From 41707f5276728b88121754adf6ab8ed39c6cf3ae Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Thu, 29 Feb 2024 20:14:05 +0000 Subject: [PATCH 01/22] Adding how-to guide for tf private registry for recipes Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/index.md | 58 +++++++++++++++++++ .../howto-private-registry/snippets/env.bicep | 52 +++++++++++++++++ 2 files changed, 110 insertions(+) create mode 100644 docs/content/guides/recipes/Terraform/howto-private-registry/index.md create mode 100644 docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md new file mode 100644 index 000000000..6af857568 --- /dev/null +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -0,0 +1,58 @@ +--- +type: docs +title: "How-To: Setup a private registry for your Terraform Radius Recipes" +linkTitle: "Setup a private registry" +description: "Learn how to configure your Radius Environment to leverage your private registry as storage for your custom Recipe templates" +weight: 500 +categories: "How-To" +tags: ["recipes", "terraform"] +--- + +This how-to guide will provide an overview of how to: + +- Configure a Radius Environment that leverages a [Radius secret store]({{< ref secretstore >}}) to register a [private Git registry](https://developer.hashicorp.com/terraform/registry/private) for your Recipe templates. + +### Prerequisites + +Before you get started, you'll need to make sure you have the following tools and resources: + +- [rad CLI]({{< ref "installation#step-1-install-the-rad-cli" >}}) +- [Radius Bicep VSCode extension]({{< ref "installation#step-2-install-the-vs-code-extension" >}}) +- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) + +### Step 1: Define a secret store resource + +Radius provides support for defining Kubernetes Secrets as Bicep resources, through the Radius Secret Store. Users have the option to both leverage an existing Kubernetes Secret or define a new Kubernetes Secret in the resource, see the [Radius Secret Store schema]({{< ref secretstore >}}) for more information. + +Create a Bicep file `env.bicep` and define your resource: + +{{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} + +## Step 2: Define your Radius Recipe configurations + +Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. Define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information. + +{{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} + +## Step 3: Deploy your Radius Environment + +Deploy your new Radius Environment: + +``` +rad deploy env.bicep +``` + +## Cleanup + +You can delete a Radius Environment by running the following command: + +``` +rad env delete prod +``` + +## Further reading + +- [Recipes overview]({{< ref "/guides/recipes/overview" >}}) +- [Radius Environments]({{< ref "/guides/deploy-apps/environments/overview" >}}) +- [`rad recipe CLI reference`]({{< ref rad_recipe >}}) +- [`rad env CLI reference`]({{< ref rad_env >}}) \ No newline at end of file diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep new file mode 100644 index 000000000..8c55b2502 --- /dev/null +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -0,0 +1,52 @@ +import radius as radius + +//ENV +resource env 'Applications.Core/environments@2023-10-01-preview' = { + name: 'prod' + properties: { + compute: { + kind: 'kubernetes' + resourceId: 'self' + namespace: 'default' + } + recipeConfig: { + terraform: { + authentication:{ + git:{ + 'my-access-token':{ + 'github.com':{ + secret: secretStoreGithub.id + } + } + } + } + } + } + recipes: { + 'Applications.Datastores/mongoDatabases':{ + default: { + templateKind: 'terraform' + templatePath: 'https://dev.azure.com/test-private-repo' + } + } + } + } +} +//ENV + +//SECRETSTORE +resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { + name: 'github' + properties:{ + type: 'generic' + data: { + 'my-access-token': { + value: '' + } + 'my-username': { + value: '' + } + } + } +} +//SECRETSTORE From ee15fb83620efddcccd24a43b041e942bb2fd77f Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Thu, 29 Feb 2024 21:07:11 +0000 Subject: [PATCH 02/22] Addressed feedback with Vishwanath's help. Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/index.md | 18 ++++++++++++-- .../howto-private-registry/snippets/env.bicep | 24 ++++++++++++------- 2 files changed, 32 insertions(+), 10 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 6af857568..cc4e451b1 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -24,17 +24,31 @@ Before you get started, you'll need to make sure you have the following tools an Radius provides support for defining Kubernetes Secrets as Bicep resources, through the Radius Secret Store. Users have the option to both leverage an existing Kubernetes Secret or define a new Kubernetes Secret in the resource, see the [Radius Secret Store schema]({{< ref secretstore >}}) for more information. + + Create a Bicep file `env.bicep` and define your resource: {{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} -## Step 2: Define your Radius Recipe configurations +> Note the property `pat` is a required property that refers to your personal access token, while `username` can be optional. + +## Step 2: Define your Radius Recipe + +Define your Radius Recipe, keep in mind that your `templatePath` should contain a `git::` prefix as per [Terraform requirements](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). + +{{< rad file="snippets/env.bicep" embed=true marker="//RECIPE" >}} + + +## Step 3: Define your Radius Recipe configurations Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. Define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information. {{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} -## Step 3: Deploy your Radius Environment +> Note the keys listed inside of the `pat` property should match your path name to the secret store. + + +## Step 4: Deploy your Radius Environment Deploy your new Radius Environment: diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep index 8c55b2502..6e572dc86 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -13,8 +13,10 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { terraform: { authentication:{ git:{ - 'my-access-token':{ - 'github.com':{ + // PAT is a required key value, personal access token + pat:{ + // This has to be a path name to the secret store + 'dev.azure.com':{ secret: secretStoreGithub.id } } @@ -22,17 +24,21 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { } } } +//ENV + +//RECIPE recipes: { 'Applications.Datastores/mongoDatabases':{ default: { templateKind: 'terraform' - templatePath: 'https://dev.azure.com/test-private-repo' + // Git template path + templatePath: 'git::https://dev.azure.com/test-private-repo' } } } } } -//ENV +//RECIPE //SECRETSTORE resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { @@ -40,11 +46,13 @@ resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = properties:{ type: 'generic' data: { - 'my-access-token': { - value: '' + // Call it out in the documentation that pat is a required key value + pat: { + value: '' } - 'my-username': { - value: '' + // Optional key value + username: { + value: '' } } } From 21fb84358b97aa43b71f5f1bc8f0bd21fe4e41f4 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Thu, 29 Feb 2024 21:09:27 +0000 Subject: [PATCH 03/22] Fixed snippet Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/snippets/env.bicep | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep index 6e572dc86..11b81594a 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -23,8 +23,9 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { } } } - } //ENV + } + //RECIPE recipes: { @@ -36,9 +37,9 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { } } } + //RECIPE } } -//RECIPE //SECRETSTORE resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { From d7714a7f78ce4dbe1f2d8df286372f2ee0e71570 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Thu, 29 Feb 2024 17:13:48 -0500 Subject: [PATCH 04/22] Apply suggestions from code review Co-authored-by: Will <28876888+willtsai@users.noreply.github.com> Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../recipes/Terraform/howto-private-registry/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index cc4e451b1..2a3abc4d9 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -1,7 +1,7 @@ --- type: docs -title: "How-To: Setup a private registry for your Terraform Radius Recipes" -linkTitle: "Setup a private registry" +title: "How-To: Set up a private registry for your Terraform Radius Recipes" +linkTitle: "Set up a private registry" description: "Learn how to configure your Radius Environment to leverage your private registry as storage for your custom Recipe templates" weight: 500 categories: "How-To" @@ -10,7 +10,7 @@ tags: ["recipes", "terraform"] This how-to guide will provide an overview of how to: -- Configure a Radius Environment that leverages a [Radius secret store]({{< ref secretstore >}}) to register a [private Git registry](https://developer.hashicorp.com/terraform/registry/private) for your Recipe templates. +- Configure a Radius Environment that leverages a [Radius secret store]({{< ref secretstore >}}) to register a [private Terraform registry](https://developer.hashicorp.com/terraform/registry/private) for your Recipe templates. ### Prerequisites From 640e1a8f4c7a447ae97d8cb193ec532962e350a6 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Fri, 1 Mar 2024 15:56:35 -0500 Subject: [PATCH 05/22] Apply suggestions from code review Co-authored-by: Aaron Crawfis Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/index.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 2a3abc4d9..522abf418 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -1,16 +1,16 @@ --- type: docs -title: "How-To: Set up a private registry for your Terraform Radius Recipes" -linkTitle: "Set up a private registry" -description: "Learn how to configure your Radius Environment to leverage your private registry as storage for your custom Recipe templates" +title: "How-To: Pull Terraform modules from private git repositories" +linkTitle: "Private git repos" +description: "Learn how to setup your Radius environment to pull Terraform Recipe templates from a private git repository." weight: 500 categories: "How-To" tags: ["recipes", "terraform"] --- -This how-to guide will provide an overview of how to: +This how-to guide will describe how to: -- Configure a Radius Environment that leverages a [Radius secret store]({{< ref secretstore >}}) to register a [private Terraform registry](https://developer.hashicorp.com/terraform/registry/private) for your Recipe templates. +- Configure a Radius Environment to be able to pull Terraform Recipe templates from a private git repository. ### Prerequisites @@ -22,9 +22,7 @@ Before you get started, you'll need to make sure you have the following tools an ### Step 1: Define a secret store resource -Radius provides support for defining Kubernetes Secrets as Bicep resources, through the Radius Secret Store. Users have the option to both leverage an existing Kubernetes Secret or define a new Kubernetes Secret in the resource, see the [Radius Secret Store schema]({{< ref secretstore >}}) for more information. - - +Begin by configuring a [Radius Secret Store]({{< ref secretstore >}}) with the personal access token or username + password you previously created, which has access to your private git repository. Create a Bicep file `env.bicep` and define your resource: From 9e43ad2f3f93bbadfa5b9b3a82f7c397aa5c7bb3 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 15:30:55 +0000 Subject: [PATCH 06/22] Addressed feedback on howto-private-registry Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .github/config/en-custom.txt | 1 + .../Terraform/howto-private-registry/index.md | 21 +++++----- .../howto-private-registry/snippets/env.bicep | 40 +++++++++---------- 3 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/config/en-custom.txt b/.github/config/en-custom.txt index d3cf05d47..18b9d9b0c 100644 --- a/.github/config/en-custom.txt +++ b/.github/config/en-custom.txt @@ -311,6 +311,7 @@ redoc resourceGroup replacePrefix repo +repos resourceGroupName RecipeSpecified resourceId diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 522abf418..cf9f41add 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -19,32 +19,31 @@ Before you get started, you'll need to make sure you have the following tools an - [rad CLI]({{< ref "installation#step-1-install-the-rad-cli" >}}) - [Radius Bicep VSCode extension]({{< ref "installation#step-2-install-the-vs-code-extension" >}}) - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) +- A [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens) for your Git repository. -### Step 1: Define a secret store resource +## Step 1: Define a secret store resource Begin by configuring a [Radius Secret Store]({{< ref secretstore >}}) with the personal access token or username + password you previously created, which has access to your private git repository. -Create a Bicep file `env.bicep` and define your resource: +Create a Bicep file `env.bicep`, import Radius and define your resource: {{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} > Note the property `pat` is a required property that refers to your personal access token, while `username` can be optional. -## Step 2: Define your Radius Recipe +## Step 2: Define your Radius Recipe configurations -Define your Radius Recipe, keep in mind that your `templatePath` should contain a `git::` prefix as per [Terraform requirements](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). - -{{< rad file="snippets/env.bicep" embed=true marker="//RECIPE" >}} - - -## Step 3: Define your Radius Recipe configurations - -Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. Define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information. +Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. In your `env.bicep` file define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information. {{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} > Note the keys listed inside of the `pat` property should match your path name to the secret store. +## Step 3: Define your Radius Recipe + +Define your Radius Recipe inside your [Radius Environment resource]({{< ref environment-schema >}}) in your `env.bicep` file, keep in mind that your `templatePath` should contain a `git::` prefix as per [Terraform requirements](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). + +{{< rad file="snippets/env.bicep" embed=true marker="//RECIPE" >}} ## Step 4: Deploy your Radius Environment diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep index 11b81594a..c7be411a5 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -1,5 +1,24 @@ +//SECRETSTORE import radius as radius +resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { + name: 'github' + properties:{ + type: 'generic' + data: { + // Required key value + pat: { + value: '' + } + // Optional key value + username: { + value: '' + } + } + } +} +//SECRETSTORE + //ENV resource env 'Applications.Core/environments@2023-10-01-preview' = { name: 'prod' @@ -15,7 +34,7 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { git:{ // PAT is a required key value, personal access token pat:{ - // This has to be a path name to the secret store + // secretStore ID 'dev.azure.com':{ secret: secretStoreGithub.id } @@ -40,22 +59,3 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { //RECIPE } } - -//SECRETSTORE -resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { - name: 'github' - properties:{ - type: 'generic' - data: { - // Call it out in the documentation that pat is a required key value - pat: { - value: '' - } - // Optional key value - username: { - value: '' - } - } - } -} -//SECRETSTORE From 608b5f3490e0429d417fbbea53f29bd3a9924c11 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 13:38:06 -0500 Subject: [PATCH 07/22] Apply suggestions from code review Co-authored-by: Aaron Crawfis Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/index.md | 14 ++++++++------ .../howto-private-registry/snippets/env.bicep | 8 +++----- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index cf9f41add..253b8d10c 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -25,23 +25,25 @@ Before you get started, you'll need to make sure you have the following tools an Begin by configuring a [Radius Secret Store]({{< ref secretstore >}}) with the personal access token or username + password you previously created, which has access to your private git repository. -Create a Bicep file `env.bicep`, import Radius and define your resource: +Create a Bicep file `env.bicep`, import Radius, and define your resource: {{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} -> Note the property `pat` is a required property that refers to your personal access token, while `username` can be optional. +> Note the property `pat` is a required property that refers to your personal access token, while `username` is an optional field you can specify if your git platform requires a username. -## Step 2: Define your Radius Recipe configurations +## Step 2: Configure Terraform Recipe git authentication -Radius provides a property `recipeConfig` which allows users to setup specific Git module sources for your Terraform Radius Recipes. In your `env.bicep` file define this property in your Radius Environment resource, visit the [Radius Environment schema]({{< ref environment-schema >}}) page for more information. +`recipeConfig` allows you to configure how Recipes should be setup and run. One available option is to specify git credentials for pulling Terraform Recipes from git sources. For more information refer to the [Radius Environment schema]({{< ref environment-schema >}}) page. + +In your `env.bicep` file add an Environment resource, along with Recipe configuration which leverages the previously defined secret store for git authentication. {{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} > Note the keys listed inside of the `pat` property should match your path name to the secret store. -## Step 3: Define your Radius Recipe +## Step 3: Add a Terraform Recipe -Define your Radius Recipe inside your [Radius Environment resource]({{< ref environment-schema >}}) in your `env.bicep` file, keep in mind that your `templatePath` should contain a `git::` prefix as per [Terraform requirements](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). +Update your Environment with a Terraform Recipe, pointing to your private git repository. Note that your `templatePath` should contain a `git::` prefix, per the [Terraform module documentation](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). {{< rad file="snippets/env.bicep" embed=true marker="//RECIPE" >}} diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep index c7be411a5..f3d9c43c2 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -6,11 +6,11 @@ resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = properties:{ type: 'generic' data: { - // Required key value + // Required value, refers to the personal access token or password of the git platform pat: { value: '' } - // Optional key value + // Optional value, refers to the username of the git platform username: { value: '' } @@ -25,16 +25,14 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { properties: { compute: { kind: 'kubernetes' - resourceId: 'self' namespace: 'default' } recipeConfig: { terraform: { authentication:{ git:{ - // PAT is a required key value, personal access token pat:{ - // secretStore ID + // The hostname of your git platform, such as 'dev.azure.com' or 'github.com' 'dev.azure.com':{ secret: secretStoreGithub.id } From ed7cbb1bcb159ae13ea48df201e057e6c60c5565 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 14:35:51 -0500 Subject: [PATCH 08/22] Apply suggestions from code review Co-authored-by: Vishwanath Hiremath <100623239+vishwahiremat@users.noreply.github.com> Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../guides/recipes/Terraform/howto-private-registry/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 253b8d10c..db229ac4b 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -29,7 +29,7 @@ Create a Bicep file `env.bicep`, import Radius, and define your resource: {{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} -> Note the property `pat` is a required property that refers to your personal access token, while `username` is an optional field you can specify if your git platform requires a username. +> Note the property `pat` is a required secret key that refers to your personal access token, while `username` is an optional key you can specify if your git platform requires a username. ## Step 2: Configure Terraform Recipe git authentication From abef6ba04b9e07fbf11e16d07cb446a2d8410851 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 22:46:16 +0000 Subject: [PATCH 09/22] Addressed certain changes to the steps of the guide. Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/index.md | 23 +++--- .../howto-private-registry/snippets/env.bicep | 78 ++++++++++++------- 2 files changed, 64 insertions(+), 37 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index db229ac4b..edd22a254 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -19,9 +19,14 @@ Before you get started, you'll need to make sure you have the following tools an - [rad CLI]({{< ref "installation#step-1-install-the-rad-cli" >}}) - [Radius Bicep VSCode extension]({{< ref "installation#step-2-install-the-vs-code-extension" >}}) - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) -- A [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens) for your Git repository. -## Step 1: Define a secret store resource +## Step 1: Create a personal access token + +Create a personal access token, this can be from [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens), [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) or any other Git platform. + +The PAT should have access to read the files inside the specific private repository. + +## Step 2: Define a secret store resource Begin by configuring a [Radius Secret Store]({{< ref secretstore >}}) with the personal access token or username + password you previously created, which has access to your private git repository. @@ -31,28 +36,26 @@ Create a Bicep file `env.bicep`, import Radius, and define your resource: > Note the property `pat` is a required secret key that refers to your personal access token, while `username` is an optional key you can specify if your git platform requires a username. -## Step 2: Configure Terraform Recipe git authentication +## Step 3: Configure Terraform Recipe git authentication `recipeConfig` allows you to configure how Recipes should be setup and run. One available option is to specify git credentials for pulling Terraform Recipes from git sources. For more information refer to the [Radius Environment schema]({{< ref environment-schema >}}) page. In your `env.bicep` file add an Environment resource, along with Recipe configuration which leverages the previously defined secret store for git authentication. -{{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} - -> Note the keys listed inside of the `pat` property should match your path name to the secret store. +{{< rad file="snippets/env.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"9-22\"],linenostart=30}" >}} -## Step 3: Add a Terraform Recipe +## Step 4: Add a Terraform Recipe Update your Environment with a Terraform Recipe, pointing to your private git repository. Note that your `templatePath` should contain a `git::` prefix, per the [Terraform module documentation](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). -{{< rad file="snippets/env.bicep" embed=true marker="//RECIPE" >}} +{{< rad file="snippets/env.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"23-30\"],linenostart=30}" >}} -## Step 4: Deploy your Radius Environment +## Step 5: Deploy your Radius Environment Deploy your new Radius Environment: ``` -rad deploy env.bicep +rad deploy ./env.bicep ``` ## Cleanup diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep index f3d9c43c2..7fce198ee 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -1,18 +1,17 @@ //SECRETSTORE import radius as radius -resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = { - name: 'github' - properties:{ +@secure() +param pat string='' + +resource secretStoreGit 'Applications.Core/secretStores@2023-10-01-preview' = { + name: 'my-git-secret-store' + properties: { type: 'generic' data: { // Required value, refers to the personal access token or password of the git platform pat: { - value: '' - } - // Optional value, refers to the username of the git platform - username: { - value: '' + value: pat } } } @@ -21,39 +20,64 @@ resource secretStoreGithub 'Applications.Core/secretStores@2023-10-01-preview' = //ENV resource env 'Applications.Core/environments@2023-10-01-preview' = { - name: 'prod' + name: 'my-env' + location: 'global' properties: { compute: { kind: 'kubernetes' - namespace: 'default' + namespace: 'my-namespace' } recipeConfig: { terraform: { - authentication:{ - git:{ - pat:{ + authentication: { + git: { + pat: { // The hostname of your git platform, such as 'dev.azure.com' or 'github.com' - 'dev.azure.com':{ - secret: secretStoreGithub.id + 'github.com':{ + secret: secretStoreGit.id } } - } + } } } -//ENV } + recipes: { + 'Applications.Core/extenders': { + default: { + templateKind: 'terraform' + // Git template path + templatePath:'git::my-git-url' + } + } + } + } +} +//ENV +resource app 'Applications.Core/applications@2023-10-01-preview' = { + name: 'my-app' + location: 'global' + properties: { + environment: env.id + extensions: [ + { + kind: 'kubernetesNamespace' + namespace: 'my-namespace' + } + ] + } +} -//RECIPE - recipes: { - 'Applications.Datastores/mongoDatabases':{ - default: { - templateKind: 'terraform' - // Git template path - templatePath: 'git::https://dev.azure.com/test-private-repo' - } +resource webapp 'Applications.Core/extenders@2023-10-01-preview' = { + name: 'my-redis-cache' + properties: { + application: app.id + environment: env.id + recipe: { + name: 'default' + parameters: { + redis_cache_name: 'my-redis' } } - //RECIPE - } + } } From 76066a63c0b0d0f34b71d7be39308b0978f06f51 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 22:49:17 +0000 Subject: [PATCH 10/22] Fixed naming. Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../guides/recipes/Terraform/howto-private-registry/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index edd22a254..6e7d09f92 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -63,7 +63,7 @@ rad deploy ./env.bicep You can delete a Radius Environment by running the following command: ``` -rad env delete prod +rad env delete my-env ``` ## Further reading From 271ab4e1b568dec57e0f592eedb4630776633fbe Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 23:20:19 +0000 Subject: [PATCH 11/22] Addressed feedback Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../Terraform/howto-private-registry/index.md | 15 ++++-- .../snippets/env-complete.bicep | 54 +++++++++++++++++++ .../howto-private-registry/snippets/env.bicep | 42 +-------------- docs/content/reference/limitations.md | 4 ++ 4 files changed, 70 insertions(+), 45 deletions(-) create mode 100644 docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env-complete.bicep diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 6e7d09f92..e794317a6 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -19,10 +19,11 @@ Before you get started, you'll need to make sure you have the following tools an - [rad CLI]({{< ref "installation#step-1-install-the-rad-cli" >}}) - [Radius Bicep VSCode extension]({{< ref "installation#step-2-install-the-vs-code-extension" >}}) - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) +- [Radius initialized with `rad init`]({{< ref howto-environment >}}) ## Step 1: Create a personal access token -Create a personal access token, this can be from [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens), [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) or any other Git platform. +Create a personal access token, this can be from [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens), [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html), [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows) or any other Git platform. The PAT should have access to read the files inside the specific private repository. @@ -34,7 +35,7 @@ Create a Bicep file `env.bicep`, import Radius, and define your resource: {{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} -> Note the property `pat` is a required secret key that refers to your personal access token, while `username` is an optional key you can specify if your git platform requires a username. +> Note the property `pat` is a required key that refers to your personal access token, while `username` is an optional key you can specify if your git platform requires a username. ## Step 3: Configure Terraform Recipe git authentication @@ -42,22 +43,26 @@ Create a Bicep file `env.bicep`, import Radius, and define your resource: In your `env.bicep` file add an Environment resource, along with Recipe configuration which leverages the previously defined secret store for git authentication. -{{< rad file="snippets/env.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"9-22\"],linenostart=30}" >}} +{{< rad file="snippets/env.bicep" embed=true marker="//ENV" >}} ## Step 4: Add a Terraform Recipe Update your Environment with a Terraform Recipe, pointing to your private git repository. Note that your `templatePath` should contain a `git::` prefix, per the [Terraform module documentation](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). -{{< rad file="snippets/env.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"23-30\"],linenostart=30}" >}} +{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"23-30\"],linenostart=30}" >}} ## Step 5: Deploy your Radius Environment Deploy your new Radius Environment: ``` -rad deploy ./env.bicep +rad deploy ./env.bicep -p pat=****** ``` +## Done + +Your Radius Environment is now ready to utilize your Radius Recipes stored inside your private registry. For more information on Radius Recipes visit the [Recipes overview page]({{< ref "/guides/recipes/overview" >}}). + ## Cleanup You can delete a Radius Environment by running the following command: diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env-complete.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env-complete.bicep new file mode 100644 index 000000000..7ec3ac5e6 --- /dev/null +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env-complete.bicep @@ -0,0 +1,54 @@ +//SECRETSTORE +import radius as radius + +@description('Required value, refers to the personal access token or password of the git platform') +@secure() +param pat string + +resource secretStoreGit 'Applications.Core/secretStores@2023-10-01-preview' = { + name: 'my-git-secret-store' + properties: { + type: 'generic' + data: { + pat: { + value: pat + } + } + } +} +//SECRETSTORE + +//ENV +resource env 'Applications.Core/environments@2023-10-01-preview' = { + name: 'my-env' + properties: { + compute: { + kind: 'kubernetes' + namespace: 'my-namespace' + } + recipeConfig: { + terraform: { + authentication: { + git: { + pat: { + // The hostname of your git platform, such as 'dev.azure.com' or 'github.com' + 'github.com':{ + secret: secretStoreGit.id + } + } + } + } + } + } + recipes: { + 'Applications.Datastores/redisCaches': { + default: { + templateKind: 'terraform' + // Git template path + templatePath:'git::https//github.com/my-org/my-repo' + } + } + } + } +} +//ENV diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep index 7fce198ee..48ba3c4dc 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep @@ -1,15 +1,15 @@ //SECRETSTORE import radius as radius +@description('Required value, refers to the personal access token or password of the git platform') @secure() -param pat string='' +param pat string resource secretStoreGit 'Applications.Core/secretStores@2023-10-01-preview' = { name: 'my-git-secret-store' properties: { type: 'generic' data: { - // Required value, refers to the personal access token or password of the git platform pat: { value: pat } @@ -21,7 +21,6 @@ resource secretStoreGit 'Applications.Core/secretStores@2023-10-01-preview' = { //ENV resource env 'Applications.Core/environments@2023-10-01-preview' = { name: 'my-env' - location: 'global' properties: { compute: { kind: 'kubernetes' @@ -41,43 +40,6 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { } } } - recipes: { - 'Applications.Core/extenders': { - default: { - templateKind: 'terraform' - // Git template path - templatePath:'git::my-git-url' - } - } - } } } //ENV - -resource app 'Applications.Core/applications@2023-10-01-preview' = { - name: 'my-app' - location: 'global' - properties: { - environment: env.id - extensions: [ - { - kind: 'kubernetesNamespace' - namespace: 'my-namespace' - } - ] - } -} - -resource webapp 'Applications.Core/extenders@2023-10-01-preview' = { - name: 'my-redis-cache' - properties: { - application: app.id - environment: env.id - recipe: { - name: 'default' - parameters: { - redis_cache_name: 'my-redis' - } - } - } -} diff --git a/docs/content/reference/limitations.md b/docs/content/reference/limitations.md index 9f470d7bc..760f63aeb 100644 --- a/docs/content/reference/limitations.md +++ b/docs/content/reference/limitations.md @@ -93,6 +93,10 @@ output values object = { } ``` +### Terraform private registries + +Currently users cannot run `rad recipe show` on Radius Recipes registered inside of private git registries and will experience an error in the CLI. + ## Bicep & Deployment Engine ### Currently using a forked version of Bicep From 3f3a143998ca90e9f96854f0a978579f7c65807d Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 4 Mar 2024 23:27:00 +0000 Subject: [PATCH 12/22] Spellcheck fix Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .github/config/en-custom.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/config/en-custom.txt b/.github/config/en-custom.txt index 18b9d9b0c..711fd6ee1 100644 --- a/.github/config/en-custom.txt +++ b/.github/config/en-custom.txt @@ -982,6 +982,7 @@ learnings architected customizable Gitops +GitLab OSS SRE SREs From 1eb481208a98c633131db087d337ac836cef3edb Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Tue, 5 Mar 2024 13:16:24 -0500 Subject: [PATCH 13/22] Apply suggestions from code review Co-authored-by: Aaron Crawfis Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../recipes/Terraform/howto-private-registry/index.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index e794317a6..790b66737 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -23,19 +23,21 @@ Before you get started, you'll need to make sure you have the following tools an ## Step 1: Create a personal access token -Create a personal access token, this can be from [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens), [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html), [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows) or any other Git platform. +Create a personal access token, this can be from [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#about-personal-access-tokens), [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html), [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows), or any other Git platform. The PAT should have access to read the files inside the specific private repository. ## Step 2: Define a secret store resource -Begin by configuring a [Radius Secret Store]({{< ref secretstore >}}) with the personal access token or username + password you previously created, which has access to your private git repository. +Configure a [Radius Secret Store]({{< ref "/guides/author-apps/secrets/overview" >}}) with the personal access token or username + password you previously created, which has access to your private git repository. + +> While this example shows a Radius-managed secret store where Radius creates the underlying secrets infrastructure, you can also bring your own existing secrets. Refer to the [secrets documentation]({{< ref "/guides/author-apps/secrets/overview" >}}) for more information. Create a Bicep file `env.bicep`, import Radius, and define your resource: {{< rad file="snippets/env.bicep" embed=true marker="//SECRETSTORE" >}} -> Note the property `pat` is a required key that refers to your personal access token, while `username` is an optional key you can specify if your git platform requires a username. +> The property `pat` is required and refers to your personal access token or password, while `username` is optional and refers to a username, if your git platform requires one. ## Step 3: Configure Terraform Recipe git authentication From 3f3b8bfac49b3d6bab0f3e13365e10af17aeff32 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Tue, 5 Mar 2024 13:17:01 -0500 Subject: [PATCH 14/22] Apply suggestions from code review Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../guides/recipes/Terraform/howto-private-registry/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 790b66737..75df2be77 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -51,7 +51,7 @@ In your `env.bicep` file add an Environment resource, along with Recipe configur Update your Environment with a Terraform Recipe, pointing to your private git repository. Note that your `templatePath` should contain a `git::` prefix, per the [Terraform module documentation](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). -{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"23-30\"],linenostart=30}" >}} +{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"23-31\"],linenostart=30}" >}} ## Step 5: Deploy your Radius Environment From 3c5fd89b0f29ef2de351996b98c3ecc625c1aa63 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Tue, 5 Mar 2024 18:33:37 +0000 Subject: [PATCH 15/22] Fixed snippet render Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../guides/recipes/Terraform/howto-private-registry/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md index 75df2be77..68c8af4cd 100644 --- a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md +++ b/docs/content/guides/recipes/Terraform/howto-private-registry/index.md @@ -51,7 +51,7 @@ In your `env.bicep` file add an Environment resource, along with Recipe configur Update your Environment with a Terraform Recipe, pointing to your private git repository. Note that your `templatePath` should contain a `git::` prefix, per the [Terraform module documentation](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). -{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"23-31\"],linenostart=30}" >}} +{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"22-30\"],linenostart=30}" >}} ## Step 5: Deploy your Radius Environment From dcb6dece834631bb01dbc63d8ffa6bd8d7b9ee4f Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Tue, 5 Mar 2024 18:35:46 +0000 Subject: [PATCH 16/22] Moved folder Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .../recipes/{Terraform => }/howto-private-registry/index.md | 0 .../howto-private-registry/snippets/env-complete.bicep | 0 .../{Terraform => }/howto-private-registry/snippets/env.bicep | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename docs/content/guides/recipes/{Terraform => }/howto-private-registry/index.md (100%) rename docs/content/guides/recipes/{Terraform => }/howto-private-registry/snippets/env-complete.bicep (100%) rename docs/content/guides/recipes/{Terraform => }/howto-private-registry/snippets/env.bicep (100%) diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/index.md b/docs/content/guides/recipes/howto-private-registry/index.md similarity index 100% rename from docs/content/guides/recipes/Terraform/howto-private-registry/index.md rename to docs/content/guides/recipes/howto-private-registry/index.md diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env-complete.bicep b/docs/content/guides/recipes/howto-private-registry/snippets/env-complete.bicep similarity index 100% rename from docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env-complete.bicep rename to docs/content/guides/recipes/howto-private-registry/snippets/env-complete.bicep diff --git a/docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/howto-private-registry/snippets/env.bicep similarity index 100% rename from docs/content/guides/recipes/Terraform/howto-private-registry/snippets/env.bicep rename to docs/content/guides/recipes/howto-private-registry/snippets/env.bicep From f7f129c646bdc5d7e80503d2174ca6ea14007bba Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Fri, 8 Mar 2024 18:28:45 +0000 Subject: [PATCH 17/22] Added a note linking to the limitations page Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- docs/content/guides/recipes/howto-private-registry/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/content/guides/recipes/howto-private-registry/index.md b/docs/content/guides/recipes/howto-private-registry/index.md index 68c8af4cd..518c2b154 100644 --- a/docs/content/guides/recipes/howto-private-registry/index.md +++ b/docs/content/guides/recipes/howto-private-registry/index.md @@ -65,6 +65,8 @@ rad deploy ./env.bicep -p pat=****** Your Radius Environment is now ready to utilize your Radius Recipes stored inside your private registry. For more information on Radius Recipes visit the [Recipes overview page]({{< ref "/guides/recipes/overview" >}}). +> Note currently there's a bug preventing the usage of `rad recipe show` for Radius Recipes registered from private registries, see the [Radius limitations page]({{< ref "limitations#terraform-private-registries" >}}) for more info. + ## Cleanup You can delete a Radius Environment by running the following command: From bc1c6eb97c654ec078ba6524eb5c79162642c808 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Fri, 8 Mar 2024 21:50:32 +0000 Subject: [PATCH 18/22] Added an explanation to the `resource` property. Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- docs/content/guides/recipes/howto-private-registry/index.md | 2 +- .../guides/recipes/howto-private-registry/snippets/env.bicep | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/content/guides/recipes/howto-private-registry/index.md b/docs/content/guides/recipes/howto-private-registry/index.md index 518c2b154..175a0464a 100644 --- a/docs/content/guides/recipes/howto-private-registry/index.md +++ b/docs/content/guides/recipes/howto-private-registry/index.md @@ -29,7 +29,7 @@ The PAT should have access to read the files inside the specific private reposit ## Step 2: Define a secret store resource -Configure a [Radius Secret Store]({{< ref "/guides/author-apps/secrets/overview" >}}) with the personal access token or username + password you previously created, which has access to your private git repository. +Configure a [Radius Secret Store]({{< ref "/guides/author-apps/secrets/overview" >}}) with the personal access token or username + password you previously created, which has access to your private git repository. Define a the namespace for the cluster that will contain your [Kubernetes Secret](https://kubernetes.io/docs/concepts/configuration/secret/) with the `resource` property. > While this example shows a Radius-managed secret store where Radius creates the underlying secrets infrastructure, you can also bring your own existing secrets. Refer to the [secrets documentation]({{< ref "/guides/author-apps/secrets/overview" >}}) for more information. diff --git a/docs/content/guides/recipes/howto-private-registry/snippets/env.bicep b/docs/content/guides/recipes/howto-private-registry/snippets/env.bicep index 48ba3c4dc..78fa42ebe 100644 --- a/docs/content/guides/recipes/howto-private-registry/snippets/env.bicep +++ b/docs/content/guides/recipes/howto-private-registry/snippets/env.bicep @@ -8,6 +8,7 @@ param pat string resource secretStoreGit 'Applications.Core/secretStores@2023-10-01-preview' = { name: 'my-git-secret-store' properties: { + resource: 'my-secret-namespace/github' type: 'generic' data: { pat: { From ef09a99cb09c2ee6d5c77c8f5ec7974f89f11388 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Fri, 8 Mar 2024 21:51:58 +0000 Subject: [PATCH 19/22] Fixed spelling Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- docs/content/guides/recipes/howto-private-registry/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/guides/recipes/howto-private-registry/index.md b/docs/content/guides/recipes/howto-private-registry/index.md index 175a0464a..2050b7a6d 100644 --- a/docs/content/guides/recipes/howto-private-registry/index.md +++ b/docs/content/guides/recipes/howto-private-registry/index.md @@ -29,7 +29,7 @@ The PAT should have access to read the files inside the specific private reposit ## Step 2: Define a secret store resource -Configure a [Radius Secret Store]({{< ref "/guides/author-apps/secrets/overview" >}}) with the personal access token or username + password you previously created, which has access to your private git repository. Define a the namespace for the cluster that will contain your [Kubernetes Secret](https://kubernetes.io/docs/concepts/configuration/secret/) with the `resource` property. +Configure a [Radius Secret Store]({{< ref "/guides/author-apps/secrets/overview" >}}) with the personal access token or username + password you previously created, which has access to your private git repository. Define the namespace for the cluster that will contain your [Kubernetes Secret](https://kubernetes.io/docs/concepts/configuration/secret/) with the `resource` property. > While this example shows a Radius-managed secret store where Radius creates the underlying secrets infrastructure, you can also bring your own existing secrets. Refer to the [secrets documentation]({{< ref "/guides/author-apps/secrets/overview" >}}) for more information. From 42c49d90b71adac035f1f479156db2ca689d772e Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 11 Mar 2024 14:37:17 -0400 Subject: [PATCH 20/22] Apply suggestions from code review Co-authored-by: Aaron Crawfis Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- docs/content/guides/recipes/howto-private-registry/index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/content/guides/recipes/howto-private-registry/index.md b/docs/content/guides/recipes/howto-private-registry/index.md index 2050b7a6d..810253e50 100644 --- a/docs/content/guides/recipes/howto-private-registry/index.md +++ b/docs/content/guides/recipes/howto-private-registry/index.md @@ -65,8 +65,6 @@ rad deploy ./env.bicep -p pat=****** Your Radius Environment is now ready to utilize your Radius Recipes stored inside your private registry. For more information on Radius Recipes visit the [Recipes overview page]({{< ref "/guides/recipes/overview" >}}). -> Note currently there's a bug preventing the usage of `rad recipe show` for Radius Recipes registered from private registries, see the [Radius limitations page]({{< ref "limitations#terraform-private-registries" >}}) for more info. - ## Cleanup You can delete a Radius Environment by running the following command: From 23b64a431ffd92004b4a99fe3051495663a37d5e Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 11 Mar 2024 18:44:45 +0000 Subject: [PATCH 21/22] Addressed feedback on how-to guide Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- docs/content/guides/recipes/howto-private-registry/index.md | 2 +- .../recipes/howto-private-registry/snippets/env-complete.bicep | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/content/guides/recipes/howto-private-registry/index.md b/docs/content/guides/recipes/howto-private-registry/index.md index 810253e50..d121d9d0f 100644 --- a/docs/content/guides/recipes/howto-private-registry/index.md +++ b/docs/content/guides/recipes/howto-private-registry/index.md @@ -51,7 +51,7 @@ In your `env.bicep` file add an Environment resource, along with Recipe configur Update your Environment with a Terraform Recipe, pointing to your private git repository. Note that your `templatePath` should contain a `git::` prefix, per the [Terraform module documentation](https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository). -{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"22-30\"],linenostart=30}" >}} +{{< rad file="snippets/env-complete.bicep" embed=true marker="//ENV" markdownConfig="{linenos=table,hl_lines=[\"22-30\"],linenostart=30,lineNos=false}" >}} ## Step 5: Deploy your Radius Environment diff --git a/docs/content/guides/recipes/howto-private-registry/snippets/env-complete.bicep b/docs/content/guides/recipes/howto-private-registry/snippets/env-complete.bicep index 7ec3ac5e6..49f7822a0 100644 --- a/docs/content/guides/recipes/howto-private-registry/snippets/env-complete.bicep +++ b/docs/content/guides/recipes/howto-private-registry/snippets/env-complete.bicep @@ -8,6 +8,7 @@ param pat string resource secretStoreGit 'Applications.Core/secretStores@2023-10-01-preview' = { name: 'my-git-secret-store' properties: { + resource: 'my-secret-namespace/github' type: 'generic' data: { pat: { @@ -45,7 +46,7 @@ resource env 'Applications.Core/environments@2023-10-01-preview' = { default: { templateKind: 'terraform' // Git template path - templatePath:'git::https//github.com/my-org/my-repo' + templatePath:'git::https://github.com/my-org/my-repo' } } } From 035e1491f85bb9ab977d02fda821d1d92c832135 Mon Sep 17 00:00:00 2001 From: jasonviviano <83607984+jasonviviano@users.noreply.github.com> Date: Mon, 11 Mar 2024 18:55:43 +0000 Subject: [PATCH 22/22] Spellcheck fix Signed-off-by: jasonviviano <83607984+jasonviviano@users.noreply.github.com> --- .github/config/en-custom.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/config/en-custom.txt b/.github/config/en-custom.txt index 337201492..399d1de04 100644 --- a/.github/config/en-custom.txt +++ b/.github/config/en-custom.txt @@ -235,6 +235,7 @@ lifecycles linkTitle linter linux +lineNos liveness livenessProbe localWorkspace