84 lines
2.0 KiB
HCL
84 lines
2.0 KiB
HCL
locals {
|
|
gitea_host = "http://gitea-http.${var.domain}-ci.svc:3000"
|
|
gitea_username = data.kubernetes_secret_v1.gitea.data["username"]
|
|
gitea_password = data.kubernetes_secret_v1.gitea.data["password"]
|
|
request_headers = {
|
|
"Content-Type" = "application/json"
|
|
Authorization = "Basic ${base64encode("${local.gitea_username}:${local.gitea_password}")}"
|
|
}
|
|
}
|
|
|
|
data "kubernetes_secret_v1" "gitea" {
|
|
metadata {
|
|
name = "gitea-admin-user"
|
|
namespace = "${var.domain}-ci"
|
|
}
|
|
}
|
|
provider "restapi" {
|
|
uri = "${local.gitea_host}/api/v1"
|
|
headers = local.request_headers
|
|
write_returns_object = true
|
|
id_attribute = "id"
|
|
}
|
|
|
|
resource "restapi_object" "gitea_org_hook" {
|
|
path = "/orgs/${var.organization}/hooks"
|
|
data = jsonencode({
|
|
type = "gitea"
|
|
active = true
|
|
branch_filter = "*"
|
|
authorization_header = ""
|
|
events = [
|
|
"create",
|
|
"delete",
|
|
"push",
|
|
"pull_request",
|
|
"repository",
|
|
"release",
|
|
"package"
|
|
]
|
|
config = {
|
|
url = "http://el-${var.instance}-${var.component}.${var.namespace}.svc:8080"
|
|
content_type = "json"
|
|
}
|
|
})
|
|
}
|
|
|
|
resource "restapi_object" "ci-token" {
|
|
path = "/users/org-${var.organization}-ci/tokens"
|
|
create_method = "POST"
|
|
read_path = "/users/org-${var.organization}-ci/tokens"
|
|
read_search = {
|
|
search_key = "name"
|
|
search_value = "tekton-${var.organization}"
|
|
}
|
|
id_attribute = "name"
|
|
data = jsonencode({
|
|
name = "tekton-${var.organization}"
|
|
scopes = [
|
|
"write:repository"
|
|
]
|
|
})
|
|
}
|
|
|
|
data "kubernetes_secret_v1" "gitea-cert" {
|
|
metadata {
|
|
name = "gitea-cert"
|
|
namespace = "${var.domain}-ci"
|
|
}
|
|
}
|
|
|
|
|
|
resource "kubernetes_secret_v1" "ci-user-token-secret" {
|
|
metadata {
|
|
name = "gitea"
|
|
namespace = "${var.namespace}"
|
|
}
|
|
data = {
|
|
"ca.crt" = lookup(data.kubernetes_secret_v1.gitea-cert.data, "ca.crt", lookup(data.kubernetes_secret_v1.gitea-cert.data, "tls.crt", ""))
|
|
url = "gitea-http.${var.domain}-ci.svc:3000"
|
|
token = jsondecode(resource.restapi_object.ci-token.create_response).sha1
|
|
}
|
|
}
|
|
|