{{- if index .Values "docker-registry-ui" "enabled" }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: {{ index .Values "docker-registry-ui" "registry" "dataVolume" "persistentVolumeClaim" "claimName" }}
  namespace: {{ .Release.Namespace }}
  annotations:
    helm.sh/resource-policy: keep
spec:
  accessModes:
    - {{ index .Values "docker-registry-ui" "registry" "persistence" "accessMode" }}
  resources:
    requests:
      storage: {{ index .Values "docker-registry-ui" "registry" "persistence" "storage" }}
  storageClassName: {{ index .Values "docker-registry-ui" "registry" "persistence" "storageClassName" }}
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: registry-ingress
  namespace: {{ .Release.Namespace }}
spec:
  entryPoints:
  - web
  routes:
  - kind: Rule
    match: Host(`{{ .Values.registryHost }}`)
    priority: 5
    services:
    - kind: Service
      name:  {{ .Values.env }}-docker-registry-ui-registry-server
      namespace: {{ .Release.Namespace }}
      port: 5000
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: registry-ingress-ui
  namespace: {{ .Release.Namespace }}
spec:
  entryPoints:
  - web
  routes:
  - kind: Rule
    match: Host(`{{ .Values.registryHost }}`) && PathPrefix(`/ui`)
    priority: 10
    services:
    - kind: Service
      name:  {{ .Values.env }}-docker-registry-ui-user-interface
      namespace: {{ .Release.Namespace }}
      port: 80
    middlewares:
      - name: strip-ui-prefix

---
apiVersion:  traefik.io/v1alpha1
kind: Middleware
metadata:
  name: strip-ui-prefix
  namespace: {{ .Release.Namespace }}
spec:
  stripPrefix:
    prefixes:
      - "/ui"
---
#for htpasswd:
#htpasswd -nbB opencloud_registry Cei9phee | tr -d '\n' | base64 -w 0 
#for password in dockerconfigjson: 
#echo "opencloud_registry:Cei9phee" | tr -d '\n' | base64 -w 0 
apiVersion: v1
kind: Secret
metadata:
  name: registry-basic-auth-secret #To configure docker server authentication
  namespace: {{ .Release.Namespace }}
data:
  htpasswd: b3BlbmNsb3VkX3JlZ2lzdHJ5OiQyeSQwNSQ0cjFtV0h0Q3IzTmNPLjhqZjV2TkNPdkUvcFBkTDBmd1NFMkJ6bnI2azlmLjZhaVRHLzE1cQ==
---
apiVersion: v1
kind: Secret
type: kubernetes.io/dockerconfigjson
metadata:
  name: {{ index .Values "docker-registry-ui" "registry" "secretName" }} #To configure docker client authentication against the server
  namespace: {{ .Release.Namespace }}
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJCSJyZWdpc3RyeS12YWFzLnBmLmlydC1zYWludGV4dXBlcnkuY29tIjogewoJCQkiYXV0aCI6ICJkbUZoYzE5eVpXZHBjM1J5ZVRva01ua2tNRFVrYjJFeFRFaERjVGw2TWs1WE55NVJjMlZFYVZjMFpUQjVSSGxsTDIxTFp5NUxValJPYkVGR1pqTlpkbnBaZW0weVdFRXlNaTQ9IgoJCX0KCX0KfQ==
{{- end }}