mukimovd/turash
1
0
Fork 0
mirror of https://github.com/SamyRai/turash.git synced 2025-12-26 23:01:33 +00:00
Code Issues 1 Actions Packages Projects Releases Wiki Activity
c6eba62352
turash/k8s/registry/SETUP_COMPLETE.md
Damir Mukimov 78d87ae345
Configure CI/CD pipeline with Harbor registry
2025-12-24 19:17:14 +01:00

3.0 KiB
Raw Blame History

Harbor Registry Setup Complete

Access Information

Harbor Web UI

Registry Endpoint

  • Registry: registry.bk.glpx.pro
  • Docker Login: 
    docker login registry.bk.glpx.pro -u admin -p "nVbR0IZv02zdZaM1zqjOz8FVbdzmXlEUaOb59D5Bkz0="

Configuration Summary

Database

  • Type: External PostgreSQL
  • Host: infra-postgres-rw.data.svc.cluster.local
  • Database: harbor
  • Username: app

Storage

  • Storage Class: longhorn-fast
  • Registry: 50Gi
  • Job Service: 1Gi
  • Redis: 2Gi
  • Trivy: 5Gi

Security

  • Admin Password: Generated secure password
  • Secret Key: Generated secure key
  • TLS: Enabled via cert-manager

Next Steps

1. Create Harbor Project

  1. Login to https://registry.bk.glpx.pro
  2. Go to ProjectsNew Project
  3. Create project: turash
  4. Set as Public (or configure access as needed)

2. Configure Woodpecker

# Add registry to Woodpecker repository
woodpecker-cli repo registry add <repo-id> \
  --hostname registry.bk.glpx.pro \
  --username admin \
  --password "nVbR0IZv02zdZaM1zqjOz8FVbdzmXlEUaOb59D5Bkz0="

# Add secrets
woodpecker-cli repo secret add <repo-id> \
  --name docker_username \
  --value admin

woodpecker-cli repo secret add <repo-id> \
  --name docker_password \
  --value "nVbR0IZv02zdZaM1zqjOz8FVbdzmXlEUaOb59D5Bkz0="

3. Test Registry Access

# Login
docker login registry.bk.glpx.pro -u admin -p "nVbR0IZv02zdZaM1zqjOz8FVbdzmXlEUaOb59D5Bkz0="

# Pull test image
docker pull alpine:latest

# Tag for Harbor
docker tag alpine:latest registry.bk.glpx.pro/turash/test:latest

# Push to Harbor
docker push registry.bk.glpx.pro/turash/test:latest

4. Verify Kubernetes Integration

# Check image pull secret
kubectl get secret harbor-registry-secret -n turash

# Test pod can pull images
kubectl run test-pull --image=registry.bk.glpx.pro/turash/test:latest --rm -it --restart=Never

Security Notes

⚠️ IMPORTANT:

  • Passwords are stored in harbor-secrets.yaml.template (DO NOT COMMIT!)
  • Change passwords regularly
  • Use Kubernetes secrets for production
  • Enable RBAC and access controls
  • Configure retention policies

Troubleshooting

Can't Login to Harbor

  • Check if Harbor core pods are running: kubectl get pods -n harbor
  • Verify password in values: helm get values harbor -n harbor | grep harborAdminPassword
  • Check logs: kubectl logs -n harbor deployment/harbor-core

Can't Push/Pull Images

  • Verify Docker login: docker login registry.bk.glpx.pro
  • Check project exists and is accessible
  • Verify network connectivity to registry

Database Connection Issues

  • Check PostgreSQL is running: kubectl get pods -n data | grep postgres
  • Verify database exists: Connect to PostgreSQL and check for harbor database
  • Check connection string in Harbor values