harbor-operator/templates/harbor-portal.yaml

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: harbor-portal
data:
  nginx.conf: |+
    worker_processes auto;
    pid /tmp/nginx.pid;
    events {
        worker_connections  1024;
    }
    http {
        client_body_temp_path /tmp/client_body_temp;
        proxy_temp_path /tmp/proxy_temp;
        fastcgi_temp_path /tmp/fastcgi_temp;
        uwsgi_temp_path /tmp/uwsgi_temp;
        scgi_temp_path /tmp/scgi_temp;
        server {
            listen 8080;
            listen [::]:8080;
            server_name  localhost;
            root   /usr/share/nginx/html;
            index  index.html index.htm;
            include /etc/nginx/mime.types;
            gzip on;
            gzip_min_length 1000;
            gzip_proxied expired no-cache no-store private auth;
            gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
            location / {
                try_files $uri $uri/ /index.html;
            }
            location = /index.html {
                add_header Cache-Control "no-store, no-cache, must-revalidate";
            }
        }
    }    
---
apiVersion: v1
kind: Service
metadata:
  name: harbor-portal
spec:
  ports:
    - port: 80
      targetPort: 8080
  selector:
    app: harbor
    component: portal
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: harbor-portal
spec:
  replicas: 2
  revisionHistoryLimit: 0
  selector:
    matchLabels: &selectorLabels
      app: harbor
      component: portal
  template:
    metadata:
      labels: *selectorLabels
    spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: kubernetes.io/arch
                operator: In
                values:
                - amd64
      securityContext:
        runAsUser: 10000
        fsGroup: 10000
      automountServiceAccountToken: false
      containers:
      - name: portal
        image: {{ .Values.image.repository }}/harbor-portal:{{ .Values.image.tag }}
        readinessProbe:
          httpGet:
            path: /
            scheme: HTTP
            port: 8080
          initialDelaySeconds: 1
          periodSeconds: 10
        ports:
          - containerPort: 8080
            name: http
        volumeMounts:
          - name: portal-config
            mountPath: /etc/nginx/nginx.conf
            subPath: nginx.conf
      volumes:
      - name: portal-config
        configMap:
          name: harbor-portal