--- # Source: docker-registry/templates/cronjob.yaml apiVersion: batch/v1 kind: CronJob metadata: name: docker-registry-garbage-collector namespace: gitops labels: app: docker-registry chart: docker-registry-2.2.3 release: docker-registry heritage: Helm spec: schedule: "0 1 * * *" jobTemplate: metadata: labels: app: docker-registry release: docker-registry annotations: checksum/config: 7768037b11264d8a85079c7389faa0b2846b55771ae7ea102d41f7ea868676fb checksum/secret: cf8de4fbecd435bc3788328888b074e895540fd0a0681fa391ee2d3f42e1e599 spec: template: spec: securityContext: fsGroup: 1000 runAsUser: 1000 containers: - name: docker-registry image: "registry:2.8.1" imagePullPolicy: IfNotPresent command: - /bin/registry - garbage-collect - --delete-untagged=true - /etc/docker/registry/config.yml env: - name: REGISTRY_HTTP_SECRET valueFrom: secretKeyRef: name: docker-registry-secret key: haSharedSecret - name: REGISTRY_AUTH value: "htpasswd" - name: REGISTRY_AUTH_HTPASSWD_REALM value: "Registry Realm" - name: REGISTRY_AUTH_HTPASSWD_PATH value: "/auth/htpasswd" - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY value: "/var/lib/registry" - name: REGISTRY_PROXY_REMOTEURL value: https://registry-1.docker.io - name: REGISTRY_PROXY_USERNAME valueFrom: secretKeyRef: name: docker-registry-secret key: proxyUsername - name: REGISTRY_PROXY_PASSWORD valueFrom: secretKeyRef: name: docker-registry-secret key: proxyPassword volumeMounts: - name: config mountPath: "/etc/docker/registry" - name: auth mountPath: /auth readOnly: true - name: data mountPath: /var/lib/registry/ restartPolicy: OnFailure volumes: - name: config configMap: name: docker-registry-config - name: auth secret: secretName: docker-registry-secret items: - key: htpasswd path: htpasswd - name: data emptyDir: {}