To push artifacts to the Harbor registry, run the script from $TCSA_WORK_SPACE/tcx-deployer/clis.
For Self-signed certificates for Harbor, follow the below procedure:
- Copy the Harbor Certs file in
/etc/ssl/certs
directory. - If you do not have permission to the directory
/etc/ssl/certs
, then put the Harbor Cert in any other location where you have access, and run the below command:trust anchor <path-to-cert>
- If
trust
command is not available, then installp11-kit-trust
package which containstrust
command.
- If
Note: If you are using secure Harbor registry, ensure that you perform the steps mentioned in
Secure Harbor Registry for public or self-signed certificates.
If you do not want to specify the registry username and password in the installation script, perform Docker login. To log in to Docker, run the following command:
docker login <harbor-fqdn> --compat-auth-file=/root/.docker/config.json
Ensure that the --registry-password
does not have the comma character in it. If the comma is used, escape it using the backslash.
- Set the following variable based on the Harbor version that you are using
- Harbor 2.4 and above only supports OCI complaint artifacts. For this use the following command,
export PUSH_CHART_AS_OCI_ARTIFACT=true
- Harbor 2.4 and above only supports OCI complaint artifacts. For this use the following command,
- Run the following script to push artifacts to registry.
root [ ~/base/tcx-deployer/clis ]# ./tcxctl push --artifacts-path $TCSA_WORK_SPACE/tcx-deployer/ --registry <harbor-registry-fqdn>/<project-name> --registry-password <your-registry-password> --registry-username <your-registry-username> --registry-cert <path-to-your-registry-ca-certificate-file>
Note:- The
--registry-cert
is an optional parameter. If you are using a self-signed certificate Harbor, you must pass a certificate path value to it. - Ensure that the
--registry-password
is passed inside single quotation if you are passing this to the installation script. - The <project-name> specified in the registry URL will be automatically created with the same name in Harbor registry during deployment.
- The