deploy: add Gitea registry pull secret and ExternalSecret

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-26 13:37:16 +01:00
parent 4d800ffbfb
commit f7353d48f4
3 changed files with 25 additions and 0 deletions
--- a/deploy/externalsecret_gitea-registry.yaml
+++ b/deploy/externalsecret_gitea-registry.yaml
@@ -0,0 +1,22 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: gitea-registry
+  namespace: fujarna
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    name: gitea-registry
+    creationPolicy: Owner
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .token }}"
+  data:
+    - secretKey: token
+      remoteRef:
+        key: k8s_home/gitea/container-registry
+        property: token