argo/apps/docker-registry/base/cronjob.yaml

---
# Source: docker-registry/templates/cronjob.yaml
apiVersion: batch/v1
kind: CronJob
metadata:
  name: docker-registry-garbage-collector
  namespace: gitops
  labels:
    app: docker-registry
    chart: docker-registry-2.2.3
    release: docker-registry
    heritage: Helm
spec:
  schedule: "0 1 * * *"
  jobTemplate:
    metadata:
      labels:
        app: docker-registry
        release: docker-registry
      annotations:
        checksum/config: 7768037b11264d8a85079c7389faa0b2846b55771ae7ea102d41f7ea868676fb
        checksum/secret: cf8de4fbecd435bc3788328888b074e895540fd0a0681fa391ee2d3f42e1e599
    spec:
      template:
        spec:
          securityContext: 
            fsGroup: 1000
            runAsUser: 1000
          containers:
            - name: docker-registry
              image: "registry:2.8.1"
              imagePullPolicy: IfNotPresent
              command:
              - /bin/registry
              - garbage-collect
              - --delete-untagged=true
              - /etc/docker/registry/config.yml
              env: 
                - name: REGISTRY_HTTP_SECRET
                  valueFrom:
                    secretKeyRef:
                      name: docker-registry-secret
                      key: haSharedSecret
                - name: REGISTRY_AUTH
                  value: "htpasswd"
                - name: REGISTRY_AUTH_HTPASSWD_REALM
                  value: "Registry Realm"
                - name: REGISTRY_AUTH_HTPASSWD_PATH
                  value: "/auth/htpasswd"
                - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
                  value: "/var/lib/registry"
                - name: REGISTRY_PROXY_REMOTEURL
                  value: https://registry-1.docker.io
                - name: REGISTRY_PROXY_USERNAME
                  valueFrom:
                    secretKeyRef:
                      name: docker-registry-secret
                      key: proxyUsername
                - name: REGISTRY_PROXY_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      name: docker-registry-secret
                      key: proxyPassword
              volumeMounts: 
                - name: "docker-registry-config"
                  mountPath: "/etc/docker/registry"
                - name: auth
                  mountPath: /auth
                  readOnly: true
                - name: data
                  mountPath: /var/lib/registry/
          restartPolicy: OnFailure
          volumes: 
            - name: docker-registry-config
              configMap:
                name: docker-registry-config
            - name: auth
              secret:
                secretName: docker-registry-secret
                items:
                - key: htpasswd
                  path: htpasswd
            - name: data
              emptyDir: {}