From 37120dd7f66ce503ef1d6f4686c659ecd5f3177d Mon Sep 17 00:00:00 2001 From: GigiaJ Date: Tue, 14 Oct 2025 04:59:43 -0500 Subject: [PATCH] Swap to our template design --- .../k8s/add_ons/image_registry/harbor.cljs | 78 ++++++++----------- 1 file changed, 33 insertions(+), 45 deletions(-) diff --git a/iac/src/main/k8s/add_ons/image_registry/harbor.cljs b/iac/src/main/k8s/add_ons/image_registry/harbor.cljs index 06f136c..c73f253 100644 --- a/iac/src/main/k8s/add_ons/image_registry/harbor.cljs +++ b/iac/src/main/k8s/add_ons/image_registry/harbor.cljs @@ -28,51 +28,39 @@ "csi.storage.k8s.io/controller-publish-secret-name" "wasabi-csi-secrets" "csi.storage.k8s.io/controller-publish-secret-namespace" "kube-system"}} - :ingress-opts {:service-name "harbor-portal"} + :ingress-opts {:spec {:ingressClassName "caddy" + :rules [{:host 'host + :http {:paths '(make-paths + {:paths ["/" "/c"] + :backend {:name (str app-name "-portal") + :port {:number image-port}}} + {:paths ["/api" "/v2" "/chartrepo" "/service"] + :backend {:name (str app-name "-core") + :port {:number image-port}}})}}]}} :chart-opts {:fetchOpts {:repo "https://helm.goharbor.io"} - :transformations (fn [args _opts] - (let [kind (get-in args [:resource :kind])] - (if (some #{kind} ["StatefulSet" "PersistentVolumeClaim" "Ingress"]) - (update-in args [:resource :metadata :annotations] - #(assoc (or % {}) "pulumi.com/skipAwait" "true")) - args))) - :helm-values-fn (make-transformer - (fn [{:keys [app-name secrets]}] - (let [{:keys [host secret-key admin-password db-password region bucket s3-access-key s3-secret-key region-endpoint]} secrets] - [[["externalURL"] (str "https://" host)] - [["expose" "ingress" "enabled"] false] - [["expose" "tls" "enabled"] false] - [["harborAdminPassword"] admin-password] - [["secretKey"] secret-key] - [["database" "enabled"] true] - [["database" "internal" "password"] db-password] - [["persistence" "enabled"] true] - [["persistence" "resourcePolicy"] "keep"] - [["registry" "storage" "type" "s3"]] - [["registry" "storage" "s3" "region" region]] - [["registry" "storage" "s3" "bucket" bucket]] - [["registry" "storage" "s3" "accessKey" s3-access-key]] - [["registry" "storage" "s3" "secretKey" s3-secret-key]] - [["registry" "storage" "s3" "regionendpoint" region-endpoint]] - - ;;[["persistence" "persistentVolumeClaim" "registry" "storageClass"] "harbor"] - ;;[["persistence" "persistentVolumeClaim" "database" "storageClass"] "harbor"] - ;;[["persistence" "persistentVolumeClaim" "jobservice" "storageClass"] "harbor"] - ;;[["persistence" "persistentVolumeClaim" "redis" "storageClass"] "harbor"] - ])))}}) + + :values {:externalURL '(str "https://" host) + :expose {:ingress {:enabled true} + :tls {:enabled true}} + :harborAdminPassword 'admin-password + :secretKey 'secret-key + :database {:enabled true + :internal {:password 'db-password}} + :postgresql {:auth {:postgresPassword 'db-password}} + :persistence {:enabled true + :resourcePolicy "keep"} + :registry {:storage {:type "s3" + :s3 {:region 'region + :bucket 'bucket + :accessKey 's3-access-key + :secretKey 's3-secret-key + :regionendpoint 'region-endpoint}}}} + :transformations [(fn [args _opts] + (let [kind (get-in args [:resource :kind])] + (if (some #{kind} ["StatefulSet" "PersistentVolumeClaim" "Ingress"]) + (update-in args [:resource :metadata :annotations] + #(assoc (or % {}) "pulumi.com/skipAwait" "true")) + args)))] + }}) - - -(def ingress-options - {:function-keys [:host :service-name :image-port] - :ingress-rules [{:host 'host - :http {:paths [{:path "/" - :pathType "Prefix" - :backend {:service {:name (str 'service-name "-core") - :port {:number 'image-port}}}}]}} - {:host 'host - :http {:paths [{:path "/api" - :pathType "Prefix" - :backend {:service {:name (str 'service-name "-portal") - :port {:number 'image-port}}}}]}}]})