diff --git a/share/organisation/ci-space.tf b/share/organisation/ci-space.tf index 43e6085..82c11ef 100644 --- a/share/organisation/ci-space.tf +++ b/share/organisation/ci-space.tf @@ -67,3 +67,24 @@ resource "gitea_public_key" "ci-user-keys" { username = gitea_user.user-ci[0].username key = data.kubernetes_secret_v1.ci-ssh-creds-read[count.index].data["ssh-publickey"] } + +resource "kubernetes_secret" "ci-docker-config" { + count = var.haveGitea && var.haveTekton?1:0 + metadata { + name = "gitea-docker" + namespace = "${var.domain}-ci-${var.instance}" + } + type = "kubernetes.io/dockerconfigjson" + data = { + ".dockerconfigjson" = jsonencode({ + auths = { + "${data.kubernetes_ingress_v1.gitea.spec[0].rule[0].host}" = { + "username" = gitea_user.user-ci[0].username + "password" = random_password.password.result + "email" = var.registry_email + "auth" = base64encode("${gitea_user.user-ci[0].username}:${random_password.password.result}") + } + } + }) + } +} diff --git a/share/organisation/stages.tf b/share/organisation/stages.tf index 0352b34..1655142 100644 --- a/share/organisation/stages.tf +++ b/share/organisation/stages.tf @@ -43,6 +43,27 @@ resource "kubernetes_namespace_v1" "ns" { } } +resource "kubernetes_secret" "docker-config" { + count = var.haveGitea?length(local.sorted-stages):0 + metadata { + name = "gitea-docker" + namespace = "${local.sorted-datasets[count.index].namespace}" + } + type = "kubernetes.io/dockerconfigjson" + data = { + ".dockerconfigjson" = jsonencode({ + auths = { + "${data.kubernetes_ingress_v1.gitea.spec[0].rule[0].host}" = { + "username" = gitea_user.user-ci[0].username + "password" = random_password.password.result + "email" = var.registry_email + "auth" = base64encode("${gitea_user.user-ci[0].username}:${random_password.password.result}") + } + } + }) + } +} + resource "kubectl_manifest" "datasets" { count = length(local.sorted-datasets) depends_on = [kubernetes_namespace_v1.ns]