DEV-1297 Add lvm to harbor role

- increased size harbor data volume on prodnso

group_vars/harbor/plain.yml

@@ -1,8 +1,13 @@
 ---
-
 hetzner_server_type: cpx31
 hetzner_server_labels: "stage={{ stage }} service=harbor"
 
+harbor_homedir: "/data"
+
+harbor_pgdatadir_lvm_hcloudvol_size: 50
+harbor_pgdatadir_lvm_hcloudvol_count: 1
+harbor_pgdatadir_lvm_hcloudvol_mountpath: "{{ harbor_homedir }}"
+
 filebeat_inputs:
   - type: log
     paths:

group_vars/stage_prodnso/harbor.yml

@@ -0,0 +1,2 @@
+---
+harbor_pgdatadir_lvm_hcloudvol_size: 300

roles/harbor/defaults/main.yml

@@ -1,9 +1,14 @@
 ---
+harbor_homedir: "/data"
 
-harbor_hostname: '{{ stage_server_domain }}'
+harbor_pgdatadir_lvm_hcloudvol_size: 50
-harbor_external_url: 'https://{{ stage_server_domain }}'
+harbor_pgdatadir_lvm_hcloudvol_count: 1
+harbor_pgdatadir_lvm_hcloudvol_mountpath: "{{ harbor_homedir }}"
 
-harbor_id: '{{ inventory_hostname }}-harbor'
+harbor_hostname: "{{ stage_server_domain }}"
+harbor_external_url: "https://{{ stage_server_domain }}"
+
+harbor_id: "{{ inventory_hostname }}-harbor"
 
 harbor_dockercompose_customized:
   services:
@@ -33,36 +38,35 @@ harbor_dockercompose_customized:
       external: true
 
 harbor_base_configuration:
-  email_host: '{{ shared_service_mail_hostname }}'
+  email_host: "{{ shared_service_mail_hostname }}"
   email_port: 25
-  email_from: '{{ harbor_id }}@netgo.de'
+  email_from: "{{ harbor_id }}@netgo.de"
-  email_password: ''
+  email_password: ""
-  email_username: ''
+  email_username: ""
   email_insecure: true
   auth_mode: oidc_auth
   oidc_name: "{{ harbor_oidc_realm }}"
-  oidc_endpoint: 'https://{{ shared_service_hostname_keycloak }}/auth/realms/{{ harbor_oidc_realm }}'
+  oidc_endpoint: "https://{{ shared_service_hostname_keycloak }}/auth/realms/{{ harbor_oidc_realm }}"
   oidc_client_id: "{{ harbor_oidc_client_id }}"
   oidc_client_secret: "{{ harbor_oidc_client_secret }}"
   oidc_groups_claim: groups
   oidc_scope: openid
   oidc_verify_cert: true
   oidc_auto_onboard: true
-  oidc_admin_group: 'admin'
+  oidc_admin_group: "admin"
-  oidc_user_claim: 'sub'
+  oidc_user_claim: "sub"
   scan_all_policy:
     parameter:
       daily_time: 0
 
 project_object_template:
   project_attributes:
-    project_name: '{{ elem }}'
+    project_name: "{{ elem }}"
   meta_data:
     auto_scan: true
   project_state: present
   members:
-    -
+    - group_name: "{{ elem }}"
-      group_name: '{{ elem }}'
       group_type: oidc
       role: projectadmin
 
@@ -74,13 +78,12 @@ harbor_projects_smardigo_default:
 harbor_projects: []
 
 harbor_robot_tokens:
-  -
+  - secret_refresh: true
-    secret_refresh: true
     #    token_state: present
     name: ansible
     level: system
-    description: 'smardigo docker pull credentials'
+    description: "smardigo docker pull credentials"
-    secret: '{{ harbor_token }}'
+    secret: "{{ harbor_token }}"
     disable: false
     duration: -1
     editable: true
@@ -111,7 +114,6 @@ harbor_robot_tokens:
         namespace: "*"
 
 harbor_scanall:
-  -
+  - schedule:
-    schedule:
       cron: 0 0 1 * * *
       type: Custom

roles/harbor/tasks/main.yml

@@ -1,4 +1,12 @@
 ---
+- name: "Create/Resize LVM for datadir"
+  include_role:
+    name: lvm_with_hetzner_volumes
+  vars:
+    lvm_with_hetzner_volumes__volprefix: harbor_datadir
+    lvm_with_hetzner_volumes__volsize: "{{ harbor_pgdatadir_lvm_hcloudvol_size }}"
+    lvm_with_hetzner_volumes__volcount: "{{ harbor_pgdatadir_lvm_hcloudvol_count }}"
+    lvm_with_hetzner_volumes__mountpath: "{{ harbor_pgdatadir_lvm_hcloudvol_mountpath }}"
 
 - name: "Install harbor"
   include_tasks: install.yml