#!/usr/bin/env bash set -euo pipefail TARGET_HOST="${TARGET_HOST:-mevnode}" TARGET_NAMESPACE="${TARGET_NAMESPACE:-trade-r001-canary}" REGISTRY_HOST="${REGISTRY_HOST:-gitea.mpabi.pl}" REGISTRY_USER="${REGISTRY_USER:-u1}" REGISTRY_TOKEN_FILE="${REGISTRY_TOKEN_FILE:-/home/user/dev/trade/tokens/gitea-registry.token}" ssh_target() { ssh -o StrictHostKeyChecking=no "$TARGET_HOST" "$@" } REGISTRY_TOKEN="$(tr -d '\r\n' < "$REGISTRY_TOKEN_FILE")" if [ -z "$REGISTRY_TOKEN" ]; then echo "Registry token is empty" >&2 exit 1 fi ssh_target "sudo k3s kubectl get ns ${TARGET_NAMESPACE} >/dev/null 2>&1 || sudo k3s kubectl create ns ${TARGET_NAMESPACE} >/dev/null" ssh_target "sudo k3s kubectl -n ${TARGET_NAMESPACE} create secret docker-registry gitea-registry --docker-server=${REGISTRY_HOST} --docker-username=${REGISTRY_USER} --docker-password='${REGISTRY_TOKEN}' --dry-run=client -o yaml | sudo k3s kubectl apply -f - >/dev/null" echo "Updated imagePullSecret gitea-registry in ${TARGET_NAMESPACE} on ${TARGET_HOST}"