jaggar/iac-cljs-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make corrections and add ingress-options for later

Browse Source
This commit is contained in:
GigiaJ
2025-10-12 12:50:29 -05:00
parent 6e1d9eaa18
commit bdfd498b8f
1 changed files with 58 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
iac/src/main/k8s/add_ons/image_registry/harbor.cljs
View File

@@ -2,15 +2,44 @@
(:require [utils.k8s :refer [make-transformer]]))
(def config
{:stack [:vault-secrets :chart :ingress]
{:stack [:storage-class :vault-secrets :chart :ingress]
:app-namespace "harbor"
:app-name "harbor"
:image-port 80
:vault-load-yaml false
:storage-class-opts {:provisioner "ru.yandex.s3.csi"
:parameters {"mounter" "geesefs"
"bucket" "pulumi-harbor"
"singleBucket" "pulumi-harbor"
"region" "us-east-1"
"accessKey" "something"
"secretKey" "something"
"accessKeyID" "something"
"secretAccessKey" "something"
"usePathStyle" "true"
"insecureSkipVerify" "true"
"options" "--memory-limit 1000 --dir-mode 0777 --file-mode 0666"
"csi.storage.k8s.io/provisioner-secret-name" "wasabi-csi-secrets"
"csi.storage.k8s.io/provisioner-secret-namespace" "kube-system"
"csi.storage.k8s.io/node-publish-secret-name" "wasabi-csi-secrets"
"csi.storage.k8s.io/node-publish-secret-namespace" "kube-system"
"csi.storage.k8s.io/node-stage-secret-name" "wasabi-csi-secrets"
"csi.storage.k8s.io/node-stage-secret-namespace" "kube-system"
"csi.storage.k8s.io/controller-publish-secret-name" "wasabi-csi-secrets"
"csi.storage.k8s.io/controller-publish-secret-namespace" "kube-system"}}
:ingress-opts {:service-name "harbor-portal"}
:chart-opts {:fetchOpts {:repo "https://helm.goharbor.io"}
:transformations (fn [args _opts]
(let [kind (get-in args [:resource :kind])]
(if (some #{kind} ["StatefulSet" "PersistentVolumeClaim" "Ingress"])
(update-in args [:resource :metadata :annotations]
#(assoc (or % {}) "pulumi.com/skipAwait" "true"))
args)))
:helm-values-fn (make-transformer
(fn [{:keys [app-name secrets]}]
(let [{:keys [host secret-key admin-password db-password]} secrets]
(let [{:keys [host secret-key admin-password db-password region bucket s3-access-key s3-secret-key region-endpoint]} secrets]
[[["externalURL"] (str "https://" host)]
[["expose" "ingress" "enabled"] false]
[["expose" "tls" "enabled"] false]
@@ -20,7 +49,30 @@
[["database" "internal" "password"] db-password]
[["persistence" "enabled"] true]
[["persistence" "resourcePolicy"] "keep"]
[["persistence" "persistentVolumeClaim" "registry" "storageClass"] "wasabi-csi"]
[["persistence" "persistentVolumeClaim" "database" "storageClass"] "wasabi-csi"]
[["persistence" "persistentVolumeClaim" "jobservice" "storageClass"] "wasabi-csi"]
[["persistence" "persistentVolumeClaim" "redis" "storageClass"] "wasabi-csi"]])))}})
[["registry" "storage" "type" "s3"]]
[["registry" "storage" "s3" "region" region]]
[["registry" "storage" "s3" "bucket" bucket]]
[["registry" "storage" "s3" "accessKey" s3-access-key]]
[["registry" "storage" "s3" "secretKey" s3-secret-key]]
[["registry" "storage" "s3" "regionendpoint" region-endpoint]]
;;[["persistence" "persistentVolumeClaim" "registry" "storageClass"] "harbor"]
;;[["persistence" "persistentVolumeClaim" "database" "storageClass"] "harbor"]
;;[["persistence" "persistentVolumeClaim" "jobservice" "storageClass"] "harbor"]
;;[["persistence" "persistentVolumeClaim" "redis" "storageClass"] "harbor"]
])))}})
(def ingress-options
{:function-keys [:host :service-name :image-port]
:ingress-rules [{:host 'host
:http {:paths [{:path "/"
:pathType "Prefix"
:backend {:service {:name (str 'service-name "-core")
:port {:number 'image-port}}}}]}}
{:host 'host
:http {:paths [{:path "/api"
:pathType "Prefix"
:backend {:service {:name (str 'service-name "-portal")
:port {:number 'image-port}}}}]}}]})