diff --git a/docs/developer/develop-package.md b/docs/developer/develop-package.md
index eabe79aa432545a3ae6fcb7f91e7bcc0bd389811..2171eb10bac05e5e4ee5d733fca6dffef3a1f9de 100644
--- a/docs/developer/develop-package.md
+++ b/docs/developer/develop-package.md
@@ -169,3 +169,27 @@ Under Settings → Repository → Default Branch, ensure that main is selected.
1. After the merge create a git tag following the charter convention of {UpstreamChartVersion}-bb.{BigBangVersion}. The tag should exactly match the chart version in the Chart.yaml.
example: 1.2.3-bb.0
+
+### Private registry secret creation
+In some instances you may wish to manually create a private-registry secret in the namespace or during a helm deployment. There are a couple of ways to do this:
+
+1. The first way is to add the secret manually using kubectl. This method is useful for standalone package testing/development.
+
+ ```shell
+ kubectl create secret docker-registry private-registry --docker-server="https://registry1.dso.mil" --docker-username='Username' --docker-password="CLI secret" --docker-email=<your-email> --namespace=<package-namespace>
+ ```
+2. The second is to create a yaml file containing the secret and apply it during a helm install. This method is applicable when installing your new package as part of the Big Bang chart. In this example the file name is "reg-creds.yaml":
+
+Create the file with the secret contents:
+ ```yaml
+ registryCredentials:
+ registry: registry1.dso.mil
+ username: ""
+ password: ""
+ email: ""
+ ```
+
+Then include a reference to your file during your helm install command by adding the below `-f` to your Big Bang install command:
+ ```shell
+ -f reg-creds.yaml
+ ```
\ No newline at end of file
diff --git a/docs/developer/development-environment.md b/docs/developer/development-environment.md
index 8ee1631ecd85f88496158458a4493fdcdcf4ce77..d0a175383065313b2a82c23b2274bd0b1fae84cb 100644
--- a/docs/developer/development-environment.md
+++ b/docs/developer/development-environment.md
@@ -126,53 +126,6 @@ k3d cluster create \
--api-port 6443
```
-**_Optionally_** you can set your image pull secret on the cluster so that you don't have to put your credentials in the code or in the command line in later steps
-
-```shell
-# Create the directory for the k3s registry config.
-mkdir ~/.k3d/
-
-# Define variables
-YOURUSERNAME="<user_name>"
-YOURCLISECRET="<CLI secret>"
-EC2_PUBLIC_IP=$( curl https://ipinfo.io/ip )
-
-# Create the config file using your registry1 credentials.
-cat << EOF > ~/.k3d/p1-registries.yaml
-configs:
- "registry1.dso.mil":
- auth:
- username: $YOURUSERNAME
- password: $YOURCLISECRET
-EOF
-
-# Create k3d cluster
-k3d cluster create \
- --servers 1 \
- --agents 3 \
- --volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml \
- --volume /etc/machine-id:/etc/machine-id \
- --k3s-server-arg "--disable=traefik" \
- --k3s-server-arg "--disable=metrics-server" \
- --k3s-server-arg "--tls-san=$EC2_PUBLIC_IP" \
- --port 80:80@loadbalancer \
- --port 443:443@loadbalancer \
- --api-port 6443
-```
-
-Here is an explanation of what we are doing with this command:
-
-- `--servers 1` Creating 1 master/server
-- `--agents 3` Creating 3 agent nodes
-- `--k3s-server-arg "--disable=traefik"` Disable the default Traefik Ingress
-- `--k3s-server-arg "--disable=metrics-server"` Disable default metrics
-- `--k3s-server-arg "--tls-san=<your public ec2 ip>"` This adds the public IP to the kubeapi certificate so that you can access it remotely.
-- `--port 80:80@loadbalancer` Exposes the cluster on the host on port 80
-- `--port 443:443@loadbalancer` Exposes the cluster on the host on port 443
-- `--volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml` volume mount image pull secret config for k3d cluster.
-- `--volume /etc/machine-id:/etc/machine-id` volume mount so k3d nodes have a file at /etc/machine-id for fluentbit DaemonSet.
-- `--api-port 6443` port that your k8s api will use. 6443 is the standard default port for k8s api
-
### Step 3
Test the cluster from your local workstation. Copy the contents of the k3d kubeconfig from the EC2 instance to your local workstation. Do it manually with copy and paste.
@@ -487,3 +440,54 @@ sudo wget -q -O - https://raw.githubusercontent.com/rancher/k3d/main/install.sh
# exit ssh and then reconnect so you can use docker as non-root
```
+
+### Setting an imagePullSecret on the cluster with k3d
+
+
+**_This methodology is not recommended_**
+It is possible to set your image pull secret on the cluster so that you don't have to put your credentials in the code or in the command line in later steps
+
+```shell
+# Create the directory for the k3s registry config.
+mkdir ~/.k3d/
+
+# Define variables
+YOURUSERNAME="<user_name>"
+YOURCLISECRET="<CLI secret>"
+EC2_PUBLIC_IP=$( curl https://ipinfo.io/ip )
+
+# Create the config file using your registry1 credentials.
+cat << EOF > ~/.k3d/p1-registries.yaml
+configs:
+ "registry1.dso.mil":
+ auth:
+ username: $YOURUSERNAME
+ password: $YOURCLISECRET
+EOF
+
+# Create k3d cluster
+k3d cluster create \
+ --servers 1 \
+ --agents 3 \
+ --volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml \
+ --volume /etc/machine-id:/etc/machine-id \
+ --k3s-server-arg "--disable=traefik" \
+ --k3s-server-arg "--disable=metrics-server" \
+ --k3s-server-arg "--tls-san=$EC2_PUBLIC_IP" \
+ --port 80:80@loadbalancer \
+ --port 443:443@loadbalancer \
+ --api-port 6443
+```
+
+Here is an explanation of what we are doing with this command:
+
+- `--servers 1` Creating 1 master/server
+- `--agents 3` Creating 3 agent nodes
+- `--k3s-server-arg "--disable=traefik"` Disable the default Traefik Ingress
+- `--k3s-server-arg "--disable=metrics-server"` Disable default metrics
+- `--k3s-server-arg "--tls-san=<your public ec2 ip>"` This adds the public IP to the kubeapi certificate so that you can access it remotely.
+- `--port 80:80@loadbalancer` Exposes the cluster on the host on port 80
+- `--port 443:443@loadbalancer` Exposes the cluster on the host on port 443
+- `--volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml` volume mount image pull secret config for k3d cluster.
+- `--volume /etc/machine-id:/etc/machine-id` volume mount so k3d nodes have a file at /etc/machine-id for fluentbit DaemonSet.
+- `--api-port 6443` port that your k8s api will use. 6443 is the standard default port for k8s api
\ No newline at end of file