locals {
  gitea_host = "http://gitea-http.${var.domain}-ci.svc:3000"
  gitea_username = data.kubernetes_secret_v1.gitea.data["username"]
  gitea_password = data.kubernetes_secret_v1.gitea.data["password"]
  request_headers = {
    "Content-Type"  = "application/json"
    Authorization   = "Basic ${base64encode("${local.gitea_username}:${local.gitea_password}")}"
  }
}

data "kubernetes_secret_v1" "gitea" {
  metadata {
    name = "gitea-admin-user"
    namespace = "${var.domain}-ci"
  }
}
provider "restapi" {
  uri = "${local.gitea_host}/api/v1"
  headers = local.request_headers
  write_returns_object  = true
  id_attribute = "id"
}

resource "restapi_object" "gitea_org_hook" {
  path = "/orgs/${var.organization}/hooks"
  data = jsonencode({
    type = "gitea"
    active = true
    branch_filter = "*"
    authorization_header = ""
    events = [
      "create",
      "delete",
      "push",
      "pull_request",
      "repository",
      "release",
      "package"
    ]
    config = {
        url = "http://el-${var.instance}-${var.component}.${var.namespace}.svc:8080"
        content_type = "json"
    }
  })
}

resource "restapi_object" "gitea_ci-user-token" {
  path = "/users/org-${var.organization}-ci/tokens"
  data = jsonencode({
    name = "${var.organization}-tekton"
    scopes = [
      "write:repository"
    ]
  })
}

resource "kubernetes_secret_v1" "ci-user-token-secret" {
  metadata {
    name = "gitea"
    namespace = "${var.domain}-ci-${var.instance}"
  }
  data = {
    url = "gitea-http.${var.domain}-ci.svc:3000"
    token = jsondecode(resource.restapi_object.gitea_ci-user-token.create_response).sha1
  }
}