-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding how-to guide for tf private registry for recipes
Signed-off-by: jasonviviano <[email protected]>
- Loading branch information
1 parent
5733603
commit 41707f5
Showing
2 changed files
with
110 additions
and
0 deletions.
There are no files selected for viewing
58 changes: 58 additions & 0 deletions
58
docs/content/guides/recipes/Terraform/howto-private-registry/index.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
--- | ||
type: docs | ||
title: "How-To: Setup a private registry for your Terraform Radius Recipes" | ||
linkTitle: "Setup a private registry" | ||
description: "Learn how to configure your Radius Environment to leverage your private registry as storage for your custom Recipe templates" | ||
weight: 500 | ||
categories: "How-To" | ||
tags: ["recipes", "terraform"] | ||
--- | ||
|
||
This how-to guide will provide an overview of how to: | ||
|
||
- Configure a Radius Environment that leverages a [Radius secret store]({{< ref secretstore >}}) to register a [private Git registry](https://developer.hashicorp.com/terraform/registry/private) for your Recipe templates. | ||
|
||
### Prerequisites | ||
|
||
Before you get started, you'll need to make sure you have the following tools and resources: | ||
|
||
- [rad CLI]({{< ref "installation#step-1-install-the-rad-cli" >}}) | ||
- [Radius Bicep VSCode extension]({{< ref "installation#step-2-install-the-vs-code-extension" >}}) | ||
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) | ||
|
||
### Step 1: Define a secret store resource | ||
|
||
Radius provides support for defining Kubernetes Secrets as Bicep resources, through the Radius Secret Store. Users have the option to both leverage an existing Kubernetes Secret or define a new Kubernetes Secret in the resource, see the [Radius Secret Store schema]({{< ref secretstore >}}) for more information. | ||
|
||
Create a Bicep file `env.bicep` and define your resource: | ||
|
||
{{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} | ||
|
||
## Step 2: Define your Radius Recipe configurations | ||
|
||
Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. Define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information. | ||
|
||
{{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} | ||
|
||
## Step 3: Deploy your Radius Environment | ||
|
||
Deploy your new Radius Environment: | ||
|
||
``` | ||
rad deploy env.bicep | ||
``` | ||
|
||
## Cleanup | ||
|
||
You can delete a Radius Environment by running the following command: | ||
|
||
``` | ||
rad env delete prod | ||
``` | ||
|
||
## Further reading | ||
|
||
- [Recipes overview]({{< ref "/guides/recipes/overview" >}}) | ||
- [Radius Environments]({{< ref "/guides/deploy-apps/environments/overview" >}}) | ||
- [`rad recipe CLI reference`]({{< ref rad_recipe >}}) | ||
- [`rad env CLI reference`]({{< ref rad_env >}}) |
52 changes: 52 additions & 0 deletions
52
docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
import radius as radius | ||
|
||
//ENV | ||
resource env 'Applications.Core/environments@2023-10-01-preview' = { | ||
name: 'prod' | ||
properties: { | ||
compute: { | ||
kind: 'kubernetes' | ||
resourceId: 'self' | ||
namespace: 'default' | ||
} | ||
recipeConfig: { | ||
terraform: { | ||
authentication:{ | ||
git:{ | ||
'my-access-token':{ | ||
'github.com':{ | ||
secret: secretStoreGithub.id | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
recipes: { | ||
'Applications.Datastores/mongoDatabases':{ | ||
default: { | ||
templateKind: 'terraform' | ||
templatePath: 'https://dev.azure.com/test-private-repo' | ||
} | ||
} | ||
} | ||
} | ||
} | ||
//ENV | ||
|
||
//SECRETSTORE | ||
resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { | ||
name: 'github' | ||
properties:{ | ||
type: 'generic' | ||
data: { | ||
'my-access-token': { | ||
value: '<personal-access-token>' | ||
} | ||
'my-username': { | ||
value: '<username>' | ||
} | ||
} | ||
} | ||
} | ||
//SECRETSTORE |