1
0
forked from k-space/kube

fix/update harbor

This commit is contained in:
Erki Aas 2024-08-08 12:45:21 +03:00
parent d3eb888d58
commit 9c2b5c39ee
3 changed files with 12 additions and 13 deletions

View File

@ -5,8 +5,10 @@ kubectl create namespace harbor-operator
kubectl -n harbor-operator create secret generic harbor-minio-credentials --from-literal REGISTRY_STORAGE_S3_ACCESSKEY=...--from-literal=REGISTRY_STORAGE_S3_SECRETKEY=...
kubectl -n harbor-operator create secret generic harbor-postgres-password --from-literal password=...
helm repo add harbor https://helm.goharbor.io
helm template -n harbor-operator --release-name harbor harbor/harbor --include-crds -f harbor/values.yaml > harbor/application.yml
kubectl apply -n harbor -f application.yml -f application-extras.yml
kubectl apply -n harbor-operator -f harbor/application.yml -f harbor/application-extras.yml
```
After deployment login with Harbor admin credentials and configure OIDC:

View File

@ -523,8 +523,8 @@ spec:
app.kubernetes.io/component: core
annotations:
checksum/configmap: 9ea7f1881e4fe5b908355ee28e246b67c8c498d2f719dd74a5536a51ee2d9865
checksum/secret: ca32f9ad83fe0ed3d8ebb51e01558e15a66ea80eb95dae096d00a19e25f2f239
checksum/secret-jobservice: e54d9ef76e5cfb44adfcf233be3c39cc3f6d15ed61a36c4370fa5948c3192f38
checksum/secret: af720060dbb42f2109b7fd0811a83c48c55313f95c3ba2e6e68010be0a2b2cd4
checksum/secret-jobservice: fdcf96de5337fccbcdac406929acbb799cb61e43c21be4f6affce7b2d7eaef3f
spec:
securityContext:
runAsUser: 10000
@ -612,7 +612,7 @@ spec:
path: app.conf
- name: secret-key
secret:
secretName: harbor-core-oidc-secret-encryption-key
secretName: harbor-core
items:
- key: secretKey
path: key
@ -761,8 +761,8 @@ spec:
annotations:
checksum/configmap: 3a35bef831e58536bf86670117b43e2913a4c1a60d0e74d948559d7a7d564684
checksum/configmap-env: 80e8b81abf755707210d6112ad65167a7d53088b209f63c603d308ef68c4cfad
checksum/secret: 8f842279ee68a874f9f099e41130fc9792a74bb594ac52eb5615587636988526
checksum/secret-core: d210f333cfb703a98116fd88d154fb61ed81a81b4276f042496d53e622702c5c
checksum/secret: 6902f5ee11437ee5149ff54e363487163c43e21ddce1b120ea5528f3def513c6
checksum/secret-core: ed0bce05c92f40e7b854d7206e08d4c1581aac476956839e42075ab9cdd61e45
spec:
securityContext:
runAsUser: 10000
@ -951,9 +951,9 @@ spec:
app.kubernetes.io/component: registry
annotations:
checksum/configmap: b11f146e734a9ac7c3df9f83562e7ac5fea9e2b10b89118f19207c9b95104496
checksum/secret: a441697613dc9da44a7147c0212aafcfb5e12cc4dfb7130b55851b6a502ceac6
checksum/secret-jobservice: b316e2054db578411b0078450fe05fc52b227cead30b5981ed20c2c97f8c7d8b
checksum/secret-core: 2f3ad0d88e741a710ff8068d2f687b1873667bebb472ddb85726b87375a9e1c6
checksum/secret: dca1f41d66de90e85f5979631e3653bd898df32609307e2e794a72004dec22f9
checksum/secret-jobservice: 1728caf6daf5c1b1770da4133efe152d0a10260cb6e5271b7545696ff3b8a1f4
checksum/secret-core: 7c8aefdcb5f56e17ceb9dc21105e5b98d5a9294b70e1bea13ef83cc40fb595e2
spec:
securityContext:
runAsUser: 10000

View File

@ -6,7 +6,7 @@ expose:
hosts:
core: harbor.k-space.ee
annotations:
cert-manager.io/cluster-issuer: default
cert-manager.io/cluster-issuer: default
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
@ -77,9 +77,6 @@ existingSecretAdminPasswordKey: HARBOR_ADMIN_PASSWORD
# debug, info, warning, error or fatal
logLevel: debug
# If using existingSecretSecretKey, the key must be secretKey
existingSecretSecretKey: "harbor-core-oidc-secret-encryption-key"
# Run the migration job via helm hook
enableMigrateHelmHook: false