From 41707f5276728b88121754adf6ab8ed39c6cf3ae Mon Sep 17 00:00:00 2001
From: jasonviviano <83607984+jasonviviano@users.noreply.github.com>
Date: Thu, 29 Feb 2024 20:14:05 +0000
Subject: [PATCH] Adding how-to guide for tf private registry for recipes

Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com>
---
 .../Terraform/howto-private-registry/index.md | 58 +++++++++++++++++++
 .../howto-private-registry/snippets/env.bicep | 52 +++++++++++++++++
 2 files changed, 110 insertions(+)
 create mode 100644 docs/content/guides/recipes/Terraform/howto-private-registry/index.md
 create mode 100644 docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep

diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md
new file mode 100644
index 000000000..6af857568
--- /dev/null
+++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md
@@ -0,0 +1,58 @@
+---
+type: docs
+title: "How-To: Setup a private registry for your Terraform Radius Recipes"
+linkTitle: "Setup a private registry"
+description: "Learn how to configure your Radius Environment to leverage your private registry as storage for your custom Recipe templates"
+weight: 500
+categories: "How-To"
+tags: ["recipes", "terraform"]
+---
+
+This how-to guide will provide an overview of how to:
+
+- Configure a Radius Environment that leverages a [Radius secret store]({{< ref secretstore >}}) to register a [private Git registry](https://developer.hashicorp.com/terraform/registry/private) for your Recipe templates.
+
+### Prerequisites
+
+Before you get started, you'll need to make sure you have the following tools and resources:
+
+- [rad CLI]({{< ref "installation#step-1-install-the-rad-cli" >}})
+- [Radius Bicep VSCode extension]({{< ref "installation#step-2-install-the-vs-code-extension" >}})
+- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
+
+### Step 1: Define a secret store resource
+
+Radius provides support for defining Kubernetes Secrets as Bicep resources, through the Radius Secret Store. Users have the option to both leverage an existing Kubernetes Secret or define a new Kubernetes Secret in the resource, see the [Radius Secret Store schema]({{< ref secretstore >}}) for more information.
+
+Create a Bicep file `env.bicep` and define your resource:
+
+{{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}}
+
+## Step 2: Define your Radius Recipe configurations
+
+Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. Define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information.
+
+{{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}}
+
+## Step 3: Deploy your Radius Environment
+
+Deploy your new Radius Environment:
+
+```
+rad deploy env.bicep
+```
+
+## Cleanup
+
+You can delete a Radius Environment by running the following command:
+
+```
+rad env delete prod
+```
+
+## Further reading
+
+- [Recipes overview]({{< ref "/guides/recipes/overview" >}})
+- [Radius Environments]({{< ref "/guides/deploy-apps/environments/overview" >}})
+- [`rad recipe CLI reference`]({{< ref rad_recipe >}})
+- [`rad env CLI reference`]({{< ref rad_env >}})
\ No newline at end of file
diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep
new file mode 100644
index 000000000..8c55b2502
--- /dev/null
+++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep
@@ -0,0 +1,52 @@
+import radius as radius
+
+//ENV
+resource env 'Applications.Core/environments@2023-10-01-preview' = {
+  name: 'prod'
+  properties: {
+    compute: {
+      kind: 'kubernetes'
+      resourceId: 'self'
+      namespace: 'default'
+    }
+    recipeConfig: {
+      terraform: {
+        authentication:{
+          git:{  
+            'my-access-token':{
+              'github.com':{
+                secret: secretStoreGithub.id
+              }
+            }
+          }          
+        }
+      }
+    }
+    recipes: {      
+      'Applications.Datastores/mongoDatabases':{
+          default: {
+            templateKind: 'terraform'
+            templatePath: 'https://dev.azure.com/test-private-repo'
+          }
+      }
+    }
+ }
+}
+//ENV     
+
+//SECRETSTORE
+resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = {
+  name: 'github'
+  properties:{
+    type: 'generic'
+    data: {
+      'my-access-token': {
+        value: '<personal-access-token>'
+      }
+      'my-username': {
+        value: '<username>'
+      }
+    }
+  }
+}
+//SECRETSTORE