--- # Source: docker-registry/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: docker-registry namespace: gitops labels: app: docker-registry chart: docker-registry-2.2.3 release: docker-registry heritage: Helm spec: selector: matchLabels: app: docker-registry release: docker-registry replicas: 1 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate minReadySeconds: 5 template: metadata: labels: app: docker-registry release: docker-registry annotations: updated-at/secret: 2024-10-16T14:38:25-04:00 spec: securityContext: fsGroup: 1000 runAsUser: 1000 containers: - name: docker-registry image: "registry:2.8.1" imagePullPolicy: IfNotPresent command: - /bin/registry - serve - /etc/docker/registry/config.yml ports: - containerPort: 5000 livenessProbe: httpGet: path: / port: 5000 readinessProbe: httpGet: path: / port: 5000 resources: {} env: - name: REGISTRY_HTTP_SECRET valueFrom: secretKeyRef: name: docker-registry-secret key: haSharedSecret - name: REGISTRY_AUTH value: "htpasswd" - name: REGISTRY_AUTH_HTPASSWD_REALM value: "Registry Realm" - name: REGISTRY_AUTH_HTPASSWD_PATH value: "/auth/htpasswd" - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY value: "/var/lib/registry" - name: REGISTRY_PROXY_REMOTEURL value: https://registry-1.docker.io - name: REGISTRY_PROXY_USERNAME valueFrom: secretKeyRef: name: docker-registry-secret key: proxyUsername - name: REGISTRY_PROXY_PASSWORD valueFrom: secretKeyRef: name: docker-registry-secret key: proxyPassword volumeMounts: - name: "docker-registry-config" mountPath: "/etc/docker/registry" - name: auth mountPath: /auth readOnly: true - name: data mountPath: /var/lib/registry/ volumes: - name: docker-registry-config configMap: name: docker-registry-config - name: auth secret: secretName: docker-registry-secret items: - key: htpasswd path: htpasswd - name: data persistentVolumeClaim: claimName: docker-registry