chore: Add docker registry creds (#10)

* Update * Healhcheck
fluencelabs · Nov 12, 2024 · a972bc7 · a972bc7
1 parent 6ddddbe
commit a972bc7
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 15 deletions.
diff --git a/terraform/controlplane.tf b/terraform/controlplane.tf
@@ -76,6 +76,7 @@ data "talos_machine_configuration" "cp" {
       dotoken         = base64encode(data.vault_generic_secret.spectrum.data.token)
       domain          = "${local.prefix}.fluence.dev"
       prefix          = local.prefix
+      docker = base64encode(local.docker_config_json)
     })
   ]
 }
@@ -140,18 +141,18 @@ resource "talos_cluster_kubeconfig" "this" {
 #  endpoints            = data.talos_client_configuration.this.endpoints
 #}
 
-#data "http" "talos_health" {
-#  for_each = toset([
-#    "cp-0.${local.prefix}.fluence.dev",
-#    "cp-1.${local.prefix}.fluence.dev",
-#    "cp-2.${local.prefix}.fluence.dev",
-#  ])
-#  url      = "https://${each.key}:6443/version"
-#  insecure = true
-#  retry {
-#    attempts     = 60
-#    min_delay_ms = 5000
-#    max_delay_ms = 5000
-#  }
-#  depends_on = [talos_machine_bootstrap.this]
-#}
+data "http" "talos_health" {
+  for_each = toset([
+    "cp-0.${local.prefix}.fluence.dev",
+    "cp-1.${local.prefix}.fluence.dev",
+    "cp-2.${local.prefix}.fluence.dev",
+  ])
+  url      = "https://${each.key}:6443/version"
+  insecure = true
+  retry {
+    attempts     = 60
+    min_delay_ms = 5000
+    max_delay_ms = 5000
+  }
+  depends_on = [talos_machine_bootstrap.this]
+}
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -1,6 +1,15 @@
 locals {
   prefix           = "rnd-${terraform.workspace}"
   loadbalancer_dns = "kube.${local.prefix}.fluence.dev"
+
+  docker_config_json = jsonencode({
+    auths = {
+      "docker.fluence.dev" = {
+        username = data.vault_generic_secret.docker.data.username
+        password = data.vault_generic_secret.docker.data.password
+      }
+    }
+  })
 }
 
 resource "tls_private_key" "spectrum" {
@@ -19,3 +28,7 @@ data "digitalocean_image" "talos" {
 data "vault_generic_secret" "spectrum" {
   path = "kv/digitalocean/spectrum"
 }
+
+data "vault_generic_secret" "docker" {
+  path = "kv/docker-registry/basicauth/ci"
+}
diff --git a/terraform/templates/controlplane_patch.yml b/terraform/templates/controlplane_patch.yml
@@ -185,3 +185,12 @@ cluster:
         type: Opaque
         data:
           token: ${dotoken}
+        ---
+        apiVersion: v1
+        kind: Secret
+        metadata:
+          name: docker-auth
+          namespace: default
+        type: kubernetes.io/dockerconfigjson
+        data:
+          .dockerconfigjson: ${docker}