +9,7 @@ type: Opaque data: secretKey: {{ .Values.secretKey | b64enc | quote }} EMAIL_PWD: {{ .Values.adminserver.emailPwd | b64enc | quote }} - HARBOR_ADMIN_PASSWORD: {{ .Values.adminserver.harborAdminPassword | b64enc | quote }} + HARBOR_ADMIN_PASSWORD: {{ .Values.adminserver.adminPassword | b64enc | quote }} MYSQL_PWD: {{ .Values.mysql.pass | b64enc | quote }} JOBSERVICE_SECRET: {{ .Values.jobservice.secret | b64enc | quote }} UI_SECRET: {{ .Values.ui.secret | b64enc | quote }} diff --git a/contrib/helm/harbor/values.yaml b/contrib/helm/harbor/values.yaml index 39efff4ef..0e980e98e 100644 --- a/contrib/helm/harbor/values.yaml +++ b/contrib/helm/harbor/values.yaml @@ -65,17 +65,18 @@ adminserver: emailIdentity: "" emailInsecure: "False" emailPwd: not-a-secure-password - harborAdminPassword: Harbor12345 - harborAuthenticationMode: "db_auth" + adminPassword: Harbor12345 + authenticationMode: "db_auth" selfRegistration: "on" - authenticationLdapURL: "ldaps://ldapserver" - authenticationLdapSearchDN: "" - authenticationLdapBaseDN: "" - authenticationLdapFilter: "(objectClass=person)" - authenticationLdapUID: "uid" - authenticationLdapScope: "2" - authenticationLdapTimeout: "5" - authenticationLdapVerifyCert: "True" + ldap: + url: "ldaps://ldapserver" + searchDN: "" + baseDN: "" + filter: "(objectClass=person)" + uid: "uid" + scope: "2" + timeout: "5" + verifyCert: "True" ## Persist data to a persistent volume volumes: config: