feat: Harbor backup (#343)

* fix: schema

* fix: resources

* feat: add databasePassword

Co-authored-by: jeho <jehoszafat.zimnowoda@redkubes.com>

Author: srodenhuis

src/openapi/apps/harbor.yaml

@@ -26,6 +26,10 @@ AppHarbor:
         #   type: boolean
         #   default: true
         #   description: Will mark the main project named "library" as private.
+        databasePassword:
+          type: string
+          description: Once set and deployed it cannot be changed with manual intervention.
+          x-secret: 'randAlphaNum 20'
         core:
           type: object
           properties:
@@ -148,6 +152,18 @@ AppHarbor:
                   required:
                     - gcs
                     - type
+        backup:
+          title: Backup Registry database
+          description: Enabeling the registry backup will create a backup of the Harbor Registry database and store it in the Minio harbor bucket.
+          type: object
+          properties:
+            enabled:
+              type: boolean
+              default: false
+            schedule:
+              default: 0 0 * * *
+              description: Cron-type expression to schedule the backup. Defaults to once a day at 00:00.
+              type: string
         registry:
           type: object
           properties:
@@ -192,26 +208,26 @@ AppHarbor:
                   properties:
                     cpu:
                       $ref: ../definitions.yaml#/quantityCpu
-                      default: 100m
+                      default: 400m
                     memory:
                       $ref: ../definitions.yaml#/quantityMem
-                      default: 128Mi
+                      default: 256Mi
                 requests:
                   type: object
                   properties:
                     cpu:
                       $ref: ../definitions.yaml#/quantityCpu
-                      default: 400m
+                      default: 100m
                     memory:
                       $ref: ../definitions.yaml#/quantityMem
-                      default: 256Mi
+                      default: 128Mi
               required:
                 - limits
                 - requests
             clair:
               type: object
               properties:
-                limits:
+                requests:
                   type: object
                   properties:
                     cpu:
@@ -220,7 +236,7 @@ AppHarbor:
                     memory:
                       $ref: ../definitions.yaml#/quantityMem
                       default: 1Gi
-                requests:
+                limits:
                   type: object
                   properties:
                     cpu:
@@ -426,4 +442,6 @@ AppHarbor:
               required:
                 - limits
                 - requests
+      required:
+        - databasePassword
   required: [id]

src/values-schema.yaml

@@ -127,12 +127,17 @@ definitions:
         type: integer
         default: 1
   autoscalingEnabled:
-    allOf:
-      - properties:
-          enabled:
-            default: true
-            type: boolean
-      - $ref: '#/definitions/autoscaling'
+    additionalProperties: false
+    properties:
+      enabled:
+        default: true
+        type: boolean
+      maxReplicas:
+        type: integer
+        default: 10
+      minReplicas:
+        type: integer
+        default: 1
   aws:
     definitions:
       accessKey:
@@ -735,8 +740,8 @@ definitions:
     pattern: '^[a-z0-9]+(?:[._-][a-z0-9]+)*$'
     type: string
   repoUrl:
-    description: Path to a remote git repo without protocol. Will use https to access.
-    pattern: '^(.+@)*([\w\d\.]+)(:[\d]+){0,1}/*(.*)$'
+    description: Path to a remote git repo with or without protocol prefix of either https:// or file:// (https:// used if omitted)
+    pattern: '^(https://|file://)?(.+@)*([\w\d\.]+)(:[\d]+){0,1}/*(.*)$'
     type: string
   repository:
     description: A container image repository.
@@ -1571,6 +1576,10 @@ properties:
           adminPassword:
             type: string
             x-secret: ''
+          databasePassword:
+            type: string
+            description: Once set and deployed it cannot be changed with manual intervention.
+            x-secret: 'randAlphaNum 20'
           core:
             properties:
               secret:
@@ -1650,8 +1659,8 @@ properties:
                       - aws
                       - azure
                       - gcs
-                      - file
-                    default: file
+                      - filesystem
+                    default: filesystem
           registry:
             properties:
               secret:
@@ -1699,6 +1708,17 @@ properties:
           secretKey:
             type: string
             x-secret: 'randAlpha 16'
+          backup:
+            properties:
+              enabled:
+                type: boolean
+                default: false
+              schedule:
+                default: 0 0 * * *
+                description: Cron-type expression to schedule the backup. Defaults to once a day at 00:00.
+                type: string
+        # required:
+        #   - databasePassword
       hello:
         description: Hello world demo chart. When you turn this off you may also have to remove the ingress service.
         properties:
@@ -2032,6 +2052,8 @@ properties:
       external-secrets:
         additionalProperties: false
         properties:
+          _rawValues:
+            $ref: '#/definitions/rawValues'
           enabled:
             type: boolean
           logLevel:
@@ -2079,40 +2101,42 @@ properties:
                 type: string
             required:
               - duration
-          aws:
-            type: object
-          azure:
-            description: Missing from docs but available with this schema.
+          storage:
             properties:
-              account_key:
-                type: string
-                x-secret: ''
-              account_name:
-                type: string
-              container_name:
+              aws:
+                type: object
+              azure:
+                description: Missing from docs but available with this schema.
+                properties:
+                  account_key:
+                    type: string
+                    x-secret: ''
+                  account_name:
+                    type: string
+                  container_name:
+                    type: string
+                type: object
+              bigtable:
+                type: object
+              cassandra:
+                type: object
+              gcs:
+                type: object
+              swift:
+                type: object
+              local:
+                type: object
+              storageType:
                 type: string
-            type: object
-          bigtable:
-            type: object
-          cassandra:
-            type: object
-          gcs:
-            type: object
-          swift:
-            type: object
-          local:
-            type: object
-          storageType:
-            type: string
-            enum:
-              - aws
-              - azure
-              - bigtable
-              - cassandra
-              - filesystem
-              - gcs
-              - swift
-              - local
+                enum:
+                  - aws
+                  - azure
+                  - bigtable
+                  - cassandra
+                  - filesystem
+                  - gcs
+                  - swift
+                  - local
           v11StartDate:
             description: Set this to a date just after deployment in case of an upgrade. (Otomi started at v9 with filesystem.)
             title: Schema v11 start date
@@ -2167,7 +2191,7 @@ properties:
                 type: boolean
                 default: true
               size:
-                type: string
+                $ref: '#/definitions/size'
                 default: 20Gi
       oauth2-proxy:
         additionalProperties: false
@@ -2188,6 +2212,9 @@ properties:
         properties:
           _rawValues:
             $ref: '#/definitions/rawValues'
+          editorInactivityTimeout:
+            type: integer
+            default: 10
           git:
             additionalProperties: false
             properties:
@@ -2516,6 +2543,7 @@ properties:
         oneOf:
           - title: AWS
             description: Uses credentials when either a pair of id+key or a secret name is provided. Assumes node role otherwise.
+            additionalProperties: false
             properties:
               aws:
                 properties:
@@ -2541,18 +2569,21 @@ properties:
             required:
               - aws
           - title: Azure
+            additionalProperties: false
             properties:
               azure:
                 $ref: '#/definitions/azure/definitions/dns'
             required:
               - azure
           - title: Azure Private
+            additionalProperties: false
             properties:
               azure-private-dns:
                 $ref: '#/definitions/azure/definitions/dns'
             required:
               - azure-private-dns
           - title: Google
+            additionalProperties: false
             properties:
               google:
                 properties:
@@ -2565,6 +2596,7 @@ properties:
             required:
               - google
           - title: Digital Ocean
+            additionalProperties: false
             properties:
               digitalocean:
                 properties:
@@ -2576,6 +2608,7 @@ properties:
             required:
               - digitalocean
           - title: CloudFlare
+            additionalProperties: false
             properties:
               cloudflare:
                 properties:
@@ -2603,6 +2636,7 @@ properties:
             required:
               - cloudflare
           - title: Other
+            additionalProperties: false
             properties:
               other:
                 description: This option requires configuration for both external-dns as well as cert-manager. No schema validation is available so provide correct data.
@@ -3091,6 +3125,12 @@ properties:
     patternProperties:
       '^[a-z0-9]([-a-z0-9]*[a-z0-9])+$':
         $ref: '#/definitions/team'
+    properties:
+      admin:
+        properties:
+          password:
+            type: string
+            x-secret: randAlpha 16
   version:
     type: integer
     description: DO NOT CHANGE! Holds the values-schema version. For more details, see `otomi migrate`.