Add new infra architecture

2026-01-19 11:55:17 +01:00
parent 21d35ea92b
commit 35f164f0cd
311 changed files with 13241 additions and 3700 deletions
--- a/infrastructure/scripts/setup/setup-ghcr-secrets.sh
+++ b/infrastructure/scripts/setup/setup-ghcr-secrets.sh
@@ -0,0 +1,67 @@
+#!/bin/bash
+
+# Setup GitHub Container Registry (GHCR) image pull secrets for all namespaces
+# This script creates docker-registry secrets for pulling images from GHCR
+
+set -e
+
+# GitHub Container Registry credentials
+# Note: Use a GitHub Personal Access Token with 'read:packages' scope
+GHCR_SERVER="ghcr.io"
+GHCR_USERNAME="uals"  # GitHub username
+GHCR_PASSWORD="ghp_zzEY5Q58x1S0puraIoKEtbpue3A"  # GitHub Personal Access Token
+GHCR_EMAIL="ualfaro@gmail.com"
+SECRET_NAME="ghcr-creds"
+
+# List of namespaces used in the project
+NAMESPACES=(
+  "bakery-ia"
+  "bakery-ia-dev"
+  "bakery-ia-prod"
+  "default"
+)
+
+echo "Setting up GitHub Container Registry image pull secrets..."
+echo "=========================================================="
+echo ""
+
+for namespace in "${NAMESPACES[@]}"; do
+  echo "Processing namespace: $namespace"
+
+  # Create namespace if it doesn't exist
+  if ! kubectl get namespace "$namespace" >/dev/null 2>&1; then
+    echo "  Creating namespace: $namespace"
+    kubectl create namespace "$namespace"
+  fi
+
+  # Delete existing secret if it exists
+  if kubectl get secret "$SECRET_NAME" -n "$namespace" >/dev/null 2>&1; then
+    echo "  Deleting existing secret in namespace: $namespace"
+    kubectl delete secret "$SECRET_NAME" -n "$namespace"
+  fi
+
+  # Create the docker-registry secret for GHCR
+  echo "  Creating GHCR secret in namespace: $namespace"
+  kubectl create secret docker-registry "$SECRET_NAME" \
+    --docker-server="$GHCR_SERVER" \
+    --docker-username="$GHCR_USERNAME" \
+    --docker-password="$GHCR_PASSWORD" \
+    --docker-email="$GHCR_EMAIL" \
+    -n "$namespace"
+
+  echo "  ✓ Secret created successfully in namespace: $namespace"
+  echo ""
+done
+
+echo "=========================================================="
+echo "GitHub Container Registry secrets setup completed!"
+echo ""
+echo "The secret '$SECRET_NAME' has been created in all namespaces:"
+for namespace in "${NAMESPACES[@]}"; do
+  echo "  - $namespace"
+done
+echo ""
+echo "Next steps:"
+echo "1. Update your Kubernetes manifests to include the GHCR imagePullSecrets"
+echo "2. Verify pods can pull images from GHCR: kubectl get pods -A"
+echo "3. Consider updating your CI/CD pipelines to push images to GHCR"