# Infrastructure Blocker: bf-22vc5 - acb-enrichment Deployment ## Problem The `acb-enrichment-deployment.yml` is disabled because it contains a placeholder SHA: ```yaml image: ronaldraygun/acb-enrichment@sha256:placeholder ``` ## Root Cause The `acb-enrichment` Docker image has never been built. Docker Hub repository exists but has no tags: ```bash curl -sk https://hub.docker.com/v2/repositories/ronaldraygun/acb-enrichment/tags/ # Returns: {"count":0,"next":null,"previous":null,"results":[]} ``` ## Infrastructure Blocker Cannot trigger the acb-build workflow on iad-ci because: - The iad-ci kubeconfig (`/home/coding/.kube/iad-ci.kubeconfig`) is missing - The rs-manager kubeconfig (`/home/coding/.kube/rs-manager.kubeconfig`) is also missing - The kubectl-proxy on `traefik-iad-ci:8001` is read-only (ServiceAccount: `devpod-observer:devpod-observer`) - Cannot create workflows via read-only proxy ## Checked Alternatives (2024-06-04) 1. **Docker runtime**: Not available on this Hetzner server 2. **Podman runtime**: Not available on this Hetzner server 3. **GitHub Actions**: Disabled across all repos per CLAUDE.md 4. **ArgoCD read-only API**: Cannot submit workflows via read-only access 5. **Argo UI**: Available at https://argo-ci.ardenone.com but requires Google SSO (not programmatic) ## Available Access - Read-only kubectl-proxy: `kubectl --server=http://traefik-iad-ci:8001` works - Argo UI: `https://argo-ci.ardenone.com` (requires Google SSO) - rs-manager cluster: Available via traefik-rs-manager:8001 (no Argo Workflows CRDs) ## Expected Workflow The `acb-build` WorkflowTemplate in `declarative-config/k8s/iad-ci/argo-workflows/acb-build-workflowtemplate.yml` includes: 1. Run Go tests 2. Build all ACB images including `acb-enrichment` (line 93-102) 3. Update deployment manifests with the new digest (line 103-108, 216-262) The workflow should be triggered with: ```bash kubectl --kubeconfig=/home/coding/.kube/iad-ci.kubeconfig create -f - <