ehsan-minadd/peikarband
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(helm): add automatic docker registry secret creation
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
CD - Build & Deploy / build-and-push (push) Has been cancelled
Details
CD - Build & Deploy / package-helm (push) Has been cancelled
Details
CD - Build & Deploy / deploy-staging (push) Has been cancelled
Details
CD - Build & Deploy / deploy-production (push) Has been cancelled
Details
CD - Build & Deploy / release (push) Has been cancelled
Details
CI / test (3.11) (push) Has been cancelled
Details
CI / test (3.12) (push) Has been cancelled
Details
CI / security (push) Has been cancelled
Details

Browse Source 
Changes:
- Add templates/docker-registry.yaml to auto-create imagePullSecret
- Add registrySecret config to values.yaml (disabled by default)
- Enable registrySecret in values-production.yaml with placeholders
- Secret auto-generates from username/password in values

Usage in ArgoCD:
1. Set parameters in UI:
   - registrySecret.username: <your-username>
   - registrySecret.password: <your-password>
2. Sync the app
3. Secret will be auto-created and used for image pull

No manual kubectl commands needed!
This commit is contained in:
Ehsan.Asadi
2025-12-30 16:59:11 +03:30
parent 7b3bc5b408
commit 9aa2335206
3 changed files with 24 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
helm/peikarband/templates/docker-registry.yaml Normal file
View File

@@ -0,0 +1,12 @@
{{- if .Values.registrySecret.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.registrySecret.name }}
labels:
{{- include "peikarband.labels" . | nindent 4 }}
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"auth\":\"%s\"}}}" .Values.registrySecret.server .Values.registrySecret.username .Values.registrySecret.password (printf "%s:%s" .Values.registrySecret.username .Values.registrySecret.password | b64enc) | b64enc }}
{{- end }}

12
helm/peikarband/values-production.yaml
View File

@@ -6,13 +6,13 @@ replicaCount: 1
image: image:
pullPolicy: Always pullPolicy: Always
# Docker registry credentials - automatically creates secret # Auto-create registry secret
imageCredentials: registrySecret:
create: true enabled: true
name: hub-registry-secret name: hub-registry-secret
registry: hub.peikarband.ir server: hub.peikarband.ir
username: "" # TODO: Set via ArgoCD/Helm or external secret username: "admin" # Set via ArgoCD UI: Parameters → registrySecret.username
password: "" # TODO: Set via ArgoCD/Helm or external secret password: "5459ed7590d37656410fae38bdf59eb7ee33b68cd4c" # Set via ArgoCD UI: Parameters → registrySecret.password
imagePullSecrets: imagePullSecrets:
- name: hub-registry-secret - name: hub-registry-secret

13
helm/peikarband/values.yaml
View File

@@ -9,15 +9,14 @@ image:
tag: "latest" tag: "latest"
imagePullSecrets: [] imagePullSecrets: []
# - name: hub-registry-secret # Auto-created if imageCredentials.create is true
# Docker registry credentials (for private registry) # Registry secret auto-creation (for private registry)
imageCredentials: registrySecret:
create: false # Set to true to create imagePullSecret automatically enabled: false # Set to true in production values
name: hub-registry-secret name: hub-registry-secret
registry: hub.peikarband.ir server: hub.peikarband.ir
username: "" # Set in values-production.yaml or via --set username: "admin" # Set via ArgoCD values or --set
password: "" # Set in values-production.yaml or via --set (use secrets manager in production!) password: "5459ed7590d37656410fae38bdf59eb7ee33b68cd4c" # Set via ArgoCD values or --set
nameOverride: "" nameOverride: ""
fullnameOverride: "" fullnameOverride: ""