upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2025-04-11 05:05:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
cd7044dae1
harbor/contrib/helm/harbor/templates/registry/registry-ss.yaml
Wenkai Yin cd7044dae1 Remove the hardcoded certificate and private key in value.yaml 
The certificate and private key used by token service, registry and notoary server will be generated automatically
2018-07-30 16:41:42 +08:00

136 lines
4.7 KiB
YAML
Raw Blame History

apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: "{{ template "harbor.fullname" . }}-registry"
labels:
{{ include "harbor.labels" . | indent 4 }}
component: registry
spec:
replicas: 1
serviceName: "{{ template "harbor.fullname" . }}-registry"
selector:
matchLabels:
{{ include "harbor.matchLabels" . | indent 6 }}
component: registry
template:
metadata:
labels:
{{ include "harbor.labels" . | indent 8 }}
component: registry
spec:
containers:
- name: registry
image: {{ .Values.registry.image.repository }}:{{ .Values.registry.image.tag }}
imagePullPolicy: {{ .Values.registry.image.pullPolicy }}
resources:
{{ toYaml .Values.registry.resources | indent 10 }}
args: ["serve", "/etc/registry/config.yml"]
env:
- name: REGISTRY_HTTP_SECRET
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: httpSecret
{{- $storage := .Values.registry.storage }}
{{- $type := $storage.type }}
{{- if eq $type "azure" }}
- name: REGISTRY_STORAGE_AZURE_ACCOUNTKEY
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: accountkey
{{- else if eq $type "s3" }}
{{- if $storage.s3.accesskey }}
- name: REGISTRY_STORAGE_S3_ACCESSKEY
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: accesskey
{{- end }}
{{- if $storage.s3.secretkey }}
- name: REGISTRY_STORAGE_S3_SECRETKEY
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: secretkey
{{- end }}
{{- else if eq $type "swift" }}
- name: REGISTRY_STORAGE_SWIFT_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: password
{{- if $storage.swift.secretkey }}
- name: REGISTRY_STORAGE_SWIFT_SECRETKEY
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: secretkey
{{- end }}
{{- if $storage.swift.accesskey }}
- name: REGISTRY_STORAGE_SWIFT_ACCESSKEY
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: accesskey
{{- end }}
{{- else if eq $type "oss" }}
- name: REGISTRY_STORAGE_OSS_ACCESSKEYSECRET
valueFrom:
secretKeyRef:
name: "{{ template "harbor.fullname" . }}-registry"
key: accesskeysecret
{{- end }}
ports:
- containerPort: 5000
- containerPort: 5001
volumeMounts:
{{- if (.Values.persistence.enabled) and eq .Values.registry.storage.type "filesystem" }}
- name: registry-data
mountPath: {{ .Values.registry.storage.filesystem.rootdirectory }}
{{- end }}
- name: registry-root-certificate
mountPath: /etc/registry/root.crt
subPath: tokenServiceRootCertBundle
- name: registry-config
mountPath: /etc/registry/config.yml
subPath: config.yml
volumes:
- name: registry-root-certificate
secret:
secretName: "{{ template "harbor.fullname" . }}-ui"
- name: registry-config
configMap:
name: "{{ template "harbor.fullname" . }}-registry"
{{- with .Values.registry.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.registry.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.registry.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- if (.Values.persistence.enabled) and eq .Values.registry.storage.type "filesystem" }}
volumeClaimTemplates:
- metadata:
name: registry-data
labels:
{{ include "harbor.labels" . | indent 8 }}
spec:
accessModes: [{{ .Values.registry.volumes.data.accessMode | quote }}]
{{- if .Values.registry.volumes.data.storageClass }}
{{- if (eq "-" .Values.registry.volumes.data.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.registry.volumes.data.storageClass }}"
{{- end }}
{{- end }}
resources:
requests:
storage: {{ .Values.registry.volumes.data.size | quote }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink