From fd76ea3b7f6655e4869190f25ff2f1f466013efc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri@k-space.ee>
Date: Thu, 15 Dec 2022 10:28:31 +0200
Subject: [PATCH] Update README

---
 README.md   | 29 +++++++++++++++++++++++++++--
 values.yaml | 14 +++++++++++++-
 2 files changed, 40 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 1503d6f..17575e9 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,14 @@
 
 ## Background
 
-This operator is higly opinionated way to deploy Harbor in a Kubernetes cluster:
+Note that this project is NOT connected to [official Harbor operator](https://github.com/goharbor/harbor-operator#future-features).
+
+The main reason we decided to write our own operator was that the official
+operator was missing all the features we wanted to have and mainlining such
+features would likely take months.
+
+This operator is higly opinionated way to deploy Harbor in a Kubernetes cluster
+using Helm:
 
 * Only one Harbor instance per Kubernetes cluster
 * Nearly all components deployed in HA fashion
@@ -15,9 +22,14 @@ This operator is higly opinionated way to deploy Harbor in a Kubernetes cluster:
   * Sandbox dashboard adds `ClusterUser` resources when user logs in
 * Automate push/pull credential provisioning using HarborCredential CRD-s,
   to simplify working with Skaffold
-* [WIP] Pod admission mutation webhook to rewrite Pod images to use
+* Pod admission mutation webhook to rewrite Pod images to use
   proxy caches defined via `ClusterHarborProject` definitions with `cache: true`.
 
+Caveats:
+
+* User must have logged in with OIDC first before `ClusterHarborProjectMember`
+  CRD will have effect and it will take operator several minutes to pick up the change.
+
 
 ## Instantiating Harbor projects
 
@@ -60,6 +72,19 @@ spec:
   quota: 10737418240
 ```
 
+To instantiate Harbor project:
+
+```
+apiVersion: codemowers.io/v1alpha1
+kind: ClusterHarborProject
+metadata:
+  name: k-space
+spec:
+  cache: false
+  public: true
+  quota: 10737418240
+```
+
 
 ## Deploying push/pull secrets into namespaces
 
diff --git a/values.yaml b/values.yaml
index 09e46f7..5baef20 100644
--- a/values.yaml
+++ b/values.yaml
@@ -1,4 +1,7 @@
+# Availability zone key for pods
 topologyKey: kubernetes.io/hostname
+
+# Harbor portal
 ingress:
   enabled: true
   host: harbor.k-space.ee
@@ -6,13 +9,22 @@ ingress:
     host: "*.k-space.ee"
   target: traefik.k-space.ee
   class: traefik
+
+# Instantiate proxy cache projects for known Docker registries
 caches:
   docker: true
   quay: true
+
+# Mutate pods for cached images
+admissionController: false
+
+# Harbor image repository and tag
 image:
   repository: goharbor
   tag: v2.6.2
-persistence:
+
+# Storage options
+storage:
   postgres:
     storageClass: postgres
     storage: 5Gi