bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new infra architecture 13

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-21 23:16:19 +01:00
parent 66dfd50fbc
commit aeff6b1537
22 changed files with 552 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/PILOT_LAUNCH_GUIDE.md
View File

@@ -1983,10 +1983,10 @@ The CI/CD infrastructure has been configured with production security in mind:
- Minimum 16-character password requirement
- Password hidden from terminal output
2. **Internal Cluster Communication**
- All CI/CD components communicate via internal cluster DNS
- GitOps updates use `gitea-http.gitea.svc.cluster.local:3000`
- No hardcoded external URLs in pipeline tasks
2. **Registry Communication**
- Git operations (clone, push) use internal cluster DNS: `gitea-http.gitea.svc.cluster.local:3000`
- Image references use external HTTPS URL: `registry.bakewise.ai` (containerd requires HTTPS for auth)
- This ensures image pulls work correctly while git operations stay internal
3. **Credential Isolation**
- Secrets are passed via `--set` flags, never committed to git