plotly · agateaux · May 8, 2024 · May 22, 2023 · May 23, 2023 · May 23, 2023
diff --git a/.github/auto-assignees.yaml b/.github/auto-assignees.yaml
diff --git a/.github/workflows/auto-assign-prs.yaml b/.github/workflows/auto-assign-prs.yaml
diff --git a/.github/workflows/build-dev.yml b/.github/workflows/build-dev.yml
@@ -3,7 +3,7 @@ name: Dev Image
 on:
   push:
     branches:
-    - master
+    - main
     - release-*
 
 jobs:

diff --git a/.github/workflows/chart-tests.yml b/.github/workflows/chart-tests.yml
@@ -0,0 +1,203 @@
+name: Chart Tests
+
+on:
+  push:
+    branches:
+    - '**'
+  pull_request:
+    branches:
+    - main
+    - release-*
+    - feature/*
+
+jobs:
+  chart-tests:
+    runs-on: ubuntu-latest
+    name: chart K8S v${{ matrix.k8sVersion }} (CM v${{ matrix.certManager }})
+    env:
+      USE_EXISTING_CLUSTER: true
+      operatorNamespace: harbor-operator-ns
+      dockerImage: harbor-operator:dev_test
+
+    strategy:
+      fail-fast: false
+      matrix:
+        # https://github.com/jetstack/cert-manager/tags
+        certManager:
+        - "1.9.1"
+
+        # https://snapcraft.io/microk8s
+        k8sVersion:
+        - "1.21.12"
+        - "1.23.6"
+        - "1.24.0"
+
+        # https://github.com/kubernetes/ingress-nginx/tags
+        ingress:
+        - "1.3.0"
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions/setup-go@v2
+        with:
+          go-version: 1.18
+
+      - uses: azure/setup-kubectl@v3
+        with:
+          version: 'latest'
+
+      - name: Cache go mod
+        uses: actions/cache@v2
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Prepare memory storage for etcd of kind cluster
+        run: |
+          # Use memory storage for etcd of the kind cluster, see https://github.com/kubernetes-sigs/kind/issues/845 for more info
+          mkdir -p /tmp/lib/etcd
+          sudo mount -t tmpfs tmpfs /tmp/lib/etcd
+
+      - name: Install Kubernetes v${{ matrix.k8sVersion }}
+        uses: helm/[email protected]
+        with:
+          version: v0.14.0
+          node_image: kindest/node:v${{ matrix.k8sVersion }}
+          cluster_name: harbor
+          config: .github/kind.yaml
+
+      - name: Install CertManager v${{ matrix.certManager }}
+        run: |
+          kubectl apply -f "https://github.com/jetstack/cert-manager/releases/download/v${{ matrix.certManager }}/cert-manager.yaml"
+          sleep 5
+          time kubectl -n cert-manager wait --for=condition=Available deployment --all --timeout 300s
+
+      - name: Install Ingress
+        run: |
+          kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v${{ matrix.ingress }}/deploy/static/provider/kind/deploy.yaml
+          time kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=300s
+
+      - name: build harbor-operator
+        run: |
+          make manifests docker-build IMG=${dockerImage}
+          kind load docker-image ${dockerImage} --name harbor
+
+      - name: install harbor-operator
+        run: |
+          set -ex
+          make kustomize
+
+          ./bin/kustomize build --reorder legacy config/helm/crds | kubectl create -f -
+
+          make helm-install NAMESPACE="${operatorNamespace}" IMG=${dockerImage}
+          kubectl -n "${operatorNamespace}" wait --for=condition=Available deployment --all --timeout 300s
+
+          if ! time kubectl -n ${operatorNamespace} wait --for=condition=Available deployment --all --timeout 300s; then
+            kubectl get all -n ${operatorNamespace}
+            exit 1
+          fi
+
+      - name: install harbor
+        run: |
+          export GITHUB_TOKEN=xxx
+          set -ex
+          IP=`hostname -I | awk '{print $1}'`
+          echo "IP=$IP" >> $GITHUB_ENV
+          CORE_HOST=core.$IP.nip.io
+          NOTARY_HOST=notary.$IP.nip.io
+          echo "CORE_HOST=$CORE_HOST" >> $GITHUB_ENV
+          echo "NOTARY_HOST=$NOTARY_HOST" >> $GITHUB_ENV
+          sed -i "s/core.harbor.domain/$CORE_HOST/g" config/samples/harborcluster-minimal/*.yaml
+          sed -i "s/notary.harbor.domain/$NOTARY_HOST/g" config/samples/harborcluster-minimal/*.yaml
+          sed -i "s/core.harbor.domain/$CORE_HOST/g" config/samples/harborcluster-standard/*.yaml
+          sed -i "s/notary.harbor.domain/$NOTARY_HOST/g" config/samples/harborcluster-standard/*.yaml
+
+          make sample-harborcluster-standard
+
+          for i in $(seq 1 7);do
+            sleep 30
+            echo $i
+            kubectl get all
+          done
+          if ! time kubectl wait --for=condition=Ready -l job-type!=minio-init pod --all --timeout 600s && ! time kubectl wait --for=condition=Ready -l job-type!=minio-init pod --all --timeout 60s; then
+            echo install harbor failed
+            kubectl get all
+
+            for n in $(kubectl get po |grep -v Running|grep -v NAME|awk '{print $1}');do
+              echo describe $n
+              kubectl describe pod $n
+              echo show log $n
+              kubectl logs --tail 100 $n || true
+            done
+            kubectl logs -l control-plane=harbor-operator -n ${operatorNamespace} --tail 100
+            free -h
+            exit 1
+          else
+            kubectl get all
+            kubectl get harbor -o wide
+            kubectl get harborcluster -o wide
+          fi
+          free -h
+
+      - name: test harbor
+        run: |
+          set -ex
+          curl https://$CORE_HOST/api/v2.0/systeminfo -i -k -f
+          sudo mkdir -p /etc/docker/certs.d/$CORE_HOST
+          kubectl get secret sample-public-certificate -o jsonpath='{.data.ca\.crt}' \
+            | base64 --decode \
+            | sudo tee /etc/docker/certs.d/$CORE_HOST/harbor_ca.crt
+          # docker login, create image, docker push, docker pull
+          docker login $CORE_HOST -u admin -p Harbor12345 || (kubectl get po;kubectl logs -l goharbor.io/operator-controller=core;exit 1)
+          docker run busybox dd if=/dev/urandom of=test count=10 bs=1MB
+          DOCKERID=`docker ps -l -q`
+          docker commit $DOCKERID $CORE_HOST/library/busybox:test
+          docker push $CORE_HOST/library/busybox:test
+          docker pull $CORE_HOST/library/busybox:test
+
+      - name: apidb test
+        run: bash .github/scripts/apidb_test.sh
+        env:
+          DOCKER_USER: ${{ secrets.DOCKER_USER }}
+          DOCKER_PWD: ${{ secrets.DOCKER_TOKEN }}
+          CORE_DEPLOYMENT: sample-harbor-harbor-core
+
+      - name: fetch harbor logs
+        if: ${{ failure() }}
+        run: |
+          mkdir -p /tmp/harbor
+          for name in core jobservice registry registryctl trivy chartmuseum notaryserver notarysigner portal; do \
+            kubectl logs -l "goharbor.io/operator-controller=$name" --all-containers > /tmp/harbor/$name.log ; \
+          done
+          kubectl logs -l "app.kubernetes.io/instance=harbor-database" --all-containers > /tmp/harbor/db.log
+          kubectl logs -l "release=harbor-redis" --all-containers > /tmp/harbor/redis.log
+          ls -l /tmp/harbor
+
+      - uses: actions/upload-artifact@v2
+        if: ${{ failure() }}
+        with:
+          name: harbor_chart
+          path: /tmp/harbor
+
+      - name: fetch logs
+        if: ${{ failure() }}
+        run: |
+          mkdir  -p /tmp/logs
+          kind export logs --name harbor /tmp/logs
+          ls -l /tmp/logs
+
+      - uses: actions/upload-artifact@v2
+        if: ${{ failure() }}
+        with:
+          name: kind_chart
+          path: /tmp/logs
+
+      - name: Get logs for debug
+        if: ${{ failure() }}
+        run: |
+          set -x
+          kubectl get all -n "${operatorNamespace}" -o wide
+          kubectl logs -n "${operatorNamespace}" -l 'control-plane=harbor-operator' --all-containers --tail=1000
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -13,10 +13,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ master, 0.5.0, 0.5.1, 0.5.2, release-* ]
+    branches: [ main, 0.5.0, 0.5.1, 0.5.2, release-* ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [ main ]
   schedule:
     - cron: '34 9 * * 3'