data "kubernetes_secret_v1" "gitea" {
  metadata {
    name = "gitea-admin-user"
    namespace = "${var.domain}-ci"
  }
}

data "kubernetes_ingress_v1" "gitea" {
  metadata {
    name = "gitea"
    namespace = "${var.domain}-ci"
  }
}

resource "gitea_oauth2_app" "prj" {
  name = var.component
  confidential_client = true
  redirect_uris = [
    "https://${var.sub-domain}.${var.domain-name}/authorize"
  ]
}

resource "kubernetes_secret_v1" "oauth2-client-gitea" {
  metadata {
    name = "${var.component}-${var.instance}-gitea"
    namespace = var.namespace
  }
  data = {
    "WOODPECKER_GITEA_URL" = "https://${data.kubernetes_ingress_v1.gitea.spec[0].rule[0].host}"
    "WOODPECKER_GITEA_CLIENT" = gitea_oauth2_app.prj.client_id
    "WOODPECKER_GITEA_SECRET" = gitea_oauth2_app.prj.client_secret
  }
}