locals { gitea_host = "http://gitea-http.${var.domain}-ci.svc:3000" gitea_username = data.kubernetes_secret_v1.gitea.data["username"] gitea_password = data.kubernetes_secret_v1.gitea.data["password"] request_headers = { "Content-Type" = "application/json" Authorization = "Basic ${base64encode("${local.gitea_username}:${local.gitea_password}")}" } } data "kubernetes_secret_v1" "gitea" { metadata { name = "gitea-admin-user" namespace = "${var.domain}-ci" } } provider "restapi" { uri = "${local.gitea_host}/api/v1" headers = local.request_headers write_returns_object = true id_attribute = "id" } resource "restapi_object" "gitea_org_hook" { path = "/orgs/${var.organization}/hooks" data = jsonencode({ type = "gitea" active = true branch_filter = "*" authorization_header = "" events = [ "create", "delete", "push", "pull_request", "repository", "release", "package" ] config = { url = "http://el-${var.instance}-${var.component}.${var.namespace}.svc:8080" content_type = "json" } }) } resource "restapi_object" "ci-token" { path = "/users/org-${var.organization}-ci/tokens" create_method = "POST" read_path = "/users/org-${var.organization}-ci/tokens" read_search = { search_key = "name" search_value = "tekton-${var.organization}" } id_attribute = "name" data = jsonencode({ name = "tekton-${var.organization}" scopes = [ "write:repository" ] }) } data "kubernetes_secret_v1" "gitea-cert" { metadata { name = "gitea-cert" namespace = "${var.domain}-ci" } } resource "kubernetes_secret_v1" "ci-user-token-secret" { metadata { name = "gitea" namespace = "${var.namespace}" } data = { "ca.crt" = lookup(data.kubernetes_secret_v1.gitea-cert.data, "ca.crt", lookup(data.kubernetes_secret_v1.gitea-cert.data, "tls.crt", "")) url = "gitea-http.${var.domain}-ci.svc:3000" token = jsondecode(resource.restapi_object.ci-token.create_response).sha1 } }