feat: deploy harbor

harbor/.gitattributes

@@ -0,0 +1 @@
+config/secret.*.y*ml filter=age diff=age merge=age -text

harbor/config/secret.s3.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: s3-credentials-harbor
+type: Opaque
+stringData:
+  REGISTRY_STORAGE_S3_ACCESSKEY: YTGU36XCHWZKCHWFLSXZ
+  REGISTRY_STORAGE_S3_SECRETKEY: 8RDIRSalXaFkQ9tNH8GifmeicZQKcCdyiB4gysob

harbor/config/values.harbor.yaml

@@ -0,0 +1,34 @@
+externalURL: https://registry.icb4dc0.de
+
+database:
+  type: external
+  external:
+    host: app-cluster-pooler-rw.postgres.svc
+    username: harbor-twpkvp
+    coreDatabase: harbor
+    existingSecret: db-credentials-harbor
+
+redis:
+  type: external
+  external:
+    addr: harbor-cache.harbor.svc
+    port: 6379
+
+expose:
+  type: clusterIP
+  tls:
+    enabled: false
+
+persistence:
+  imageChartStorage:
+    disableredirect: true
+    type: s3
+    s3:
+      existingSecret: "s3-credentials-harbor"
+      region: hel1
+      bucket: 1661580-harbor
+      regionendpoint: https://hel1.your-objectstorage.com
+
+jobservice:
+  jobLoggers:
+    - database

harbor/kustomization.yaml

@@ -0,0 +1,26 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: harbor
+
+resources:
+  - resources/ns.yaml
+  - config/secret.s3.yaml
+  - resources/db/db.yaml
+  - resources/db/user.yaml
+  - resources/dragonfly/db.yaml
+
+labels:
+  - includeSelectors: true
+    pairs:
+      app.kubernetes.io/managed-by: kustomize
+      app.kubernetes.io/part-of: harbor
+
+helmCharts:
+  - name: harbor
+    repo: https://helm.goharbor.io
+    releaseName: harbor
+    namespace: harbor
+    version: "1.16.2"
+    valuesFile: config/values.harbor.yaml
+    skipTests: true

harbor/resources/db/db.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: db.movetokube.com/v1alpha1
+kind: Postgres
+metadata:
+  name: harbor
+spec:
+  database: harbor
+  dropOnDelete: false

harbor/resources/db/user.yaml

@@ -0,0 +1,12 @@
+---
+apiVersion: db.movetokube.com/v1alpha1
+kind: PostgresUser
+metadata:
+  name: harbor
+spec:
+  role: harbor
+  database: harbor
+  secretName: db-credentials
+  privileges: OWNER
+  secretTemplate:
+    password: "{{ .Password }}"

harbor/resources/dragonfly/db.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: dragonflydb.io/v1alpha1
+kind: Dragonfly
+metadata:
+  name: harbor-cache
+  labels:
+    app.kubernetes.io/name: harbor-cache
+    app.kubernetes.io/instance: harbor
+    app.kubernetes.io/part-of: harbor
+spec:
+  replicas: 2
+  nodeSelector:
+    kubernetes.io/arch: arm64
+  resources:
+    requests:
+      cpu: 100m
+      memory: 350Mi
+    limits:
+      cpu: 100m
+      memory: 350Mi

harbor/resources/ns.yaml

@@ -0,0 +1,7 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: harbor
+  labels:
+    prometheus: default