#!/bin/bash # Setup GitHub Container Registry (GHCR) image pull secrets for all namespaces # This script creates docker-registry secrets for pulling images from GHCR set -e # GitHub Container Registry credentials # Note: Use a GitHub Personal Access Token with 'read:packages' scope GHCR_SERVER="ghcr.io" GHCR_USERNAME="uals" # GitHub username GHCR_PASSWORD="ghp_zzEY5Q58x1S0puraIoKEtbpue3A" # GitHub Personal Access Token GHCR_EMAIL="ualfaro@gmail.com" SECRET_NAME="ghcr-creds" # List of namespaces used in the project NAMESPACES=( "bakery-ia" "bakery-ia-dev" "bakery-ia-prod" "default" ) echo "Setting up GitHub Container Registry image pull secrets..." echo "==========================================================" echo "" for namespace in "${NAMESPACES[@]}"; do echo "Processing namespace: $namespace" # Create namespace if it doesn't exist if ! kubectl get namespace "$namespace" >/dev/null 2>&1; then echo " Creating namespace: $namespace" kubectl create namespace "$namespace" fi # Delete existing secret if it exists if kubectl get secret "$SECRET_NAME" -n "$namespace" >/dev/null 2>&1; then echo " Deleting existing secret in namespace: $namespace" kubectl delete secret "$SECRET_NAME" -n "$namespace" fi # Create the docker-registry secret for GHCR echo " Creating GHCR secret in namespace: $namespace" kubectl create secret docker-registry "$SECRET_NAME" \ --docker-server="$GHCR_SERVER" \ --docker-username="$GHCR_USERNAME" \ --docker-password="$GHCR_PASSWORD" \ --docker-email="$GHCR_EMAIL" \ -n "$namespace" echo " ✓ Secret created successfully in namespace: $namespace" echo "" done echo "==========================================================" echo "GitHub Container Registry secrets setup completed!" echo "" echo "The secret '$SECRET_NAME' has been created in all namespaces:" for namespace in "${NAMESPACES[@]}"; do echo " - $namespace" done echo "" echo "Next steps:" echo "1. Update your Kubernetes manifests to include the GHCR imagePullSecrets" echo "2. Verify pods can pull images from GHCR: kubectl get pods -A" echo "3. Consider updating your CI/CD pipelines to push images to GHCR"