mirror of
https://github.com/cozystack/cozystack.git
synced 2026-03-12 19:49:07 +00:00
7ff5b2ba23
## What this PR does Adds Harbor v2.14.2 as a managed tenant-level container registry service in the PaaS bundle. **Architecture:** - Wrapper chart (`apps/harbor`) — HelmRelease, Ingress, WorkloadMonitors, BucketClaim, dashboard RBAC - Vendored upstream chart (`system/harbor`) from helm.goharbor.io v1.18.2 - System chart (`system/harbor`) provisions PostgreSQL via CloudNativePG and Redis via redis-operator - ApplicationDefinition (`system/harbor-rd`) for dynamic `Harbor` CRD registration - PackageSource and paas.yaml bundle entry for platform integration **Key design decisions:** - Database and Redis provisioned via CPNG and redis-operator (not internal Helm-based instances) for reliable day-2 operations - Registry image storage uses S3 via COSI BucketClaim/BucketAccess from namespace SeaweedFS - Trivy vulnerability scanner cache uses PVC (S3 not supported by vendored chart) - Token CA key/cert persisted across upgrades via Secret lookup - Per-component resource configuration (core, registry, jobservice, trivy) - Ingress with TLS via cert-manager, cloudflare issuer type handling, proxy timeouts for large image pushes - Auto-generated admin credentials persisted across upgrades **E2E test:** Creates Harbor instance, verifies HelmRelease readiness, deployment availability, credentials secret, service port, then cleans up. ### Release note ```release-note [harbor] Add managed Harbor container registry as a tenant-level service ``` <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added Harbor container registry deployment with integrated Kubernetes support, including database and cache layers. * Enabled metrics monitoring via Prometheus integration. * Configured dashboard management interface for Harbor administration. * **Tests** * Added end-to-end testing for Harbor deployment and verification. * **Chores** * Integrated Harbor into the platform's application package bundle. <!-- end of auto-generated comment: release notes by coderabbit.ai -->