fix

2024-04-21 15:59:55 +02:00
parent 1899e58cf7
commit ef9e2f4e5d
2 changed files with 22 additions and 21 deletions
--- a/share/gitea-tekton-org/gitea_hook.tf
+++ b/share/gitea-tekton-org/gitea_hook.tf
@@ -43,3 +43,25 @@ resource "restapi_object" "gitea_org_hook" {
    }
  })
 }
+
+resource "restapi_object" "gitea_ci-user-token" {
+  path = "/users/org-${var.organization}-ci/tokens"
+  data = jsonencode({
+    name = "tekton"
+    scopes = [
+      "write:repository"
+    ]
+  })
+}
+
+resource "kubernetes_secret_v1" "ci-user-token-secret" {
+  metadata {
+    name = "gitea"
+    namespace = "${var.domain}-ci-${var.instance}"
+  }
+  data = {
+    url = "gitea-http.${var.domain}-ci.svc:3000"
+    token = jsondecode(resource.restapi_object.gitea_ci-user-token.create_response).sha1
+  }
+}
+
--- a/share/organisation/ci-space.tf
+++ b/share/organisation/ci-space.tf
@@ -67,24 +67,3 @@ resource "gitea_public_key" "ci-user-keys" {
  username  = gitea_user.user-ci[0].username
  key = data.kubernetes_secret_v1.ci-ssh-creds-read[count.index].data["ssh-publickey"]
 }
-
-resource "gitea_token" "ci-user-token" {
-  count = var.haveGitea && var.haveTekton?1:0
-  username = gitea_user.user-ci[0].username
-  name     = "tekton-${var.instance}-${var.component}"
-}
-
-resource "kubernetes_secret_v1" "ci-user-token-secret" {
-  count = var.haveGitea && var.haveTekton?1:0
-  metadata {
-    name = "gitea"
-    namespace = "${var.domain}-ci-${var.instance}"
-  }
-  data = {
-    url = "gitea-http.${var.domain}-ci.svc:3000"
-    username = gitea_user.user-ci[0].username
-    token = resource.gitea_token.ci-user-token[0].token
-    password = random_password.password.result
-  }
-}
-