From ef9e2f4e5d330c69f72330585fd9cc347da8098b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Huss?= <sebastien.huss@gmail.com>
Date: Sun, 21 Apr 2024 15:59:55 +0200
Subject: [PATCH] fix

---
 share/gitea-tekton-org/gitea_hook.tf | 22 ++++++++++++++++++++++
 share/organisation/ci-space.tf       | 21 ---------------------
 2 files changed, 22 insertions(+), 21 deletions(-)

diff --git a/share/gitea-tekton-org/gitea_hook.tf b/share/gitea-tekton-org/gitea_hook.tf
index 140dcd1..35917f2 100644
--- a/share/gitea-tekton-org/gitea_hook.tf
+++ b/share/gitea-tekton-org/gitea_hook.tf
@@ -43,3 +43,25 @@ resource "restapi_object" "gitea_org_hook" {
     }
   })
 }
+
+resource "restapi_object" "gitea_ci-user-token" {
+  path = "/users/org-${var.organization}-ci/tokens"
+  data = jsonencode({
+    name = "tekton"
+    scopes = [
+      "write:repository"
+    ]
+  })
+}
+
+resource "kubernetes_secret_v1" "ci-user-token-secret" {
+  metadata {
+    name = "gitea"
+    namespace = "${var.domain}-ci-${var.instance}"
+  }
+  data = {
+    url = "gitea-http.${var.domain}-ci.svc:3000"
+    token = jsondecode(resource.restapi_object.gitea_ci-user-token.create_response).sha1
+  }
+}
+
diff --git a/share/organisation/ci-space.tf b/share/organisation/ci-space.tf
index 5cab5e4..43e6085 100644
--- a/share/organisation/ci-space.tf
+++ b/share/organisation/ci-space.tf
@@ -67,24 +67,3 @@ resource "gitea_public_key" "ci-user-keys" {
   username  = gitea_user.user-ci[0].username
   key = data.kubernetes_secret_v1.ci-ssh-creds-read[count.index].data["ssh-publickey"]
 }
-
-resource "gitea_token" "ci-user-token" {
-  count = var.haveGitea && var.haveTekton?1:0
-  username = gitea_user.user-ci[0].username
-  name     = "tekton-${var.instance}-${var.component}"
-}
-
-resource "kubernetes_secret_v1" "ci-user-token-secret" {
-  count = var.haveGitea && var.haveTekton?1:0
-  metadata {
-    name = "gitea"
-    namespace = "${var.domain}-ci-${var.instance}"
-  }
-  data = {
-    url = "gitea-http.${var.domain}-ci.svc:3000"
-    username = gitea_user.user-ci[0].username
-    token = resource.gitea_token.ci-user-token[0].token
-    password = random_password.password.result
-  }
-}
-