mirror of
https://github.com/goharbor/harbor
synced 2025-04-11 05:05:52 +00:00
cd7044dae1
The certificate and private key used by token service, registry and notoary server will be generated automatically
103 lines
3.0 KiB
YAML
103 lines
3.0 KiB
YAML
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: "{{ template "harbor.fullname" . }}-ui"
|
|
labels:
|
|
{{ include "harbor.labels" . | indent 4 }}
|
|
component: ui
|
|
spec:
|
|
replicas: 1
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{ include "harbor.matchLabels" . | indent 8 }}
|
|
component: ui
|
|
spec:
|
|
containers:
|
|
- name: ui
|
|
image: {{ .Values.ui.image.repository }}:{{ .Values.ui.image.tag }}
|
|
imagePullPolicy: {{ .Values.ui.image.pullPolicy }}
|
|
env:
|
|
- name: UI_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ template "harbor.fullname" . }}-ui"
|
|
key: secret
|
|
- name: JOBSERVICE_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ template "harbor.fullname" . }}-ui"
|
|
key: jobserviceSecret
|
|
- name: GODEBUG
|
|
value: netdns=cgo
|
|
- name: LOG_LEVEL
|
|
value: debug
|
|
- name: CONFIG_PATH
|
|
value: /etc/ui/app.conf
|
|
- name: ENABLE_HARBOR_SCAN_ON_PUSH
|
|
value: "1"
|
|
- name: ADMINSERVER_URL
|
|
value: "http://{{ template "harbor.fullname" . }}-adminserver"
|
|
ports:
|
|
- containerPort: 8080
|
|
volumeMounts:
|
|
- name: ui-config
|
|
mountPath: /etc/ui/app.conf
|
|
subPath: app.conf
|
|
- name: ui-secrets-key
|
|
mountPath: /etc/ui/key
|
|
subPath: key
|
|
- name: ui-secrets-private-key
|
|
mountPath: /etc/ui/private_key.pem
|
|
subPath: tokenServicePrivateKey
|
|
{{- if eq .Values.externalProtocol "https" }}
|
|
{{- if .Values.ingress.enabled }}
|
|
{{- if eq .Values.ingress.tls.secretName "" }}
|
|
- name: ca-download
|
|
mountPath: /etc/ui/ca/ca.crt
|
|
subPath: ca.crt
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
- name: psc
|
|
mountPath: /etc/ui/token
|
|
volumes:
|
|
- name: ui-config
|
|
configMap:
|
|
name: "{{ template "harbor.fullname" . }}-ui"
|
|
- name: ui-secrets-key
|
|
secret:
|
|
secretName: "{{ template "harbor.fullname" . }}-ui"
|
|
items:
|
|
- key: secretKey
|
|
path: key
|
|
- name: ui-secrets-private-key
|
|
secret:
|
|
secretName: "{{ template "harbor.fullname" . }}-ui"
|
|
{{- if eq .Values.externalProtocol "https" }}
|
|
{{- if .Values.ingress.enabled }}
|
|
{{- if eq .Values.ingress.tls.secretName "" }}
|
|
- name: ca-download
|
|
secret:
|
|
secretName: "{{ template "harbor.fullname" . }}-ingress"
|
|
items:
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
- name: psc
|
|
emptyDir: {}
|
|
{{- with .Values.ui.nodeSelector }}
|
|
nodeSelector:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.ui.affinity }}
|
|
affinity:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.ui.tolerations }}
|
|
tolerations:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|