@@ -169,3 +169,27 @@ Under Settings → Repository → Default Branch, ensure that main is selected.
1. After the merge create a git tag following the charter convention of {UpstreamChartVersion}-bb.{BigBangVersion}. The tag should exactly match the chart version in the Chart.yaml.
example: 1.2.3-bb.0
### Private registry secret creation
In some instances you may wish to manually create a private-registry secret in the namespace or during a helm deployment. There are a couple of ways to do this:
1. The first way is to add the secret manually using kubectl. This method is useful for standalone package testing/development.
2. The second is to create a yaml file containing the secret and apply it during a helm install. This method is applicable when installing your new package as part of the Big Bang chart. In this example the file name is "reg-creds.yaml":
Create the file with the secret contents:
```yaml
registryCredentials:
registry:registry1.dso.mil
username:""
password:""
email:""
```
Then include a reference to your file during your helm install command by adding the below `-f` to your Big Bang install command:
**_Optionally_** you can set your image pull secret on the cluster so that you don't have to put your credentials in the code or in the command line in later steps
```shell
# Create the directory for the k3s registry config.
mkdir ~/.k3d/
# Define variables
YOURUSERNAME="<user_name>"
YOURCLISECRET="<CLI secret>"
EC2_PUBLIC_IP=$( curl https://ipinfo.io/ip )
# Create the config file using your registry1 credentials.
-`--k3s-server-arg "--tls-san=<your public ec2 ip>"` This adds the public IP to the kubeapi certificate so that you can access it remotely.
-`--port 80:80@loadbalancer` Exposes the cluster on the host on port 80
-`--port 443:443@loadbalancer` Exposes the cluster on the host on port 443
-`--volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml` volume mount image pull secret config for k3d cluster.
-`--volume /etc/machine-id:/etc/machine-id` volume mount so k3d nodes have a file at /etc/machine-id for fluentbit DaemonSet.
-`--api-port 6443` port that your k8s api will use. 6443 is the standard default port for k8s api
### Step 3
Test the cluster from your local workstation. Copy the contents of the k3d kubeconfig from the EC2 instance to your local workstation. Do it manually with copy and paste.
# exit ssh and then reconnect so you can use docker as non-root
```
### Setting an imagePullSecret on the cluster with k3d
**_This methodology is not recommended_**
It is possible to set your image pull secret on the cluster so that you don't have to put your credentials in the code or in the command line in later steps
```shell
# Create the directory for the k3s registry config.
mkdir ~/.k3d/
# Define variables
YOURUSERNAME="<user_name>"
YOURCLISECRET="<CLI secret>"
EC2_PUBLIC_IP=$( curl https://ipinfo.io/ip )
# Create the config file using your registry1 credentials.
