Add new infra architecture 10

2026-01-20 10:39:40 +01:00
parent bc00bab061
commit 3b81b5f77e
22 changed files with 1054 additions and 65 deletions
--- a/infrastructure/cicd/tekton-helm/templates/secrets.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/secrets.yaml
@@ -16,6 +16,7 @@ stringData:
 ---
 # Secret for Gitea container registry credentials
 # Used by Kaniko to push images to Gitea registry
+# References the existing gitea-admin-secret for consistency
 apiVersion: v1
 kind: Secret
 metadata:
@@ -25,16 +26,16 @@ metadata:
    app.kubernetes.io/name: {{ .Values.labels.app.name }}
    app.kubernetes.io/component: build
  annotations:
-    note: "Registry credentials for pushing images"
+    note: "Registry credentials for pushing images - references gitea-admin-secret"
 type: kubernetes.io/dockerconfigjson
 stringData:
-  {{- if and .Values.secrets.registry.registryUrl .Values.secrets.registry.username .Values.secrets.registry.password }}
+  {{- if and .Values.secrets.registry.registryUrl .Values.secrets.registry.username }}
  .dockerconfigjson: |
    {
      "auths": {
        {{ .Values.secrets.registry.registryUrl | quote }}: {
          "username": {{ .Values.secrets.registry.username | quote }},
-          "password": {{ .Values.secrets.registry.password | quote }}
+          "password": {{ .Values.secrets.registry.password | default (lookup "v1" "Secret" "gitea" "gitea-admin-secret").data.password | b64dec | quote }}
        }
      }
    }
@@ -43,6 +44,7 @@ stringData:
  {{- end }}
 ---
 # Secret for Git credentials (used by pipeline to push GitOps updates)
+# References the existing gitea-admin-secret for consistency
 apiVersion: v1
 kind: Secret
 metadata:
@@ -52,14 +54,15 @@ metadata:
    app.kubernetes.io/name: {{ .Values.labels.app.name }}
    app.kubernetes.io/component: gitops
  annotations:
-    note: "Git credentials for GitOps updates"
+    note: "Git credentials for GitOps updates - references gitea-admin-secret"
 type: Opaque
 stringData:
  username: {{ .Values.secrets.git.username | quote }}
-  password: {{ .Values.secrets.git.password | quote }}
+  password: {{ .Values.secrets.git.password | default (lookup "v1" "Secret" "gitea" "gitea-admin-secret").data.password | b64dec | quote }}
 ---
 # Secret for Flux GitRepository access
 # Used by Flux to pull from Gitea repository
+# References the existing gitea-admin-secret for consistency
 apiVersion: v1
 kind: Secret
 metadata:
@@ -69,8 +72,8 @@ metadata:
    app.kubernetes.io/name: {{ .Values.labels.app.name }}
    app.kubernetes.io/component: flux
  annotations:
-    note: "Credentials for Flux GitRepository access"
+    note: "Credentials for Flux GitRepository access - references gitea-admin-secret"
 type: Opaque
 stringData:
  username: {{ .Values.secrets.git.username | quote }}
-  password: {{ .Values.secrets.git.password | quote }}
+  password: {{ .Values.secrets.git.password | default (lookup "v1" "Secret" "gitea" "gitea-admin-secret").data.password | b64dec | quote }}