feat: add nginx-to-higress-migration skill (#3411)

2026-06-24 17:55:15 +08:00 · 2026-01-31 00:14:49 +08:00
parent 6c3fd46c6f
commit 4c2e57dd8b
13 changed files with 1994 additions and 14 deletions
--- a/.claude/skills/nginx-to-higress-migration/scripts/install-harbor.sh
+++ b/.claude/skills/nginx-to-higress-migration/scripts/install-harbor.sh
@@ -0,0 +1,157 @@
+#!/bin/bash
+# Install Harbor registry for WASM plugin images
+# Only use this if you don't have an existing image registry
+
+set -e
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+HARBOR_NAMESPACE="${1:-harbor-system}"
+HARBOR_PASSWORD="${2:-Harbor12345}"
+
+echo -e "${BLUE}========================================${NC}"
+echo -e "${BLUE}Harbor Registry Installation${NC}"
+echo -e "${BLUE}========================================${NC}"
+echo ""
+echo -e "${YELLOW}This will install Harbor in your cluster.${NC}"
+echo ""
+echo "Configuration:"
+echo "  Namespace: ${HARBOR_NAMESPACE}"
+echo "  Admin Password: ${HARBOR_PASSWORD}"
+echo "  Exposure: NodePort (no TLS)"
+echo "  Persistence: Enabled (default StorageClass)"
+echo ""
+read -p "Continue? (y/N): " -n 1 -r
+echo
+if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+    echo "Aborted."
+    exit 1
+fi
+
+# Check prerequisites
+echo -e "\n${YELLOW}Checking prerequisites...${NC}"
+
+# Check for helm
+if ! command -v helm &> /dev/null; then
+    echo -e "${RED}✗ helm not found. Please install helm 3.x${NC}"
+    exit 1
+fi
+echo -e "${GREEN}✓ helm found${NC}"
+
+# Check for kubectl
+if ! command -v kubectl &> /dev/null; then
+    echo -e "${RED}✗ kubectl not found${NC}"
+    exit 1
+fi
+echo -e "${GREEN}✓ kubectl found${NC}"
+
+# Check cluster access
+if ! kubectl get nodes &> /dev/null; then
+    echo -e "${RED}✗ Cannot access cluster${NC}"
+    exit 1
+fi
+echo -e "${GREEN}✓ Cluster access OK${NC}"
+
+# Check for default StorageClass
+if ! kubectl get storageclass -o name | grep -q .; then
+    echo -e "${YELLOW}⚠ No StorageClass found. Harbor needs persistent storage.${NC}"
+    echo "  You may need to install a storage provisioner first."
+    read -p "Continue anyway? (y/N): " -n 1 -r
+    echo
+    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+        exit 1
+    fi
+fi
+
+# Add Harbor helm repo
+echo -e "\n${YELLOW}Adding Harbor helm repository...${NC}"
+helm repo add harbor https://helm.goharbor.io
+helm repo update
+echo -e "${GREEN}✓ Repository added${NC}"
+
+# Install Harbor
+echo -e "\n${YELLOW}Installing Harbor...${NC}"
+helm install harbor harbor/harbor \
+  --namespace "${HARBOR_NAMESPACE}" --create-namespace \
+  --set expose.type=nodePort \
+  --set expose.tls.enabled=false \
+  --set persistence.enabled=true \
+  --set harborAdminPassword="${HARBOR_PASSWORD}" \
+  --wait --timeout 10m
+
+if [ $? -ne 0 ]; then
+    echo -e "${RED}✗ Harbor installation failed${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✓ Harbor installed successfully${NC}"
+
+# Wait for Harbor to be ready
+echo -e "\n${YELLOW}Waiting for Harbor to be ready...${NC}"
+kubectl wait --for=condition=ready pod -l app=harbor -n "${HARBOR_NAMESPACE}" --timeout=300s
+
+# Get access information
+echo -e "\n${BLUE}========================================${NC}"
+echo -e "${BLUE}Harbor Access Information${NC}"
+echo -e "${BLUE}========================================${NC}"
+
+NODE_PORT=$(kubectl get svc -n "${HARBOR_NAMESPACE}" harbor-core -o jsonpath='{.spec.ports[0].nodePort}')
+NODE_IP=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="ExternalIP")].address}')
+if [ -z "$NODE_IP" ]; then
+    NODE_IP=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}')
+fi
+
+HARBOR_URL="${NODE_IP}:${NODE_PORT}"
+
+echo ""
+echo -e "Harbor URL: ${GREEN}http://${HARBOR_URL}${NC}"
+echo -e "Username: ${GREEN}admin${NC}"
+echo -e "Password: ${GREEN}${HARBOR_PASSWORD}${NC}"
+echo ""
+
+# Test Docker login
+echo -e "${YELLOW}Testing Docker login...${NC}"
+if docker login "${HARBOR_URL}" -u admin -p "${HARBOR_PASSWORD}" &> /dev/null; then
+    echo -e "${GREEN}✓ Docker login successful${NC}"
+else
+    echo -e "${YELLOW}⚠ Docker login failed. You may need to:${NC}"
+    echo "  1. Add '${HARBOR_URL}' to Docker's insecure registries"
+    echo "  2. Restart Docker daemon"
+    echo ""
+    echo "  Edit /etc/docker/daemon.json (Linux) or Docker Desktop settings (Mac/Windows):"
+    echo "  {"
+    echo "    \"insecure-registries\": [\"${HARBOR_URL}\"]"
+    echo "  }"
+fi
+
+echo ""
+echo -e "${BLUE}========================================${NC}"
+echo -e "${BLUE}Next Steps${NC}"
+echo -e "${BLUE}========================================${NC}"
+echo ""
+echo "1. Open Harbor UI: http://${HARBOR_URL}"
+echo "2. Login with admin/${HARBOR_PASSWORD}"
+echo "3. Create a new project:"
+echo "   - Click 'Projects' → 'New Project'"
+echo "   - Name: higress-plugins"
+echo "   - Access Level: Public"
+echo ""
+echo "4. Build and push your plugin:"
+echo "   docker build -t ${HARBOR_URL}/higress-plugins/my-plugin:v1 ."
+echo "   docker push ${HARBOR_URL}/higress-plugins/my-plugin:v1"
+echo ""
+echo "5. Use in WasmPlugin:"
+echo "   url: oci://${HARBOR_URL}/higress-plugins/my-plugin:v1"
+echo ""
+echo -e "${YELLOW}⚠ Note: This is a basic installation for testing.${NC}"
+echo "  For production use:"
+echo "  - Enable TLS (set expose.tls.enabled=true)"
+echo "  - Use LoadBalancer or Ingress instead of NodePort"
+echo "  - Configure proper persistent storage"
+echo "  - Set strong admin password"
+echo ""