Add new infra architecture 11

infrastructure/environments/dev/k8s-manifests/dev-certificate.yaml

@@ -25,6 +25,8 @@ spec:
     - bakery-ia.local
     - api.bakery-ia.local
     - monitoring.bakery-ia.local
+    - gitea.bakery-ia.local
+    - registry.bakery-ia.local
     - "*.bakery-ia.local"
     - "mail.bakery-ia.dev"
     - "*.bakery-ia.dev"

infrastructure/environments/dev/k8s-manifests/kustomization.yaml

@@ -40,41 +40,6 @@ patches:
         value: "true"
   # NOTE: nominatim patches removed - nominatim is now deployed via Helm (tilt trigger nominatim-helm)
 
-  # Add imagePullSecrets to all Deployments for Gitea registry authentication
-  - target:
-      kind: Deployment
-    patch: |-
-      - op: add
-        path: /spec/template/spec/imagePullSecrets
-        value:
-          - name: gitea-registry-secret
-
-  # Add imagePullSecrets to all StatefulSets for Gitea registry authentication
-  - target:
-      kind: StatefulSet
-    patch: |-
-      - op: add
-        path: /spec/template/spec/imagePullSecrets
-        value:
-          - name: gitea-registry-secret
-
-  # Add imagePullSecrets to all Jobs for Gitea registry authentication
-  - target:
-      kind: Job
-    patch: |-
-      - op: add
-        path: /spec/template/spec/imagePullSecrets
-        value:
-          - name: gitea-registry-secret
-
-  # Add imagePullSecrets to all CronJobs for Gitea registry authentication
-  - target:
-      kind: CronJob
-    patch: |-
-      - op: add
-        path: /spec/jobTemplate/spec/template/spec/imagePullSecrets
-        value:
-          - name: gitea-registry-secret
 
 labels:
   - includeSelectors: true
@@ -82,59 +47,58 @@ labels:
       environment: development
       tier: local
 
-# Dev image overrides - use Gitea registry to avoid Docker Hub rate limits
+# Dev image overrides - use Kind registry to avoid Docker Hub rate limits
 # IMPORTANT: All image names must be lowercase (Docker requirement)
-# The prepull-base-images.sh script pushes images to registry.bakery-ia.local/bakery-admin/
-# For internal cluster access, use the Gitea service directly
-# Format: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/<package-name>:<original-tag>
+# The prepull-base-images.sh script pushes images to localhost:5000/ with format: <repo>_<tag>
+# Format: localhost:5000/<package-name>_<tag>:latest
 images:
   # Database images
   - name: postgres
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/postgres
-    newTag: "17-alpine"
+    newName: localhost:5000/postgres_17_alpine
+    newTag: latest
   - name: redis
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/redis
-    newTag: "7.4-alpine"
+    newName: localhost:5000/redis_7_4_alpine
+    newTag: latest
   - name: rabbitmq
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/rabbitmq
-    newTag: "4.1-management-alpine"
+    newName: localhost:5000/rabbitmq_4_1_management_alpine
+    newTag: latest
   # Utility images
   - name: busybox
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/busybox
-    newTag: "1.36"
+    newName: localhost:5000/busybox_1_36
+    newTag: latest
   - name: curlimages/curl
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/curlimages-curl
+    newName: localhost:5000/curlimages_curl_latest
     newTag: latest
   - name: bitnami/kubectl
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/bitnami-kubectl
+    newName: localhost:5000/bitnami_kubectl_latest
     newTag: latest
 
   # Alpine variants
   - name: alpine
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/alpine
-    newTag: "3.19"
+    newName: localhost:5000/alpine_3_19
+    newTag: latest
   - name: alpine/git
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/alpine-git
-    newTag: "2.43.0"
-  # CI/CD images (cached in Gitea registry for consistency)
+    newName: localhost:5000/alpine_git_2_43_0
+    newTag: latest
+  # CI/CD images (cached in Kind registry for consistency)
   - name: gcr.io/kaniko-project/executor
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/gcr.io-kaniko-project-executor
-    newTag: v1.23.0
+    newName: localhost:5000/gcr_io_kaniko_project_executor_v1_23_0
+    newTag: latest
   - name: gcr.io/go-containerregistry/crane
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/gcr.io-go-containerregistry-crane
+    newName: localhost:5000/gcr_io_go_containerregistry_crane_latest
     newTag: latest
   - name: registry.k8s.io/kustomize/kustomize
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/registry.k8s.io-kustomize-kustomize
-    newTag: v5.3.0
+    newName: localhost:5000/registry_k8s_io_kustomize_kustomize_v5_3_0
+    newTag: latest
   # Storage images
   - name: minio/minio
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/minio-minio
-    newTag: RELEASE.2024-11-07T00-52-20Z
+    newName: localhost:5000/minio_minio_release_2024_11_07t00_52_20z
+    newTag: latest
   - name: minio/mc
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/minio-mc
-    newTag: RELEASE.2024-11-17T19-35-25Z
+    newName: localhost:5000/minio_mc_release_2024_11_17t19_35_25z
+    newTag: latest
   # NOTE: nominatim image override removed - nominatim is now deployed via Helm
   # Python base image
   - name: python
-    newName: gitea-http.gitea.svc.cluster.local:3000/bakery-admin/python
-    newTag: "3.11-slim"
+    newName: localhost:5000/python_3_11_slim
+    newTag: latest