kubernetes/harbor-exporter.yaml

---
kind: Service
apiVersion: v1
metadata:
  name: harbor-exporter
  labels:
    app: harbor-exporter
spec:
  type: ClusterIP
  ports:
    - name: http
      port: 9107
      protocol: TCP
  selector:
    app: harbor-exporter

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: harbor-exporter
  labels:
    app: harbor-exporter
spec:
  replicas: 1
  selector:
    matchLabels:
      app: harbor-exporter
  strategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: harbor-exporter
    spec:
      serviceAccountName: default
      restartPolicy: Always
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
      containers:
        - name: harbor-exporter
          image: "c4po/harbor-exporter:debug"
          imagePullPolicy: Always
# skip metrics can only provide through command line
          # command:
          # - /bin/harbor_exporter
          # - --skip.metrics
          # - "scans"
          # - --skip.metrics
          # - "quotas"
          env:
##          necessary in case you monitor multiple Harbor instances in your Prometheus
#            - name: HARBOR_INSTANCE
#              value: my_harbor
            - name: HARBOR_URI
##            name of the Service for harbor-core
              value: http://harbor-core.harbor # change prefix to the name of your Helm release
##            optionally use below construction to address the external endpoint of Harbor
#              valueFrom:
#                configMapKeyRef:
#                  name: prefix-harbor-core # change prefix to the name of your Helm release
#                  key: EXT_ENDPOINT
##          uncomment if you want to use caching
#           - name: HARBOR_CACHE_ENABLED
#             value: "true"
#           - name: HARBOR_CACHE_DURATION
#             value: "20s"
            - name: HARBOR_USERNAME
              value: "admin"
            - name: HARBOR_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: harbor-core # change prefix to the name of your Helm release
                  key: HARBOR_ADMIN_PASSWORD

          securityContext:
            capabilities:
              drop:
                - SETPCAP
                - MKNOD
                - AUDIT_WRITE
                - CHOWN
                - NET_RAW
                - DAC_OVERRIDE
                - FOWNER
                - FSETID
                - KILL
                - SETGID
                - SETUID
                - NET_BIND_SERVICE
                - SYS_CHROOT
                - SETFCAP
            readOnlyRootFilesystem: true
          resources:
            limits:
              cpu: 400m
              memory: 256Mi
            requests:
              cpu: 100m
              memory: 64Mi
          ports:
            - containerPort: 9107
              name: http
          livenessProbe:
            httpGet:
              path: /-/healthy
              port: http
            initialDelaySeconds: 5
            timeoutSeconds: 5
            periodSeconds: 5
          readinessProbe:
            httpGet:
              path: /-/ready
              port: http
            initialDelaySeconds: 1
            timeoutSeconds: 5
            periodSeconds: 5

---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: harbor-exporter
  labels:
    release: mgmt
spec:
  endpoints:
  - interval: 10s
    scrapeTimeout: 10s
    honorLabels: true
    port: http
    path: /metrics
    scheme: http
  selector:
    matchLabels:
      app: harbor-exporter
  namespaceSelector:
    matchNames:
    - harbor # change to the namespace where you deployed Harbor