From 184e89365b421662d9865e820a3fe6ecb87e82d0 Mon Sep 17 00:00:00 2001 From: DQ Date: Tue, 22 Sep 2020 19:37:44 +0800 Subject: [PATCH] Fix internal tls config upgrade issue internal tls config upgrade is not included in template, this pr is to add it. Signed-off-by: DQ --- .../migrations/version_2_1_0/harbor.yml.jinja | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/make/photon/prepare/migrations/version_2_1_0/harbor.yml.jinja b/make/photon/prepare/migrations/version_2_1_0/harbor.yml.jinja index c096583a5..6ca0f82bf 100644 --- a/make/photon/prepare/migrations/version_2_1_0/harbor.yml.jinja +++ b/make/photon/prepare/migrations/version_2_1_0/harbor.yml.jinja @@ -33,12 +33,20 @@ https: # private_key: /your/private/key/path {% endif %} -# # Uncomment following will enable tls communication between all harbor components +{% if internal_tls is defined %} +# Uncomment following will enable tls communication between all harbor components +internal_tls: + # set enabled to true means internal tls is enabled + enabled: {{ internal_tls.enabled | lower }} + # put your cert and key files on dir + dir: {{ internal_tls.dir }} +{% else %} # internal_tls: # # set enabled to true means internal tls is enabled # enabled: true # # put your cert and key files on dir # dir: /etc/harbor/tls/internal +{% endif %} # Uncomment external_url if you want to enable external proxy # And when it enabled the hostname will no longer used @@ -144,7 +152,7 @@ clair: trivy: # ignoreUnfixed The flag to display only fixed vulnerabilities {% if trivy.ignore_unfixed is defined %} - ignore_unfixed: {{ trivy.ignore_unfixed }} + ignore_unfixed: {{ trivy.ignore_unfixed | lower }} {% else %} ignore_unfixed: false {% endif %} @@ -154,14 +162,14 @@ trivy: # If the flag is enabled you have to manually download the `trivy.db` file and mount it in the # /home/scanner/.cache/trivy/db/trivy.db path. {% if trivy.skip_update is defined %} - skip_update: {{ trivy.skip_update }} + skip_update: {{ trivy.skip_update | lower }} {% else %} skip_update: false {% endif %} # # insecure The flag to skip verifying registry certificate {% if trivy.insecure is defined %} - insecure: {{ trivy.insecure }} + insecure: {{ trivy.insecure | lower }} {% else %} insecure: false {% endif %}