Dmitrii Esin

same here it would be nice to have some features like nexus have:

you need to edit PVC that your statefulset created in your helm values set ``` storageClass: allowVolumeExpansion: true ``` than: ``` kubectl edit pvc for each PVC in the StatefulSet,...

> What kind of storageclass you are using for jobservice pvc? @MinerYang I use 1Gi of linstor storage, we use our own disk pool for pvc

Hi @MinerYang ! I deployed harbor in HA mode: three replicas of harbor-core, harbor-jobservice, harbor-registry, harbor-portal. There no harbor-nginx pod due to I'm exposed it via Ingress. There no related...

@Kajot-dev hi Yes, I use custom templating plugin for ArgoCD to template multi cluster application manifests, to take and paste secrets from vault to manifests, etc In general, in this...

@Kajot-dev sounds interesting I’ll turn off auto sync to check this theory out I’ll back with feedback and answers to other questions tomorrow due to I’m have days off

@Kajot-dev hi You're right! Somehow Harbor re-generates internal TLS, patch all related secrets and deployments (couple screenshots attached) It is huge access vulnerability because I can't see any SA created...

I understand that ArgoCD trying to sync Harbor with actual state in Git, but how Harbor modify secrets and deployments in k8s without granted permissions to it? Argo trigger sync...

@Kajot-dev so if I understand right I need to move to existingSecret or use manual helm deploy instead of Argo?

@Kajot-dev thank you so much ! Appreciate your support:) I’m modifying configs now, will be back with results in 1-2 days