Add new infra architecture 13

infrastructure/cicd/tekton-helm/values-prod.yaml

@@ -16,6 +16,11 @@
 
 # Global settings for production
 global:
+  # Registry configuration - use external HTTPS URL for image references
+  # containerd/Docker requires HTTPS for authenticated registries
+  registry:
+    url: "registry.bakewise.ai/bakery-admin"
+
   # Git configuration
   git:
     userEmail: "ci@bakewise.ai"
@@ -25,6 +30,8 @@ pipeline:
   # Build configuration
   build:
     verbosity: "warn"  # Less verbose in production
+    # Use external registry URL for base images (HTTPS required)
+    baseRegistry: "registry.bakewise.ai/bakery-admin"
 
   # Test configuration
   test:
@@ -72,7 +79,9 @@ secrets:
   registry:
     username: "bakery-admin"
     password: ""  # MUST be set via --set flag
-    registryUrl: "gitea-http.gitea.svc.cluster.local:3000"
+    # Use external HTTPS URL for image references (containerd requires HTTPS for auth)
+    # Kaniko can still push via HTTP internally, but image refs must use HTTPS
+    registryUrl: "registry.bakewise.ai"
 
   # Git credentials for GitOps updates
   # Override with: --set secrets.git.password=$GITEA_ADMIN_PASSWORD