alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity
Files
5fbc9378c4ed7e4b1127ba8afe99216a5fc4572f
infrastructure/clusters/cl01tl/manifests/harbor/Deployment-harbor-registry.yaml
gitea-bot 4570e5f13a Automated Manifest Update (#4795) 
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

### Details
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `67a51a9` (on `67a51a96055ae0071df13e4e45ee8fe2d385e009`)
- **Charts Updated**: `harbor`

### Update Details (2026-03-17 01:04 UTC)
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `318a59e` (on `318a59e0fed9d8db34aff9b74ca89ac96b1992fd`)
- **Charts Updated**: `harbor`

### Update Details (2026-03-17 01:06 UTC)
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `4b67768` (on `4b6776838c16e7ab6808db08d8f2a974890ff0e6`)
- **Charts Updated**: `harbor`

### Update Details (2026-03-17 01:08 UTC)
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `25a4478` (on `25a447826e9e91e6438ada19dc41af54ef6bc7cd`)
- **Charts Updated**: `harbor`

### Update Details (2026-03-17 01:12 UTC)
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `be23d9f` (on `be23d9ff8b44e0da14987956686e1945b6601a36`)
- **Charts Updated**: `harbor`

### Update Details (2026-03-17 01:14 UTC)
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `252ddf2` (on `252ddf2e90d27eec8425d43c2fa3fe0b425a67be`)
- **Charts Updated**: `harbor`

Reviewed-on: #4795
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2026-03-17 01:14:46 +00:00

178 lines
5.3 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: "harbor-registry"
namespace: "harbor"
labels:
heritage: Helm
release: harbor
chart: harbor
app: "harbor"
app.kubernetes.io/instance: harbor
app.kubernetes.io/name: harbor
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: harbor
app.kubernetes.io/version: "2.14.2"
component: registry
app.kubernetes.io/component: registry
spec:
replicas: 1
revisionHistoryLimit: 10
strategy:
type: Recreate
rollingUpdate: null
selector:
matchLabels:
release: harbor
app: "harbor"
component: registry
template:
metadata:
labels:
heritage: Helm
release: harbor
chart: harbor
app: "harbor"
app.kubernetes.io/instance: harbor
app.kubernetes.io/name: harbor
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: harbor
app.kubernetes.io/version: "2.14.2"
component: registry
app.kubernetes.io/component: registry
annotations:
checksum/configmap: a765dd6fb9d5e9f003853b3f23a72a47461637085500e3c3c24759916a6f5f34
checksum/secret: 532881bd1d1d6c57ab80f3b04a516655345de38da400ba7e22511f263226bd48
checksum/secret-jobservice: d997909ea151f04cd3c6ce0da2b1e4b09ab6eecdc3d048c0d3aedf21b23285ba
checksum/secret-core: ea96175d9d13685272268c622197e7f602ef7f436c55dafd8e625f468586290d
spec:
securityContext:
runAsUser: 10000
fsGroup: 10000
fsGroupChangePolicy: OnRootMismatch
automountServiceAccountToken: false
terminationGracePeriodSeconds: 120
containers:
- name: registry
image: goharbor/registry-photon:v2.15.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /
scheme: HTTP
port: 5000
initialDelaySeconds: 300
periodSeconds: 10
readinessProbe:
httpGet:
path: /
scheme: HTTP
port: 5000
initialDelaySeconds: 1
periodSeconds: 10
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
envFrom:
- secretRef:
name: "harbor-registry"
env:
- name: REGISTRY_HTTP_SECRET
valueFrom:
secretKeyRef:
name: harbor-secret
key: REGISTRY_HTTP_SECRET
ports:
- containerPort: 5000
- containerPort: 8001
volumeMounts:
- name: registry-data
mountPath: /storage
subPath:
- name: registry-htpasswd
mountPath: /etc/registry/passwd
subPath: passwd
- name: registry-config
mountPath: /etc/registry/config.yml
subPath: config.yml
- name: registryctl
image: goharbor/harbor-registryctl:v2.15.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /api/health
scheme: HTTP
port: 8080
initialDelaySeconds: 300
periodSeconds: 10
readinessProbe:
httpGet:
path: /api/health
scheme: HTTP
port: 8080
initialDelaySeconds: 1
periodSeconds: 10
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
envFrom:
- configMapRef:
name: "harbor-registryctl"
- secretRef:
name: "harbor-registry"
- secretRef:
name: "harbor-registryctl"
env:
- name: REGISTRY_HTTP_SECRET
valueFrom:
secretKeyRef:
name: harbor-secret
key: REGISTRY_HTTP_SECRET
- name: CORE_SECRET
valueFrom:
secretKeyRef:
name: harbor-secret
key: secret
- name: JOBSERVICE_SECRET
valueFrom:
secretKeyRef:
name: harbor-secret
key: JOBSERVICE_SECRET
ports:
- containerPort: 8080
volumeMounts:
- name: registry-data
mountPath: /storage
subPath:
- name: registry-config
mountPath: /etc/registry/config.yml
subPath: config.yml
- name: registry-config
mountPath: /etc/registryctl/config.yml
subPath: ctl-config.yml
volumes:
- name: registry-htpasswd
secret:
secretName: harbor-secret
items:
- key: REGISTRY_HTPASSWD
path: passwd
- name: registry-config
configMap:
name: "harbor-registry"
- name: registry-data
persistentVolumeClaim:
claimName: harbor-registry
Reference in New Issue View Git Blame Copy Permalink