88 lines
3.1 KiB
YAML
88 lines
3.1 KiB
YAML
# services/harbor/secretproviderclass.yaml
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: harbor-vault
|
|
namespace: harbor
|
|
spec:
|
|
provider: vault
|
|
parameters:
|
|
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
|
|
roleName: "harbor"
|
|
objects: |
|
|
- objectName: "harbor-core__CSRF_KEY"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "CSRF_KEY"
|
|
- objectName: "harbor-core__REGISTRY_CREDENTIAL_PASSWORD"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "REGISTRY_CREDENTIAL_PASSWORD"
|
|
- objectName: "harbor-core__harbor_admin_password"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "harbor_admin_password"
|
|
- objectName: "harbor-core__secret"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "secret"
|
|
- objectName: "harbor-core__secretKey"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "secretKey"
|
|
- objectName: "harbor-core__tls.crt"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "tls.crt"
|
|
- objectName: "harbor-core__tls.key"
|
|
secretPath: "kv/data/atlas/harbor/harbor-core"
|
|
secretKey: "tls.key"
|
|
- objectName: "harbor-db__database"
|
|
secretPath: "kv/data/atlas/harbor/harbor-db"
|
|
secretKey: "database"
|
|
- objectName: "harbor-db__host"
|
|
secretPath: "kv/data/atlas/harbor/harbor-db"
|
|
secretKey: "host"
|
|
- objectName: "harbor-db__password"
|
|
secretPath: "kv/data/atlas/harbor/harbor-db"
|
|
secretKey: "password"
|
|
- objectName: "harbor-db__port"
|
|
secretPath: "kv/data/atlas/harbor/harbor-db"
|
|
secretKey: "port"
|
|
- objectName: "harbor-db__username"
|
|
secretPath: "kv/data/atlas/harbor/harbor-db"
|
|
secretKey: "username"
|
|
- objectName: "harbor-oidc__CONFIG_OVERWRITE_JSON"
|
|
secretPath: "kv/data/atlas/harbor/harbor-oidc"
|
|
secretKey: "CONFIG_OVERWRITE_JSON"
|
|
secretObjects:
|
|
- secretName: harbor-core
|
|
type: Opaque
|
|
data:
|
|
- objectName: harbor-core__CSRF_KEY
|
|
key: CSRF_KEY
|
|
- objectName: harbor-core__REGISTRY_CREDENTIAL_PASSWORD
|
|
key: REGISTRY_CREDENTIAL_PASSWORD
|
|
- objectName: harbor-core__harbor_admin_password
|
|
key: harbor_admin_password
|
|
- objectName: harbor-core__secret
|
|
key: secret
|
|
- objectName: harbor-core__secretKey
|
|
key: secretKey
|
|
- objectName: harbor-core__tls.crt
|
|
key: tls.crt
|
|
- objectName: harbor-core__tls.key
|
|
key: tls.key
|
|
- secretName: harbor-db
|
|
type: Opaque
|
|
data:
|
|
- objectName: harbor-db__database
|
|
key: database
|
|
- objectName: harbor-db__host
|
|
key: host
|
|
- objectName: harbor-db__password
|
|
key: password
|
|
- objectName: harbor-db__port
|
|
key: port
|
|
- objectName: harbor-db__username
|
|
key: username
|
|
- secretName: harbor-oidc
|
|
type: Opaque
|
|
data:
|
|
- objectName: harbor-oidc__CONFIG_OVERWRITE_JSON
|
|
key: CONFIG_OVERWRITE_JSON
|