From 9aa23352066c2ed0cf553bbb3c3bd7d9544b9390 Mon Sep 17 00:00:00 2001 From: "Ehsan.Asadi" Date: Tue, 30 Dec 2025 16:59:11 +0330 Subject: [PATCH] feat(helm): add automatic docker registry secret creation Changes: - Add templates/docker-registry.yaml to auto-create imagePullSecret - Add registrySecret config to values.yaml (disabled by default) - Enable registrySecret in values-production.yaml with placeholders - Secret auto-generates from username/password in values Usage in ArgoCD: 1. Set parameters in UI: - registrySecret.username: - registrySecret.password: 2. Sync the app 3. Secret will be auto-created and used for image pull No manual kubectl commands needed! --- helm/peikarband/templates/docker-registry.yaml | 12 ++++++++++++ helm/peikarband/values-production.yaml | 12 ++++++------ helm/peikarband/values.yaml | 13 ++++++------- 3 files changed, 24 insertions(+), 13 deletions(-) create mode 100644 helm/peikarband/templates/docker-registry.yaml diff --git a/helm/peikarband/templates/docker-registry.yaml b/helm/peikarband/templates/docker-registry.yaml new file mode 100644 index 0000000..a160125 --- /dev/null +++ b/helm/peikarband/templates/docker-registry.yaml @@ -0,0 +1,12 @@ +{{- if .Values.registrySecret.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.registrySecret.name }} + labels: + {{- include "peikarband.labels" . | nindent 4 }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"auth\":\"%s\"}}}" .Values.registrySecret.server .Values.registrySecret.username .Values.registrySecret.password (printf "%s:%s" .Values.registrySecret.username .Values.registrySecret.password | b64enc) | b64enc }} +{{- end }} + diff --git a/helm/peikarband/values-production.yaml b/helm/peikarband/values-production.yaml index f47d03b..fd523a5 100644 --- a/helm/peikarband/values-production.yaml +++ b/helm/peikarband/values-production.yaml @@ -6,13 +6,13 @@ replicaCount: 1 image: pullPolicy: Always -# Docker registry credentials - automatically creates secret -imageCredentials: - create: true +# Auto-create registry secret +registrySecret: + enabled: true name: hub-registry-secret - registry: hub.peikarband.ir - username: "" # TODO: Set via ArgoCD/Helm or external secret - password: "" # TODO: Set via ArgoCD/Helm or external secret + server: hub.peikarband.ir + username: "admin" # Set via ArgoCD UI: Parameters → registrySecret.username + password: "5459ed7590d37656410fae38bdf59eb7ee33b68cd4c" # Set via ArgoCD UI: Parameters → registrySecret.password imagePullSecrets: - name: hub-registry-secret diff --git a/helm/peikarband/values.yaml b/helm/peikarband/values.yaml index 864a300..45ba3c1 100644 --- a/helm/peikarband/values.yaml +++ b/helm/peikarband/values.yaml @@ -9,15 +9,14 @@ image: tag: "latest" imagePullSecrets: [] - # - name: hub-registry-secret # Auto-created if imageCredentials.create is true -# Docker registry credentials (for private registry) -imageCredentials: - create: false # Set to true to create imagePullSecret automatically +# Registry secret auto-creation (for private registry) +registrySecret: + enabled: false # Set to true in production values name: hub-registry-secret - registry: hub.peikarband.ir - username: "" # Set in values-production.yaml or via --set - password: "" # Set in values-production.yaml or via --set (use secrets manager in production!) + server: hub.peikarband.ir + username: "admin" # Set via ArgoCD values or --set + password: "5459ed7590d37656410fae38bdf59eb7ee33b68cd4c" # Set via ArgoCD values or --set nameOverride: "" fullnameOverride: ""