diff --git a/.forgejo/workflows/authentik.yaml b/.forgejo/workflows/authentik.yaml deleted file mode 100644 index b4fc6be..0000000 --- a/.forgejo/workflows/authentik.yaml +++ /dev/null @@ -1,45 +0,0 @@ -on: - push: - branches: - - 'main' - #path: - # - '**/authentik/*.tf' - -jobs: - authentik: - runs-on: ubuntu - steps: - - uses: actions/checkout@v4 - with: - sparse-checkout: | - authentik - - name: Setup OpenTofu - run: | - curl -fsSl https://get.opentofu.org/install-opentofu.sh -o /tmp/install-opentofu.sh - chmod +x /tmp/install-opentofu.sh - /tmp/install-opentofu.sh --install-method deb - rm -f /tmp/install-opentofu.sh - - name: Tofu init - working-directory: ${{ github.workspace }}/authentik - run: | - export KUBE_CONFIG_PATH="/tmp/kubeconfig" - echo ${{ secrets.KUBE_CONFIG_BASE64 }} | base64 -d > ${KUBE_CONFIG_PATH} - export AUTHENTIK_TOKEN=${{ secrets.AUTHENTIK_TOKEN }} - export AUTHENTIK_URL="https://auth.lab.cowley.tech" - tofu init - - name: Tofu Plan - working-directory: ${{ github.workspace }}/authentik - run: | - export KUBE_CONFIG_PATH="/tmp/kubeconfig" - echo ${{ secrets.KUBE_CONFIG_BASE64 }} | base64 -d > ${KUBE_CONFIG_PATH} - export AUTHENTIK_TOKEN=${{ secrets.AUTHENTIK_TOKEN }} - export AUTHENTIK_URL="https://auth.lab.cowley.tech" - tofu plan -out tfplan - #- name: Tofu Apply - # working-directory: ${{ github.workspace }}/authentik - # run: | - # export KUBE_CONFIG_PATH="/tmp/kubeconfig" - # echo ${{ secrets.KUBE_CONFIG_BASE64 }} | base64 -d > ${KUBE_CONFIG_PATH} - # export AUTHENTIK_TOKEN=${{ secrets.AUTHENTIK_TOKEN }} - # export AUTHENTIK_URL="https://auth.lab.cowley.tech" - # tofu apply tfplan diff --git a/.forgejo/workflows/authentik.yml b/.forgejo/workflows/authentik.yml new file mode 100644 index 0000000..212ca5d --- /dev/null +++ b/.forgejo/workflows/authentik.yml @@ -0,0 +1,56 @@ +on: + push: + branches: + - 'main' + #path: + # - '**/authentik/*.tf + +jobs: + authentik: + runs-on: docker + #container: + # image: ghcr.io/opentofu/opentofu:1.7.2 + steps: + - uses: actions/checkout@v4 + with: + sparse-checkout: | + authentik + #- uses: https://code.lab.cowley.tech/homelab/forgejo-opentofu-runner@main + - name: Setup OpenTofu + run: | + curl -fsSl https://get.opentofu.org/install-opentofu.sh -o /tmp/install-opentofu.sh + chmod +x /tmp/install-opentofu.sh + /tmp/install-opentofu.sh --install-method deb + rm -f /tmp/install-opentofu.sh + - name: Tofu init + working-directory: ${{ github.workspace }}/authentik + run: | + export KUBE_CONFIG_PATH="/tmp/kubeconfig" + echo ${{ secrets.KUBE_CONFIG_BASE64 }} | base64 -d > ${KUBE_CONFIG_PATH} + export B2_APPLICATION_KEY_ID=${{ secrets.B2_APPLICATION_KEY_ID }} + export B2_APPLICATION_KEY=${{ secrets.B2_APPLICATION_KEY }} + tofu init + - name: Tofu Plan + working-directory: ${{ github.workspace }}/authentik + run: | + export KUBE_CONFIG_PATH="/tmp/kubeconfig" + echo ${{ secrets.KUBE_CONFIG_BASE64 }} | base64 -d > ${KUBE_CONFIG_PATH} + export B2_APPLICATION_KEY_ID=${{ secrets.B2_APPLICATION_KEY_ID }} + export B2_APPLICATION_KEY=${{ secrets.B2_APPLICATION_KEY }} + export AUTHENTIK_TOKEN=${{ secrets.AUTHENTIK_TOKEN }} +- export AUTHENTIK_URL="https://auth.lab.cowley.tech" + tofu plan -out tfplan + #- uses: https://code.forgejo.org/forgejo/upload-artifact@v4 + # with: + # name: plan + # path: ${{ github.workspace }}/authentik/tfplan + - name: Tofu Apply + working-directory: ${{ github.workspace }}/authentik + run: | + export KUBE_CONFIG_PATH="/tmp/kubeconfig" + echo ${{ secrets.KUBE_CONFIG_BASE64 }} | base64 -d > ${KUBE_CONFIG_PATH} + export B2_APPLICATION_KEY_ID=${{ secrets.B2_APPLICATION_KEY_ID }} + export B2_APPLICATION_KEY=${{ secrets.B2_APPLICATION_KEY }} + export AUTHENTIK_TOKEN=${{ secrets.AUTHENTIK_TOKEN }} +- export AUTHENTIK_URL="https://auth.lab.cowley.tech" + ls -la