From 9c2b5c39eedb437bd9a4ccab2211201b021c2662 Mon Sep 17 00:00:00 2001
From: Erki Aas <erki@veebkolm.ee>
Date: Thu, 8 Aug 2024 12:45:21 +0300
Subject: [PATCH] fix/update harbor

---
 harbor/README.md       |  4 +++-
 harbor/application.yml | 16 ++++++++--------
 harbor/values.yaml     |  5 +----
 3 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/harbor/README.md b/harbor/README.md
index 4125b0d..516ff11 100644
--- a/harbor/README.md
+++ b/harbor/README.md
@@ -5,8 +5,10 @@ kubectl create namespace harbor-operator
 kubectl -n harbor-operator create secret generic harbor-minio-credentials --from-literal REGISTRY_STORAGE_S3_ACCESSKEY=...--from-literal=REGISTRY_STORAGE_S3_SECRETKEY=...
 kubectl -n harbor-operator create secret generic harbor-postgres-password --from-literal password=...
 
+helm repo add harbor https://helm.goharbor.io
+
 helm template -n harbor-operator --release-name harbor harbor/harbor --include-crds -f harbor/values.yaml > harbor/application.yml
-kubectl apply -n harbor -f application.yml -f application-extras.yml
+kubectl apply -n harbor-operator -f harbor/application.yml -f harbor/application-extras.yml
 ```
 
 After deployment login with Harbor admin credentials and configure OIDC:
diff --git a/harbor/application.yml b/harbor/application.yml
index 394c72a..847139e 100644
--- a/harbor/application.yml
+++ b/harbor/application.yml
@@ -523,8 +523,8 @@ spec:
         app.kubernetes.io/component: core
       annotations:
         checksum/configmap: 9ea7f1881e4fe5b908355ee28e246b67c8c498d2f719dd74a5536a51ee2d9865
-        checksum/secret: ca32f9ad83fe0ed3d8ebb51e01558e15a66ea80eb95dae096d00a19e25f2f239
-        checksum/secret-jobservice: e54d9ef76e5cfb44adfcf233be3c39cc3f6d15ed61a36c4370fa5948c3192f38
+        checksum/secret: af720060dbb42f2109b7fd0811a83c48c55313f95c3ba2e6e68010be0a2b2cd4
+        checksum/secret-jobservice: fdcf96de5337fccbcdac406929acbb799cb61e43c21be4f6affce7b2d7eaef3f
     spec:
       securityContext:
         runAsUser: 10000
@@ -612,7 +612,7 @@ spec:
               path: app.conf
       - name: secret-key
         secret:
-          secretName: harbor-core-oidc-secret-encryption-key
+          secretName: harbor-core
           items:
             - key: secretKey
               path: key
@@ -761,8 +761,8 @@ spec:
       annotations:
         checksum/configmap: 3a35bef831e58536bf86670117b43e2913a4c1a60d0e74d948559d7a7d564684
         checksum/configmap-env: 80e8b81abf755707210d6112ad65167a7d53088b209f63c603d308ef68c4cfad
-        checksum/secret: 8f842279ee68a874f9f099e41130fc9792a74bb594ac52eb5615587636988526
-        checksum/secret-core: d210f333cfb703a98116fd88d154fb61ed81a81b4276f042496d53e622702c5c
+        checksum/secret: 6902f5ee11437ee5149ff54e363487163c43e21ddce1b120ea5528f3def513c6
+        checksum/secret-core: ed0bce05c92f40e7b854d7206e08d4c1581aac476956839e42075ab9cdd61e45
     spec:
       securityContext:
         runAsUser: 10000
@@ -951,9 +951,9 @@ spec:
         app.kubernetes.io/component: registry
       annotations:
         checksum/configmap: b11f146e734a9ac7c3df9f83562e7ac5fea9e2b10b89118f19207c9b95104496
-        checksum/secret: a441697613dc9da44a7147c0212aafcfb5e12cc4dfb7130b55851b6a502ceac6
-        checksum/secret-jobservice: b316e2054db578411b0078450fe05fc52b227cead30b5981ed20c2c97f8c7d8b
-        checksum/secret-core: 2f3ad0d88e741a710ff8068d2f687b1873667bebb472ddb85726b87375a9e1c6
+        checksum/secret: dca1f41d66de90e85f5979631e3653bd898df32609307e2e794a72004dec22f9
+        checksum/secret-jobservice: 1728caf6daf5c1b1770da4133efe152d0a10260cb6e5271b7545696ff3b8a1f4
+        checksum/secret-core: 7c8aefdcb5f56e17ceb9dc21105e5b98d5a9294b70e1bea13ef83cc40fb595e2
     spec:
       securityContext:
         runAsUser: 10000
diff --git a/harbor/values.yaml b/harbor/values.yaml
index 1bea01d..5779610 100644
--- a/harbor/values.yaml
+++ b/harbor/values.yaml
@@ -6,7 +6,7 @@ expose:
     hosts:
       core: harbor.k-space.ee
     annotations:
-    cert-manager.io/cluster-issuer: default
+      cert-manager.io/cluster-issuer: default
       kubernetes.io/ingress.class: traefik
       traefik.ingress.kubernetes.io/router.entrypoints: websecure
       traefik.ingress.kubernetes.io/router.tls: "true"
@@ -77,9 +77,6 @@ existingSecretAdminPasswordKey: HARBOR_ADMIN_PASSWORD
 # debug, info, warning, error or fatal
 logLevel: debug
 
-# If using existingSecretSecretKey, the key must be secretKey
-existingSecretSecretKey: "harbor-core-oidc-secret-encryption-key"
-
 # Run the migration job via helm hook
 enableMigrateHelmHook: false