diff --git a/rshiny/Chart.yaml b/rshiny/Chart.yaml
index 457f604dfc4c584e0a0df54bfa7306a71621892e..72b50aedbfa623602e98777680e2b9189e20d28d 100644
--- a/rshiny/Chart.yaml
+++ b/rshiny/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.2
+version: 0.3.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/rshiny/templates/_secretHelper.tpl b/rshiny/templates/_secretHelper.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..304adbb2d1d53d9ca883e16517fe73e45445318a
--- /dev/null
+++ b/rshiny/templates/_secretHelper.tpl
@@ -0,0 +1,7 @@
+{{- define "imagePullSecret" }}
+{{- if and .Values.registry .Values.registry.password .Values.registry.username .Values.registry.host }}
+{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.registry.host (printf "%s:%s" .Values.registry.username .Values.registry.password | b64enc) | b64enc }}
+{{- else }}
+{{- required "When registry is private, you need to specify .Values.registry.password .Values.registry.username .Values.registry.host, see documetation for more." "" }}
+{{- end }}
+{{- end }}
diff --git a/rshiny/templates/deployment.yaml b/rshiny/templates/deployment.yaml
index 143811e07cfd1496d54810433c4e5e992bcd634e..06dc656eb919c3b4e836dc942b0190a678ec146e 100644
--- a/rshiny/templates/deployment.yaml
+++ b/rshiny/templates/deployment.yaml
@@ -22,8 +22,10 @@ spec:
       labels:
         {{- include "chart.selectorLabels" . | nindent 8 }}
     spec:
+      {{- if .Values.registry.private }}
       imagePullSecrets:
-      - name: registry-gitlab
+      - name: {{ include "chart.fullname" . }}
+      {{- end }}
       containers:
         - name: rshiny-pod
           image: {{ .Values.imageFullNameAndTag }}
diff --git a/rshiny/templates/image-pull-secret.yaml b/rshiny/templates/image-pull-secret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b7b070f9fd35a2961b182d547c290f38c52a1481
--- /dev/null
+++ b/rshiny/templates/image-pull-secret.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.registry.private }}
+# When creating a pod based on an image that resides in a private Docker registry (a secure registry protected by basic authentication),
+# one must specify an imagePullSecrets as part of the pod's spec.
+# (see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret)
+
+# This resource creates a docker registry pull secret that's based on values provided in values.yaml (it relies on a template defined in _secretHelper.tpl). The secret must be deployed to
+# the same namespace in which the pod will be created.
+apiVersion: v1
+kind: Secret
+metadata:
+  name : {{ include "chart.fullname" . }}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
diff --git a/rshiny/values.yaml b/rshiny/values.yaml
index ad36c52e9ca56e6f85680c69348d0d83c4b73e03..8a41b68aadb96da3081d3070a9188a2b31610a1a 100644
--- a/rshiny/values.yaml
+++ b/rshiny/values.yaml
@@ -29,3 +29,7 @@ ingress:
     nginx.ingress.kubernetes.io/affinity: cookie
     nginx.ingress.kubernetes.io/proxy-body-size: 256m
   hostname: ""
+
+
+registry:
+  private: false