diff --git a/apps/woodpecker/gitea_token.tf b/apps/woodpecker/gitea_token.tf index dcd647b..a7c1983 100644 --- a/apps/woodpecker/gitea_token.tf +++ b/apps/woodpecker/gitea_token.tf @@ -1,12 +1,3 @@ -terraform { - required_providers { - gitea = { - source = "Lerentis/gitea" - version = "0.16.0" - } - } -} - data "kubernetes_secret_v1" "gitea" { metadata { name = "gitea-admin-user" @@ -21,12 +12,6 @@ data "kubernetes_ingress_v1" "gitea" { } } -provider "gitea" { - base_url = "http://gitea-http.${var.domain}-ci.svc" - username = data.kubernetes_secret_v1.gitea.data["username"] - password = data.kubernetes_secret_v1.gitea.data["password"] -} - resource "gitea_oauth2_app" "prj" { name = var.component redirect_uris = [ diff --git a/apps/woodpecker/index.yaml b/apps/woodpecker/index.yaml index 1c329cf..f3577b8 100644 --- a/apps/woodpecker/index.yaml +++ b/apps/woodpecker/index.yaml @@ -6,10 +6,10 @@ metadata: name: woodpecker description: null options: - domain: - default: your-company + issuer: + default: letsencrypt-prod examples: - - your-company + - letsencrypt-prod type: string images: default: @@ -108,6 +108,35 @@ options: type: string type: object type: object + storage-server: + default: + accessMode: ReadWriteOnce + size: 10Gi + examples: + - accessMode: ReadWriteOnce + size: 10Gi + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: object + domain: + default: your-company + examples: + - your-company + type: string + sub-domain: + default: ci + examples: + - ci + type: string domain-name: default: your_company.com examples: @@ -118,11 +147,6 @@ options: examples: - traefik type: string - sub-domain: - default: ci - examples: - - ci - type: string storage-agent: default: size: 10Gi @@ -143,30 +167,6 @@ options: default: 'false' type: string type: object - storage-server: - default: - accessMode: ReadWriteOnce - size: 10Gi - examples: - - accessMode: ReadWriteOnce - size: 10Gi - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string dependencies: [] providers: kubernetes: true diff --git a/apps/woodpecker/providers.tf b/apps/woodpecker/providers.tf new file mode 100644 index 0000000..d91795a --- /dev/null +++ b/apps/woodpecker/providers.tf @@ -0,0 +1,49 @@ + +terraform { + required_providers { + gitea = { + source = "Lerentis/gitea" + version = "~> 0.16.0" + } + kustomization = { + source = "kbst/kustomization" + version = "~> 0.9.2" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "~> 2.20.0" + } + kubectl = { + source = "gavinbunney/kubectl" + version = "~> 1.14.0" + } + authentik = { + source = "goauthentik/authentik" + version = "~> 2023.5.0" + } + } +} + +provider "gitea" { + base_url = "http://gitea-http.${var.domain}-ci.svc" + username = data.kubernetes_secret_v1.gitea.data["username"] + password = data.kubernetes_secret_v1.gitea.data["password"] +} +provider "kustomization" { + kubeconfig_incluster = true +} +provider "kubernetes" { + host = "https://kubernetes.default.svc" + token = "${file("/run/secrets/kubernetes.io/serviceaccount/token")}" + cluster_ca_certificate = "${file("/run/secrets/kubernetes.io/serviceaccount/ca.crt")}" +} +provider "kubectl" { + host = "https://kubernetes.default.svc" + token = "${file("/run/secrets/kubernetes.io/serviceaccount/token")}" + cluster_ca_certificate = "${file("/run/secrets/kubernetes.io/serviceaccount/ca.crt")}" + load_config_file = false +} +provider "authentik" { + url = "http://authentik.${var.domain}-auth.svc" + token = data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"] +}