change

dev/harbor/README.md

@@ -1,73 +0,0 @@
-#als je niet kunt inloggen omdat redis gecrashed is:
-op de LP ga naar redis directory en dan:
-
-sudo redis-check-aof --fix appendonly.aof.1.incr.aof
-
-#Opmerkingen:
-
-De goharbor-versie is alleen beschikbaar voor AMD-processorarchitectuur.
-Je moet dus de bitnami-versie gebruiken.
-
-#installatie:
-
-kubectl create ns harbor
-helm install harbor bitnami/harbor -n harbor -f values.yaml
-
-De bitnami helm chart maakt zelf een certificaat aan via cert-manager en letsencrypt. 
-De bitnami helm chart maakt zelf een ingress aan en een certificaat aan. 
-Je hoeft dus geen certificaat of ingressroutes te definieren.
-
-#trivy
-
-In eerste instantie is de status "unhealthy" 
-
-#Tekton
-
-In de tekton-pipeline wordt het secret "registry-credentials" gemount om de repositories te kunnen 
-gebruiken. 
-
-#Met Docker naar HARBOR VIA HTTP
-================================
-nano /etc/docker/daemon.json:
-
-{
-    "insecure-registries" : ["localhost:32000","harbor.allarddcs.nl"]
-}
-
-systemctl restart docker
-
-
-
-
-
-
-
-
-
-
-===========================================================
-1. Enable Microk8s to access Harbor-instance:
-
-Create certs directory:
-
-sudo mkdir -p /var/snap/microk8s/current/args/certs.d/harbor.alldcs.nl
-
-copy the certificate from Harbor:
-
-sudo cp ca.crt /var/snap/microk8s/current/args/certs.d/harbor.alldcs.nl
-
-2. Edit /var/snap/microk8s/current/args/containerd-template.toml
-
-  [plugins."io.containerd.grpc.v1.cri".registry.configs."harbor.alldcs.nl".tls]
-     insecure_skip_verify = true
-
-
-Password opvragen:
-==================
-
-echo "Password: $(kubectl -n default get secret harbor-core-envvars -n harbor 
--o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 -d)"
-
-
-
-

dev/harbor/catalog-info.yaml.ignore

@@ -1,19 +0,0 @@
-apiVersion: backstage.io/v1alpha1
-kind: Component
-metadata:
-  name: dev-harbor
-  title: Harbor (dev)
-  description: Harbor instance running in Kubernetes
-  annotations:
-    backstage.io/kubernetes-label-selector: "app=harbor"
-  links:
-    - url: https://github.com/AllardKrings/kubernetes/dev/harbor
-      title: harbor-configuration
-  docs:
-    - url: ./README.md
-spec:
-  type: service
-  lifecycle: production
-  owner: group:default/allarddcs
-  subcomponentOf: component:default/DEV-cluster
-

dev/harbor/create-registry-credentials.sh

@@ -1,4 +0,0 @@
-cd ~/
-microk8s kubectl delete secret registry-credentials
-microk8s kubectl create secret generic registry-credentials --from-file=.dockerconfigjson=/home/ubuntu/.docker/config.json --type=kubernetes.io/dockerconfigjson
-

dev/harbor/harbor-pv.yaml

@@ -1,95 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: harbor-registry-pv
-spec:
-  storageClassName: ""
-  capacity:
-    storage: 15Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  mountOptions:
-    - hard
-    - nfsvers=4.1
-  nfs:
-    server: 192.168.2.110
-    path: /mnt/nfs_share/harbor/registry
-    readOnly: false
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: harbor-jobsvc-pv
-spec:
-  storageClassName: ""
-  capacity:
-    storage: 1Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  mountOptions:
-    - hard
-    - nfsvers=4.1
-  nfs:
-    server: 192.168.2.110
-    path: /mnt/nfs_share/harbor/jobsvc
-    readOnly: false
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: harbor-jobsvc-scandata-pv
-spec:
-  storageClassName: ""
-  capacity:
-    storage: 1Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  mountOptions:
-    - hard
-    - nfsvers=4.1
-  nfs:
-    server: 192.168.2.110
-    path: /mnt/nfs_share/harbor/scandata
-    readOnly: false
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: harbor-trivy-pv
-spec:
-  storageClassName: ""
-  capacity:
-    storage: 1Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  mountOptions:
-    - hard
-    - nfsvers=4.1
-  nfs:
-    server: 192.168.2.110
-    path: /mnt/nfs_share/harbor/trivy
-    readOnly: false
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: harbor-redis-pv
-spec:
-  storageClassName: ""
-  capacity:
-    storage: 1Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  mountOptions:
-    - hard
-    - nfsvers=4.1
-  nfs:
-    server: 192.168.2.110
-    path: /mnt/nfs_share/harbor/redis
-    readOnly: false
-

dev/harbor/harbor-pvc.yaml

@@ -1,74 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: harbor-registry-pvc
-  namespace: harbor
-spec:
-  storageClassName: ""
-  volumeName: harbor-registry-pv
-  accessModes:
-    - ReadWriteOnce
-  volumeMode: Filesystem
-  resources:
-    requests:
-      storage: 15Gi
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: harbor-jobsvc-pvc
-  namespace: harbor
-spec:
-  storageClassName: ""
-  volumeName: harbor-jobsvc-pv
-  accessModes:
-    - ReadWriteOnce
-  volumeMode: Filesystem
-  resources:
-    requests:
-      storage: 1Gi
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: harbor-jobsvc-scandata-pvc
-  namespace: harbor
-spec:
-  storageClassName: ""
-  volumeName: harbor-jobsvc-scandata-pv
-  accessModes:
-    - ReadWriteOnce
-  volumeMode: Filesystem
-  resources:
-    requests:
-      storage: 1Gi
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: data-harbor-trivy-0
-  namespace: harbor
-spec:
-  storageClassName: ""
-  volumeName: harbor-trivy-pv
-  accessModes:
-    - ReadWriteOnce
-  volumeMode: Filesystem
-  resources:
-    requests:
-      storage: 1Gi
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: redis-data-harbor-redis-master-0
-  namespace: harbor
-spec:
-  storageClassName: ""
-  volumeName: harbor-redis-pv
-  accessModes:
-    - ReadWriteOnce
-  volumeMode: Filesystem
-  resources:
-    requests:
-      storage: 1Gi