From 6469163b62b8af2e27db46ad3b76e7db290f11f6 Mon Sep 17 00:00:00 2001
From: Julius Tens <mail@juliustens.eu>
Date: Mon, 18 Sep 2023 00:01:28 +0200
Subject: [PATCH] feat: deploy flux to tilia cluster

---
 cloud-resources/flux.tf   | 16 ++++++++++++++++
 cloud-resources/github.tf | 18 ++++++++++++++++++
 cloud-resources/main.tf   | 10 +++++++++-
 3 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 cloud-resources/flux.tf
 create mode 100644 cloud-resources/github.tf

diff --git a/cloud-resources/flux.tf b/cloud-resources/flux.tf
new file mode 100644
index 0000000..b964848
--- /dev/null
+++ b/cloud-resources/flux.tf
@@ -0,0 +1,16 @@
+provider "flux" {
+  kubernetes = module.kube-hetzner.kubeconfig_data
+  git = {
+    url = "ssh://git@github.com/${local.github_org}/${local.github_repo}.git"
+    ssh = {
+      username    = "git"
+      private_key = tls_private_key.flux_key.private_key_pem
+    }
+  }
+}
+
+resource "flux_bootstrap_git" "flux_tilia" {
+  depends_on       = [github_repository_deploy_key.github_deploy_key_flux]
+  path             = "kubernetes/clusters/tilia"
+  components_extra = ["image-reflector-controller", "image-automation-controller"]
+}
diff --git a/cloud-resources/github.tf b/cloud-resources/github.tf
new file mode 100644
index 0000000..0fe61b3
--- /dev/null
+++ b/cloud-resources/github.tf
@@ -0,0 +1,18 @@
+variable "github_token" {}
+
+provider "github" {
+  owner = "public-transport"
+  token = var.github_token
+}
+
+resource "tls_private_key" "flux_key" {
+  algorithm   = "ECDSA"
+  ecdsa_curve = "P256"
+}
+
+resource "github_repository_deploy_key" "github_deploy_key_flux" {
+  title      = "flux"
+  repository = "infrastructure"
+  key        = tls_private_key.flux_key.public_key_openssh
+  read_only  = false
+}
diff --git a/cloud-resources/main.tf b/cloud-resources/main.tf
index 4217cc5..4d60180 100644
--- a/cloud-resources/main.tf
+++ b/cloud-resources/main.tf
@@ -29,7 +29,15 @@ terraform {
     }
     hcloud = {
       source  = "hetznercloud/hcloud"
-      version = ">= 1.41.0"
+      version = "~> 1.42.0"
+    }
+    flux = {
+      source  = "fluxcd/flux"
+      version = "~> 1.1.0"
+    }
+    github = {
+      source  = "integrations/github"
+      version = "~> 5.37.0"
     }
   }
 }