feat(docker-registry): add registry

2024-10-16 15:13:35 -04:00 · 2024-10-16 15:13:35 -04:00 · 8d9cfb8292
commit 8d9cfb8292
parent 5832b208f3
14 changed files with 406 additions and 0 deletions
--- a/apps/docker-registry/base/deployment.yaml
+++ b/apps/docker-registry/base/deployment.yaml
@ -0,0 +1,102 @@
+---
+# Source: docker-registry/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: docker-registry
+  namespace: gitops
+  labels:
+    app: docker-registry
+    chart: docker-registry-2.2.3
+    release: docker-registry
+    heritage: Helm
+spec:
+  selector:
+    matchLabels:
+      app: docker-registry
+      release: docker-registry
+  replicas: 1
+  strategy: 
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+    type: RollingUpdate
+  minReadySeconds: 5
+  template:
+    metadata:
+      labels:
+        app: docker-registry
+        release: docker-registry
+      annotations:
+        updated-at/secret: 2024-10-16T14:38:25-04:00
+    spec:
+      securityContext: 
+        fsGroup: 1000
+        runAsUser: 1000
+      containers:
+        - name: docker-registry
+          image: "registry:2.8.1"
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/registry
+          - serve
+          - /etc/docker/registry/config.yml
+          ports:
+            - containerPort: 5000
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 5000
+          readinessProbe:
+            httpGet:
+              path: /
+              port: 5000
+          resources: 
+            {}
+          env: 
+            - name: REGISTRY_HTTP_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: docker-registry-secret
+                  key: haSharedSecret
+            - name: REGISTRY_AUTH
+              value: "htpasswd"
+            - name: REGISTRY_AUTH_HTPASSWD_REALM
+              value: "Registry Realm"
+            - name: REGISTRY_AUTH_HTPASSWD_PATH
+              value: "/auth/htpasswd"
+            - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
+              value: "/var/lib/registry"
+            - name: REGISTRY_PROXY_REMOTEURL
+              value: https://registry-1.docker.io
+            - name: REGISTRY_PROXY_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: docker-registry-secret
+                  key: proxyUsername
+            - name: REGISTRY_PROXY_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: docker-registry-secret
+                  key: proxyPassword
+          volumeMounts: 
+            - name: "docker-registry-config"
+              mountPath: "/etc/docker/registry"
+            - name: auth
+              mountPath: /auth
+              readOnly: true
+            - name: data
+              mountPath: /var/lib/registry/
+      volumes: 
+        - name: docker-registry-config
+          configMap:
+            name: docker-registry-config
+        - name: auth
+          secret:
+            secretName: docker-registry-secret
+            items:
+            - key: htpasswd
+              path: htpasswd
+        - name: data
+          persistentVolumeClaim:
+            claimName: docker-registry