FEAT(zot): add Zot container registry

- ARM64 image (ghcr.io/project-zot/zot-linux-arm64:v2.1.13)
- htpasswd authentication via Vault ExternalSecret
- Ingress at zot0213.kro.kr with Let's Encrypt TLS
- local-path storage (50Gi)
- Prometheus metrics enabled

zot/manifests/secret.yaml

@@ -0,0 +1,18 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: zot-htpasswd-secret
+  namespace: zot
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault-backend
+  target:
+    name: zot-htpasswd
+    creationPolicy: Owner
+  data:
+  - secretKey: htpasswd
+    remoteRef:
+      key: zot
+      property: HTPASSWD