devteam/sharenet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix Harbor install steps

Browse source
This commit is contained in:
continuist 2025-07-01 02:19:53 -04:00
parent 2657917ebf
commit 07de8f2f6a
1 changed files with 53 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
CI_CD_PIPELINE_SETUP_GUIDE.md
View file

@ -492,6 +492,13 @@ echo "harbor:$(openssl rand -base64 32)" | sudo chpasswd
# Add harbor user to docker group # Add harbor user to docker group
sudo usermod -aG docker harbor sudo usermod -aG docker harbor
# Add DEPLOY_USER to harbor group for monitoring access
sudo usermod -aG harbor DEPLOY_USER
# Set proper permissions on /opt/harbor directory
sudo chown harbor:harbor /opt/harbor
sudo chmod 755 /opt/harbor
``` ```
#### 5.2 Generate SSL Certificates #### 5.2 Generate SSL Certificates
@ -565,13 +572,17 @@ echo "DB_PASSWORD: $DB_PASSWORD"
# Download and install Harbor # Download and install Harbor
cd /opt/harbor cd /opt/harbor
wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
tar -xzf harbor-offline-installer-v2.10.0.tgz # Switch to the DEPLOY_USER
sudo su - DEPLOY_USER
sudo wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
sudo tar -xzf harbor-offline-installer-v2.10.0.tgz
cd harbor cd harbor
cp harbor.yml.tmpl harbor.yml sudo cp harbor.yml.tmpl harbor.yml
# Edit harbor.yml configuration # Edit harbor.yml configuration
nano harbor.yml sudo nano harbor.yml
``` ```
**Important**: In the `harbor.yml` file, update: **Important**: In the `harbor.yml` file, update:
@ -580,15 +591,50 @@ nano harbor.yml
- `private_key: /etc/ssl/registry/registry.key` - `private_key: /etc/ssl/registry/registry.key`
- `password: <the DB_PASSWORD generated above>` - `password: <the DB_PASSWORD generated above>`
# Note: The default Harbor admin password is "Harbor12345" and will be changed in Step 5.6 **Note**: The default Harbor admin password is "Harbor12345" and will be changed in Step 5.6
```bash ```bash
# Run the following as the DEPLOY_USER
sudo su - DEPLOY_USER
cd /opt/harbor/harbor
# Install Harbor with Trivy vulnerability scanner # Install Harbor with Trivy vulnerability scanner
./prepare sudo ./prepare
sudo ./install.sh --with-trivy
sudo docker compose down
sudo chown -R harbor:harbor harbor
# Switch to the harbor user
sudo su - harbor
cd /opt/harbor/harbor
# Run the following to patially adjust the permissions correctly for the harbor user
./install.sh --with-trivy ./install.sh --with-trivy
# Exit harbor user shell # Exit harbor user shell to switch back to the DEPLOY_USER
exit exit
cd /opt/harbor/harbor
# Run the following to adjust the permissions for various en files
sudo chown harbor:harbor common/config/jobservice/env
sudo chown harbor:harbor common/config/db/env
sudo chown harbor:harbor common/config/registryctl/env
sudo chown harbor:harbor common/config/trivy-adapter/env
sudo chown harbor:harbor common/config/core/env
# Switch back to harbor user and bring Harbor back up
sudo su - harbor
cd /opt/harbor/harbor
docker compose up -d
# Verify that all Harbor containers are healthy
docker compose ps -a
# Verify using the Harbor API that all Harbor processes are healthy
curl -I -k https://localhost/api/v2.0/health
``` ```
#### 5.5 Create Systemd Service #### 5.5 Create Systemd Service