# services/harbor/helmrelease.yaml apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: harbor namespace: harbor spec: interval: 10m timeout: 10m chart: spec: chart: harbor version: 1.18.1 sourceRef: kind: HelmRepository name: harbor namespace: flux-system values: externalURL: https://registry.bstein.dev imagePullPolicy: IfNotPresent expose: type: ingress tls: enabled: true certSource: secret secret: secretName: registry-bstein-dev-tls ingress: className: traefik annotations: cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" hosts: core: registry.bstein.dev persistence: enabled: true resourcePolicy: keep persistentVolumeClaim: registry: existingClaim: harbor-registry accessMode: ReadWriteOnce size: 50Gi jobservice: jobLog: existingClaim: harbor-jobservice-logs accessMode: ReadWriteOnce size: 5Gi imageChartStorage: type: filesystem filesystem: rootdirectory: /storage database: type: external external: host: postgres-service.postgres.svc.cluster.local port: "5432" username: harbor coreDatabase: harbor existingSecret: harbor-db sslmode: disable redis: type: internal internal: image: repository: registry.bstein.dev/infra/harbor-redis tag: v2.14.1-arm64 nodeSelector: kubernetes.io/hostname: titan-05 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: [ "arm64" ] preferredDuringSchedulingIgnoredDuringExecution: - weight: 90 preference: matchExpressions: - key: hardware operator: In values: [ "rpi5" ] - weight: 50 preference: matchExpressions: - key: hardware operator: In values: [ "rpi4" ] trivy: enabled: false metrics: enabled: false cache: enabled: false existingSecretAdminPassword: harbor-core existingSecretAdminPasswordKey: harbor_admin_password existingSecretSecretKey: harbor-core core: image: repository: registry.bstein.dev/infra/harbor-core tag: v2.14.1-arm64 nodeSelector: kubernetes.io/hostname: titan-05 existingSecret: harbor-core existingXsrfSecret: harbor-core existingXsrfSecretKey: CSRF_KEY affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: [ "arm64" ] preferredDuringSchedulingIgnoredDuringExecution: - weight: 90 preference: matchExpressions: - key: hardware operator: In values: [ "rpi5" ] - weight: 50 preference: matchExpressions: - key: hardware operator: In values: [ "rpi4" ] jobservice: image: repository: registry.bstein.dev/infra/harbor-jobservice tag: v2.14.1-arm64 nodeSelector: kubernetes.io/hostname: titan-05 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: [ "arm64" ] preferredDuringSchedulingIgnoredDuringExecution: - weight: 90 preference: matchExpressions: - key: hardware operator: In values: [ "rpi5" ] - weight: 50 preference: matchExpressions: - key: hardware operator: In values: [ "rpi4" ] portal: image: repository: registry.bstein.dev/infra/harbor-portal tag: v2.14.1-arm64 nodeSelector: kubernetes.io/hostname: titan-05 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: [ "arm64" ] preferredDuringSchedulingIgnoredDuringExecution: - weight: 90 preference: matchExpressions: - key: hardware operator: In values: [ "rpi5" ] - weight: 50 preference: matchExpressions: - key: hardware operator: In values: [ "rpi4" ] registry: registry: image: repository: registry.bstein.dev/infra/harbor-registry tag: v2.14.1-arm64 controller: image: repository: registry.bstein.dev/infra/harbor-registryctl tag: v2.14.1-arm64 nodeSelector: kubernetes.io/hostname: titan-05 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: [ "arm64" ] preferredDuringSchedulingIgnoredDuringExecution: - weight: 90 preference: matchExpressions: - key: hardware operator: In values: [ "rpi5" ] - weight: 50 preference: matchExpressions: - key: hardware operator: In values: [ "rpi4" ] nginx: image: repository: registry.bstein.dev/infra/harbor-nginx tag: v2.14.1-arm64 nodeSelector: kubernetes.io/hostname: titan-05 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: [ "arm64" ] preferredDuringSchedulingIgnoredDuringExecution: - weight: 90 preference: matchExpressions: - key: hardware operator: In values: [ "rpi5" ] - weight: 50 preference: matchExpressions: - key: hardware operator: In values: [ "rpi4" ] prepare: image: repository: registry.bstein.dev/infra/harbor-prepare tag: v2.14.1-arm64 updateStrategy: type: Recreate