UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit e0b3f46e authored by Ryan Garcia's avatar Ryan Garcia :dizzy:
Browse files

Merge branch '1589-add-harbor-charts-to-bb-main-repo-2nd-attempt' into 'master' 

Resolve "Add Harbor Charts to BB main repo"

Closes #1589

See merge request !2939
parents 01cd8496 da72617e
No related branches found
No related tags found
1 merge request!2939Resolve "Add Harbor Charts to BB main repo"
Pipeline #2011939 failed
Stage: 🎛 prevar
Stage: 🔥 smoke tests
Hide whitespace changes
Inline Side-by-side
Showing
with 366 additions and 0 deletions
chart/templates/harbor/gitrepository.yaml 0 → 100644
+ 15
0
View file @ e0b3f46e
{{- $pkg := "harbor" }}
{{- if and (eq (get .Values.addons $pkg).sourceType "git") (not .Values.offline) (get .Values.addons $pkg).enabled }}
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: {{ $pkg }}
namespace: {{ .Release.Namespace }}
spec:
interval: {{ .Values.flux.interval }}
url: {{ (get .Values.addons $pkg).git.repo }}
ref:
{{- include "validRef" (get .Values.addons $pkg).git | nindent 4 }}
{{ include "gitIgnore" . }}
{{- include "gitCreds" . | nindent 2 }}
{{- end }}
chart/templates/harbor/helmrelease.yaml 0 → 100644
+ 67
0
View file @ e0b3f46e
{{- $pkg := "harbor" }}
{{- $fluxSettingsHarbor := merge (get .Values.addons $pkg).flux .Values.flux -}}
{{- if (get .Values.addons $pkg).enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: {{ $pkg }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ $pkg }}
{{- include "commonLabels" . | nindent 4}}
annotations:
checksum/bigbang-values: {{ include (print $.Template.BasePath "/harbor/values.yaml") . | sha256sum }}
spec:
releaseName: {{ $pkg }}
targetNamespace: {{ $pkg }}
chart:
spec:
{{- if eq (get .Values.addons $pkg).sourceType "git" }}
chart: {{ (get .Values.addons $pkg).git.path }}
sourceRef:
kind: GitRepository
name: harbor
namespace: {{ .Release.Namespace }}
{{- else }}
chart: {{ (get .Values.addons $pkg).helmRepo.chartName }}
version: {{ (get .Values.addons $pkg).helmRepo.tag }}
sourceRef:
kind: HelmRepository
name: {{ (get .Values.addons $pkg).helmRepo.repoName }}
namespace: {{ .Release.Namespace }}
{{- end }}
interval: 5m
{{- toYaml $fluxSettingsHarbor | nindent 2 }}
{{- if (get .Values.addons $pkg).postRenderers }}
postRenderers:
{{ toYaml (get .Values.addons $pkg).postRenderers | nindent 4 }}
{{- end }}
valuesFrom:
- name: {{ .Release.Name }}-{{ $pkg }}-values
kind: Secret
valuesKey: "common"
- name: {{ .Release.Name }}-{{ $pkg }}-values
kind: Secret
valuesKey: "defaults"
- name: {{ .Release.Name }}-{{ $pkg }}-values
kind: Secret
valuesKey: "overlays"
{{- if or .Values.istio.enabled .Values.kyvernoPolicies.enabled .Values.monitoring.enabled }}
dependsOn:
{{- if .Values.istio.enabled }}
- name: istio
namespace: {{ .Release.Namespace }}
{{- end }}
{{- if .Values.kyvernoPolicies.enabled }}
- name: kyverno-policies
namespace: {{ .Release.Namespace }}
{{- end }}
{{- if .Values.monitoring.enabled }}
- name: monitoring
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}
{{- end }}
\ No newline at end of file
chart/templates/harbor/imagepullsecret.yaml 0 → 100644
+ 14
0
View file @ e0b3f46e
{{- $pkg := "harbor" }}
{{- if and (get .Values.addons $pkg).enabled ( include "imagePullSecret" . ) }}
apiVersion: v1
kind: Secret
metadata:
name: private-registry
namespace: {{ $pkg }}
labels:
app.kubernetes.io/name: {{ $pkg }}
{{- include "commonLabels" . | nindent 4}}
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "imagePullSecret" . }}
{{- end }}
chart/templates/harbor/namespace.yaml 0 → 100644
+ 14
0
View file @ e0b3f46e
{{- $pkg := "harbor" }}
{{- if (get .Values.addons $pkg).enabled }}
apiVersion: v1
kind: Namespace
metadata:
name: {{ $pkg }}
labels:
{{- if .Values.istio.enabled }}
istio-injection: enabled
{{- end }}
app.kubernetes.io/name: {{ $pkg }}
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
{{- end }}
\ No newline at end of file
chart/templates/harbor/values.yaml 0 → 100644
+ 38
0
View file @ e0b3f46e
{{- $pkg := "harbor" }}
{{- /* Create secret */ -}}
{{- if (get .Values.addons $pkg).enabled }}
{{- include "values-secret" (dict "root" $ "package" (get .Values.addons $pkg) "name" $pkg "defaults" (include (printf "bigbang.defaults.%s" $pkg) .)) }}
{{- end }}
{{- define "bigbang.defaults.harbor" -}}
imagePullSecrets:
- name: private-registry
imagePullPolicy: {{ .Values.imagePullPolicy }}
externalURL: https://harbor.{{ .Values.domain }}
domain: {{ .Values.domain }}
istio:
enabled: {{ .Values.istio.enabled }}
harbor:
gateways:
- istio-system/{{ default "public" .Values.addons.harbor.ingress.gateway }}
networkPolicies:
enabled: {{ .Values.networkPolicies.enabled }}
controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}
ingressLabels:
{{- $gateway := default "public" .Values.addons.harbor.ingress.gateway }}
{{- $default := dict "app" (dig "gateways" $gateway "ingressGateway" nil .Values.istio) "istio" nil }}
{{- toYaml (dig "values" "gateways" $gateway "selector" $default .Values.istio) | nindent 4 }}
monitoring:
enabled: {{ .Values.monitoring.enabled }}
sso:
enabled: {{ .Values.addons.harbor.sso.enabled }}
{{- end }}
chart/values.schema.json
+ 7
0
View file @ e0b3f46e
......@@ -1045,6 +1045,13 @@
"$ref": "#/$defs/values"
}
}
},
"harbor": {
"allOf": [
{
"$ref": "#/$defs/basePackage"
}
]
}
}
},
......
chart/values.yaml
+ 43
0
View file @ e0b3f46e
......@@ -1798,6 +1798,49 @@ addons:
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# ----------------------------------------------------------------------------------------------------------------------
# Harbor
#
harbor:
# -- Toggle deployment of harbor
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
git:
repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/harbor.git
tag: "1.12.2-bb.5"
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "harbor"
tag: "1.12.2-bb.5"
# -- Flux reconciliation overrides specifically for the Jaeger Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
sso:
# -- Toggle SSO for Harbor on and off
enabled: false
# -- OIDC Client ID to use for Harbor
client_id: ""
# -- OIDC Client Secret to use for Harbor
client_secret: ""
# -- Values to pass through to Habor chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/harbor.git
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Wrapper chart for integrating Big Bang components alongside a package
wrapper:
# -- Choose source type of "git" or "helmRepo"
......
tests/test-values.yaml
+ 168
0
View file @ e0b3f46e
......@@ -174,6 +174,7 @@ gatekeeper:
- logging/loki-cypress-test
- twistlock/twistlock-cypress-test
- sonarqube/sonarqube-cypress-test
- harbor/harbor-cypress-test
- logging/elasticsearch-kibana-cypress-test
- tempo/tempo-cypress-test
- argocd/argocd-cypress-test
......@@ -307,6 +308,7 @@ gatekeeper:
- logging/loki-cypress-test
- twistlock/twistlock-cypress-test
- sonarqube/sonarqube-cypress-test
- harbor/harbor-cypress-test
- logging/elasticsearch-kibana-cypress-test
- tempo/tempo-cypress-test
- argocd/argocd-cypress-test
......@@ -463,6 +465,7 @@ kyvernoPolicies:
- argocd
- minio
- neuvector
- harbor
names:
- "*-cypress-test*"
parameters:
......@@ -496,6 +499,7 @@ kyvernoPolicies:
- argocd
- minio
- neuvector
- harbor
names:
- "*-cypress-test*"
parameters:
......@@ -539,6 +543,7 @@ kyvernoPolicies:
- argocd
- minio
- neuvector
- harbor
names:
- "*-cypress-test*"
update-image-pull-policy:
......@@ -1689,3 +1694,166 @@ addons:
bbtests:
enabled: true
# ----------------------------------------------------------------------------------------------------------------------
# Harbor
#
harbor:
# -- Toggle deployment of harbor
enabled: false
# -- Values to pass through to Habor chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/harbor.git
values:
redis:
external:
addr: "harbor-redis-bb-headless:6379"
expose:
type: clusterIP
tls:
enabled: false
internalTLS:
enabled: false
externalURL: https://harbor.bigbang.dev
nginx:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
portal:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
core:
secretName: "ci-only"
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
jobservice:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
registry:
registry:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
controller:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
chartmuseum:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
trivy:
resources:
requests:
cpu: 80m
memory: 200Mi
limits:
cpu: 80m
memory: 200Mi
notary:
server:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
signer:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
database:
type: external
internal:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
initContainer:
migrator: {}
resources:
requests:
memory: 100Mi
cpu: 80m
limits:
cpu: 80m
memory: 100Mi
permissions: {}
resources:
requests:
memory: 100Mi
cpu: 80m
limits:
cpu: 80m
memory: 100Mi
postgresql:
resources:
requests:
cpu: "200m"
memory: "200Mi"
limits:
cpu: "200m"
memory: "200Mi"
redis:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
memory: 200Mi
cpu: 80m
exporter:
resources:
requests:
memory: 200Mi
cpu: 80m
limits:
cpu: 80m
memory: 200Mi
bbtests:
enabled: true
cypress:
artifacts: true
envs:
cypress_url: "https://harbor.bigbang.dev"
scripts:
image: "registry1.dso.mil/bigbang-ci/gitlab-tester:0.0.4"
envs:
HARBOR_REGISTRY: "harbor.bigbang.dev"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI