diff --git a/charts/harbor-operator/README.md b/charts/harbor-operator/README.md index f65ba585f..48364821f 100644 --- a/charts/harbor-operator/README.md +++ b/charts/harbor-operator/README.md @@ -8,61 +8,61 @@ Deploy Harbor Operator ## Values -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| affinity | object | `{}` | Expects input structure as per specification For example: `{ "nodeAffinity": { "requiredDuringSchedulingIgnoredDuringExecution": { "nodeSelectorTerms": [ { "matchExpressions": [ { "key": "foo.bar.com/role", "operator": "In", "values": [ "master" ] } ] } ] } } }` | -| allowPrivilegeEscalation | bool | `false` | Allow privilege escalation for the controller Pods | -| autoscaling.enabled | bool | `false` | Whether to enabled [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | -| autoscaling.maxReplicas | int | `100` | Maximum conroller replicas | -| autoscaling.minReplicas | int | `1` | Minimum conroller replicas | -| autoscaling.targetCPUUtilizationPercentage | int | `80` | CPU usage target for autoscaling | -| autoscaling.targetMemoryUtilizationPercentage | int | No target | Memory usage target for autoscaling | -| controllers.chartmuseum.maxReconcile | int | `1` | Max parallel reconciliation for ChartMuseum controller | -| controllers.common.classname | string | `""` | Harbor class handled by the operator. An empty class means watch all resources | -| controllers.common.networkPolicies | bool | `false` | Whether the operator should manage network policies | -| controllers.common.watchChildren | bool | `true` | Whether the operator should watch children | -| controllers.core.maxReconcile | int | `1` | Max parallel reconciliation for Core controller | -| controllers.harbor.maxReconcile | int | `1` | Max parallel reconciliation for Harbor controller | -| controllers.harborConfiguration.maxReconcile | int | `1` | Max parallel reconciliation for HarborConfiguration controller | -| controllers.harborcluster.maxReconcile | int | `1` | Max parallel reconciliation for HarborCluster controller | -| controllers.jobservice.maxReconcile | int | `1` | Max parallel reconciliation for JobService controller | -| controllers.notaryserver.maxReconcile | int | `1` | Max parallel reconciliation for NotaryServer controller | -| controllers.notarysigner.maxReconcile | int | `1` | Max parallel reconciliation for NotarySigner controller | -| controllers.portal.maxReconcile | int | `1` | Max parallel reconciliation for Portal controller | -| controllers.registry.maxReconcile | int | `1` | Max parallel reconciliation for Registry controller | -| controllers.registryctl.maxReconcile | int | `1` | Max parallel reconciliation for RegistryCtl controller | -| controllers.trivy.maxReconcile | int | `1` | Max parallel reconciliation for Trivy controller | -| deploymentAnnotations | object | `{}` | Additional annotations to add to the controller Deployment | -| fullnameOverride | string | `""` | | -| harborClass | string | `""` | Class name of the Harbor operator | -| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy for the controller. | -| image.repository | string | `"goharbor/harbor-operator"` | The image repository whose default is the chart appVersion. | -| image.tag | string | `"v1.2.0-rc1"` | The image tag whose default is the chart appVersion. | -| imagePullSecrets | list | `[]` | Reference to one or more secrets to be used when pulling images For example: `[ {"name":"image-pull-secret"} ]` | -| installCRDs | bool | `false` | If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED | -| leaderElection.namespace | string | `"kube-system"` | The namespace used to store the ConfigMap for leader election | -| logLevel | int | `4` | Set the verbosity of controller. Range of 0 - 6 with 6 being the most verbose. Info level is 4. | -| minio-operator.enabled | bool | `false` | Whether to enabled [MinIO Operator](https://github.com/minio/operator) | -| minio-operator.image.tag | string | `"v4.4.9"` | | -| nameOverride | string | `""` | | -| nodeSelector | object | `{}` | Expects input structure as per specification For example: `[ { "matchExpressions": [ { "key": "kubernetes.io/e2e-az-name", "operator": "In", "values": [ "e2e-az1", "e2e-az2" ] } ] } ]` | -| podAnnotations | object | `{}` | Additional annotations to add to the controller Pods | -| podLabels | object | `{}` | Additional labels to add to the controller Pods | -| podSecurityContext | object | `{"runAsNonRoot":true,"runAsUser":65532}` | Expects input structure as per specification For example: `{ "fsGroup": 2000, "runAsUser": 1000, "runAsNonRoot": true }` | -| postgres-operator.configKubernetes.secret_name_template | string | `"{username}.{cluster}.credentials"` | | -| postgres-operator.enabled | bool | `false` | Whether to enabled [Postgres operator](https://github.com/zalando/postgres-operator) | -| priorityClassName | string | `""` | priority class to be used for the harbor-operator pods | -| rbac.create | bool | `true` | Whether to install Role Based Access Control | -| redis-operator.enabled | bool | `false` | Whether to enabled [Redis Operator](https://github.com/spotahome/redis-operator) | -| redis-operator.image.tag | string | `"v1.1.1"` | | -| replicaCount | int | `1` | Number of replicas for the controller | +| Key | Type | Default | Description | +|-----|------|-----------------------------------------------------------------------------------------|-------------| +| affinity | object | `{}` | Expects input structure as per specification For example: `{ "nodeAffinity": { "requiredDuringSchedulingIgnoredDuringExecution": { "nodeSelectorTerms": [ { "matchExpressions": [ { "key": "foo.bar.com/role", "operator": "In", "values": [ "master" ] } ] } ] } } }` | +| allowPrivilegeEscalation | bool | `false` | Allow privilege escalation for the controller Pods | +| autoscaling.enabled | bool | `false` | Whether to enabled [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | +| autoscaling.maxReplicas | int | `100` | Maximum conroller replicas | +| autoscaling.minReplicas | int | `1` | Minimum conroller replicas | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | CPU usage target for autoscaling | +| autoscaling.targetMemoryUtilizationPercentage | int | No target | Memory usage target for autoscaling | +| controllers.chartmuseum.maxReconcile | int | `1` | Max parallel reconciliation for ChartMuseum controller | +| controllers.common.classname | string | `""` | Harbor class handled by the operator. An empty class means watch all resources | +| controllers.common.networkPolicies | bool | `false` | Whether the operator should manage network policies | +| controllers.common.watchChildren | bool | `true` | Whether the operator should watch children | +| controllers.core.maxReconcile | int | `1` | Max parallel reconciliation for Core controller | +| controllers.harbor.maxReconcile | int | `1` | Max parallel reconciliation for Harbor controller | +| controllers.harborConfiguration.maxReconcile | int | `1` | Max parallel reconciliation for HarborConfiguration controller | +| controllers.harborcluster.maxReconcile | int | `1` | Max parallel reconciliation for HarborCluster controller | +| controllers.jobservice.maxReconcile | int | `1` | Max parallel reconciliation for JobService controller | +| controllers.notaryserver.maxReconcile | int | `1` | Max parallel reconciliation for NotaryServer controller | +| controllers.notarysigner.maxReconcile | int | `1` | Max parallel reconciliation for NotarySigner controller | +| controllers.portal.maxReconcile | int | `1` | Max parallel reconciliation for Portal controller | +| controllers.registry.maxReconcile | int | `1` | Max parallel reconciliation for Registry controller | +| controllers.registryctl.maxReconcile | int | `1` | Max parallel reconciliation for RegistryCtl controller | +| controllers.trivy.maxReconcile | int | `1` | Max parallel reconciliation for Trivy controller | +| deploymentAnnotations | object | `{}` | Additional annotations to add to the controller Deployment | +| fullnameOverride | string | `""` | | +| harborClass | string | `""` | Class name of the Harbor operator | +| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy for the controller. | +| image.repository | string | `"goharbor/harbor-operator"` | The image repository whose default is the chart appVersion. | +| image.tag | string | `"v1.2.0-rc2"` | The image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | Reference to one or more secrets to be used when pulling images For example: `[ {"name":"image-pull-secret"} ]` | +| installCRDs | bool | `false` | If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED | +| leaderElection.namespace | string | `"kube-system"` | The namespace used to store the ConfigMap for leader election | +| logLevel | int | `4` | Set the verbosity of controller. Range of 0 - 6 with 6 being the most verbose. Info level is 4. | +| minio-operator.enabled | bool | `false` | Whether to enabled [MinIO Operator](https://github.com/minio/operator) | +| minio-operator.image.tag | string | `"v4.4.9"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | Expects input structure as per specification For example: `[ { "matchExpressions": [ { "key": "kubernetes.io/e2e-az-name", "operator": "In", "values": [ "e2e-az1", "e2e-az2" ] } ] } ]` | +| podAnnotations | object | `{}` | Additional annotations to add to the controller Pods | +| podLabels | object | `{}` | Additional labels to add to the controller Pods | +| podSecurityContext | object | `{"runAsNonRoot":true,"runAsUser":65532}` | Expects input structure as per specification For example: `{ "fsGroup": 2000, "runAsUser": 1000, "runAsNonRoot": true }` | +| postgres-operator.configKubernetes.secret_name_template | string | `"{username}.{cluster}.credentials"` | | +| postgres-operator.enabled | bool | `false` | Whether to enabled [Postgres operator](https://github.com/zalando/postgres-operator) | +| priorityClassName | string | `""` | priority class to be used for the harbor-operator pods | +| rbac.create | bool | `true` | Whether to install Role Based Access Control | +| redis-operator.enabled | bool | `false` | Whether to enabled [Redis Operator](https://github.com/spotahome/redis-operator) | +| redis-operator.image.tag | string | `"v1.1.1"` | | +| replicaCount | int | `1` | Number of replicas for the controller | | resources | object | `{"limits":{"cpu":"500m","memory":"300Mi"},"requests":{"cpu":"300m","memory":"200Mi"}}` | Expects input structure as per specification | -| service.port | int | `443` | Expose port for WebHook controller | -| service.type | string | `"ClusterIP"` | Service type to use | -| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | -| strategy | object | `{}` | Expects input structure as per specification For example: `{ "type": "RollingUpdate", "rollingUpdate": { "maxSurge": 0, "maxUnavailable": 1 } }` | -| tolerations | list | `[]` | Expects input structure as per specification For example: `[ { "key": "foo.bar.com/role", "operator": "Equal", "value": "master", "effect": "NoSchedule" } ]` | -| volumeMounts | list | `[]` | Expects input structure as per specification For example: `[ { "mountPath": "/test-ebs", "name": "test-volume" } ]` | -| volumes | list | `[]` | Expects input structure as per specification For example: `[ { "name": "test-volume", "awsElasticBlockStore": { "volumeID": "", "fsType": "ext4" } } ]` | +| service.port | int | `443` | Expose port for WebHook controller | +| service.type | string | `"ClusterIP"` | Service type to use | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| strategy | object | `{}` | Expects input structure as per specification For example: `{ "type": "RollingUpdate", "rollingUpdate": { "maxSurge": 0, "maxUnavailable": 1 } }` | +| tolerations | list | `[]` | Expects input structure as per specification For example: `[ { "key": "foo.bar.com/role", "operator": "Equal", "value": "master", "effect": "NoSchedule" } ]` | +| volumeMounts | list | `[]` | Expects input structure as per specification For example: `[ { "mountPath": "/test-ebs", "name": "test-volume" } ]` | +| volumes | list | `[]` | Expects input structure as per specification For example: `[ { "name": "test-volume", "awsElasticBlockStore": { "volumeID": "", "fsType": "ext4" } } ]` | diff --git a/charts/harbor-operator/values.yaml b/charts/harbor-operator/values.yaml index 0c16bee86..1ffcd9493 100644 --- a/charts/harbor-operator/values.yaml +++ b/charts/harbor-operator/values.yaml @@ -4,7 +4,7 @@ image: # image.pullPolicy -- The image pull policy for the controller. pullPolicy: IfNotPresent # image.tag -- The image tag whose default is the chart appVersion. - tag: "v1.2.0-rc1" + tag: "v1.2.0-rc2" # installCRDs -- If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED installCRDs: false diff --git a/manifests/cluster/deployment.yaml b/manifests/cluster/deployment.yaml index 28474e628..5d93d19fb 100644 --- a/manifests/cluster/deployment.yaml +++ b/manifests/cluster/deployment.yaml @@ -38851,7 +38851,7 @@ spec: fieldPath: metadata.namespace - name: CONFIGURATION_FROM value: env,file:/etc/harbor-operator/config.yaml - image: ghcr.io/goharbor/harbor-operator:v1.2.0-rc1 + image: ghcr.io/goharbor/harbor-operator:v1.2.0-rc2 livenessProbe: httpGet: path: /healthz diff --git a/manifests/cluster/kustomization.yaml b/manifests/cluster/kustomization.yaml index f4f3829d3..96e4cbea0 100644 --- a/manifests/cluster/kustomization.yaml +++ b/manifests/cluster/kustomization.yaml @@ -47,4 +47,4 @@ images: newName: ghcr.io/goharbor/postgres-operator - name: goharbor/harbor-operator newName: ghcr.io/goharbor/harbor-operator - newTag: v1.2.0-rc1 + newTag: v1.2.0-rc2 diff --git a/manifests/harbor/deployment.yaml b/manifests/harbor/deployment.yaml index 63f956631..138d9ee01 100644 --- a/manifests/harbor/deployment.yaml +++ b/manifests/harbor/deployment.yaml @@ -28182,7 +28182,7 @@ spec: fieldPath: metadata.namespace - name: CONFIGURATION_FROM value: env,file:/etc/harbor-operator/config.yaml - image: ghcr.io/goharbor/harbor-operator:v1.2.0-rc1 + image: ghcr.io/goharbor/harbor-operator:v1.2.0-rc2 livenessProbe: httpGet: path: /healthz diff --git a/manifests/harbor/kustomization.yaml b/manifests/harbor/kustomization.yaml index 191608b8c..1814b9eb8 100644 --- a/manifests/harbor/kustomization.yaml +++ b/manifests/harbor/kustomization.yaml @@ -23,4 +23,4 @@ resources: images: - name: goharbor/harbor-operator newName: ghcr.io/goharbor/harbor-operator - newTag: v1.2.0-rc1 + newTag: v1.2.0-rc2