feat(samples):adjust the related samples (#622)

* feat(samples):adjust the related samples - adjust samples under config folder - use hierarchical kustomization manifests to generate samples for minimal, standard and full stack - rename manifest yamls under manifests/samples - do necessary changes for the above changes Signed-off-by: Steven Zou <szou@vmware.com> also fix #607 * fix(action):update sample flow Signed-off-by: Steven Zou <szou@vmware.com> * Update tests.yml * fix(samples):add image patch to kustomization Signed-off-by: Steven Zou <szou@vmware.com> Co-authored-by: Ziming <zziming@vmware.com>
goharbor · Apr 29, 2021 · ffcce57 · ffcce57
1 parent 2b24d02
commit ffcce57
Show file tree

Hide file tree

Showing 33 changed files with 370 additions and 372 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -155,9 +155,9 @@ jobs:
         ingress:
         - "0.35.0"
 
-        storage:
-        - "fs"
-        - "minio"
+        samples:
+        - "full_stack.yaml"
+        - "standard_stack_fs.yaml"
 
     steps:
     - uses: actions/checkout@v2
@@ -232,7 +232,7 @@ jobs:
         echo "CORE_HOST=$CORE_HOST" >> $GITHUB_ENV
         echo "NOTARY_HOST=$NOTARY_HOST" >> $GITHUB_ENV
         echo "MINIO_HOST=$MINIO_HOST" >> $GITHUB_ENV
-        samplefile=harbor_full_${{ matrix.storage }}.yaml
+        samplefile=${{ matrix.samples }}
         sed -i "s/core.harbor.domain/$CORE_HOST/g" manifests/samples/$samplefile
         sed -i "s/notary.harbor.domain/$NOTARY_HOST/g" manifests/samples/$samplefile
         sed -i "s/minio.harbor.domain/$MINIO_HOST/g" manifests/samples/$samplefile
@@ -316,7 +316,7 @@ jobs:
           kubectl -n cluster-sample-ns logs -l "goharbor.io/operator-controller=$name" --all-containers > /tmp/harbor/$name.log ; \
         done
         kubectl -n cluster-sample-ns logs -l "application=spilo" --all-containers > /tmp/harbor/db.log
-        kubectl -n cluster-sample-ns logs -l "app.kubernetes.io/component=redis" > /tmp/harbor/redis.log
+        kubectl -n cluster-sample-ns logs -l "app.kubernetes.io/component=redis" --all-containers > /tmp/harbor/redis.log
 
     - uses: actions/upload-artifact@v2
       if: ${{ failure() }}
@@ -435,11 +435,12 @@ jobs:
           NOTARY_HOST=notary.$IP.nip.io
           echo "CORE_HOST=$CORE_HOST" >> $GITHUB_ENV
           echo "NOTARY_HOST=$NOTARY_HOST" >> $GITHUB_ENV
-          sed -i "s/core.harbor.domain/$CORE_HOST/g" config/samples/harborcluster/*.yaml
-          sed -i "s/notary.harbor.domain/$NOTARY_HOST/g" config/samples/harborcluster/*.yaml
-          sed -i "s/logLevel: info/logLevel: debug/g" config/samples/harborcluster/goharbor_v1alpha3_harborcluster.yaml
+          sed -i "s/core.harbor.domain/$CORE_HOST/g" config/samples/harborcluster-minimal/*.yaml
+          sed -i "s/notary.harbor.domain/$NOTARY_HOST/g" config/samples/harborcluster-minimal/*.yaml
+          sed -i "s/core.harbor.domain/$CORE_HOST/g" config/samples/harborcluster-standard/*.yaml
+          sed -i "s/notary.harbor.domain/$NOTARY_HOST/g" config/samples/harborcluster-standard/*.yaml
 
-          make sample-harborcluster
+          make sample-harborcluster-standard
 
           for i in $(seq 1 7);do
             sleep 30
@@ -485,7 +486,7 @@ jobs:
       - name: apidb test
         run: |
           git clone https://github.com/goharbor/harbor -b v2.2.1
-          kubectl patch deploy harborcluster-sample-harbor-harbor-core -p '{"spec":{"template":{"spec":{"containers":[{"name":"core","env":[{"name":"GC_TIME_WINDOW_HOURS","value":"0"}]}]}}}}'
+          kubectl patch deploy sample-harbor-harbor-core -p '{"spec":{"template":{"spec":{"containers":[{"name":"core","env":[{"name":"GC_TIME_WINDOW_HOURS","value":"0"}]}]}}}}'
           sleep 5
           kubectl wait --for=condition=Ready -l job-type!=minio-init pod --all --timeout 600s
           docker run --rm -t --privileged -v `pwd`/harbor:/drone -v /etc/docker/certs.d/$CORE_HOST/:/ca -v /etc/docker/certs.d/$CORE_HOST/:/root/.docker/tls/$NOTARY_HOST/ -e NOTARY_URL=https://$NOTARY_HOST -w /drone goharbor/harbor-e2e-engine:2.6.3 \
@@ -498,10 +499,10 @@ jobs:
         run: |
           mkdir -p /tmp/harbor
           for name in core jobservice registry registryctl trivy chartmuseum notaryserver notarysigner portal; do \
-            kubectl -n cluster-sample-ns logs -l "goharbor.io/operator-controller=$name" --all-containers > /tmp/harbor/$name.log ; \
+            kubectl logs -l "goharbor.io/operator-controller=$name" --all-containers > /tmp/harbor/$name.log ; \
           done
-          kubectl -n cluster-sample-ns logs -l "application=spilo" --all-containers > /tmp/harbor/db.log
-          kubectl -n cluster-sample-ns logs -l "app.kubernetes.io/component=redis" > /tmp/harbor/redis.log
+          kubectl logs -l "app.kubernetes.io/instance=harbor-database" --all-containers > /tmp/harbor/db.log
+          kubectl logs -l "release=harbor-redis" --all-containers > /tmp/harbor/redis.log
 
       - uses: actions/upload-artifact@v2
         if: ${{ failure() }}
@@ -566,9 +567,9 @@ jobs:
       fail-fast: false
       matrix:
         path:
-        - harbor
-        - harbor-full
-        - harborcluster
+        - harborcluster-minimal
+        - harborcluster-standard
+        - harborcluster-fullstack
     steps:
     - uses: actions/checkout@v2
     - uses: azure/k8s-bake@v1

diff --git a/config/samples/harbor/internal_tls.yaml b/config/samples/harbor/internal_tls.yaml
diff --git a/config/samples/harbor/kustomization.yaml b/config/samples/harbor/kustomization.yaml
diff --git a/config/samples/harborcluster-fullstack/certificate_patch.yaml b/config/samples/harborcluster-fullstack/certificate_patch.yaml
@@ -0,0 +1,4 @@
+- op: add
+  path: "/spec/dnsNames/-"
+  value:
+    minio.harbor.domain
diff --git a/config/samples/harborcluster-fullstack/incluster_cache_patch.yaml b/config/samples/harborcluster-fullstack/incluster_cache_patch.yaml
@@ -0,0 +1,19 @@
+apiVersion: goharbor.io/v1alpha3
+kind: HarborCluster
+metadata:
+  name: sample
+spec:
+  inClusterCache:
+    kind: Redis
+    redisSpec:
+      server:
+        replicas: 1
+        resources:
+          limits:
+            cpu: 500m
+            memory: 500Mi
+          requests:
+            cpu: 100m
+            memory: 250Mi
+      sentinel:
+        replicas: 1
diff --git a/config/samples/harborcluster-fullstack/incluster_database_patch.yaml b/config/samples/harborcluster-fullstack/incluster_database_patch.yaml
@@ -0,0 +1,17 @@
+apiVersion: goharbor.io/v1alpha3
+kind: HarborCluster
+metadata:
+  name: sample
+spec:
+  inClusterDatabase:
+    kind: PostgresSQL
+    postgresSqlSpec:
+      storage: 1Gi
+      replicas: 1
+      resources:
+        limits:
+          cpu: 500m
+          memory: 500Mi
+        requests:
+          cpu: 100m
+          memory: 250Mi
diff --git a/config/samples/harborcluster-fullstack/incluster_storage_patch.yaml b/config/samples/harborcluster-fullstack/incluster_storage_patch.yaml
@@ -0,0 +1,25 @@
+apiVersion: goharbor.io/v1alpha3
+kind: HarborCluster
+metadata:
+  name: sample
+spec:
+  inClusterStorage:
+    kind: MinIO
+    minIOSpec:
+      replicas: 2
+      secretRef: minio-access-secret
+      redirect:
+        enable: true
+        expose:
+          ingress:
+            host: minio.harbor.domain
+          tls:
+            certificateRef: sample-public-certificate
+      volumesPerServer: 2
+      volumeClaimTemplate:
+        spec:
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 10Gi
diff --git a/config/samples/harborcluster-fullstack/kustomization.yaml b/config/samples/harborcluster-fullstack/kustomization.yaml
@@ -0,0 +1,37 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+commonLabels:
+  sample: "true"
+
+bases:
+  - ../../kustomizeconfig
+  - ../harborcluster-standard/
+
+secretGenerator:
+  - name: minio-access-secret
+    literals:
+      - accesskey=admin
+      - secretkey=minio123
+    type: Opaque
+generatorOptions:
+  disableNameSuffixHash: true
+
+patchesStrategicMerge:
+  - incluster_cache_patch.yaml
+  - incluster_database_patch.yaml
+  - incluster_storage_patch.yaml
+  - resources_patch.yaml
+
+patchesJson6902:
+  - target:
+      kind: Certificate
+      name: sample-public-certificate
+      group: cert-manager.io
+      version: v1
+    path: certificate_patch.yaml
+  - target:
+      kind: HarborCluster
+      name: sample
+      group: goharbor.io
+      version: v1alpha3
+    path: spec_patch.yaml
diff --git a/config/samples/harborcluster-fullstack/resources_patch.yaml b/config/samples/harborcluster-fullstack/resources_patch.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: sample-harbor-chart
+$patch: delete
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: sample-harbor-registry
+$patch: delete
diff --git a/config/samples/harborcluster-fullstack/spec_patch.yaml b/config/samples/harborcluster-fullstack/spec_patch.yaml
@@ -0,0 +1,6 @@
+- op: remove
+  path: "/spec/database"
+- op: remove
+  path: "/spec/imageChartStorage"
+- op: remove
+  path: "/spec/redis"
diff --git a/...ples/harbor/goharbor_v1alpha3_harbor.yaml → ...ter-minimal/goharbor_v1alpha3_harbor.yaml b/...ples/harbor/goharbor_v1alpha3_harbor.yaml → ...ter-minimal/goharbor_v1alpha3_harbor.yaml
@@ -1,5 +1,5 @@
 apiVersion: goharbor.io/v1alpha3
-kind: Harbor
+kind: HarborCluster
 metadata:
   name: sample
 spec:

diff --git a/config/samples/harbor/https.yaml → .../samples/harborcluster-minimal/https.yaml b/config/samples/harbor/https.yaml → .../samples/harborcluster-minimal/https.yaml
diff --git a/config/samples/harborcluster-minimal/images_patch.yaml b/config/samples/harborcluster-minimal/images_patch.yaml
@@ -0,0 +1,7 @@
+apiVersion: goharbor.io/v1alpha3
+kind: HarborCluster
+metadata:
+  name: sample
+spec:
+  imageSource:
+    repository: ghcr.io/goharbor
diff --git a/.../samples/harborcluster/kustomization.yaml → .../harborcluster-minimal/kustomization.yaml b/.../samples/harborcluster/kustomization.yaml → .../harborcluster-minimal/kustomization.yaml
@@ -7,17 +7,16 @@ resources:
 - https.yaml
 - service_token_issuer.yaml
 - storage.yaml
-- goharbor_v1alpha3_harborcluster.yaml
+- goharbor_v1alpha3_harbor.yaml
 
 secretGenerator:
 - name: admin-core-secret
   literals:
   - secret=Harbor12345
   type: "goharbor.io/single-secret"
-- name: core-database-encryption
-  literals:
-    - secret=1234567890123456
-  type: "goharbor.io/single-secret"
 
 bases:
-  - ../../kustomizeconfig
+- ../../kustomizeconfig
+
+patchesStrategicMerge:
+  - images_patch.yaml
diff --git a/.../samples/harbor/service_token_issuer.yaml → ...cluster-minimal/service_token_issuer.yaml b/.../samples/harbor/service_token_issuer.yaml → ...cluster-minimal/service_token_issuer.yaml
diff --git a/config/samples/harbor/storage.yaml → ...amples/harborcluster-minimal/storage.yaml b/config/samples/harbor/storage.yaml → ...amples/harborcluster-minimal/storage.yaml
diff --git a/...harbor-full/harbor_chartmuseum_patch.yaml → ...er-standard/harbor_chartmuseum_patch.yaml b/...harbor-full/harbor_chartmuseum_patch.yaml → ...er-standard/harbor_chartmuseum_patch.yaml
@@ -1,5 +1,5 @@
 apiVersion: goharbor.io/v1alpha3
-kind: Harbor
+kind: HarborCluster
 metadata:
   name: sample
 spec:

diff --git a/...ples/harbor-full/harbor_notary_patch.yaml → ...cluster-standard/harbor_notary_patch.yaml b/...ples/harbor-full/harbor_notary_patch.yaml → ...cluster-standard/harbor_notary_patch.yaml
@@ -1,5 +1,5 @@
 apiVersion: goharbor.io/v1alpha3
-kind: Harbor
+kind: HarborCluster
 metadata:
   name: sample
 spec:

diff --git a/...mples/harbor-full/harbor_trivy_patch.yaml → ...rcluster-standard/harbor_trivy_patch.yaml b/...mples/harbor-full/harbor_trivy_patch.yaml → ...rcluster-standard/harbor_trivy_patch.yaml
@@ -1,11 +1,10 @@
 apiVersion: goharbor.io/v1alpha3
-kind: Harbor
+kind: HarborCluster
 metadata:
   name: sample
 spec:
   trivy:
     skipUpdate: false
-    githubTokenRef: github-credentials
     storage:
       reportsPersistentVolume:
         claimName: sample-harbor-trivy-reports

diff --git a/...ig/samples/harbor-full/kustomization.yaml → ...harborcluster-standard/kustomization.yaml b/...ig/samples/harbor-full/kustomization.yaml → ...harborcluster-standard/kustomization.yaml
@@ -8,7 +8,7 @@ resources:
 
 bases:
 - ../../kustomizeconfig
-- ../harbor
+- ../harborcluster-minimal
 
 patchesStrategicMerge:
 - harbor_chartmuseum_patch.yaml

diff --git a/config/samples/harbor-full/storage.yaml → ...mples/harborcluster-standard/storage.yaml b/config/samples/harbor-full/storage.yaml → ...mples/harborcluster-standard/storage.yaml