Update flux and install the image automation controller.

2026-05-03 14:52:53 -04:00
parent 26cbb79960
commit 795216d989
4 changed files with 193 additions and 36 deletions
--- a/nix/kubernetes/keys/package/mrmanager-repo-secrets/package.nix
+++ b/nix/kubernetes/keys/package/mrmanager-repo-secrets/package.nix
@@ -58,6 +58,17 @@ let
          };
        };
        "flux-system" = {
+          "registry-credentials" =
+            (generate_docker_secret {
+              username = builtins.readFile "${./secrets/flux-system/registry-credentials/username}";
+              password = builtins.readFile "${./secrets/flux-system/registry-credentials/password}";
+              email = builtins.readFile "${./secrets/flux-system/registry-credentials/email}";
+            })
+            // {
+              # "__annotations" = {
+              #   "tekton.dev/docker-0" = "https://harbor.fizz.buzz";
+              # };
+            };
          "webhook-token" = {
            "token" = generate_key 64 "flux-system.webhook-token.token";
          };
@@ -140,6 +151,7 @@ let

  ## Utilities
  inherit ((import ../../../functions/to_yaml.nix) { inherit pkgs; }) to_yaml;
+  inherit (pkgs.callPackage ../../contrib/base64/package.nix { inherit lib; }) toBase64;
  generate_key =
    len: name:
    builtins.readFile (
@@ -174,6 +186,21 @@ let
        "\\}"
      ]
      json;
+  generate_docker_secret =
+    {
+      username,
+      password,
+      email,
+    }:
+    let
+    in
+    {
+      "__type" = "kubernetes.io/dockerconfigjson";
+      ".dockerconfigjson" = builtins.toJSON {
+        inherit username password email;
+        "auth" = toBase64 "${username}:${password}";
+      };
+    };
  ## dex
  get_dex_config =
    client_id: