Modify chart to support master branch

The chart currently is using images of Harbor 1.5 which contains three databases, this commit reduce them to only one to support master branch codes.
2024-11-22 10:15:35 +01:00 · 2018-07-04 18:42:51 +08:00 · 2018-07-04 18:42:51 +08:00 · 6bb2bbb3ce
commit 6bb2bbb3ce
parent e9f02a9476
17 changed files with 228 additions and 289 deletions
--- a/contrib/helm/harbor/requirements.lock
+++ b/contrib/helm/harbor/requirements.lock
@ -1,7 +1,4 @@
 dependencies:
- name: postgresql
-  repository: https://kubernetes-charts.storage.googleapis.com
-  version: 0.9.1
 - name: redis
  repository: https://kubernetes-charts.storage.googleapis.com
  version: 3.2.5
--- a/contrib/helm/harbor/requirements.yaml
+++ b/contrib/helm/harbor/requirements.yaml
@ -1,7 +1,4 @@
 dependencies:
- name: postgresql
-  version: 0.9.1
-  repository: https://kubernetes-charts.storage.googleapis.com
 - name: redis
  version: 3.2.5
  repository: https://kubernetes-charts.storage.googleapis.com
--- a/contrib/helm/harbor/templates/_helpers.tpl
+++ b/contrib/helm/harbor/templates/_helpers.tpl
@ -57,3 +57,87 @@ so it can match Harbor service FQDN and Notary service FQDN.
 {{- define "harbor.notaryServiceName" -}}
 {{- printf "%s-notary-server" (include "harbor.fullname" .) -}}
 {{- end -}}
+
+{{- define "harbor.database.host" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- template "harbor.fullname" . }}-database
+  {{- else -}}
+    {{- .Values.database.external.host -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.port" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "5432" -}}
+  {{- else -}}
+    {{- .Values.database.external.port -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.username" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "postgres" -}}
+  {{- else -}}
+    {{- .Values.database.external.username -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.password" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- .Values.database.internal.password | b64enc | quote -}}
+  {{- else -}}
+    {{- .Values.database.external.password | b64enc | quote -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.rawPassword" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- .Values.database.internal.password -}}
+  {{- else -}}
+    {{- .Values.database.external.password -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.coreDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "registry" -}}
+  {{- else -}}
+    {{- .Values.database.external.coreDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.clairDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "postgres" -}}
+  {{- else -}}
+    {{- .Values.database.external.clairDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.notaryServerDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "notaryserver" -}}
+  {{- else -}}
+    {{- .Values.database.external.notaryServerDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.notarySignerDatabase" -}}
+  {{- if eq .Values.database.type "internal" -}}
+    {{- printf "%s" "notarysigner" -}}
+  {{- else -}}
+    {{- .Values.database.external.notarySignerDatabase -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "harbor.database.clair" -}}
+postgres://{{ template "harbor.database.username" . }}:{{ template "harbor.database.rawPassword" . }}@{{ template "harbor.database.host" . }}:{{ template "harbor.database.port" . }}/{{ template "harbor.database.clairDatabase" . }}?sslmode=disable
+{{- end -}}
+
+{{- define "harbor.database.notaryServer" -}}
+postgres://{{ template "harbor.database.username" . }}:{{ template "harbor.database.rawPassword" . }}@{{ template "harbor.database.host" . }}:{{ template "harbor.database.port" . }}/{{ template "harbor.database.notaryServerDatabase" . }}?sslmode=disable
+{{- end -}}
+
+{{- define "harbor.database.notarySigner" -}}
+postgres://{{ template "harbor.database.username" . }}:{{ template "harbor.database.rawPassword" . }}@{{ template "harbor.database.host" . }}:{{ template "harbor.database.port" . }}/{{ template "harbor.database.notarySignerDatabase" . }}?sslmode=disable
+{{- end -}}
--- a/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
+++ b/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
@ -6,14 +6,10 @@ metadata:
 {{ include "harbor.labels" . | indent 4 }}
    component: adminserver
 data:
-  {{ if .Values.mysql.host -}}
-  MYSQL_HOST: "{{ .Values.mysql.host }}"
-  {{ else -}}
-  MYSQL_HOST: "{{ template "harbor.fullname" . }}-mysql"
-  {{ end -}}
-  MYSQL_PORT: "{{ .Values.mysql.port }}"
-  MYSQL_USR: "{{ .Values.mysql.user }}"
-  MYSQL_DATABASE: "{{ .Values.mysql.database }}"
+  POSTGRESQL_HOST: "{{ template "harbor.database.host" . }}"
+  POSTGRESQL_PORT: "{{ template "harbor.database.port" . }}"
+  POSTGRESQL_USERNAME: "{{ template "harbor.database.username" . }}"
+  POSTGRESQL_DATABASE: "{{ template "harbor.database.coreDatabase" . }}"
  EMAIL_HOST: "{{ .Values.adminserver.emailHost }}"
  EMAIL_PORT: "{{ .Values.adminserver.emailPort }}"
  EMAIL_USR: "{{ .Values.adminserver.emailUser }}"
@ -40,7 +36,7 @@ data:
  LDAP_SCOPE: "{{ .Values.adminserver.ldap.scope }}"
  LDAP_TIMEOUT: "{{ .Values.adminserver.ldap.timeout }}"
  LDAP_VERIFY_CERT: "{{ .Values.adminserver.ldap.verifyCert }}"
-  DATABASE_TYPE: "mysql"
+  DATABASE_TYPE: "postgresql"
  PROJECT_CREATION_RESTRICTION: "everyone"
  VERIFY_REMOTE_CERT: "off"
  MAX_JOB_WORKERS: "3"
@ -50,10 +46,10 @@ data:
  ADMIRAL_URL: "NA"
  RESET: "false"
  WITH_CLAIR: "{{ .Values.clair.enabled }}"
-  CLAIR_DB_HOST: "{{ .Release.Name }}-postgresql"
-  CLAIR_DB_PORT: "5432"
-  CLAIR_DB: "{{ .Values.clair.postgresDatabase }}"
-  CLAIR_DB_USERNAME: "{{ .Values.clair.postgresUser }}"
+  CLAIR_DB_HOST: "{{ template "harbor.database.host" . }}"
+  CLAIR_DB_PORT: "{{ template "harbor.database.port" . }}"
+  CLAIR_DB_USERNAME: "{{ template "harbor.database.username" . }}"
+  CLAIR_DB: "{{ template "harbor.database.clairDatabase" . }}"
  CLAIR_URL: "http://{{ template "harbor.fullname" . }}-clair:6060"
  UAA_ENDPOINT: ""
  UAA_CLIENTID: ""
--- a/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml
+++ b/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml
@ -10,12 +10,12 @@ data:
  secretKey: {{ .Values.secretKey | b64enc | quote }}
  EMAIL_PWD: {{ .Values.adminserver.emailPwd | b64enc | quote }}
  HARBOR_ADMIN_PASSWORD: {{ .Values.adminserver.adminPassword | b64enc | quote }}
-  MYSQL_PWD: {{ .Values.mysql.pass | b64enc | quote }}
+  POSTGRESQL_PASSWORD: {{ template "harbor.database.password" . }}
  JOBSERVICE_SECRET: {{ .Values.jobservice.secret | b64enc | quote }}
  UI_SECRET: {{ .Values.ui.secret | b64enc | quote }}
 {{- if eq .Values.adminserver.authenticationMode "ldap_auth" }} 
  LDAP_SEARCH_PWD: {{ .Values.adminserver.ldap.searchPwd | b64enc | quote }} 
 {{- end }}
 {{ if .Values.clair.enabled }}
-  CLAIR_DB_PASSWORD: {{ .Values.clair.postgresPassword | b64enc | quote }}
+  CLAIR_DB_PASSWORD: {{ template "harbor.database.password" . }}
 {{ end }}
--- a/contrib/helm/harbor/templates/clair/clair-cm.yaml
+++ b/contrib/helm/harbor/templates/clair/clair-cm.yaml
@ -12,7 +12,7 @@ data:
      database:
        type: pgsql
        options:
-          source: "postgresql://{{ .Values.clair.postgresUser }}:{{ .Values.clair.postgresPassword }}@{{ .Release.Name }}-postgresql:5432/{{ .Values.clair.postgresDatabase }}?sslmode=disable"
+          source: "{{ template "harbor.database.clair" . }}"
          # Number of elements kept in the cache
          # Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
          cachesize: 16384
--- a/contrib/helm/harbor/templates/database/database-secret.yaml
+++ b/contrib/helm/harbor/templates/database/database-secret.yaml
@ -0,0 +1,11 @@
+{{- if eq .Values.database.type "internal" -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ template "harbor.fullname" . }}-database"
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+type: Opaque
+data:
+  POSTGRES_PASSWORD: {{ template "harbor.database.password" . }}
+{{- end -}}
--- a/contrib/helm/harbor/templates/database/database-ss.yaml
+++ b/contrib/helm/harbor/templates/database/database-ss.yaml
@ -0,0 +1,70 @@
+{{- if eq .Values.database.type "internal" -}}
+apiVersion: apps/v1beta2
+kind: StatefulSet
+metadata:
+  name: "{{ template "harbor.fullname" . }}-database"
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+    component: database
+spec:
+  replicas: 1
+  serviceName: "{{ template "harbor.fullname" . }}-database"
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: database
+  template:
+    metadata:
+      labels:
+{{ include "harbor.labels" . | indent 8 }}
+        component: database
+    spec:
+      containers:
+      - name: database
+        image: {{ .Values.database.internal.image.repository }}:{{ .Values.database.internal.image.tag }}
+        imagePullPolicy: {{ .Values.database.internal.image.pullPolicy }}
+        resources:
+{{ toYaml .Values.database.internal.resources | indent 10 }}
+        envFrom:
+          - secretRef:
+              name: "{{ template "harbor.fullname" . }}-database"
+        volumeMounts:
+        - name: database-data
+          mountPath: /var/lib/postgresql/data
+      {{- if not .Values.persistence.enabled }}
+      volumes:
+      - name: "database-data"
+        emptyDir: {}
+      {{- end -}}
+    {{- with .Values.database.internal.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.database.internal.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.database.internal.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+  {{- if .Values.persistence.enabled }}
+  volumeClaimTemplates:
+  - metadata:
+      name: "database-data"
+      labels:
+{{ include "harbor.labels" . | indent 8 }}
+    spec:
+      accessModes: [{{ .Values.database.internal.volumes.data.accessMode | quote }}]
+      {{- if .Values.database.internal.volumes.data.storageClass }}
+      {{- if (eq "-" .Values.database.internal.volumes.data.storageClass) }}
+      storageClassName: ""
+      {{- else }}
+      storageClassName: "{{ .Values.database.internal.volumes.data.storageClass }}"
+      {{- end }}
+      {{- end }}
+      resources:
+        requests:
+          storage: {{ .Values.database.internal.volumes.data.size | quote }}
+  {{- end -}}
+  {{- end -}}
--- a/contrib/helm/harbor/templates/database/database-svc.yaml
+++ b/contrib/helm/harbor/templates/database/database-svc.yaml
@ -1,12 +1,14 @@
+{{- if eq .Values.database.type "internal" -}}
 apiVersion: v1
 kind: Service
 metadata:
-  name: "{{ template "harbor.fullname" . }}-mysql"
+  name: "{{ template "harbor.fullname" . }}-database"
  labels:
 {{ include "harbor.labels" . | indent 4 }}
 spec:
  ports:
-    - port: 3306
+    - port: 5432
  selector:
 {{ include "harbor.matchLabels" . | indent 4 }}
-    component: mysql
+    component: database
+{{- end -}}
--- a/contrib/helm/harbor/templates/mysql/mysql-secret.yaml
+++ b/contrib/helm/harbor/templates/mysql/mysql-secret.yaml
@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ template "harbor.fullname" . }}-mysql"
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-type: Opaque
-data:
-  mysqlRootPassword: {{ .Values.mysql.pass | b64enc | quote }}
--- a/contrib/helm/harbor/templates/mysql/mysql-ss.yaml
+++ b/contrib/helm/harbor/templates/mysql/mysql-ss.yaml
@ -1,71 +0,0 @@
-apiVersion: apps/v1beta2
-kind: StatefulSet
-metadata:
-  name: "{{ template "harbor.fullname" . }}-mysql"
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: mysql
-spec:
-  replicas: 1
-  serviceName: "{{ template "harbor.fullname" . }}-mysql"
-  selector:
-    matchLabels:
-{{ include "harbor.matchLabels" . | indent 6 }}
-      component: mysql
-  template:
-    metadata:
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-        component: mysql
-    spec:
-      containers:
-      - name: mysql
-        image: {{ .Values.mysql.image.repository }}:{{ .Values.mysql.image.tag }}
-        imagePullPolicy: {{ .Values.mysql.image.pullPolicy }}
-        resources:
-{{ toYaml .Values.mysql.resources | indent 10 }}
-        env:
-          - name: MYSQL_ROOT_PASSWORD
-            valueFrom:
-              secretKeyRef:
-               name: "{{ template "harbor.fullname" . }}-mysql"
-               key: mysqlRootPassword
-        volumeMounts:
-        - name: mysql-data
-          mountPath: /var/lib/mysql
-      {{- if not .Values.persistence.enabled }}
-      volumes:
-      - name: "mysql-data"
-        emptyDir: {}
-      {{- end -}}
-    {{- with .Values.mysql.nodeSelector }}
-      nodeSelector:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-    {{- with .Values.mysql.affinity }}
-      affinity:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-    {{- with .Values.mysql.tolerations }}
-      tolerations:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-  {{- if .Values.persistence.enabled }}
-  volumeClaimTemplates:
-  - metadata:
-      name: "mysql-data"
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-    spec:
-      accessModes: [{{ .Values.mysql.volumes.data.accessMode | quote }}]
-      {{- if .Values.mysql.volumes.data.storageClass }}
-      {{- if (eq "-" .Values.mysql.volumes.data.storageClass) }}
-      storageClassName: ""
-      {{- else }}
-      storageClassName: "{{ .Values.mysql.volumes.data.storageClass }}"
-      {{- end }}
-      {{- end }}
-      resources:
-        requests:
-          storage: {{ .Values.mysql.volumes.data.size | quote }}
-  {{- end -}}
--- a/contrib/helm/harbor/templates/notary/notary-cm.yaml
+++ b/contrib/helm/harbor/templates/notary/notary-cm.yaml
@ -1,23 +1,4 @@
 {{ if .Values.notary.enabled }}
---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ template "harbor.fullname" . }}-notary-db
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: notary-db
-data:
-  initial-notaryserver.sql: |
-    CREATE DATABASE IF NOT EXISTS `notaryserver`;
-    CREATE USER "server"@"%" IDENTIFIED BY "{{ .Values.notary.db.password }}";
-    GRANT ALL PRIVILEGES ON `notaryserver`.* TO "server"@"%"
-  initial-notarysigner.sql: |
-    CREATE DATABASE IF NOT EXISTS `notarysigner`;
-    CREATE USER "signer"@"%" IDENTIFIED BY "{{ .Values.notary.db.password }}";
-    GRANT ALL PRIVILEGES ON `notarysigner`.* TO "signer"@"%";
-
---
 apiVersion: v1
 kind: ConfigMap
 metadata:
@ -34,7 +15,7 @@ data:
 {{ .Values.notary.signer.tlsCrt | default $cert.Cert | indent 4 }}
  notary-signer.key: |
 {{ .Values.notary.signer.tlsKey | default $cert.Key  | indent 4 }}
-  server-config.json: |
+  server-config.postgres.json: |
    {
      "server": {
        "http_addr": ":4443"
@ -50,8 +31,8 @@ data:
        "level": "debug"
      },
      "storage": {
-        "backend": "mysql",
-        "db_url": "server:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notaryserver?parseTime=True"
+        "backend": "postgres",
+        "db_url": "{{ template "harbor.database.notaryServer" . }}"
      },
      "auth": {
          "type": "token",
@ -63,7 +44,7 @@ data:
          }
      }
    }
-  signer-config.json: |
+  signer-config.postgres.json: |
    {
      "server": {
        "grpc_addr": ":7899",
@ -74,8 +55,8 @@ data:
        "level": "debug"
      },
      "storage": {
-        "backend": "mysql",
-        "db_url": "signer:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notarysigner?parseTime=True",
+        "backend": "postgres",
+        "db_url": "{{ template "harbor.database.notarySigner" . }}",
        "default_alias": "defaultalias"
      }
    }
--- a/contrib/helm/harbor/templates/notary/notary-db.yaml
+++ b/contrib/helm/harbor/templates/notary/notary-db.yaml
@ -1,83 +0,0 @@
-{{ if .Values.notary.enabled }}
-apiVersion: apps/v1beta2
-kind: StatefulSet
-metadata:
-  name: {{ template "harbor.fullname" . }}-notary-db
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-    component: notary-db
-spec:
-  replicas: 1
-  serviceName: "{{ template "harbor.fullname" . }}-notary-db"
-  selector:
-    matchLabels:
-{{ include "harbor.matchLabels" . | indent 6 }}
-      component: notary-db
-  template:
-    metadata:
-      labels:
-{{ include "harbor.labels" . | indent 8 }}
-        component: notary-db
-    spec:
-      initContainers: 
-      - name: move-init-scripts
-        image: alpine:3.6
-        imagePullPolicy: IfNotPresent
-        command: [
-          "sh",
-          "-ce",
-          "ls -l /configmap/docker-entrypoint-initdb.d/* &&
-           cp -L /configmap/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d/"
-        ]
-        volumeMounts:
-        - name: notary-db-config
-          mountPath: /configmap/docker-entrypoint-initdb.d
-        - name: notary-db-init
-          mountPath: /docker-entrypoint-initdb.d
-      containers:
-      - name: notary-db
-        image: {{ .Values.notary.db.image.repository }}:{{ .Values.notary.db.image.tag }}
-        imagePullPolicy: {{ .Values.notary.db.image.pullPolicy }}
-        args: ["--innodb_file_per_table"]
-        env:
-          - name: TERM
-            value: "dumb"
-          - name: MYSQL_ALLOW_EMPTY_PASSWORD
-            value: "true"
-        resources:
-{{ toYaml .Values.notary.db.resources | indent 10 }}
-        volumeMounts:
-        - name: notary-db-config
-          mountPath: /configmap/docker-entrypoint-initdb.d
-        - name: notary-db-init
-          mountPath: /docker-entrypoint-initdb.d
-        - name: notary-db-data
-          mountPath: /var/lib/mysql
-      volumes:
-      - name: notary-db-config
-        configMap:
-          name: "{{ template "harbor.fullname" . }}-notary-db"
-      - name: notary-db-init
-        emptyDir: {}
-      {{- if not .Values.persistence.enabled }}
-      - name: notary-db-data
-        emptyDir: {}
-      {{- end -}}
-  {{- if .Values.persistence.enabled }}
-  volumeClaimTemplates:
-  - metadata:
-      name: notary-db-data
-    spec:
-      accessModes: [{{ .Values.notary.db.volumes.data.accessMode | quote }}]
-      {{- if .Values.notary.db.volumes.data.storageClass }}
-      {{- if (eq "-" .Values.notary.db.volumes.data.storageClass) }}
-      storageClassName: ""
-      {{- else }}
-      storageClassName: "{{ .Values.notary.db.volumes.data.storageClass }}"
-      {{- end }}
-      {{- end }}
-      resources:
-        requests:
-          storage: {{ .Values.notary.db.volumes.data.size | quote }}
-  {{- end -}}
-{{ end }}
--- a/contrib/helm/harbor/templates/notary/notary-server.yaml
+++ b/contrib/helm/harbor/templates/notary/notary-server.yaml
@ -25,8 +25,10 @@ spec:
        resources:
 {{ toYaml .Values.notary.server.resources | indent 10 }}
        env:
+        - name: MIGRATIONS_PATH
+          value: migrations/server/postgresql
        - name: DB_URL
-          value: "mysql://server:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notaryserver?parseTime=True"
+          value: {{ template "harbor.database.notaryServer" . }}
        volumeMounts:
        - name: notary-config
          mountPath: /etc/notary
--- a/contrib/helm/harbor/templates/notary/notary-signer.yaml
+++ b/contrib/helm/harbor/templates/notary/notary-signer.yaml
@ -25,8 +25,10 @@ spec:
        resources:
 {{ toYaml .Values.notary.signer.resources | indent 10 }}
        env:
+        - name: MIGRATIONS_PATH
+          value: migrations/signer/postgresql
        - name: DB_URL
-          value: "mysql://signer:{{ .Values.notary.db.password }}@tcp({{ template "harbor.fullname" . }}-notary-db:3306)/notarysigner?parseTime=True"
+          value: {{ template "harbor.database.notarySigner" . }}
        - name: NOTARY_SIGNER_DEFAULTALIAS
          value: {{ .Values.notary.signer.env.NOTARY_SIGNER_DEFAULTALIAS }}
        volumeMounts:
--- a/contrib/helm/harbor/templates/notary/notary-svc.yaml
+++ b/contrib/helm/harbor/templates/notary/notary-svc.yaml
@ -1,19 +1,4 @@
 {{ if .Values.notary.enabled }}
---
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "harbor.fullname" . }}-notary-db
-  labels:
-{{ include "harbor.labels" . | indent 4 }}
-spec:
-  ports:
-  - port: 3306
-  selector:
-{{ include "harbor.matchLabels" . | indent 4 }}
-    component: notary-db
-
---
 apiVersion: v1
 kind: Service
 metadata:
--- a/contrib/helm/harbor/values.yaml
+++ b/contrib/helm/harbor/values.yaml
@ -182,33 +182,39 @@ ui:
  tolerations: []
  affinity: {}

-## MySQL Settings. Currently Harbor does not support an external
-## MySQL server, only their own image. Until this is fixed, do not
-## Change the settings below.
-#
-mysql:
-  image:
-    repository: vmware/harbor-db
-    tag: *harbor_image_tag
-    pullPolicy: IfNotPresent
-  # If left blank will use the included mysql service name.
-  host: ~
-  port: 3306
-  user: "root"
-  pass: "registry"
-  database: "registry"
-  volumes:
-    data:
-      # storageClass: "-"
-      accessMode: ReadWriteOnce
-      size: 1Gi
-  # resources:
-  #  requests:
-  #    memory: 256Mi
-  #    cpu: 100m
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
+database:
+  # if external database is used, set "type" to "external"
+  # and fill the connection informations in "external" section
+  type: internal
+  internal:
+    image:
+      repository: vmware/harbor-db
+      tag: *harbor_image_tag
+      pullPolicy: IfNotPresent
+    # the superuser password of database
+    password: "changeit"
+    volumes:
+      data:
+        # storageClass: "-"
+        accessMode: ReadWriteOnce
+        size: 1Gi
+    # resources:
+    #  requests:
+    #    memory: 256Mi
+    #    cpu: 100m
+    nodeSelector: {}
+    tolerations: []
+    affinity: {}
+  external:
+    host: "192.168.0.1"
+    port: "5432"
+    username: "user"
+    password: "password"
+    coreDatabase: "registry"
+    clairDatabase: "clair"
+    notaryServerDatabase: "notary_server"
+    notarySignerDatabase: "notary_signer"
+

 registry:
  image:
@ -283,15 +289,9 @@ registry:
 clair:
  enabled: true
  image:
-    repository: vmware/clair-photon
+    repository: ywk253100/clair-photon
    tag: v2.0.1-v1.5.0-chart-patch
    pullPolicy: IfNotPresent
-## The following needs to match the credentials
-## in the `postgresql` configuration under the
-## `postgresql` namespace below.
-  postgresPassword: not-a-secure-password
-  postgresUser: clair
-  postgresDatabase: clair
 # resources:
 #  requests:
 #    memory: 256Mi
@ -313,16 +313,6 @@ clair:
  tolerations: []
  affinity: {}

-## Settings for postgresql dependency.
-## see https://github.com/kubernetes/charts/tree/master/stable/postgresql
-## for further configurables.
-postgresql:
-  postgresUser: clair
-  postgresPassword: not-a-secure-password
-  postgresDatabase: clair
-  persistence:
-    enabled: false
-
 ## Settings for redis dependency.
 ## see https://github.com/kubernetes/charts/tree/master/stable/redis
 ## for further configurables.
@ -355,21 +345,6 @@ notary:
    caCrt:
    tlsCrt:
    tlsKey:
-  db:
-    image:
-      repository: vmware/mariadb-photon
-      tag: *harbor_image_tag
-      pullPolicy: IfNotPresent
-    password: not-a-secure-password
-    volumes:
-      data:
-        # storageClass: "-"
-        accessMode: ReadWriteOnce
-        size: 1Gi
-    # resources:
-    #  requests:
-    #    memory: 256Mi
-    #    cpu: 100m
  nodeSelector: {}
  tolerations: []
  affinity: {}