Helm chart LDAP and authentication variable renaming

2025-04-08 03:22:25 +00:00 · 2018-03-27 15:57:03 +02:00 · 2018-03-27 15:57:03 +02:00 · 0664c9a8cd
commit 0664c9a8cd
parent 05b9031327
4 changed files with 31 additions and 30 deletions
--- a/contrib/helm/harbor/README.md
+++ b/contrib/helm/harbor/README.md
@ -111,17 +111,17 @@ The following tables lists the configurable parameters of the Harbor chart and t
 | `adminserver.emailIdentity` | | "" |
 | `adminserver.key` | adminsever key | `not-a-secure-key` |
 | `adminserver.emailPwd` | password for email | `not-a-secure-password` |
-| `adminserver.harborAdminPassword` | password for admin user | `Harbor12345` |
-| `adminserver.harborAuthenticationMode` | authentication mode for Harbor ( `db_auth` for local database, `ldap_auth` for LDAP, etc...) [Docs](https://github.com/vmware/harbor/blob/master/docs/user_guide.md#user-account) | `db_auth` |
+| `adminserver.adminPassword` | password for admin user | `Harbor12345` |
+| `adminserver.authenticationMode` | authentication mode for Harbor ( `db_auth` for local database, `ldap_auth` for LDAP, etc...) [Docs](https://github.com/vmware/harbor/blob/master/docs/user_guide.md#user-account) | `db_auth` |
 | `adminserver.selfRegistration` | Allows users to register by themselves, otherwise only administrators can add users | `on` |
-| `adminserver.authenticationLdapURL` | LDAP server URL for `ldap_auth` authentication | `ldaps://ldapserver` |
-| `adminserver.authenticationLdapSearchDN` | LDAP Search DN | `` |
-| `adminserver.authenticationLdapBaseDN` | LDAP Base DN | `` |
-| `adminserver.authenticationLdapFilter` | LDAP Filter | `(objectClass=person)` |
-| `adminserver.authenticationLdapUID` | LDAP UID | `uid` |
-| `adminserver.authenticationLdapScope` | LDAP Scope | `2` |
-| `adminserver.authenticationLdapTimeout` | LDAP Timeout | `5` |
-| `adminserver.authenticationLdapVerifyCert` | LDAP Verify HTTPS Certificate | `True` |
+| `adminserver.ldap.url` | LDAP server URL for `ldap_auth` authentication | `ldaps://ldapserver` |
+| `adminserver.ldap.searchDN` | LDAP Search DN | `` |
+| `adminserver.ldap.baseDN` | LDAP Base DN | `` |
+| `adminserver.ldap.filter` | LDAP Filter | `(objectClass=person)` |
+| `adminserver.ldap.uid` | LDAP UID | `uid` |
+| `adminserver.ldap.scope` | LDAP Scope | `2` |
+| `adminserver.ldap.timeout` | LDAP Timeout | `5` |
+| `adminserver.ldap.verifyCert` | LDAP Verify HTTPS Certificate | `True` |
 | `adminserver.resources` | [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) to allocate for container   | undefined |
 | `adminserver.volumes` | used to create PVCs if persistence is enabled (see instructions in values.yaml) | see values.yaml |
 | **Jobservice** |
--- a/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
+++ b/contrib/helm/harbor/templates/adminserver/adminserver-cm.yaml
@ -29,16 +29,16 @@ data:
  WITH_NOTARY: "{{ .Values.notary.enabled }}"
  LOG_LEVEL: "info"
  IMAGE_STORE_PATH: "/" # This is a temporary hack.
-  AUTH_MODE: "{{ .Values.adminserver.harborAuthenticationMode }}"
+  AUTH_MODE: "{{ .Values.adminserver.authenticationMode }}"
  SELF_REGISTRATION: "{{ .Values.adminserver.selfRegistration }}"
-  LDAP_URL: "{{ .Values.adminserver.authenticationLdapURL }}"
-  LDAP_SEARCH_DN: "{{ .Values.adminserver.authenticationLdapSearchDN }}"
-  LDAP_BASE_DN: "{{ .Values.adminserver.authenticationLdapBaseDN }}"
-  LDAP_FILTER: "{{ .Values.adminserver.authenticationLdapFilter }}"
-  LDAP_UID: "{{ .Values.adminserver.authenticationLdapUID }}"
-  LDAP_SCOPE: "{{ .Values.adminserver.authenticationLdapScope }}"
-  LDAP_TIMEOUT: "{{ .Values.adminserver.authenticationLdapTimeout }}"
-  LDAP_VERIFY_CERT: "{{ .Values.adminserver.authenticationLdapVerifyCert }}"
+  LDAP_URL: "{{ .Values.adminserver.ldap.url }}"
+  LDAP_SEARCH_DN: "{{ .Values.adminserver.ldap.searchDN }}"
+  LDAP_BASE_DN: "{{ .Values.adminserver.ldap.baseDN }}"
+  LDAP_FILTER: "{{ .Values.adminserver.ldap.filter }}"
+  LDAP_UID: "{{ .Values.adminserver.ldap.uid }}"
+  LDAP_SCOPE: "{{ .Values.adminserver.ldap.scope }}"
+  LDAP_TIMEOUT: "{{ .Values.adminserver.ldap.timeout }}"
+  LDAP_VERIFY_CERT: "{{ .Values.adminserver.ldap.verifyCert }}"
  DATABASE_TYPE: "mysql"
  PROJECT_CREATION_RESTRICTION: "everyone"
  VERIFY_REMOTE_CERT: "off"
--- a/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml
+++ b/contrib/helm/harbor/templates/adminserver/adminserver-secrets.yaml
@ -9,7 +9,7 @@ type: Opaque
 data:
  secretKey: {{ .Values.secretKey | b64enc | quote }}
  EMAIL_PWD: {{ .Values.adminserver.emailPwd | b64enc | quote }}
-  HARBOR_ADMIN_PASSWORD: {{ .Values.adminserver.harborAdminPassword | b64enc | quote }}
+  HARBOR_ADMIN_PASSWORD: {{ .Values.adminserver.adminPassword | b64enc | quote }}
  MYSQL_PWD: {{ .Values.mysql.pass | b64enc | quote }}
  JOBSERVICE_SECRET: {{ .Values.jobservice.secret | b64enc | quote }}
  UI_SECRET: {{ .Values.ui.secret | b64enc | quote }}
--- a/contrib/helm/harbor/values.yaml
+++ b/contrib/helm/harbor/values.yaml
@ -65,17 +65,18 @@ adminserver:
  emailIdentity: ""
  emailInsecure: "False"
  emailPwd: not-a-secure-password
-  harborAdminPassword: Harbor12345
-  harborAuthenticationMode: "db_auth"
+  adminPassword: Harbor12345
+  authenticationMode: "db_auth"
  selfRegistration: "on"
-  authenticationLdapURL: "ldaps://ldapserver"
-  authenticationLdapSearchDN: ""
-  authenticationLdapBaseDN: ""
-  authenticationLdapFilter: "(objectClass=person)"
-  authenticationLdapUID: "uid"
-  authenticationLdapScope: "2"
-  authenticationLdapTimeout: "5"
-  authenticationLdapVerifyCert: "True"
+  ldap:
+    url: "ldaps://ldapserver"
+    searchDN: ""
+    baseDN: ""
+    filter: "(objectClass=person)"
+    uid: "uid"
+    scope: "2"
+    timeout: "5"
+    verifyCert: "True"
  ## Persist data to a persistent volume
  volumes:
    config: