feat: Update Harbor Helm chart version to 1.11.4
This commit is contained in:
Med Mouine
@@ -7,7 +7,7 @@ releases:
|
||||
- name: harbor
|
||||
namespace: harbor
|
||||
chart: harbor/harbor
|
||||
version: 1.15.1
|
||||
version: 1.11.4
|
||||
values:
|
||||
- values.yaml
|
||||
set:
|
||||
@@ -15,5 +15,5 @@ releases:
|
||||
value: '{{ env "HARBOR_ADMIN_PASSWORD" | default "Harbor12345" }}'
|
||||
- name: database.internal.password
|
||||
value: '{{ env "HARBOR_DB_PASSWORD" | default "changeme" }}'
|
||||
- name: redis.internal.password
|
||||
value: '{{ env "HARBOR_REDIS_PASSWORD" | default "changeme" }}'
|
||||
- name: hostname
|
||||
value: '{{ env "HARBOR_HOSTNAME" | default "hub.nationtech.io" }}'
|
||||
|
||||
@@ -1,152 +1,52 @@
|
||||
harborAdminPassword: "Harbor12345"
|
||||
tlsSecretName: "harbor.nationtech.io-tls"
|
||||
|
||||
chartVersion: 1.11.4
|
||||
chartmuseum:
|
||||
enabled: true
|
||||
database:
|
||||
internal:
|
||||
password: {{ .Values.database.internal.password }}
|
||||
type: internal
|
||||
expose:
|
||||
type: ingress
|
||||
ingress:
|
||||
annotations:
|
||||
cert-manager.io/issuer: letsencrypt-prod
|
||||
kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
core: {{ .Values.hostname }}
|
||||
className: nginx
|
||||
tls:
|
||||
enabled: true
|
||||
certSource: secret
|
||||
secret:
|
||||
secretName: "harbor.nationtech.io-tls"
|
||||
ingress:
|
||||
hosts:
|
||||
core: harbor.nationtech.io
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
kubernetes.io/tls-acme: "true"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
className: "nginx"
|
||||
ports:
|
||||
httpPort: 80
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
resourcePolicy: "keep"
|
||||
persistentVolumeClaim:
|
||||
registry:
|
||||
subPath: "registry"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 20Gi
|
||||
jobservice:
|
||||
jobLog:
|
||||
subPath: "jobservice"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
database:
|
||||
subPath: "db"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
redis:
|
||||
subPath: "redis"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
trivy:
|
||||
subPath: "trivy"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
imageChartStorage:
|
||||
disableredirect: false
|
||||
type: filesystem
|
||||
filesystem:
|
||||
rootdirectory: /storage
|
||||
|
||||
# Enable Prometheus metrics
|
||||
metrics:
|
||||
enabled: true
|
||||
core:
|
||||
path: /metrics
|
||||
port: 8001
|
||||
registry:
|
||||
path: /metrics
|
||||
port: 8001
|
||||
jobservice:
|
||||
path: /metrics
|
||||
port: 8001
|
||||
exporter:
|
||||
path: /metrics
|
||||
port: 8001
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
namespace: monitoring
|
||||
additionalLabels:
|
||||
release: prometheus
|
||||
interval: 15s
|
||||
metricRelabelings: []
|
||||
relabelings: []
|
||||
|
||||
# Disable tracing as we're not using Jaeger
|
||||
trace:
|
||||
enabled: false
|
||||
|
||||
# Enable internal TLS
|
||||
internalTLS:
|
||||
enabled: true
|
||||
strong_ssl_ciphers: true
|
||||
certSource: "auto"
|
||||
|
||||
# Use internal database for simplicity
|
||||
database:
|
||||
type: internal
|
||||
internal:
|
||||
password: "changeme"
|
||||
|
||||
# Use internal Redis for simplicity
|
||||
redis:
|
||||
type: internal
|
||||
internal:
|
||||
password: "changeme"
|
||||
|
||||
# Enable Trivy scanner
|
||||
trivy:
|
||||
enabled: true
|
||||
image:
|
||||
repository: goharbor/trivy-adapter-photon
|
||||
tag: dev
|
||||
replicas: 2
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 1
|
||||
memory: 1Gi
|
||||
vulnType: "os,library"
|
||||
severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
|
||||
ignoreUnfixed: false
|
||||
insecure: false
|
||||
skipUpdate: false
|
||||
skipJavaDBUpdate: false
|
||||
offlineScan: false
|
||||
securityCheck: "vuln"
|
||||
timeout: 5m0s
|
||||
|
||||
# High Availability settings
|
||||
portal:
|
||||
replicas: 2
|
||||
|
||||
core:
|
||||
replicas: 2
|
||||
secretName: {{ .Values.hostname }}-tls
|
||||
type: ingress
|
||||
externalURL: https://{{ .Values.hostname }}
|
||||
|
||||
jobservice:
|
||||
replicas: 2
|
||||
|
||||
registry:
|
||||
replicas: 2
|
||||
|
||||
chartmuseum:
|
||||
replicas: 2
|
||||
|
||||
# Logging configuration
|
||||
log:
|
||||
level: info
|
||||
local:
|
||||
rotateCount: 50
|
||||
rotateSize: 200M
|
||||
location: /var/log/harbor
|
||||
external:
|
||||
enabled: true
|
||||
endpoint: http://fluentd.logging:24224
|
||||
index: harbor
|
||||
type: fluentd
|
||||
notary:
|
||||
enabled: false
|
||||
persistence:
|
||||
persistentVolumeClaim:
|
||||
chartmuseum:
|
||||
size: 10Gi
|
||||
storageClass: ceph-block
|
||||
database:
|
||||
size: 10Gi
|
||||
storageClass: ceph-block
|
||||
jobservice:
|
||||
jobLog:
|
||||
size: 2Gi
|
||||
storageClass: ceph-block
|
||||
redis:
|
||||
size: 2Gi
|
||||
storageClass: ceph-block
|
||||
registry:
|
||||
size: 10Gi
|
||||
storageClass: ceph-block
|
||||
trivy:
|
||||
size: 5Gi
|
||||
storageClass: ceph-block
|
||||
redis:
|
||||
enabled: true
|
||||
trivy:
|
||||
enabled: true
|
||||
|
||||
Reference in New Issue
Block a user