diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 95a28a6c5..6ee24fee8 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -144,12 +144,26 @@ app: "{{ template "harbor.name" . }}" {{- end }} {{- end -}} + +{{- define "harbor.redis.pwdfromsecret" -}} + {{- (lookup "v1" "Secret" .Release.Namespace (.Values.redis.external.existingSecret)).data.REDIS_PASSWORD | b64dec }} +{{- end -}} + +{{- define "harbor.redis.cred" -}} + {{- with .Values.redis }} + {{- if (and (eq .type "external" ) (.external.existingSecret)) }} + {{- printf ":%s@" (include "harbor.redis.pwdfromsecret" $) }} + {{- else }} + {{- ternary (printf "%s:%s@" (.external.username | urlquery) (.external.password | urlquery)) "" (and (eq .type "external" ) (not (not .external.password))) }} + {{- end }} + {{- end }} +{{- end -}} + /*scheme://[:password@]host:port[/master_set]*/ {{- define "harbor.redis.url" -}} {{- with .Values.redis }} {{- $path := ternary "" (printf "/%s" (include "harbor.redis.masterSet" $)) (not (include "harbor.redis.masterSet" $)) }} - {{- $cred := ternary (printf "%s:%s@" (.external.username | urlquery) (.external.password | urlquery)) "" (and (eq .type "external" ) (not (not .external.password))) }} - {{- printf "%s://%s%s%s" (include "harbor.redis.scheme" $) $cred (include "harbor.redis.addr" $) $path -}} + {{- printf "%s://%s%s%s" (include "harbor.redis.scheme" $) (include "harbor.redis.cred" $) (include "harbor.redis.addr" $) $path -}} {{- end }} {{- end -}} diff --git a/templates/registry/registry-dpl.yaml b/templates/registry/registry-dpl.yaml index fddba9fa8..b9c97ff89 100644 --- a/templates/registry/registry-dpl.yaml +++ b/templates/registry/registry-dpl.yaml @@ -113,6 +113,13 @@ spec: - name: INTERNAL_TLS_TRUST_CA_PATH value: /etc/harbor/ssl/registry/ca.crt {{- end }} + {{- if .Values.redis.external.existingSecret }} + - name: REGISTRY_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.redis.external.existingSecret }} + key: REDIS_PASSWORD + {{- end }} {{- if .Values.persistence.imageChartStorage.azure.existingSecret }} - name: REGISTRY_STORAGE_AZURE_ACCOUNTKEY valueFrom: