use harbor for docker and helm

roles/harbor/tasks/main.yaml

@@ -0,0 +1,25 @@
+- name: Import secret.yaml to obtain secrets
+  include_tasks: secrets.yaml
+  when:
+    - harbor_use_external_db
+    - postgres_enabled is defined and postgres_enabled
+
+- set_fact:
+    harbor_combined_values: "{{ harbor_default_values | combine(harbor_values, recursive=true) }}"
+
+- name: Deploy Harbor
+  community.kubernetes.helm:
+    create_namespace: true
+    release_namespace: "{{ harbor_namespace | default(namespace) }}"
+    release_name: "{{ harbor_name | default('harbor') }}"
+    chart_ref: "{{ harbor_chart | default('harbor/harbor') }}"
+    chart_version: "{{ harbor_version | default(omit) }}"
+    release_values: "{{ harbor_combined_values | from_yaml }}"
+    wait: true
+
+- name: Deploy readonly public ingress for Harbor
+  when: harbor_readonly_ingress is defined
+  k8s:
+    state: present
+    definition:
+      "{{ harbor_readonly_ingress_definition }}"

roles/harbor/tasks/secrets.yaml

@@ -0,0 +1,25 @@
+- block:
+  - name: Set DB namespace for secret lookup
+    set_fact:
+      db_namespace: "{{ harbor_db_namespace | default(postgres_db_namespace) | default(postgres_namespace) | default(postgres_operator_namespace) | default(namespace) }}"
+
+  - name: Set DB secret name for lookup
+    set_fact:
+      db_secret_name: "harbor.{{ postgres_db_team | default(namespace) }}-postgres.credentials.postgresql.acid.zalan.do"
+
+  - name: Lookup Harbor DB secret
+    set_fact:
+      harbor_db_secret: "{{ lookup('k8s', kind='Secret', namespace=db_namespace, resource_name=db_secret_name) }}"
+
+  - debug:
+      msg: "{{ harbor_db_secret }}"
+      verbosity: 2
+
+  - name: Set Harbor DB username
+    set_fact:
+      harbor_db_username: "{{ harbor_db_secret.data.username | b64decode }}"
+
+  - name: Set Harbor DB password
+    set_fact:
+      harbor_db_password: "{{ harbor_db_secret.data.password | b64decode }}"
+