[harbor] Allow providing all secrets out-of-band

[meln5674]

Name and Version

bitnami/harbor 21.1.1

What is the problem this feature will solve?

Presently, some Secrets in the harbor chart are "baked into", that is, they require providing sensitive values in the values.yaml, which is not secure when using GitOps.

What is the feature you are proposing to solve the problem?

The following changes should allow for zero secrets to be created by the chart, if desired:

1. Add a trivy.existingEnvVarsSecret field that will point to a secret currently created by trivy/trivy-secret-envvars.yaml, do not create the secret if it is provided
2. Move the redis URL from jobservice/jobservice-config-secret.yaml at config.yaml's worker_pool.redis_url to jobservice/jobservice-secret-envvars.yaml at a separate key JOB_SERVICE_POOL_REDIS_URL which the jobservice respects (see https://github.com/goharbor/harbor/blob/main/src/jobservice/config/config.go#L40C42-L40C68)
3. Change jobservice/jobservice-config-secret.yaml from a Secret to a ConfigMap, now that the only sensitive value has been removed
4. Add a jobservice.existingEnvVarsSecret field that will point to a secret currently created by jobservice/jobservice-secret-envvars.yaml, do not create if provided
5. Do not create core/core-secret.yaml if the data section would be empty (i.e. if both core.existingSecret and core.secretName are both provided).

With these changes made, all Secrets are within an if-block, meaning it is possible to configure the chart to emit no Secrets.

I have these changes working in a local copy. I am happy to update the docs and submit a PR if these would be accepted as-is or with minor modifications.

What alternatives have you considered?

Using a different chart.

[carrodher]

Thank you for bringing this issue to our attention. We appreciate your involvement! If you're interested in contributing a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

[github-actions]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[github-actions]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.

[cthtrifork]

I am also interested in this. Not closed.