registry-photon and harbor-registryctl crash when REGISTRY_HTTP_SECRET env var starts with "&" and its followed by a non alphanumeric character

[kklorenzotesta]

Expected behavior and actual behavior:
I expect to be able to set any value to the env variable REGISTRY_HTTP_SECRET, but at runtimes seems like the env variable REGISTRY_HTTP_SECRET is not correctly escaped (when it starts with "&" and its followed by a non alphanumeric character).
registry-photon fails with:

configuration error: error parsing /etc/registry/config.yml: yaml: did not find expected alphabetic or numeric character 

and harbor-registryctl fails with:

2026-04-23T10:26:27Z [ERROR] [/registryctl/config/config.go:63]: failed to load storage driver, err:error parsing registry configuration /etc/registry/config.yml: yaml: did not find expected alphabetic or numeric character
2026-04-23T10:26:27Z [FATAL] [/registryctl/main.go:102]: Failed to load configurations with error: error parsing registry configuration /etc/registry/config.yml: yaml: did not find expected alphabetic or numeric character

The secret is not put directly in the yaml but looks like the software merges the yaml with the env variable before parsing it but doesn't escape it correctly

Steps to reproduce the problem:
Install the harbor-helm chart with registry.existingSecret pointing to a secret with REGISTRY_HTTP_SECRET that starts with "&" and its followed by a non alphanumeric character (e.g. REGISTRY_HTTP_SECRET: '&<*G^U-[~''{3#Sem~WE$(f:RJMG<!(o' , if I add an a before the & it works). The harbor-registry pod will crash with the errors above

Versions:

• harbor version: 2.13.1
• harbor-helm version: 1.18.3