фикс ошибок линта и молекулы

addons/harbor/role/defaults/main.yml

@@ -41,8 +41,8 @@ harbor_metrics_enabled: true
 # ── Proxy Cache (зеркалирование публичных registry) ───────────────────────────
 # При pull образа через Harbor он автоматически кэшируется в Harbor.
 # Использование: docker pull harbor.example.com/dockerhub/library/nginx:latest
-# 
-# Использование после настройки:         
+#
+# Использование после настройки:
 # docker pull harbor.example.com/dockerhub/library/nginx:latest   # → кэш из docker.io
 # docker pull harbor.example.com/ghcr/owner/image:tag             # → кэш из ghcr.io
 # docker pull harbor.example.com/k8s-registry/kube-apiserver:v1.30.0

addons/harbor/role/molecule/default/converge.yml

@@ -0,0 +1,32 @@
+---
+- name: Converge — harbor template tests
+  hosts: all
+  become: false
+  gather_facts: false
+
+  vars:
+    harbor_namespace: harbor
+    harbor_admin_password: "Harbor12345"
+    harbor_ingress_enabled: true
+    harbor_ingress_host: "harbor.home.local"
+    harbor_ingress_class: "nginx"
+    harbor_ingress_tls: false
+    harbor_ingress_cert_issuer: "letsencrypt-prod"
+    harbor_registry_storage_size: "20Gi"
+    harbor_registry_storage_class: ""
+    harbor_database_storage_size: "5Gi"
+    harbor_database_storage_class: ""
+    harbor_redis_storage_size: "1Gi"
+    harbor_redis_storage_class: ""
+    harbor_trivy_enabled: true
+    harbor_metrics_enabled: true
+    addon_postgresql: false
+    postgresql_external_host: "postgresql.postgresql.svc.cluster.local"
+    postgresql_external_port: 5432
+
+  tasks:
+    - name: Render harbor-values.yaml.j2
+      ansible.builtin.template:
+        src: "{{ playbook_dir }}/../../templates/harbor-values.yaml.j2"
+        dest: /tmp/harbor-values.yaml
+        mode: "0644"

addons/harbor/role/molecule/default/molecule.yml

@@ -0,0 +1,28 @@
+---
+driver:
+  name: docker
+
+platforms:
+  - name: master01
+    image: geerlingguy/docker-ubuntu2204-ansible:latest
+    pre_build_image: true
+    groups:
+      - k3s_master
+
+provisioner:
+  name: ansible
+  playbooks:
+    converge: converge.yml
+    verify: verify.yml
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+
+verifier:
+  name: ansible
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+

addons/harbor/role/molecule/default/verify.yml

@@ -0,0 +1,45 @@
+---
+- name: Verify — harbor templates
+  hosts: all
+  become: false
+  gather_facts: false
+
+  tasks:
+    - name: Read rendered values
+      ansible.builtin.slurp:
+        src: /tmp/harbor-values.yaml
+      register: values_raw
+
+    - name: Parse values YAML
+      ansible.builtin.set_fact:
+        v: "{{ values_raw.content | b64decode | from_yaml }}"
+
+    - name: Assert ingress host
+      ansible.builtin.assert:
+        that: v.expose.ingress.hosts.core == 'harbor.home.local'
+        fail_msg: "expose.ingress.hosts.core неверный: {{ v.expose.ingress.hosts.core }}"
+
+    - name: Assert ingressClass
+      ansible.builtin.assert:
+        that: v.expose.ingress.className == 'nginx'
+        fail_msg: "ingressClassName неверный"
+
+    - name: Assert externalURL
+      ansible.builtin.assert:
+        that: "'harbor.home.local' in v.externalURL"
+        fail_msg: "externalURL не содержит harbor.home.local"
+
+    - name: Assert TLS is disabled
+      ansible.builtin.assert:
+        that: v.expose.tls.enabled == false
+        fail_msg: "TLS должен быть disabled при harbor_ingress_tls: false"
+
+    - name: Assert admin password is set
+      ansible.builtin.assert:
+        that: v.harborAdminPassword | length > 0
+        fail_msg: "harborAdminPassword пустой"
+
+    - name: Assert persistence is enabled
+      ansible.builtin.assert:
+        that: v.persistence.enabled == true
+        fail_msg: "persistence.enabled должен быть true"