add docs about reigstry gateway and harbor robot binding

[chengjingtao]

Signed-off-by: chengjingtao [email protected]

Summary by CodeRabbit

• Documentation
  • Added a comprehensive guide for automating Harbor Robot Gen credentials and per-namespace token rotation in Kubernetes, covering overview, prerequisites, installation, HarborRobotBinding examples, secret management, multi‑Harbor failover, verification commands, and operational steps.
  • Added a guide for restricting Docker image push size and tag count via the Registry Gateway Plugin, including architecture, global and path‑specific limits, ConfigMap/YAML examples, Harbor authentication, install/uninstall, and caveats.

[coderabbitai]

Walkthrough

Adds two new solution documentation pages: one for automating Harbor Robot credentials sync and token rotation per Kubernetes namespace using the Harbor Robot Account Generator Plugin, and one for restricting Docker image push size and tag count via the Registry Gateway Plugin.

Changes

Cohort / File(s)	Summary
Harbor Robot Gen Plugin Documentation docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md	New comprehensive guide covering Harbor Robot Account Generator overview, supported Harbor versions, installation/prerequisites, plugin upload, quick start (Harbor connection Secret, HarborRobotBinding), binding configuration (namespaces, selectors, project access, permissions, refresh interval, secret naming, service account binding), JSONPath project naming, multi‑Harbor aliasing, disaster‑recovery failover steps, operational workflows, verification commands, examples, and related docs.
Registry Gateway Plugin Documentation docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md	New guide on OCI Registry Gateway Plugin concepts and architecture, supported limits (image size, tag count), global vs path‑specific ConfigMap limit definitions with YAML examples, installation/cluster plugin upload steps, Harbor authentication Secret usage, required Harbor Core registry URL changes, limitations and deprecation notes, and uninstall/lifecycle procedures.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• tyzhou111
• Tongcaiyun

Poem

🐇 I hopped through markdown, nibbling on lines,
Two bright guides I planted among docs and signs,
Tokens that turn and limits that bind,
Configs and examples neatly designed,
A carrot for devs — clarity refined 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "add docs about reigstry gateway and harbor robot binding" accurately reflects the main changes in the changeset. The pull request adds two new documentation files: one describing automating Harbor Robot credentials synchronization using the Harbor Robot Gen Plugin, and another covering restricting Docker image push size and tag count using the Registry Gateway Plugin. The title clearly and concisely summarizes these primary changes, allowing a teammate to quickly understand the nature of the contribution.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch docs/registry-gateway-and-harbor-robot-gen

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chengjingtao]

稍后更新

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (2)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (1)

28-28: Specify language for fenced code blocks.

Lines 28 and 37 have empty code blocks (ASCII diagrams). Add ```text instead of ``` for clarity:

- ```
+ ```text
  +--------------+         +---------------------+         +------------------+

Also applies to: 37-37

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1)

104-104: Specify language for fenced code blocks.

Lines 104, 678, and 700 have fenced code blocks without language specifiers. Add appropriate language tags:

• Line 104: cat << command → use ```bash
• Line 678: terminal output → use ```text or ```bash
• Line 700: curl/base64 commands → use ```bash

Also applies to: 678-678, 700-700

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 37d378c and d2cb2e6.

📒 Files selected for processing (2)

• docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1 hunks)
• docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (1 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md

[style] ~201-~201: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...age/repository to 5GB and 200 tags. - Limit theproject-2/` repository to 50MB and...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md

[style] ~173-~173: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...under the team project in Harbor. 3. Check if the status of HarborRobotBinding is ...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[grammar] ~235-~235: Use a hyphen to join words.
Context: ...ration](#harborrobotbinding) - [Using In Harbor Disaster Recovery Failover](#usin...

(QB_NEW_EN_HYPHEN)

---

[style] ~399-~399: Try moving the adverb to make the sentence clearer.
Context: ...lly-generating-harbor-projects} If you expect to automatically generate a Harbor Project on Harbor, you can define the name of t...

(SPLIT_INFINITIVE)

---

[grammar] ~399-~399: Use a hyphen to join words.
Context: ...ath` annotation. Its value is a [kubectl style JSONPath template](https://kuberne...

(QB_NEW_EN_HYPHEN)

---

[grammar] ~730-~730: Use a hyphen to join words.
Context: ...Image Pulling Create Pods to test image pulling functionality: Note: Ensure...

(QB_NEW_EN_HYPHEN)

🪛 markdownlint-cli2 (0.18.1)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md

26-26: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

28-28: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

35-35: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

37-37: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

109-109: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

115-115: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

124-124: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md

104-104: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

446-446: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

465-465: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

487-487: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

544-544: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

553-553: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

678-678: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

700-700: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix capitalization and hyphenation in link text.

Line 235: "Using In Harbor Disaster Recovery Failover" should be "Using in Harbor Disaster Recovery Failover" (lowercase 'in'). Additionally, LanguageTool suggests "Using in Harbor" should have a hyphen between the anchor link and text for consistency.

🧰 Tools

🪛 LanguageTool

[grammar] ~235-~235: Use a hyphen to join words.
Context: ...ration](#harborrobotbinding) - [Using In Harbor Disaster Recovery Failover](#usin...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In
docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md
around line 235, the link text currently reads "Using In Harbor Disaster
Recovery Failover"; change "In" to lowercase "in" and adjust the link text to
include a hyphen between the anchor and text for consistency (e.g., "Using
in‑Harbor Disaster Recovery Failover" or follow repository convention of
hyphenation), ensuring the displayed text and anchor remain correct.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (4)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (2)

104-104: Add language specifier to fenced code block.

Line 104 has a fenced code block without a language identifier. Add a language tag for syntax highlighting and clarity.

Apply this diff:

-```
+```bash
 kubectl scale deployment registry-gateway-gateway --replicas=0 -n <namespace>

---

199-202: Avoid repetitive sentence structure in list items.

Lines 199–202 form a list where each item begins with "Limit the". Consider rewording one or two items to vary sentence structure and improve readability.

Example revision:

• Limit the project-1/ repository to 20MB and 3 tags.
• Set project-2/big-image/ to 5GB and 200 tags.
• Configure project-2/ with 50MB and 10 tags.
• Apply a default limit of 100MB and 100 tags to all other repositories.

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (2)

169-173: Reduce repetitive sentence openers.

Lines 169–173 form a verification checklist where four of the first five items start with "Check if" or "Check whether". Varying sentence structure will improve readability.

Example revision:

1. Verify the Harbor Project named `team` was automatically generated.
2. Confirm a robot account named `robot$team+harbor-secret-for-team-xxxx` exists under the `team` project.
3. Ensure HarborRobotBinding status shows Ready=True
4. Verify a Secret named `harbor-secret-for-team.robot` was created in the target namespace
5. Confirm the imagePullSecrets of the service account now includes the above Secret

---

399-399: Consider clarifying the passive construction.

Line 399 reads "If you expect to automatically generate a Harbor Project on Harbor, you can define the name..." The phrase "you can define" followed by JSONPath configuration may benefit from a more direct phrasing to reduce ambiguity.

Suggested revision: "If you need to auto-generate a Harbor Project name, define it using the harbor-robot-gen/projectFieldsPath annotation, whose value is a kubectl-style JSONPath template"

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d2cb2e6 and b1c47e6.

📒 Files selected for processing (2)

• docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1 hunks)
• docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (1 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md

[style] ~173-~173: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...under the team project in Harbor. 3. Check if the status of HarborRobotBinding is ...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[style] ~399-~399: Try moving the adverb to make the sentence clearer.
Context: ...lly-generating-harbor-projects} If you expect to automatically generate a Harbor Project on Harbor, you can define the name of t...

(SPLIT_INFINITIVE)

---

[grammar] ~399-~399: Use a hyphen to join words.
Context: ...ath` annotation. Its value is a [kubectl style JSONPath template](https://kuberne...

(QB_NEW_EN_HYPHEN)

---

[grammar] ~730-~730: Use a hyphen to join words.
Context: ...Image Pulling Create Pods to test image pulling functionality: Note: Ensure...

(QB_NEW_EN_HYPHEN)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md

[style] ~201-~201: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...age/repository to 5GB and 200 tags. - Limit theproject-2/` repository to 50MB and...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🪛 markdownlint-cli2 (0.18.1)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md

104-104: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Convert emphasis to Markdown headings for document structure.

Lines 446, 465, 487, 544, and 553 use bold text (**Example 1**, **Example 2**, **Example 3**, **Process Overview**, **Key Configurations**) where Markdown heading syntax should be used. This improves document structure, navigation, and accessibility.

Apply this diff:

-**Example 1**
+### Example 1

-**Example 2**
+### Example 2

-**Example 3**
+### Example 3

-**Process Overview**
+### Process Overview

-**Key Configurations**
+### Key Configurations

Also applies to: 465-465, 487-487, 544-544, 553-553

🤖 Prompt for AI Agents

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md
lines 446, 465, 487, 544, 553: several section titles are using bold text (e.g.,
**Example 1**, **Example 2**, **Example 3**, **Process Overview**, **Key
Configurations**) instead of Markdown heading syntax; replace each bolded line
with the appropriate heading level (e.g., "## Example 1", "## Example 2", "##
Example 3", "## Process Overview", "## Key Configurations" or another level
consistent with surrounding headings) so the document structure, table of
contents generation, and accessibility are improved, and ensure spacing before
and after headings follows Markdown conventions.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Convert emphasis to Markdown headings for consistency and accessibility.

Lines 26 and 35 use bold text markers (**...**) for section labels but should use Markdown heading syntax. This improves document structure, navigation, and accessibility.

Apply this diff:

-**Used before Docker Registry**
+### Used before Docker Registry

-**Used in Harbor**
+### Used in Harbor

Also applies to: 35-35

🤖 Prompt for AI Agents

In
docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md
around lines 26 and 35, replace the bold inline labels currently written as
**Used before Docker Registry** (and the similar bold at line 35) with proper
Markdown headings (e.g., start the line with one or more '#' characters
appropriate to the document hierarchy, such as '## Used before Docker
Registry'), preserving the original text and spacing so the sections become
navigable headings instead of bold inline text.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Convert subsection emphasis to Markdown headings.

Lines 109, 115, and 124 use bold text for subsection markers (**Namespace**, **Registry URL**, **External URL**) but should use heading syntax (level 4) for consistency with the document structure.

Apply this diff:

-**Namespace**
+#### Namespace

-**Registry URL**
+#### Registry URL

-**External URL**
+#### External URL

Also applies to: 115-115, 124-124

🤖 Prompt for AI Agents

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md
lines 109, 115, 124: the subsections currently use bold inline emphasis (e.g.,
**Namespace**, **Registry URL**, **External URL**); replace each with a level-4
Markdown heading (#### Namespace, #### Registry URL, #### External URL) so they
follow document heading structure and render consistently; update the three
lines accordingly and ensure there is a blank line before and after each new
heading for proper rendering.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (4)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (2)

26-26: Previous refactor recommendations remain unaddressed: convert emphasis to Markdown headings.

Lines 26 and 35 still use bold text markers (**...**) instead of heading syntax. This issue was flagged in prior review cycles and remains unresolved. Converting these to proper Markdown headings improves document structure, navigation, and accessibility.

Apply this diff:

-**Used before Docker Registry**
+### Used before Docker Registry

-**Used in Harbor**
+### Used in Harbor

Also applies to: 35-35

---

113-113: Previous refactor recommendations remain unaddressed: convert subsection emphasis to Markdown headings.

Lines 113, 119, and 128 continue to use bold text for subsection labels (**Namespace**, **Registry URL**, **External URL**) instead of heading syntax. This was flagged in the prior review cycle and should be converted to level-4 headings for consistency with document structure and to meet markdown linting standards (MD036).

Apply this diff:

-**Namespace**
+#### Namespace

-**Registry URL**
+#### Registry URL

-**External URL**
+#### External URL

Also applies to: 119-119, 128-128

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (2)

450-450: Previous refactor recommendations remain unaddressed: convert example labels to Markdown headings.

Lines 450, 469, and 491 use bold text for example labels (**Example 1**, **Example 2**, **Example 3**) instead of heading syntax. This issue was flagged in the prior review cycle and remains unresolved. Converting these to headings improves document structure and meets markdown linting standards (MD036).

Apply this diff:

-**Example 1**
+### Example 1

-**Example 2**
+### Example 2

-**Example 3**
+### Example 3

Also applies to: 469-469, 491-491

---

548-548: Previous refactor recommendations remain unaddressed: convert section emphasis to Markdown headings.

Lines 548 and 557 use bold text for section labels (**Process Overview**, **Key Configurations**) instead of heading syntax. This issue was flagged in the prior review cycle and remains unresolved. Converting these to headings improves document structure and meets markdown linting standards (MD036).

Apply this diff:

-**Process Overview**
+### Process Overview

-**Key Configurations**
+### Key Configurations

Also applies to: 557-557

🧹 Nitpick comments (2)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (1)

28-33: Add language specification to fenced code blocks.

Lines 28 and 37 contain ASCII diagrams in fenced code blocks without language specifiers. While these render correctly as generic code blocks, adding a language specification (e.g., ```text or ```ascii) improves compliance with markdown standards (MD040).

Apply this diff:

-```
+```text
 +--------------+         +---------------------+         +------------------+

And similarly for the diagram at line 37.

Also applies to: 37-58

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1)

108-108: Add language specification to fenced code blocks for consistency.

Lines 108, 682, and 704 contain bash command examples in fenced code blocks without explicit language specifiers. While these render correctly as generic code blocks, adding ```bash specification improves compliance with markdown standards (MD040) and enables proper syntax highlighting.

Also applies to: 682-682, 704-704

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b1c47e6 and e61fcb2.

📒 Files selected for processing (2)

• docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1 hunks)
• docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (1 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md

[style] ~177-~177: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...under the team project in Harbor. 3. Check if the status of HarborRobotBinding is ...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[style] ~403-~403: Try moving the adverb to make the sentence clearer.
Context: ...lly-generating-harbor-projects} If you expect to automatically generate a Harbor Project on Harbor, you can define the name of t...

(SPLIT_INFINITIVE)

---

[grammar] ~403-~403: Use a hyphen to join words.
Context: ...ath` annotation. Its value is a [kubectl style JSONPath template](https://kuberne...

(QB_NEW_EN_HYPHEN)

---

[grammar] ~734-~734: Use a hyphen to join words.
Context: ...Image Pulling Create Pods to test image pulling functionality: Note: Ensure...

(QB_NEW_EN_HYPHEN)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md

[style] ~205-~205: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...age/repository to 5GB and 200 tags. - Limit theproject-2/` repository to 50MB and...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🪛 markdownlint-cli2 (0.18.1)

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md

108-108: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

450-450: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

469-469: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

491-491: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

548-548: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

557-557: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

682-682: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

704-704: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md

26-26: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

28-28: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

35-35: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

37-37: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

113-113: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

119-119: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

128-128: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

🔇 Additional comments (8)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (2)

148-165: Global limits configuration is clear and well-documented.

The ConfigMap examples with default values and supported unit formats (GB, MB, KB, B) are well-structured. The documentation properly explains that repositories inherit global limits unless overridden.

---

231-286: Harbor authentication and Core configuration guidance is thorough and operationally sound.

The Secret structure documentation, robot account permission requirements, and kubectl patch commands are clearly explained. The restart procedures are correctly specified. This section provides proper guidance for both Harbor-specific and Docker Registry deployments.

docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (6)

1-75: Introduction and installation guidance are clear and well-structured.

The problem statement, compatible versions, function overview, and installation prerequisites are clearly laid out. The installation workflow mirrors established patterns in the knowledge base, making it familiar to users.

---

94-227: Quick Start section provides excellent progressive guidance with thorough verification steps.

The procedure overview table, complete YAML examples, and six-step verification approach enable users to validate each stage of the setup. The shell script examples are well-formatted and the pod creation test provides meaningful validation of the entire flow.

---

241-365: HarborRobotBinding configuration documentation is comprehensive and logically organized.

The breakdown of configuration options (namespace scope, Harbor projects/permissions, refresh interval, secret naming) is clear. The examples with selectors and names show both patterns, and the note about taking the union is important. Complete YAML example at the end ties it together well.

---

367-446: Harbor connection configuration documentation is thorough with important operational caveats.

The marking scheme, connection fields, permission requirements, and JSONPath configuration for project naming are well-documented. The important caveats about Harbor admin-only project creation and the Harbor 2.12 robot account limitation (with GitHub issue reference) are appropriately highlighted. The url.alias feature for failover scenarios is clearly explained with parameter descriptions and behavior documentation.

---

515-743: Disaster recovery section provides excellent step-by-step guidance for a complex scenario.

The architecture diagram, prerequisites, step-by-step setup, and progressive verification approach clearly demonstrate the DNS failover capability. The concrete examples showing secret changes before and after DNS switching (comparing harbor1-for-team1.robot.alias to harbor2-for-team1.robot.alias) are particularly valuable for understanding the feature. The shell commands are clear and actionable.

---

2-2: Clarify document status and remove temporary placeholders.

Line 2 shows a comment from the author stating "稍后更新" (will update later), suggesting the document may still be work-in-progress. If this document is intended to be released in this PR, please remove temporary comments or clarify the status in the frontmatter.

Is this document complete and ready for publication, or does it require further updates?

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (3)

docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (2)

27-27: Convert section labels to Markdown headings for document structure.

Lines 27 and 36 use bold text (**...**) for section labels but should use Markdown heading syntax (e.g., ### Used before Docker Registry). This improves document hierarchy, navigation, and accessibility. These issues were flagged in prior reviews but remain unfixed.

Apply this diff:

-**Used before Docker Registry**
+### Used before Docker Registry
 

-**Used in Harbor**
+### Used in Harbor

```
+---------------------------------------------+      +---------------------------------------+
```





Also applies to: 36-36

---

`114-114`: **Convert subsection labels to Markdown headings (level 4).**

Lines 114, 120, and 129 use bold text for subsection markers (`**Namespace**`, `**Registry URL**`, `**External URL**`) but should use heading syntax (#### Namespace, etc.) for consistency with document structure and to pass Markdown linting. These issues were flagged in prior reviews but remain unfixed.

Apply this diff:

```diff
The upstream registry URL to be proxied. This can be a Kubernetes service address accessible by the registry gateway.

-**Registry URL**
+#### Registry URL

The upstream registry URL to be proxied. This can be a Kubernetes service address accessible by the registry gateway.
```

```diff
-**Namespace**
+#### Namespace

The namespace where you want to deploy the registry gateway. Typically, this should match the namespace of your OCI registry deployment.
```

```diff
-**External URL**
+#### External URL

The external URL of the registry gateway. This should match the registry URL used for pulling and pushing images to the registry.
```





Also applies to: 120-120, 129-129

</blockquote></details>
<details>
<summary>docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1)</summary><blockquote>

`451-451`: **Convert example and section titles to Markdown headings.**

Lines 451, 470, 492, 549, and 558 use bold text (`**Example 1**`, `**Example 2**`, `**Example 3**`, `**Process Overview**`, `**Key Configurations**`) where Markdown heading syntax should be used. This improves document structure, table of contents generation, and accessibility. These issues were flagged in prior reviews but remain unfixed.

Apply this diff:

```diff
-**Example 1**
+### Example 1

``` yaml
```

```diff
-**Example 2**
+### Example 2

``` yaml
```

```diff
-**Example 3**
+### Example 3

``` yaml
```

```diff
-**Process Overview**
+### Process Overview

| No. | Operation Step | Description |
```

```diff
-**Key Configurations**
+### Key Configurations

- Use the `url.alias` capability in [Harbor Secret](#harbor-connection-information-configuration) configuration to specify access aliases for Harbor 1 and Harbor 2
```





Also applies to: 470-470, 492-492, 549-549, 558-558

</blockquote></details>

</blockquote></details>

<details>
<summary>🧹 Nitpick comments (4)</summary><blockquote>

<details>
<summary>docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md (2)</summary><blockquote>

`29-29`: **Add language identifier to fenced code blocks.**

Lines 29 and 38 contain code blocks without language specification. Add `txt` or an appropriate language tag for syntax highlighting and better accessibility.

Apply this diff:

```diff
-```
+```txt
+--------------+         +---------------------+         +------------------+
|  Docker      |  <--->  |  Registry Gateway   |  --->   |  Docker Registry |
```

```diff
-```
+```txt
+------------------+
```




Also applies to: 38-38

---

`204-207`: **Simplify repetitive bullet-point phrasing.**

Lines 204–207 begin three consecutive bullet points with "Limit the," which is somewhat repetitive. Consider varying the phrasing for better readability, e.g., "The `project-1/` repository is limited to…" or restructuring as a table.

</blockquote></details>
<details>
<summary>docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (2)</summary><blockquote>

`109-109`: **Add language identifier to fenced code blocks.**

Lines 109, 683, and 705 contain fenced code blocks without language specification. Add appropriate language tags (e.g., `shell`, `bash`, `yaml`) for syntax highlighting.

Apply this diff at line 109:

```diff
-```
+```yaml
cat << 'EOF' | kubectl apply -f -
```

At line 683:

```diff
-```
+```shell
$ kubectl get harborrobotbinding
```

At line 705:

```diff
-```
+```shell
$ kubectl get secret -n team1-demo harbor1-for-team1.robot.alias -ojsonpath='{ .data.\.dockerconfigjson }' | base64 -d
```




Also applies to: 683-683, 705-705

---

`174-178`: **Consider varying sentence structure in verification steps.**

Lines 174–178 begin three consecutive checks with "Check if…", which creates repetitive phrasing. While acceptable for procedural lists, consider minor rewording (e.g., "Verify that the Harbor Project…", "Confirm the robot account…") to add variety.

</blockquote></details>

</blockquote></details>

<details>
<summary>📜 Review details</summary>

**Configuration used**: CodeRabbit UI

**Review profile**: CHILL

**Plan**: Pro

<details>
<summary>📥 Commits</summary>

Reviewing files that changed from the base of the PR and between e61fcb22d5a7ed07b089ba22f425592454318a1d and d7a1cb8099ed8e9b868dd6f5b52bbbb643783574.

</details>

<details>
<summary>📒 Files selected for processing (2)</summary>

* `docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md` (1 hunks)
* `docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md` (1 hunks)

</details>

<details>
<summary>🧰 Additional context used</summary>

<details>
<summary>🪛 LanguageTool</summary>

<details>
<summary>docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md</summary>

[style] ~178-~178: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...under the `team` project in Harbor.  3. Check if the status of HarborRobotBinding is ...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[style] ~404-~404: Try moving the adverb to make the sentence clearer.
Context: ...lly-generating-harbor-projects}  If you expect to automatically generate a Harbor Project on Harbor, you can define the name of t...

(SPLIT_INFINITIVE)

---

[grammar] ~404-~404: Use a hyphen to join words.
Context: ...ath` annotation. Its value is a [kubectl style JSONPath template](https://kuberne...

(QB_NEW_EN_HYPHEN)

---

[grammar] ~735-~735: Use a hyphen to join words.
Context: ...Image Pulling  Create Pods to test image pulling functionality:  **Note:** Ensure...

(QB_NEW_EN_HYPHEN)

</details>
<details>
<summary>docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md</summary>

[style] ~206-~206: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...age/` repository to 5GB and 200 tags. - Limit the `project-2/` repository to 50MB and...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

</details>

</details>
<details>
<summary>🪛 markdownlint-cli2 (0.18.1)</summary>

<details>
<summary>docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md</summary>

109-109: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

451-451: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

470-470: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

492-492: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

549-549: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

558-558: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

683-683: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

705-705: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

</details>
<details>
<summary>docs/en/solutions/Restricting_Docker_Image_Push_Size_and_Tag_Count_using_the_Registry_Gateway_Plugin.md</summary>

27-27: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

29-29: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

36-36: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

38-38: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

114-114: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

120-120: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

---

129-129: Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

</details>

</details>

</details>

<details>
<summary>🔇 Additional comments (1)</summary><blockquote>

<details>
<summary>docs/en/solutions/Automating_Harbor_Robot_Credentials_Sync_and_Token_Rotation_per_Namespace_in_K8S_using_the_Harbor_Robot_Gen_Plugin.md (1)</summary><blockquote>

`240-240`: **✓ Capitalization fix appears correct.**

Line 240 shows "Using in Harbor Disaster Recovery Failover" with lowercase "in", which addresses the past review feedback. No action needed here.

</blockquote></details>

</blockquote></details>

</details>

<!-- This is an auto-generated comment by CodeRabbit for review status -->