devteam/sharenet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add steps for Harbor environment variables
Some checks are pending
CI/CD Pipeline / Test Backend (push) Waiting to run
Details
CI/CD Pipeline / Test Frontend (push) Waiting to run
Details
CI/CD Pipeline / Build and Push Docker Images (push) Blocked by required conditions
Details
CI/CD Pipeline / Deploy to Production (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
continuist 2025-06-29 02:04:09 -04:00
parent 34a2a403b0
commit bfad7cf669
1 changed files with 43 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
CI_CD_PIPELINE_SETUP_GUIDE.md
View file

@ -512,14 +512,55 @@ export HARBOR_HOSTNAME=$YOUR_ACTUAL_IP
export HARBOR_ADMIN_PASSWORD="Harbor12345" export HARBOR_ADMIN_PASSWORD="Harbor12345"
export DB_PASSWORD="your-db-password" export DB_PASSWORD="your-db-password"
# Update Harbor configuration with secure passwords # Generate secure secrets for Harbor
export CORE_SECRET=$(openssl rand -hex 16)
export JOBSERVICE_SECRET=$(openssl rand -hex 16)
echo "Generated secrets:"
echo "CORE_SECRET: $CORE_SECRET"
echo "JOBSERVICE_SECRET: $JOBSERVICE_SECRET"
# Update Harbor configuration with secure passwords and secrets
cd /opt/APP_NAME/registry cd /opt/APP_NAME/registry
sed -i "s/Harbor12345/$HARBOR_ADMIN_PASSWORD/g" harbor.yml sed -i "s/Harbor12345/$HARBOR_ADMIN_PASSWORD/g" harbor.yml
sed -i "s/your-db-password/$DB_PASSWORD/g" harbor.yml sed -i "s/your-db-password/$DB_PASSWORD/g" harbor.yml
sed -i "s/your-db-password/$DB_PASSWORD/g" docker-compose.yml sed -i "s/your-db-password/$DB_PASSWORD/g" docker-compose.yml
# Update Harbor secrets in docker-compose.yml
sed -i "s/your-core-secret/$CORE_SECRET/g" docker-compose.yml
sed -i "s/your-jobservice-secret/$JOBSERVICE_SECRET/g" docker-compose.yml
# Save secrets securely for future reference
cat > /opt/APP_NAME/harbor-secrets.txt << EOF
# Harbor Secrets - KEEP THESE SECURE!
# Generated on: $(date)
# CI/CD IP: $YOUR_ACTUAL_IP
HARBOR_HOSTNAME=$HARBOR_HOSTNAME
HARBOR_ADMIN_PASSWORD=$HARBOR_ADMIN_PASSWORD
DB_PASSWORD=$DB_PASSWORD
CORE_SECRET=$CORE_SECRET
JOBSERVICE_SECRET=$JOBSERVICE_SECRET
# IMPORTANT: Store this file securely and keep a backup!
# You will need these secrets for:
# - Harbor upgrades
# - Database troubleshooting
# - Disaster recovery
# - Service restoration
EOF
# Set secure permissions on secrets file
chmod 600 /opt/APP_NAME/harbor-secrets.txt
echo "Secrets saved to /opt/APP_NAME/harbor-secrets.txt"
echo "IMPORTANT: Keep this file secure and backed up!"
``` ```
**Important**: Change the default passwords for production use. The default admin password is `Harbor12345` - change this immediately after first login. **Important**:
- Change the default passwords for production use. The default admin password is `Harbor12345` - change this immediately after first login.
- The generated secrets (`CORE_SECRET` and `JOBSERVICE_SECRET`) are cryptographically secure random values used for encrypting sensitive data.
- Store these secrets securely as they will be needed for Harbor upgrades or troubleshooting.
- **CRITICAL**: The secrets file contains sensitive information. Keep it secure and backed up!
#### 5.4 Start Harbor #### 5.4 Start Harbor