From ed46acc154b55da100848b9da7b3f615ffa3d5d2 Mon Sep 17 00:00:00 2001
From: jv <juvenaldiaz522@gmail.com>
Date: Tue, 19 May 2026 09:46:26 -0500
Subject: [PATCH] fix: route image resolution to internal cluster dns service
 registry

---
 apps/website/web-app.yaml |  4 ++--
 bootstrap/apps/main.tf    | 11 ++++++++--
 lab.sh                    | 45 +++++++++++++++++++++++++++++++++------
 3 files changed, 50 insertions(+), 10 deletions(-)

diff --git a/apps/website/web-app.yaml b/apps/website/web-app.yaml
index 20fb5bc..f547f23 100644
--- a/apps/website/web-app.yaml
+++ b/apps/website/web-app.yaml
@@ -27,7 +27,7 @@ spec:
             topologyKey: "kubernetes.io/hostname"
       containers:
         - name: php-app
-          image: 192.168.100.68:30500/my-php-app:v1
+          image: local-registry-svc.container-registry.svc.cluster.local:5000/php-website:latest
           imagePullPolicy: Always
           ports:
             - containerPort: 80
@@ -42,6 +42,6 @@ spec:
   ports:
     - port: 80
       targetPort: 80
-      nodePort: 30080 
+      nodePort: 30080
   selector:
     app: php-website
diff --git a/bootstrap/apps/main.tf b/bootstrap/apps/main.tf
index 4b6a3a2..9c9585e 100644
--- a/bootstrap/apps/main.tf
+++ b/bootstrap/apps/main.tf
@@ -13,6 +13,10 @@ provider "kubernetes" {
 }
 
 resource "kubernetes_manifest" "container_registry" {
+  field_manager {
+    force_conflicts = true
+  }
+
   manifest = {
     apiVersion = "argoproj.io/v1alpha1"
     kind       = "Application"
@@ -23,7 +27,6 @@ resource "kubernetes_manifest" "container_registry" {
     spec = {
       project = "default"
       source = {
-        # Targets your laptop's private IP and filesystem path via SSH
         repoURL        = "ssh://jv@192.168.100.68/home/jv/git-server/my-homelab-configs.git"
         targetRevision = "HEAD"
         path           = "apps/container-registry"
@@ -45,6 +48,11 @@ resource "kubernetes_manifest" "container_registry" {
 
 resource "kubernetes_manifest" "production_website" {
   depends_on = [kubernetes_manifest.container_registry]
+
+  field_manager {
+    force_conflicts = true
+  }
+
   manifest = {
     apiVersion = "argoproj.io/v1alpha1"
     kind       = "Application"
@@ -55,7 +63,6 @@ resource "kubernetes_manifest" "production_website" {
     spec = {
       project = "default"
       source = {
-        # Targets your laptop's private IP and filesystem path via SSH
         repoURL        = "ssh://jv@192.168.100.68/home/jv/git-server/my-homelab-configs.git"
         targetRevision = "HEAD"
         path           = "apps/website"
diff --git a/lab.sh b/lab.sh
index a59187f..fb83990 100755
--- a/lab.sh
+++ b/lab.sh
@@ -1,10 +1,24 @@
 up() {
     echo "Deploying the homelab infrastructure..."
-    
+
+    docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+
+    cat <<EOF > /tmp/buildx-config.toml
+[registry."127.0.0.1:30500"]
+  http = true
+[registry."localhost:30500"]
+  http = true
+EOF
+
+    docker buildx rm lab-builder 2>/dev/null || true
+
+    docker buildx create --name lab-builder --driver docker-container --driver-opt network=host --config /tmp/buildx-config.toml --use
+    docker buildx inspect --bootstrap
+
     cd bootstrap/cluster
     tofu init
     tofu apply -auto-approve
-    
+
     cd ../platform
     tofu init
     tofu apply -auto-approve
@@ -12,8 +26,24 @@ up() {
     cd ../apps
     tofu init
     tofu apply -auto-approve
-    
+
     cd ../..
+
+    until kubectl get deployment local-registry -n container-registry -o jsonpath='{.status.availableReplicas}' 2>/dev/null | grep -q '^[1-9]'; do
+        echo "Waiting for local-registry pods to initialize..."
+        sleep 5
+    done
+
+    docker buildx build \
+        --network host \
+        --platform linux/amd64,linux/arm64 \
+        -t "127.0.0.1:30500/php-website:latest" \
+        -f apps/website/Dockerfile \
+        apps/website/ \
+        --push
+
+    kubectl patch application php-web-app -n argocd --type merge -p '{"metadata":{"annotations":{"argocd.argoproj.io/refresh":"sync"}}}'
+
     echo "Deployment successfully completed!"
 }
 
@@ -27,16 +57,16 @@ nuke() {
     sudo kubeadm reset --force || true
     sudo systemctl stop containerd 2>/dev/null || true
     sudo killall containerd-shim-runc-v2 2>/dev/null || true
-    
+
     sudo umount /var/lib/containerd/srun/* 2>/dev/null || true
     sudo rm -rf /var/lib/containerd/* /run/containerd/*
     sudo rm -rf /etc/kubernetes/ /var/lib/etcd/ /var/lib/kubelet/ /var/lib/cni/ /etc/cni/net.d /home/jv/.kube/
-    
+
     sudo iptables -F && sudo iptables -t nat -F && sudo iptables -t mangle -F && sudo iptables -X
     sudo ip link delete cilium_host 2>/dev/null || true
     sudo ip link delete cilium_net 2>/dev/null || true
     sudo ip link delete cilium_vxlan 2>/dev/null || true
-    
+
     sudo systemctl start containerd
 
     echo "--> Eviscerating remote Kubernetes components (Raspberry Pi)..."
@@ -47,6 +77,9 @@ nuke() {
         sudo iptables -F && sudo iptables -t nat -F && sudo iptables -t mangle -F && sudo iptables -X
 EOF
 
+    docker buildx rm lab-builder 2>/dev/null || true
+    rm -f /tmp/buildx-config.toml || true
+
     echo "--> Deleting OpenTofu tracking state files..."
     rm -rf bootstrap/cluster/terraform.tfstate*
     rm -rf bootstrap/cluster/.terraform/