diff --git a/chart/templates/anchore/imagepullsecret.yaml b/chart/templates/anchore/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0493bb0d0adae20360a3351a11df6882399e6cb3
--- /dev/null
+++ b/chart/templates/anchore/imagepullsecret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.addons.anchore.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: anchore
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/anchore/namespace.yaml b/chart/templates/anchore/namespace.yaml
index 353a01b0dd983aadbed69dcd73759f285e4ae8ad..c6ce7c14577dc9d0798476c8d7199e5b6c418e1a 100644
--- a/chart/templates/anchore/namespace.yaml
+++ b/chart/templates/anchore/namespace.yaml
@@ -5,16 +5,4 @@ metadata:
labels:
app: {{ .Release.Name }}-anchore
name: anchore
-
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: anchore
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/argocd/imagepullsecret.yaml b/chart/templates/argocd/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b1dd59ae3ca69aa935ae583dfe34f7adfe2e35e6
--- /dev/null
+++ b/chart/templates/argocd/imagepullsecret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.addons.argocd.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: argocd
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/argocd/namespace.yaml b/chart/templates/argocd/namespace.yaml
index 69ff0643c0035f2cd8f39e63b462727860a1ffc4..e910b43ca7a767c0a63ea450d5346592cd86084c 100644
--- a/chart/templates/argocd/namespace.yaml
+++ b/chart/templates/argocd/namespace.yaml
@@ -7,16 +7,4 @@ metadata:
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
name: argocd
-
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: argocd
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
diff --git a/chart/templates/authservice/imagepullsecret.yaml b/chart/templates/authservice/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..19020efe41373323a92f9e8a298b4750f294a669
--- /dev/null
+++ b/chart/templates/authservice/imagepullsecret.yaml
@@ -0,0 +1,12 @@
+{{- if and .Values.istio.enabled ( or .Values.addons.authservice.enabled .Values.monitoring.sso.enabled .Values.jaeger.sso.enabled ) }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: authservice
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/authservice/namespace.yaml b/chart/templates/authservice/namespace.yaml
index 93f851b91efd8cc3c29c30ed4842fafe3da321c5..6cbaf46371c8089a7c60910320bc366bb6380f7d 100644
--- a/chart/templates/authservice/namespace.yaml
+++ b/chart/templates/authservice/namespace.yaml
@@ -7,17 +7,4 @@ metadata:
labels:
istio-injection: enabled
{{- end }}
-
-{{- if ( include "imagePullSecret" . ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: authservice
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
-
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gatekeeper/imagepullsecret.yaml b/chart/templates/gatekeeper/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e85dccbe33285a5a2b059234c287f4ad46f140ff
--- /dev/null
+++ b/chart/templates/gatekeeper/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if or .Values.gatekeeper.enabled .Values.clusterAuditor.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: gatekeeper-system
+ labels:
+ app.kubernetes.io/name: gatekeeper
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gatekeeper/namespace.yaml b/chart/templates/gatekeeper/namespace.yaml
index e4e924baf3537e2842db9ad31a7c21abc413b57f..cb6fe1dcf274a58bfc6f8f7963f4042cfa6f9a7f 100644
--- a/chart/templates/gatekeeper/namespace.yaml
+++ b/chart/templates/gatekeeper/namespace.yaml
@@ -10,20 +10,4 @@ metadata:
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
name: gatekeeper-system
-
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: gatekeeper-system
- labels:
- app.kubernetes.io/name: gatekeeper
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gitlab/imagepullsecret.yaml b/chart/templates/gitlab/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a0bc9db47dc99299acf47afb353bb2e208f42105
--- /dev/null
+++ b/chart/templates/gitlab/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if or .Values.addons.gitlab.enabled .Values.addons.gitlabRunner.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: gitlab
+ labels:
+ app.kubernetes.io/name: gitlab
+ app.kubernetes.io/component: "developer-tools"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gitlab/namespace.yaml b/chart/templates/gitlab/namespace.yaml
index 5dcb3246421b581e065f4b1638d7ddbd6649a405..52127acc5b75e2e130184ea5d6f8aa3d265ae884 100644
--- a/chart/templates/gitlab/namespace.yaml
+++ b/chart/templates/gitlab/namespace.yaml
@@ -7,114 +7,4 @@ metadata:
app.kubernetes.io/component: "developer-tools"
{{- include "commonLabels" . | nindent 4}}
name: gitlab
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: gitlab
- labels:
- app.kubernetes.io/name: gitlab
- app.kubernetes.io/component: "developer-tools"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
----
-{{- end }}
-{{- if .Values.addons.gitlab.enabled }}
-# create sso secret. The assumption is OIDC
-{{- if .Values.addons.gitlab.sso.enabled }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitlab-sso-provider
- namespace: gitlab
-type: kubernetes.io/opaque
-stringData:
- gitlab-sso.json: |-
- {
- "name": "openid_connect",
- "label": "{{ .Values.addons.gitlab.sso.label }}",
- "args": {
- "name": "openid_connect",
- "scope": [
- "Gitlab"
- ],
- "response_type": "code",
- "issuer": "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}",
- "client_auth_method": "query",
- "discovery": true,
- "uid_field": "preferred_username",
- "client_options": {
- "identifier": "{{ .Values.addons.gitlab.sso.client_id | default .Values.sso.client_id }}",
- "secret": "{{ .Values.addons.gitlab.sso.client_secret | default .Values.sso.client_secret }}",
- "redirect_uri": "https://{{ .Values.addons.gitlab.hostnames.gitlab }}/users/auth/openid_connect/callback",
- "end_session_endpoint": "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"
- }
- }
- }
-{{- end }}
----
-# create database secret
-{{- if .Values.addons.gitlab.database.host }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitlab-database
- namespace: gitlab
-type: kubernetes.io/opaque
-stringData:
- PGPASSWORD: {{ .Values.addons.gitlab.database.password }}
-{{- end }}
----
-# create object storage secret
-{{- if .Values.addons.gitlab.objectStorage.endpoint }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitlab-object-storage
- namespace: gitlab
-type: kubernetes.io/opaque
-stringData:
- rails: |-
- provider: AWS
- region: {{ .Values.addons.gitlab.objectStorage.region }}
- aws_access_key_id: {{ .Values.addons.gitlab.objectStorage.accessKey }}
- aws_secret_access_key: {{ .Values.addons.gitlab.objectStorage.accessSecret }}
- {{- if eq .Values.addons.gitlab.objectStorage.type "minio" }}
- aws_signature_version: 4
- host: {{ regexReplaceAll "http(s{0,1})://(.*):(\\d+)" .Values.addons.gitlab.objectStorage.endpoint "${2}" }}
- endpoint: "{{ .Values.addons.gitlab.objectStorage.endpoint }}"
- path_style: true
- {{- end }}
- registry: |-
- s3:
- {{- if .Values.addons.gitlab.objectStorage.bucketPrefix }}
- bucket: {{ .Values.addons.gitlab.objectStorage.bucketPrefix }}-gitlab-registry
- {{- else }}
- bucket: gitlab-registry
- {{- end }}
- accesskey: {{ .Values.addons.gitlab.objectStorage.accessKey }}
- secretkey: {{ .Values.addons.gitlab.objectStorage.accessSecret }}
- region: {{ .Values.addons.gitlab.objectStorage.region }}
- {{- if eq .Values.addons.gitlab.objectStorage.type "s3" }}
- v4auth: true
- {{- end }}
- {{- if eq .Values.addons.gitlab.objectStorage.type "minio" }}
- aws_signature_version: 4
- host: {{ regexReplaceAll "http(s{0,1})://(.*):(\\d+)" .Values.addons.gitlab.objectStorage.endpoint "${2}" }}
- regionendpoint: "{{ .Values.addons.gitlab.objectStorage.endpoint }}"
- path_style: true
- {{- end }}
- backups: |-
- [default]
- access_key = {{ .Values.addons.gitlab.objectStorage.accessKey }}
- secret_key = {{ .Values.addons.gitlab.objectStorage.accessSecret }}
- bucket_location = {{ .Values.addons.gitlab.objectStorage.region }}
- host_bucket = %(bucket)s.{{ regexReplaceAll "http(s*)://" .Values.addons.gitlab.objectStorage.endpoint "" }}
-{{- end }}
-
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gitlab/secret-database.yaml b/chart/templates/gitlab/secret-database.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1e51e4923bbc6662f65cbc958079b5a415ea27f7
--- /dev/null
+++ b/chart/templates/gitlab/secret-database.yaml
@@ -0,0 +1,12 @@
+{{- if or .Values.addons.gitlab.enabled .Values.addons.gitlabRunner.enabled }}
+{{- if .Values.addons.gitlab.database.host }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: gitlab-database
+ namespace: gitlab
+type: kubernetes.io/opaque
+stringData:
+ PGPASSWORD: {{ .Values.addons.gitlab.database.password }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gitlab/secret-objectstore.yaml b/chart/templates/gitlab/secret-objectstore.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3b58eabef95fa5d2b5c3a1bfea3f57f09d0bc29b
--- /dev/null
+++ b/chart/templates/gitlab/secret-objectstore.yaml
@@ -0,0 +1,47 @@
+{{- if or .Values.addons.gitlab.enabled .Values.addons.gitlabRunner.enabled }}
+{{- if .Values.addons.gitlab.objectStorage.endpoint }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: gitlab-object-storage
+ namespace: gitlab
+type: kubernetes.io/opaque
+stringData:
+ rails: |-
+ provider: AWS
+ region: {{ .Values.addons.gitlab.objectStorage.region }}
+ aws_access_key_id: {{ .Values.addons.gitlab.objectStorage.accessKey }}
+ aws_secret_access_key: {{ .Values.addons.gitlab.objectStorage.accessSecret }}
+ {{- if eq .Values.addons.gitlab.objectStorage.type "minio" }}
+ aws_signature_version: 4
+ host: {{ regexReplaceAll "http(s{0,1})://(.*):(\\d+)" .Values.addons.gitlab.objectStorage.endpoint "${2}" }}
+ endpoint: "{{ .Values.addons.gitlab.objectStorage.endpoint }}"
+ path_style: true
+ {{- end }}
+ registry: |-
+ s3:
+ {{- if .Values.addons.gitlab.objectStorage.bucketPrefix }}
+ bucket: {{ .Values.addons.gitlab.objectStorage.bucketPrefix }}-gitlab-registry
+ {{- else }}
+ bucket: gitlab-registry
+ {{- end }}
+ accesskey: {{ .Values.addons.gitlab.objectStorage.accessKey }}
+ secretkey: {{ .Values.addons.gitlab.objectStorage.accessSecret }}
+ region: {{ .Values.addons.gitlab.objectStorage.region }}
+ {{- if eq .Values.addons.gitlab.objectStorage.type "s3" }}
+ v4auth: true
+ {{- end }}
+ {{- if eq .Values.addons.gitlab.objectStorage.type "minio" }}
+ aws_signature_version: 4
+ host: {{ regexReplaceAll "http(s{0,1})://(.*):(\\d+)" .Values.addons.gitlab.objectStorage.endpoint "${2}" }}
+ regionendpoint: "{{ .Values.addons.gitlab.objectStorage.endpoint }}"
+ path_style: true
+ {{- end }}
+ backups: |-
+ [default]
+ access_key = {{ .Values.addons.gitlab.objectStorage.accessKey }}
+ secret_key = {{ .Values.addons.gitlab.objectStorage.accessSecret }}
+ bucket_location = {{ .Values.addons.gitlab.objectStorage.region }}
+ host_bucket = %(bucket)s.{{ regexReplaceAll "http(s*)://" .Values.addons.gitlab.objectStorage.endpoint "" }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/gitlab/secret-sso.yaml b/chart/templates/gitlab/secret-sso.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d193123305d0f60aa66c956a2705f469f46137cd
--- /dev/null
+++ b/chart/templates/gitlab/secret-sso.yaml
@@ -0,0 +1,33 @@
+{{- if or .Values.addons.gitlab.enabled .Values.addons.gitlabRunner.enabled }}
+{{- if .Values.addons.gitlab.sso.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: gitlab-sso-provider
+ namespace: gitlab
+type: kubernetes.io/opaque
+stringData:
+ gitlab-sso.json: |-
+ {
+ "name": "openid_connect",
+ "label": "{{ .Values.addons.gitlab.sso.label }}",
+ "args": {
+ "name": "openid_connect",
+ "scope": [
+ "Gitlab"
+ ],
+ "response_type": "code",
+ "issuer": "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}",
+ "client_auth_method": "query",
+ "discovery": true,
+ "uid_field": "preferred_username",
+ "client_options": {
+ "identifier": "{{ .Values.addons.gitlab.sso.client_id | default .Values.sso.client_id }}",
+ "secret": "{{ .Values.addons.gitlab.sso.client_secret | default .Values.sso.client_secret }}",
+ "redirect_uri": "https://{{ .Values.addons.gitlab.hostnames.gitlab }}/users/auth/openid_connect/callback",
+ "end_session_endpoint": "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/openid-connect/logout"
+ }
+ }
+ }
+{{- end }}
+{{- end}}
\ No newline at end of file
diff --git a/chart/templates/istio/controlplane/imagepullsecret-kubesystem.yaml b/chart/templates/istio/controlplane/imagepullsecret-kubesystem.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..20ba0d712d39ba92920b0d1f1dd537706c9ea4b8
--- /dev/null
+++ b/chart/templates/istio/controlplane/imagepullsecret-kubesystem.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.istio.enabled }}
+{{- if and .Values.openshift ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: kube-system
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/istio/controlplane/imagepullsecret.yaml b/chart/templates/istio/controlplane/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..350ef47e68a85a9a2112e763ef7ca06b5e4ef053
--- /dev/null
+++ b/chart/templates/istio/controlplane/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.istio.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: istio-system
+ labels:
+ app.kubernetes.io/name: istio-controlplane
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/istio/controlplane/namespace.yaml b/chart/templates/istio/controlplane/namespace.yaml
index fc17057228e53a6cc465997fb2512212bfb8c408..229adcef72bff6f6892f496ab1275283ca2b78ce 100644
--- a/chart/templates/istio/controlplane/namespace.yaml
+++ b/chart/templates/istio/controlplane/namespace.yaml
@@ -7,46 +7,4 @@ metadata:
app.kubernetes.io/name: istio-controlplane
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
-{{- if ( include "imagePullSecret" . ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: istio-system
- labels:
- app.kubernetes.io/name: istio-controlplane
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- if .Values.openshift }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: kube-system
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
-{{- end }}
----
-{{- if and .Values.istio.ingress.key .Values.istio.ingress.cert }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: wildcard-cert
- namespace: istio-system
- labels:
- app.kubernetes.io/name: istio-controlplane
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/tls
-data:
- tls.crt: {{ .Values.istio.ingress.cert | b64enc }}
- tls.key: {{ .Values.istio.ingress.key | b64enc}}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/istio/controlplane/secret-tls.yaml b/chart/templates/istio/controlplane/secret-tls.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a47b7ad67f774f334fa87297229a37a14c1b79ea
--- /dev/null
+++ b/chart/templates/istio/controlplane/secret-tls.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.istio.enabled (and .Values.istio.ingress.key .Values.istio.ingress.cert ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: wildcard-cert
+ namespace: istio-system
+ labels:
+ app.kubernetes.io/name: istio-controlplane
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/tls
+data:
+ tls.crt: {{ .Values.istio.ingress.cert | b64enc }}
+ tls.key: {{ .Values.istio.ingress.key | b64enc}}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/istio/controlplane/values.yaml b/chart/templates/istio/controlplane/values.yaml
index a35424be161c9c3c8eed70de4972d2e22b988557..0253096611ec0354e870afb82c2176e3e8fdb1bf 100644
--- a/chart/templates/istio/controlplane/values.yaml
+++ b/chart/templates/istio/controlplane/values.yaml
@@ -12,5 +12,4 @@ imagePullSecrets:
- private-registry
openshift: {{ .Values.openshift }}
-
{{- end -}}
diff --git a/chart/templates/istio/operator/imagepullsecret.yaml b/chart/templates/istio/operator/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..619750b5df0052935e96d00080650b5be1a5f3af
--- /dev/null
+++ b/chart/templates/istio/operator/imagepullsecret.yaml
@@ -0,0 +1,14 @@
+{{- if and .Values.istiooperator.enabled ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: istio-operator
+ labels:
+ app.kubernetes.io/name: istio-operator
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/istio/operator/namespace.yaml b/chart/templates/istio/operator/namespace.yaml
index 2064232396b13ef3b719981470587f4e8bfbc88d..de908194a56238eed72e9ef1432607c50ca87cb2 100644
--- a/chart/templates/istio/operator/namespace.yaml
+++ b/chart/templates/istio/operator/namespace.yaml
@@ -9,19 +9,4 @@ metadata:
app.kubernetes.io/name: istio-operator
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
-{{- if ( include "imagePullSecret" . ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: istio-operator
- labels:
- app.kubernetes.io/name: istio-operator
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/logging/eck-operator/imagepullsecret.yaml b/chart/templates/logging/eck-operator/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9576662b2e70bef0990e7801c7607abb959731e0
--- /dev/null
+++ b/chart/templates/logging/eck-operator/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if or .Values.eckoperator.enabled .Values.logging.enabled .Values.clusterAuditor.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: eck-operator
+ labels:
+ app.kubernetes.io/name: eck-operator
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/logging/eck-operator/namespace.yaml b/chart/templates/logging/eck-operator/namespace.yaml
index 3ee547f99c9d990d10028ddb2d0cb9cd29f0c0aa..a048f86180367f2f55927b4166786373bcc7ef7c 100644
--- a/chart/templates/logging/eck-operator/namespace.yaml
+++ b/chart/templates/logging/eck-operator/namespace.yaml
@@ -7,19 +7,4 @@ metadata:
app.kubernetes.io/name: eck-operator
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: eck-operator
- labels:
- app.kubernetes.io/name: eck-operator
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/logging/elasticsearch-kibana/imagepullsecret.yaml b/chart/templates/logging/elasticsearch-kibana/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..cd2629e8cb0b5f6eefb06a119f360c1ce0b362b7
--- /dev/null
+++ b/chart/templates/logging/elasticsearch-kibana/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if or .Values.logging.enabled .Values.clusterAuditor.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: logging
+ labels:
+ app.kubernetes.io/name: logging
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/logging/elasticsearch-kibana/namespace.yaml b/chart/templates/logging/elasticsearch-kibana/namespace.yaml
index d7d8fd036059540e2a3d268336ba064e25955557..217eaa43dfba201c991636b52a18013923fefc7b 100644
--- a/chart/templates/logging/elasticsearch-kibana/namespace.yaml
+++ b/chart/templates/logging/elasticsearch-kibana/namespace.yaml
@@ -18,19 +18,4 @@ metadata:
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
istio-injection: {{ $istioInjection }}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: logging
- labels:
- app.kubernetes.io/name: logging
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/mattermost/mattermost/imagepullsecret.yaml b/chart/templates/mattermost/mattermost/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..07f038f47419869f29f5ad7e8942844f3713eb69
--- /dev/null
+++ b/chart/templates/mattermost/mattermost/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.addons.mattermost.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: mattermost
+ labels:
+ app.kubernetes.io/name: mattermost
+ app.kubernetes.io/component: "collaboration-tools"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/mattermost/mattermost/namespace.yaml b/chart/templates/mattermost/mattermost/namespace.yaml
index a52632cc6eb87ba15e29764699a1c55d0e404edf..dc8e75f2bbc63d92e96c2ffa99e36d9523d07bc7 100644
--- a/chart/templates/mattermost/mattermost/namespace.yaml
+++ b/chart/templates/mattermost/mattermost/namespace.yaml
@@ -8,60 +8,4 @@ metadata:
app.kubernetes.io/component: "collaboration-tools"
{{- include "commonLabels" . | nindent 4}}
name: mattermost
-
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: mattermost
- labels:
- app.kubernetes.io/name: mattermost
- app.kubernetes.io/component: "collaboration-tools"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
-
----
-{{- with .Values.addons.mattermost.database }}
-{{- if and .username .password .host .port .database }}
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- name: mattermost-database-secret
- namespace: mattermost
- labels:
- app.kubernetes.io/name: mattermost
- app.kubernetes.io/component: "collaboration-tools"
- {{- include "commonLabels" $ | nindent 4}}
-stringData:
- DB_CONNECTION_CHECK_URL: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
- DB_CONNECTION_STRING: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
-{{- end }}
-{{- end }}
-
----
-{{- with .Values.addons.mattermost.objectStorage }}
-{{- if and .endpoint .accessKey .accessSecret .bucket }}
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- name: "mattermost-objectstorage-secret"
- namespace: mattermost
- labels:
- app.kubernetes.io/name: mattermost
- app.kubernetes.io/component: "collaboration-tools"
- {{- include "commonLabels" $ | nindent 4}}
-data:
- accesskey: {{ .accessKey | b64enc }}
- secretkey: {{ .accessSecret | b64enc }}
-{{- end }}
-{{- end }}
-
----
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/mattermost/mattermost/secret-database.yaml b/chart/templates/mattermost/mattermost/secret-database.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3f8f1afa739cba17f4c983bfaf47e17a5d57992d
--- /dev/null
+++ b/chart/templates/mattermost/mattermost/secret-database.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.addons.mattermost.enabled }}
+{{- with .Values.addons.mattermost.database }}
+{{- if and .username .password .host .port .database }}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: mattermost-database-secret
+ namespace: mattermost
+ labels:
+ app.kubernetes.io/name: mattermost
+ app.kubernetes.io/component: "collaboration-tools"
+ {{- include "commonLabels" $ | nindent 4}}
+stringData:
+ DB_CONNECTION_CHECK_URL: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
+ DB_CONNECTION_STRING: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/mattermost/mattermost/secret-objectstore.yaml b/chart/templates/mattermost/mattermost/secret-objectstore.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..4ad85f2255a4ef78e543108f9fbe1952f120735a
--- /dev/null
+++ b/chart/templates/mattermost/mattermost/secret-objectstore.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.addons.mattermost.enabled }}
+{{- with .Values.addons.mattermost.objectStorage }}
+{{- if and .endpoint .accessKey .accessSecret .bucket }}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: "mattermost-objectstorage-secret"
+ namespace: mattermost
+ labels:
+ app.kubernetes.io/name: mattermost
+ app.kubernetes.io/component: "collaboration-tools"
+ {{- include "commonLabels" $ | nindent 4}}
+data:
+ accesskey: {{ .accessKey | b64enc }}
+ secretkey: {{ .accessSecret | b64enc }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/mattermost/operator/imagepullsecret.yaml b/chart/templates/mattermost/operator/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3e94f0272ef2b9ca0fe0a4d0569e9fa585a9f601
--- /dev/null
+++ b/chart/templates/mattermost/operator/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if or .Values.addons.mattermostoperator.enabled .Values.addons.mattermost.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: mattermost-operator
+ labels:
+ app.kubernetes.io/name: mattermost-operator
+ app.kubernetes.io/component: "collaboration-tools"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/mattermost/operator/namespace.yaml b/chart/templates/mattermost/operator/namespace.yaml
index 44e30e4cbe85d1d908c70c8e779249e78ae7385c..4707ae7bf31d83e75955d05c22ff7a93dd29af40 100644
--- a/chart/templates/mattermost/operator/namespace.yaml
+++ b/chart/templates/mattermost/operator/namespace.yaml
@@ -8,19 +8,4 @@ metadata:
app.kubernetes.io/name: mattermost-operator
app.kubernetes.io/component: "collaboration-tools"
{{- include "commonLabels" . | nindent 4}}
-{{- if ( include "imagePullSecret" . ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: mattermost-operator
- labels:
- app.kubernetes.io/name: mattermost-operator
- app.kubernetes.io/component: "collaboration-tools"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
diff --git a/chart/templates/minio/minio-operator/imagepullsecret.yaml b/chart/templates/minio/minio-operator/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3e94f0272ef2b9ca0fe0a4d0569e9fa585a9f601
--- /dev/null
+++ b/chart/templates/minio/minio-operator/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if or .Values.addons.mattermostoperator.enabled .Values.addons.mattermost.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: mattermost-operator
+ labels:
+ app.kubernetes.io/name: mattermost-operator
+ app.kubernetes.io/component: "collaboration-tools"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/minio/minio/imagepullsecret.yaml b/chart/templates/minio/minio/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..f88a8d4b74b926d994525cc1a6f5e91a4cb3c0cc
--- /dev/null
+++ b/chart/templates/minio/minio/imagepullsecret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.addons.minio.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: minio
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/minio/minio/namespace.yaml b/chart/templates/minio/minio/namespace.yaml
index fc1c96bd6123e1ae964b235ef79043a24d011e97..4d2e2ddbdac5e1e54de633029e6b9325320e6844 100644
--- a/chart/templates/minio/minio/namespace.yaml
+++ b/chart/templates/minio/minio/namespace.yaml
@@ -8,26 +8,4 @@ metadata:
app.kubernetes.io/name: minio
app.kubernetes.io/component: "application-utilities"
{{- include "commonLabels" . | nindent 4}}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: minio
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
----
-# probably want to get rid of this eventually
-apiVersion: v1
-kind: Secret
-metadata:
- name: minio-root-creds-secret
- namespace: minio
-type: Opaque
-data:
- accesskey: {{ .Values.addons.minio.accesskey | default "minio" | b64enc }}
- secretkey: {{ .Values.addons.minio.secretkey | default "minio123" | b64enc }}
{{- end }}
diff --git a/chart/templates/minio/minio/secret.yaml b/chart/templates/minio/minio/secret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..059f199372b3b4fc6453e9161f9163c017bd94d0
--- /dev/null
+++ b/chart/templates/minio/minio/secret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.addons.minio.enabled }}
+# probably want to get rid of this eventually
+apiVersion: v1
+kind: Secret
+metadata:
+ name: minio-root-creds-secret
+ namespace: minio
+type: Opaque
+data:
+ accesskey: {{ .Values.addons.minio.accesskey | default "minio" | b64enc }}
+ secretkey: {{ .Values.addons.minio.secretkey | default "minio123" | b64enc }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/monitoring/imagepullsecret.yaml b/chart/templates/monitoring/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1d65260b441435474bb9473e12045cf34bd66b25
--- /dev/null
+++ b/chart/templates/monitoring/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.monitoring.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: monitoring
+ labels:
+ app.kubernetes.io/name: monitoring
+ app.kubernetes.io/component: "core"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/monitoring/namespace.yaml b/chart/templates/monitoring/namespace.yaml
index e4a13b500c9e1cfb5c99753e5ed350d9bc93d24b..4b0d611768fb9de1e9986e3b2abe775ef2f25226 100644
--- a/chart/templates/monitoring/namespace.yaml
+++ b/chart/templates/monitoring/namespace.yaml
@@ -7,19 +7,4 @@ metadata:
app.kubernetes.io/name: monitoring
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: monitoring
- labels:
- app.kubernetes.io/name: monitoring
- app.kubernetes.io/component: "core"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/sonarqube/imagepullsecret.yaml b/chart/templates/sonarqube/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6732ac547442a41bcead6a842b09925c42b4faa3
--- /dev/null
+++ b/chart/templates/sonarqube/imagepullsecret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.addons.sonarqube.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: sonarqube
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/sonarqube/namespace.yaml b/chart/templates/sonarqube/namespace.yaml
index 97c0f54f812e3a7253e333b1084d07968a2143bb..fec7516c082b3bda14882bbdc6a30158af4bdacd 100644
--- a/chart/templates/sonarqube/namespace.yaml
+++ b/chart/templates/sonarqube/namespace.yaml
@@ -3,27 +3,4 @@ apiVersion: v1
kind: Namespace
metadata:
name: sonarqube
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: sonarqube
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
----
-# create database secret
-{{- if and .Values.addons.sonarqube.database.host .Values.addons.sonarqube.database.username .Values.addons.sonarqube.database.password .Values.addons.sonarqube.database.database .Values.addons.sonarqube.database.port }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: sonarqube-db-secret
- namespace: sonarqube
-type: kubernetes.io/opaque
-stringData:
- postgresql-password: {{ .Values.addons.sonarqube.database.password }}
-{{- end }}
{{- end }}
diff --git a/chart/templates/sonarqube/secret-database.yaml b/chart/templates/sonarqube/secret-database.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d05cf2b0e737b260bc7f405eb7f98988abd2ff8e
--- /dev/null
+++ b/chart/templates/sonarqube/secret-database.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.addons.sonarqube.enabled }}
+# create database secret
+{{- if and .Values.addons.sonarqube.database.host .Values.addons.sonarqube.database.username .Values.addons.sonarqube.database.password .Values.addons.sonarqube.database.database .Values.addons.sonarqube.database.port }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: sonarqube-db-secret
+ namespace: sonarqube
+type: kubernetes.io/opaque
+stringData:
+ postgresql-password: {{ .Values.addons.sonarqube.database.password }}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/twistlock/imagepullsecret.yaml b/chart/templates/twistlock/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a35f89bb8593b708d05d0ae91ab1e43fda20738a
--- /dev/null
+++ b/chart/templates/twistlock/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.twistlock.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: twistlock
+ labels:
+ app.kubernetes.io/name: twistlock
+ app.kubernetes.io/component: "security"
+ {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/twistlock/namespace.yaml b/chart/templates/twistlock/namespace.yaml
index ea488c39ca474ed02a9aa65888a7c23f126dc5d6..9b17da13fc86728b8b06040283c2179666de77b1 100644
--- a/chart/templates/twistlock/namespace.yaml
+++ b/chart/templates/twistlock/namespace.yaml
@@ -7,19 +7,4 @@ metadata:
app.kubernetes.io/name: twistlock
app.kubernetes.io/component: "security"
{{- include "commonLabels" . | nindent 4}}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: twistlock
- labels:
- app.kubernetes.io/name: twistlock
- app.kubernetes.io/component: "security"
- {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/chart/templates/velero/imagepullsecret.yaml b/chart/templates/velero/imagepullsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..ecf9e14bafa11517e6e8dd596a9f7d34bfa23ffc
--- /dev/null
+++ b/chart/templates/velero/imagepullsecret.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.addons.velero.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: velero
+ labels:
+ app.kubernetes.io/name: velero
+ app.kubernetes.io/component: "cluster-utilities"
+ {{- include "commonLabels" . | nindent 4 }}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/velero/namespace.yaml b/chart/templates/velero/namespace.yaml
index def8e437e63c0b7454b7bcf1f59891cd7df5d9de..bda84e6290dbf2abe18609164dd918bb4b06135f 100644
--- a/chart/templates/velero/namespace.yaml
+++ b/chart/templates/velero/namespace.yaml
@@ -10,20 +10,4 @@ metadata:
{{- if .Values.istio.enabled }}
istio-injection: enabled
{{- end }}
-
-{{- if ( include "imagePullSecret" . ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: private-registry
- namespace: velero
- labels:
- app.kubernetes.io/name: velero
- app.kubernetes.io/component: "cluster-utilities"
- {{- include "commonLabels" . | nindent 4 }}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
{{- end }}