Switch to mittwald's secret generator

deployment.yaml

@@ -34,6 +34,11 @@
           env:
             - name: PGDATA
               value: /var/lib/postgresql/data/pgdata
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: gitea-secrets
+                  key: pg_username
             - name: POSTGRES_PASSWORD
               valueFrom:
                 secretKeyRef:

kustomization.yaml

@@ -1,18 +1,19 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: gitea
-secretGenerator:
+# secretGenerator:
-- literals:
+# - literals:
-  - pg_password=some1pass5here9
+#   - pg_password=some1pass5here9
-  name: gitea-secrets
+#   name: gitea-secrets
-generatorOptions:
+# generatorOptions:
-  disableNameSuffixHash: true
+#   disableNameSuffixHash: true
-  labels:
+#   labels:
-    type: generated
+#     type: generated
 resources:
 - namespace.yaml
+- secrets.yaml
 - storage.yaml
 - configuration.yaml
-- deployment.yaml
+# - deployment.yaml
-- service.yaml
+# - service.yaml
-- ingress.yaml
+# - ingress.yaml

secrets.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: gitea-secrets
+  namespace: gitea
+  annotations:
+    secret-generator.v1.mittwald.de/autogenerate: pg_password
+data:
+  pg_username: cG9zdGdyZXM=