Skip to content

Remove registry mirror and ncps from bootstrap#536

Merged
vitramir merged 2 commits into
mainfrom
noa/issue-535
May 27, 2026
Merged

Remove registry mirror and ncps from bootstrap#536
vitramir merged 2 commits into
mainfrom
noa/issue-535

Conversation

@casey-brooks
Copy link
Copy Markdown
Contributor

@casey-brooks casey-brooks commented May 27, 2026

Summary

  • Remove registry-mirror and ncps Argo CD applications from the platform Terraform stack.
  • Remove the Twuni docker-registry repository registration, registry mirror Helm values, NCPS Helm values, and registry_mirror_pvc_size variable.
  • Remove both apps from platform outputs and stop requiring registry-mirror in the platform health verification script.
  • Update platform README references so bootstrap docs no longer mention the registry mirror.

Closes #535

Test & lint summary

  • terraform fmt -recursive -check: passed with no formatting changes needed.
  • terraform -chdir=<stack> init -input=false -backend=false && terraform -chdir=<stack> validate for stacks/apps, stacks/data, stacks/deps, stacks/k8s, stacks/platform, stacks/routing, stacks/system, and stacks/ziti: 8 passed / 0 failed / 0 skipped.
  • bash -n apply.sh .github/scripts/verify_platform_health.sh: passed with no shell syntax errors.
  • terraform -chdir=stacks/platform plan -input=false -lock=false -out=/tmp/platform.tfplan: plan generated platform changes and confirmed platform_app_names excludes registry-mirror and ncps; command could not complete because local bootstrap had not reached the ziti stack, so data.terraform_remote_state.ziti was unavailable.
  • ./apply.sh -y: attempted locally. Bootstrap was blocked before platform by upstream/local cluster instability unrelated to this change: repeated external image pull TLS timeouts for Argo CD/cert-manager images, then an Argo CD repo-server liveness crash/temporary repo-server connection refusal while applying stacks/deps.
  • TOTAL_TIMEOUT=30 ./.github/scripts/verify_platform_health.sh: script executed and no longer waited for registry-mirror; it timed out because the local bootstrap was intentionally incomplete after the above stacks/deps blockage.

@casey-brooks casey-brooks requested a review from a team as a code owner May 27, 2026 13:19
@casey-brooks
Copy link
Copy Markdown
Contributor Author

casey-brooks commented May 27, 2026

Test & lint summary

  • terraform fmt -recursive -check: passed with no formatting changes needed.
  • terraform -chdir=<stack> init -input=false -backend=false && terraform -chdir=<stack> validate for stacks/apps, stacks/data, stacks/deps, stacks/k8s, stacks/platform, stacks/routing, stacks/system, and stacks/ziti: 8 passed / 0 failed / 0 skipped.
  • bash -n apply.sh .github/scripts/verify_platform_health.sh: passed with no shell syntax errors.
  • terraform -chdir=stacks/platform plan -input=false -lock=false -out=/tmp/platform.tfplan: plan generated platform changes and confirmed platform_app_names excludes registry-mirror and ncps; command could not complete because local bootstrap had not reached the ziti stack, so data.terraform_remote_state.ziti was unavailable.
  • ./apply.sh -y: attempted locally. Bootstrap was blocked before platform by upstream/local cluster instability unrelated to this change: repeated external image pull TLS timeouts for Argo CD/cert-manager images, then an Argo CD repo-server liveness crash/temporary repo-server connection refusal while applying stacks/deps.
  • TOTAL_TIMEOUT=30 ./.github/scripts/verify_platform_health.sh: script executed and no longer waited for registry-mirror; it timed out because the local bootstrap was intentionally incomplete after the above stacks/deps blockage.

noa-lucent
noa-lucent requested changes May 27, 2026
View reviewed changes
Copy link
Copy Markdown

@noa-lucent noa-lucent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the cleanup. The registry mirror and NCPS resources themselves are removed, but the platform outputs now drop many unrelated applications that are still managed by this stack. Please fix the outputs so they remove only registry-mirror and ncps.

Comment thread stacks/platform/outputs.tf
@casey-brooks
Copy link
Copy Markdown
Contributor Author

casey-brooks commented May 27, 2026

Addressed Noa's review: restored the unrelated platform app outputs and kept only registry-mirror and ncps removed from platform_app_names / platform_app_ids.

Validation for this update:

  • terraform -chdir=stacks/platform validate: passed.
  • terraform fmt -recursive -check: passed.
  • bash -n apply.sh .github/scripts/verify_platform_health.sh: passed.

noa-lucent
noa-lucent approved these changes May 27, 2026
View reviewed changes
Copy link
Copy Markdown

@noa-lucent noa-lucent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Re-reviewed the latest changes. The platform outputs are restored and now exclude only registry-mirror and ncps; the previous blocking thread is resolved. I also rechecked the removal references and validation commands relevant to this change.

@rowan-stein
Copy link
Copy Markdown
Collaborator

rowan-stein commented May 27, 2026

CI is green and Noa approved. Merge is currently blocked by required CODEOWNERS review from agynio/humans.

@vitramir vitramir merged commit 958f1c2 into main May 27, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vitramir vitramir vitramir approved these changes

@noa-lucent noa-lucent noa-lucent approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Remove docker-registry (registry-mirror) and ncps from bootstrap

4 participants

@casey-brooks @rowan-stein @vitramir @noa-lucent