To push artifacts to the Harbor registry, run the script from $TCSA_WORK_SPACE/tcx-deployer/clis.

For Self-signed certificates for Harbor, follow the below procedure:
  • Copy the Harbor Certs file in /etc/ssl/certs directory.
  • If you do not have permission to the directory /etc/ssl/certs, then put the Harbor Cert in any other location where you have access, and run the below command:
    trust anchor <path-to-cert>
    • If trust command is not available, then install p11-kit-trust package which contains trust command.
Note: If you are using secure Harbor registry, ensure that you perform the steps mentioned in Secure Harbor Registry for public or self-signed certificates.
If you do not want to specify the registry username and password in the installation script, perform Docker login. To log in to Docker, run the following command:
docker login <harbor-fqdn> --compat-auth-file=/root/.docker/config.json

Ensure that the --registry-password does not have the comma character in it. If the comma is used, escape it using the backslash.

  • Set the following variable based on the Harbor version that you are using
    • Harbor 2.4 and above only supports OCI complaint artifacts. For this use the following command,
      export PUSH_CHART_AS_OCI_ARTIFACT=true
    For more information, see Using tcxctl Commands.
  • Run the following script to push artifacts to registry.
    root [ ~/base/tcx-deployer/clis ]# ./tcxctl push --artifacts-path $TCSA_WORK_SPACE/tcx-deployer/ --registry <harbor-registry-fqdn>/<project-name> --registry-password <your-registry-password> --registry-username <your-registry-username> --registry-cert <path-to-your-registry-ca-certificate-file>
    Note:
    • The --registry-cert is an optional parameter. If you are using a self-signed certificate Harbor, you must pass a certificate path value to it.
    • Ensure that the --registry-password is passed inside single quotation if you are passing this to the installation script.
    • The <project-name> specified in the registry URL will be automatically created with the same name in Harbor registry during deployment.