Michael DiLeo
7327d77dcd
Add the redacted source file for demo purposes Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1 Co-authored-by: Michael DiLeo <michael_dileo@proton.me> Co-committed-by: Michael DiLeo <michael_dileo@proton.me>
157 lines
5.8 KiB
YAML
157 lines
5.8 KiB
YAML
apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: HelmRepository
|
|
metadata:
|
|
name: harbor-registry
|
|
namespace: harbor-registry
|
|
spec:
|
|
type: oci
|
|
interval: 5m0s
|
|
url: oci://registry-1.docker.io/bitnamicharts
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: harbor-registry
|
|
namespace: harbor-registry
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
chart: harbor
|
|
version: "27.0.3"
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: harbor-registry
|
|
namespace: harbor-registry
|
|
interval: 1m
|
|
values:
|
|
clusterDomain: cluster.local
|
|
externalURL: https://<YOUR_REGISTRY_URL>
|
|
adminPassword: Harbor12345
|
|
# Global ingress configuration
|
|
global:
|
|
ingressClassName: nginx
|
|
default:
|
|
storageClass: longhorn-single-delete
|
|
# Use current Bitnami registry (not legacy)
|
|
imageRegistry: "docker.io"
|
|
|
|
# Use embedded databases (PostgreSQL and Redis sub-charts)
|
|
# NOTE: Chart 27.0.3 uses Debian-based images - override PostgreSQL tag since default doesn't exist
|
|
postgresql:
|
|
enabled: true
|
|
# Override PostgreSQL image tag - default 17.5.0-debian-12-r20 doesn't exist
|
|
# Use bitnamilegacy repository where Debian images were moved
|
|
image:
|
|
repository: bitnamilegacy/postgresql
|
|
# Enable S3 backup for Harbor PostgreSQL database (daily + weekly)
|
|
persistence:
|
|
labels:
|
|
recurring-job.longhorn.io/source: "enabled"
|
|
recurring-job-group.longhorn.io/longhorn-s3-backup: "enabled"
|
|
recurring-job-group.longhorn.io/longhorn-s3-backup-weekly: "enabled"
|
|
redis:
|
|
enabled: true
|
|
image:
|
|
repository: bitnamilegacy/redis
|
|
|
|
# Disable external services globally
|
|
commonLabels:
|
|
app.kubernetes.io/managed-by: Helm
|
|
persistence:
|
|
persistentVolumeClaim:
|
|
registry:
|
|
size: 50Gi
|
|
storageClass: longhorn-single-delete
|
|
jobservice:
|
|
size: 10Gi
|
|
storageClass: longhorn-single-delete
|
|
# NOTE: Chart 27.0.3 still uses Debian-based images (legacy)
|
|
# Bitnami Secure Images use Photon Linux, but chart hasn't been updated yet
|
|
# Keeping Debian tags for now - these work but are in bitnamilegacy repository
|
|
# TODO: Update to Photon-based images when chart is updated
|
|
core:
|
|
image:
|
|
repository: bitnamilegacy/harbor-core
|
|
updateStrategy:
|
|
type: Recreate
|
|
# Keep Debian-based tag for now (chart default)
|
|
# Override only if needed - chart defaults to: 2.13.2-debian-12-r3
|
|
# image:
|
|
# registry: docker.io
|
|
# repository: bitnami/harbor-core
|
|
# tag: "2.13.2-debian-12-r3"
|
|
configMap:
|
|
EXTERNAL_URL: https://<YOUR_REGISTRY_URL>
|
|
WITH_CLAIR: "false"
|
|
WITH_TRIVY: "false"
|
|
WITH_NOTARY: "false"
|
|
# Optimize resources - Harbor usage is deployment-dependent, not user-dependent
|
|
resources:
|
|
requests:
|
|
cpu: 50m # Reduced from 500m - actual usage ~3m
|
|
memory: 128Mi # Reduced from 512Mi - actual usage ~76Mi
|
|
limits:
|
|
cpu: 200m # Conservative limit for occasional builds
|
|
memory: 256Mi # Conservative limit
|
|
portal:
|
|
# Use bitnamilegacy repository for Debian-based images
|
|
image:
|
|
repository: bitnamilegacy/harbor-portal
|
|
jobservice:
|
|
updateStrategy:
|
|
type: Recreate
|
|
# Use bitnamilegacy repository for Debian-based images
|
|
image:
|
|
repository: bitnamilegacy/harbor-jobservice
|
|
# Optimize resources - job service has minimal usage
|
|
resources:
|
|
requests:
|
|
cpu: 25m # Reduced from 500m - actual usage ~5m
|
|
memory: 64Mi # Reduced from 512Mi - actual usage ~29Mi
|
|
limits:
|
|
cpu: 100m # Conservative limit
|
|
memory: 128Mi # Conservative limit
|
|
registry:
|
|
updateStrategy:
|
|
type: Recreate
|
|
# Use bitnamilegacy repository for Debian-based images
|
|
server:
|
|
image:
|
|
repository: bitnamilegacy/harbor-registry
|
|
controller:
|
|
image:
|
|
repository: bitnamilegacy/harbor-registryctl
|
|
# Optimize resources - registry has minimal usage
|
|
resources:
|
|
requests:
|
|
cpu: 25m # Reduced from 500m - actual usage ~1m
|
|
memory: 64Mi # Reduced from 512Mi - actual usage ~46Mi
|
|
limits:
|
|
cpu: 100m # Conservative limit for image pushes/pulls
|
|
memory: 128Mi # Conservative limit
|
|
nginx:
|
|
# Bitnami-specific service override
|
|
service:
|
|
type: ClusterIP
|
|
# Use bitnamilegacy repository for Debian-based images
|
|
image:
|
|
repository: bitnamilegacy/nginx
|
|
notary:
|
|
server:
|
|
updateStrategy:
|
|
type: Recreate
|
|
signer:
|
|
updateStrategy:
|
|
type: Recreate
|
|
trivy:
|
|
image:
|
|
repository: bitnamilegacy/harbor-adapter-trivy
|
|
ingress:
|
|
enabled: false
|
|
service:
|
|
type: ClusterIP
|
|
ports:
|
|
http: 80
|
|
https: 443
|