From 187b0dcdbba2d0d44b8a388d29368e80c0f3b6c9 Mon Sep 17 00:00:00 2001
From: Paul Czarkowski <username.taken@gmail.com>
Date: Fri, 9 Mar 2018 17:11:21 -0600
Subject: [PATCH 1/2] update helm chart to use external postgresql dependency

---
 contrib/helm/harbor/.gitignore                |  1 +
 contrib/helm/harbor/Chart.yaml                |  2 +-
 contrib/helm/harbor/README.md                 |  4 +-
 contrib/helm/harbor/requirements.lock         |  6 ++
 contrib/helm/harbor/requirements.yaml         |  4 ++
 .../templates/adminserver/adminserver-cm.yaml |  6 +-
 .../helm/harbor/templates/clair/clair-cm.yaml |  5 +-
 .../harbor/templates/clair/clair-dpl.yaml     |  2 +-
 .../templates/clair/postgres-secret.yaml      | 11 ---
 .../harbor/templates/clair/postgres-ss.yaml   | 72 -------------------
 .../harbor/templates/clair/postgres-svc.yaml  | 14 ----
 contrib/helm/harbor/values.yaml               | 19 +++--
 12 files changed, 32 insertions(+), 114 deletions(-)
 create mode 100644 contrib/helm/harbor/.gitignore
 create mode 100644 contrib/helm/harbor/requirements.lock
 create mode 100644 contrib/helm/harbor/requirements.yaml
 delete mode 100644 contrib/helm/harbor/templates/clair/postgres-secret.yaml
 delete mode 100644 contrib/helm/harbor/templates/clair/postgres-ss.yaml
 delete mode 100644 contrib/helm/harbor/templates/clair/postgres-svc.yaml

diff --git a/contrib/helm/harbor/.gitignore b/contrib/helm/harbor/.gitignore
new file mode 100644
index 000000000..e6b3ed643
--- /dev/null
+++ b/contrib/helm/harbor/.gitignore
@@ -0,0 +1 @@
+charts/*
diff --git a/contrib/helm/harbor/Chart.yaml b/contrib/helm/harbor/Chart.yaml
index 55fa4b477..3244c10d6 100644
--- a/contrib/helm/harbor/Chart.yaml
+++ b/contrib/helm/harbor/Chart.yaml
@@ -1,5 +1,5 @@
 name: harbor
-version: 0.1.0
+version: 0.1.1
 appVersion: 1.4.0
 description: An Enterprise-class Docker Registry by VMware
 keywords:
diff --git a/contrib/helm/harbor/README.md b/contrib/helm/harbor/README.md
index 17d6c52f4..90ed3ff35 100644
--- a/contrib/helm/harbor/README.md
+++ b/contrib/helm/harbor/README.md
@@ -154,8 +154,8 @@ The following tables lists the configurable parameters of the Harbor chart and t
 | `clair.enabled` | Enable clair? | `true` |
 | `clair.image.repository` | Repository for clair image | `vmware/clair-photon` |
 | `clair.image.tag` | Tag for clair image | `v2.0.1-v1.4.0`
-| `clair.postgresPassword` | password for clair postgres | see values.yaml |
-| `clair.resources` | [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) to allocate for container   | undefined | `clair.pgResources` | [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) to allocate for container   | undefined |
+| `clair.resources` | [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) to allocate for container   | undefined
+| `postgresql` | Overrides for postgresql chart [values.yaml](https://github.com/kubernetes/charts/blob/f2938a46e3ae8e2512ede1142465004094c3c333/stable/postgresql/values.yaml) | see values.yaml
 | | | |
 
 
diff --git a/contrib/helm/harbor/requirements.lock b/contrib/helm/harbor/requirements.lock
new file mode 100644
index 000000000..fa6b0c773
--- /dev/null
+++ b/contrib/helm/harbor/requirements.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://kubernetes-charts.storage.googleapis.com
+  version: 0.9.1
+digest: sha256:e89ecacdca0cc0414763a586832bf7ca3d57bd25ac8e1a08e41080b610eb5a7d
+generated: 2018-03-09T15:34:27.167977722-06:00
diff --git a/contrib/helm/harbor/requirements.yaml b/contrib/helm/harbor/requirements.yaml
new file mode 100644
index 000000000..a6a999960
--- /dev/null
+++ b/contrib/helm/harbor/requirements.yaml
@@ -0,0 +1,4 @@
+dependencies:
+- name: postgresql
+  version: 0.9.1
+  repository: https://kubernetes-charts.storage.googleapis.com
diff --git a/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml b/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
index 559f65e22..1ff8f8b8b 100644
--- a/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
+++ b/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
@@ -50,10 +50,10 @@ data:
   ADMIRAL_URL: "NA"
   RESET: "false"
   WITH_CLAIR: "{{ .Values.clair.enabled }}"
-  CLAIR_DB_HOST: "{{ template "harbor.fullname" . }}-clair-pg"
+  CLAIR_DB_HOST: "{{ .Release.Name }}-postgresql"
   CLAIR_DB_PORT: "5432"
-  CLAIR_DB: "postgres"
-  CLAIR_DB_USERNAME: "postgres"
+  CLAIR_DB: "{{ .Values.clair.postgresDatabase }}"
+  CLAIR_DB_USERNAME: "{{ .Values.clair.postgresUser }}"
   CLAIR_DB_PASSWORD: "{{ .Values.clair.postgresPassword }}"
   UAA_ENDPOINT: ""
   UAA_CLIENTID: ""
diff --git a/contrib/helm/harbor/templates/clair/clair-cm.yaml b/contrib/helm/harbor/templates/clair/clair-cm.yaml
index 96a617e95..e04bf2526 100644
--- a/contrib/helm/harbor/templates/clair/clair-cm.yaml
+++ b/contrib/helm/harbor/templates/clair/clair-cm.yaml
@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ template "harbor.fullname" . }}
+  name: {{ template "harbor.fullname" . }}-clair
   labels:
 {{ include "harbor.labels" . | indent 4 }}
     component: clair
@@ -12,8 +12,7 @@ data:
       database:
         type: pgsql
         options:
-          source: "postgresql://postgres:{{ .Values.clair.postgresPassword }}@{{ template "harbor.fullname" . }}-clair-pg:5432?sslmode=disable"
-
+          source: "postgresql://{{ .Values.clair.postgresUser }}:{{ .Values.clair.postgresPassword }}@{{ .Release.Name }}-postgresql:5432/{{ .Values.clair.postgresDatabase }}?sslmode=disable"
           # Number of elements kept in the cache
           # Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
           cachesize: 16384
diff --git a/contrib/helm/harbor/templates/clair/clair-dpl.yaml b/contrib/helm/harbor/templates/clair/clair-dpl.yaml
index f10ec6a9c..60905e58a 100644
--- a/contrib/helm/harbor/templates/clair/clair-dpl.yaml
+++ b/contrib/helm/harbor/templates/clair/clair-dpl.yaml
@@ -34,7 +34,7 @@ spec:
       volumes:
       - name: clair-config
         configMap:
-          name: "{{ template "harbor.fullname" . }}"
+          name: "{{ template "harbor.fullname" . }}-clair"
           items:
             - key: config.yaml
               path: config.yaml
diff --git a/contrib/helm/harbor/templates/clair/postgres-secret.yaml b/contrib/helm/harbor/templates/clair/postgres-secret.yaml
deleted file mode 100644
index efa7f6996..000000000
--- a/contrib/helm/harbor/templates/clair/postgres-secret.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-{{ if .Values.clair.enabled }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ template "harbor.fullname" . }}-clair-pg-config
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-type: Opaque
-data:
-  POSTGRES_PASSWORD: {{ .Values.clair.postgresPassword | b64enc | quote }}
-{{ end }}
\ No newline at end of file
diff --git a/contrib/helm/harbor/templates/clair/postgres-ss.yaml b/contrib/helm/harbor/templates/clair/postgres-ss.yaml
deleted file mode 100644
index d47721354..000000000
--- a/contrib/helm/harbor/templates/clair/postgres-ss.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
-{{ if .Values.clair.enabled }}
-apiVersion: apps/v1beta2
-kind: StatefulSet
-metadata:
-  name: {{ template "harbor.fullname" . }}-clair-pg
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: clair-pg
-spec:
-  serviceName: "{{ template "harbor.fullname" . }}-clair-pg"
-  selector:
-    matchLabels:
-{{ include "harbor.matchLabels" . | indent 6 }}
-      component: clair-pg
-  template:
-    metadata:
-      name: {{ template "harbor.fullname" . }}-clair-pg
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-        component: clair-pg
-    spec:
-      containers:
-      - name: postgres
-        image: {{ .Values.clair.pgImage.repository }}:{{ .Values.clair.pgImage.tag }}
-        imagePullPolicy: {{ .Values.clair.pgImage.pullPolicy }}
-        resources:
-{{ toYaml .Values.clair.pgResources | indent 10 }}
-        env:
-        - name: POSTGRES_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ template "harbor.fullname" . }}-clair-pg-config
-              key: POSTGRES_PASSWORD
-        resources:
-          limits:
-            cpu: 1000m
-            memory: 1Gi
-          requests:
-            cpu: 100m
-            memory: 512Mi
-        volumeMounts:
-        - name: pgdata
-          mountPath: /var/lib/postgresql
-        ports:
-        - containerPort: 5432
-          name: postgres-port
-          protocol: TCP
-{{- if not .Values.persistence.enabled }}
-      volumes:
-      - name: pgdata
-        emptyDir: {}
-{{- end }}
-  {{- if .Values.persistence.enabled }}
-  volumeClaimTemplates:
-  - metadata:
-      name: pgdata
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-    spec:
-      accessModes: [{{ .Values.clair.volumes.pgData.accessMode | quote }}]
-      {{- if .Values.clair.volumes.pgData.storageClass }}
-      {{- if (eq "-" .Values.clair.volumes.pgData.storageClass) }}
-      storageClassName: ""
-      {{- else }}
-      storageClassName: "{{ .Values.clair.volumes.pgData.storageClass }}"
-      {{- end }}
-      {{- end }}
-      resources:
-        requests:
-          storage: {{ .Values.clair.volumes.pgData.size | quote }}
-  {{- end -}}
-{{- end -}}
\ No newline at end of file
diff --git a/contrib/helm/harbor/templates/clair/postgres-svc.yaml b/contrib/helm/harbor/templates/clair/postgres-svc.yaml
deleted file mode 100644
index 2944fd48a..000000000
--- a/contrib/helm/harbor/templates/clair/postgres-svc.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{ if .Values.clair.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "harbor.fullname" . }}-clair-pg
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-spec:
-  ports:
-    - port: 5432
-  selector:
-{{ include "harbor.matchLabels" . | indent 4 }}
-    component: clair-pg
-{{ end }}
\ No newline at end of file
diff --git a/contrib/helm/harbor/values.yaml b/contrib/helm/harbor/values.yaml
index d53d5f1ab..7def8e711 100644
--- a/contrib/helm/harbor/values.yaml
+++ b/contrib/helm/harbor/values.yaml
@@ -243,9 +243,6 @@ registry:
   #    memory: 256Mi
   #    cpu: 100m
 
-## Clair support is not yet fully implemented in the Helm Charts
-## Enabling it will just break things.
-#
 clair:
   enabled: true
   image:
@@ -253,10 +250,8 @@ clair:
     tag: v2.0.1-v1.4.0
     pullPolicy: IfNotPresent
   postgresPassword: not-a-secure-password
-  pgImage:
-    repository: postgres
-    tag: "9.6.4"
-    pullPolicy: IfNotPresent
+  postgresUser: clair
+  postgresDatabase: clair
 # resources:
 #  requests:
 #    memory: 256Mi
@@ -280,3 +275,13 @@ clair:
 #
 notary:
   enabled: false
+
+## Settings for postgresql dependency.
+## see https://github.com/kubernetes/charts/tree/master/stable/postgresql
+## for further configurables.
+postgresql:
+  postgresUser: clair
+  postgresPassword: not-a-secure-password
+  postgresDatabase: clair
+  persistence:
+    enabled: false

From 9332084824a24c21ba5dacc971f21e45c6fb5d41 Mon Sep 17 00:00:00 2001
From: Paul Czarkowski <username.taken@gmail.com>
Date: Mon, 12 Mar 2018 11:22:36 -0500
Subject: [PATCH 2/2] improve doc for postgres user/pass etc

---
 contrib/helm/harbor/values.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/contrib/helm/harbor/values.yaml b/contrib/helm/harbor/values.yaml
index 7def8e711..737bf2b74 100644
--- a/contrib/helm/harbor/values.yaml
+++ b/contrib/helm/harbor/values.yaml
@@ -249,6 +249,9 @@ clair:
     repository: vmware/clair-photon
     tag: v2.0.1-v1.4.0
     pullPolicy: IfNotPresent
+## The following needs to match the credentials
+## in the `postgresql` configuration under the
+## `postgresql` namespace below.
   postgresPassword: not-a-secure-password
   postgresUser: clair
   postgresDatabase: clair