we should in fact use the admin password feature so adding that back …

…to the secrets docs
small-hack · cloudymax · Mar 1, 2025 · Mar 1, 2025 · Mar 1, 2025 · Mar 1, 2025
commit b9f345306a0b6e6a46aab779645b9d8449f82dc6
@@ -8,7 +8,7 @@ A Helm chart for Harbor External Secrets using the Bitwarden ESO provider on Kub
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| adminCredentialsBitwardenID | string | `""` | admin credentials - currently NOT in use |
+| adminCredentialsBitwardenID | string | `""` | admin credentials |
 | oidcCredentialsBitwardenID | string | `""` | OIDC Credentials |
 | pgsqlCredentialsBitwardenID | string | `""` | postgres credentials |
 | provider | string | `""` | Use external secrets. Set to bitwarden to use this chart. other providers may be supported in the future |

@@ -1,7 +1,7 @@
 # -- Use external secrets. Set to bitwarden to use this chart. other providers may be supported in the future
 provider: ""
 
-# -- admin credentials - currently NOT in use
+# -- admin credentials
 adminCredentialsBitwardenID: ""
 
 # -- smtp credentials

diff --git a/harbor/storage/minio_tenant/tenant_argocd_appset.yaml b/harbor/storage/minio_tenant/tenant_argocd_appset.yaml
                  size: 10Gi

                  ## storageClass specifies the storage class name to be used for this pool
                  ### Docs: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/docs/parameters.md
                  storageClassName: local-path

                  ## nodeSelector parameters for MinIO Pods. It specifies a map of key-value pairs. For the pod to be
                ## https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster
                requestAutoCert: false

                # https://github.com/minio/operator/blob/master/examples/kustomization/tenant-certmanager/certificates.yaml
                ## Use certificates generated by cert-manager.
                # externalCertSecret:
                #   - name: minio-tls
                #    type: cert-manager.io/v1

              ## MinIO features to enable or disable in the MinIO Tenant
              ## https://github.com/minio/operator/blob/master/docs/tenant_crd.adoc#features
              features:
                bucketDNS: false

              prometheusOperator: false

              # Enable JSON, Anonymous logging for MinIO tenants.
              # Refer https://github.com/minio/operator/blob/master/pkg/apis/minio.min.io/v2/types.go#L303
              logging:
                anonymous: true
                json: true
                quiet: true

              ## Add environment variables to be set in MinIO container (https://github.com/minio/minio/tree/master/docs/config)
              # stolen from https://github.com/minio/operator/blob/master/examples/kustomization/tenant-letsencrypt/tenant.yaml
              env:
                - name: MINIO_DOMAIN
                  value: "{{ .harbor_s3_endpoint }}"
diff --git a/harbor/storage/minio_vanilla/minio_argocd_appset.yaml b/harbor/storage/minio_vanilla/minio_argocd_appset.yaml
            ## TLS Settings for MinIO
            tls:
              enabled: false
              ## Create a secret with private.key and public.crt files and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret
              certSecret: ""
              publicCrt: public.crt
              privateKey: private.key

            ## Trusted Certificates Settings for MinIO. Ref: https://min.io/docs/minio/linux/operations/network-encryption.html#third-party-certificate-authorities
            ## Bundle multiple trusted certificates into one secret and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret
            ## When using self-signed certificates, remember to include MinIO's own certificate in the bundle with key public.crt.
            ## If certSecret is left empty and tls is enabled, this chart installs the public certificate from .Values.tls.certSecret.
            trustedCertsSecret: ""
diff --git a/harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml b/harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml
              replicationPlacment: "001"
              extraEnvironmentVars:
                WEED_CLUSTER_DEFAULT: "sw"
                WEED_CLUSTER_SW_MASTER: "seaweedfs-master.seaweedfs:9333"
                WEED_CLUSTER_SW_FILER: "seaweedfs-filer-client.seaweedfs:8888"
            image:
              registry: ""
              repository: ""
            master:
              enabled: true
              replicas: 1
              port: 9333
              defaultReplication: "000"
              disableHttp: false
              config: |-
                # Enter any extra configuration for master.toml here.
                # It may be be a multi-line string.
              data:
                type: "emptyDir"
                # type: "existingClaim"
                # claimName: "swfs-master-data"
              logs:
                type: "hostPath"
                size: ""
	size: 10Gi

	## storageClass specifies the storage class name to be used for this pool
	### Docs: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/docs/parameters.md
Check warning on line 75 in harbor/storage/minio_tenant/tenant_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	storageClassName: local-path

	## nodeSelector parameters for MinIO Pods. It specifies a map of key-value pairs. For the pod to be
	## https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster
	requestAutoCert: false

	# https://github.com/minio/operator/blob/master/examples/kustomization/tenant-certmanager/certificates.yaml
Check warning on line 124 in harbor/storage/minio_tenant/tenant_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	## Use certificates generated by cert-manager.
	# externalCertSecret:
	# - name: minio-tls
	# type: cert-manager.io/v1

	## MinIO features to enable or disable in the MinIO Tenant
	## https://github.com/minio/operator/blob/master/docs/tenant_crd.adoc#features
Check warning on line 137 in harbor/storage/minio_tenant/tenant_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	features:
	bucketDNS: false

	prometheusOperator: false

	# Enable JSON, Anonymous logging for MinIO tenants.
	# Refer https://github.com/minio/operator/blob/master/pkg/apis/minio.min.io/v2/types.go#L303
Check warning on line 173 in harbor/storage/minio_tenant/tenant_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	logging:
	anonymous: true
	json: true
	quiet: true

	## Add environment variables to be set in MinIO container (https://github.com/minio/minio/tree/master/docs/config)
Check warning on line 179 in harbor/storage/minio_tenant/tenant_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	# stolen from https://github.com/minio/operator/blob/master/examples/kustomization/tenant-letsencrypt/tenant.yaml
Check warning on line 180 in harbor/storage/minio_tenant/tenant_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	env:
	- name: MINIO_DOMAIN
	value: "{{ .harbor_s3_endpoint }}"
	## TLS Settings for MinIO
	tls:
	enabled: false
	## Create a secret with private.key and public.crt files and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret
Check warning on line 53 in harbor/storage/minio_vanilla/minio_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	certSecret: ""
	publicCrt: public.crt
	privateKey: private.key

	## Trusted Certificates Settings for MinIO. Ref: https://min.io/docs/minio/linux/operations/network-encryption.html#third-party-certificate-authorities
	## Bundle multiple trusted certificates into one secret and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret
Check warning on line 59 in harbor/storage/minio_vanilla/minio_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	## When using self-signed certificates, remember to include MinIO's own certificate in the bundle with key public.crt.
	## If certSecret is left empty and tls is enabled, this chart installs the public certificate from .Values.tls.certSecret.
	trustedCertsSecret: ""
	replicationPlacment: "001"
	extraEnvironmentVars:
	WEED_CLUSTER_DEFAULT: "sw"
	WEED_CLUSTER_SW_MASTER: "seaweedfs-master.seaweedfs:9333"
Check warning on line 68 in harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `MASTER`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi` Check warning on line 68 in harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	WEED_CLUSTER_SW_FILER: "seaweedfs-filer-client.seaweedfs:8888"
	image:
	registry: ""
	repository: ""
	master:
Check warning on line 73 in harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	enabled: true
	replicas: 1
	port: 9333
	defaultReplication: "000"
	disableHttp: false
	config: \|-
	# Enter any extra configuration for master.toml here.
Check warning on line 87 in harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	# It may be be a multi-line string.
	data:
	type: "emptyDir"
	# type: "existingClaim"
	# claimName: "swfs-master-data"
Check warning on line 92 in harbor/storage/seaweedfs/seaweedfs_argocd_appset.yaml In Solidarity / Inclusive Language Match Found Please consider an alternative to `master`. Possibilities include: `primary`, `main`, `leader`, `active`, `writer` Raw output `/master/gi`
	logs:
	type: "hostPath"
	size: ""