diff --git a/.gitea/workflows/authentik-apps.yaml b/.gitea/workflows/authentik-apps.yaml index 3bbbb89..dda2b11 100644 --- a/.gitea/workflows/authentik-apps.yaml +++ b/.gitea/workflows/authentik-apps.yaml @@ -1,10 +1,10 @@ -name: 'Terraform' +name: 'Keycloak Terraform' on: push: branches: [ "main" ] paths: - - 'terraform/authentik/**' + - 'terraform/keycloak/**' pull_request: permissions: @@ -13,7 +13,6 @@ permissions: jobs: terraform: name: 'Terraform' - if: false runs-on: ubuntu-latest environment: production @@ -30,119 +29,25 @@ jobs: with: cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} + - name: Setup kubeconfig + run: | + mkdir -p ~/.kube + echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config + chmod 600 ~/.kube/config + - name: Terraform Init - env: - TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }} run: terraform init - working-directory: ./terraform/authentik + working-directory: ./terraform/keycloak - name: Terraform Format - env: - TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }} run: terraform fmt -check continue-on-error: true - working-directory: ./terraform/authentik + working-directory: ./terraform/keycloak - name: Terraform Apply env: - TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }} + TF_VAR_keycloak_client_secret: ${{ secrets.KEYCLOAK_CLIENT_SECRET }} + TF_VAR_google_client_id: ${{ secrets.GOOGLE_CLIENT_ID }} + TF_VAR_google_client_secret: ${{ secrets.GOOGLE_CLIENT_SECRET }} run: terraform apply -input=false -auto-approve -parallelism=100 - working-directory: ./terraform/authentik - - - name: Generate Wiki Content - if: success() - continue-on-error: true - env: - TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }} - run: | - echo "📋 Starting Wiki generation..." - cd ./terraform/authentik - - # Get terraform output - echo "🔍 Generating Terraform output..." - terraform output -json applications_for_wiki > terraform-raw-output.json 2>&1 - - # Process output to extract clean JSON - echo "📤 Processing Terraform output..." - python3 ../../.gitea/scripts/process-terraform-output.py terraform-raw-output.json terraform-output.json - - # Run wiki generation - echo "📊 Running wiki generation script..." - if python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json; then - echo "✅ Wiki content generated successfully" - else - echo "⚠️ Wiki generation failed, retrying with debug..." - python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json --debug || echo "⚠️ Wiki generation failed" - fi - - # Check results - if [ -f "Applications.md" ]; then - echo "✅ Wiki file created: $(wc -l < Applications.md) lines" - else - echo "⚠️ Wiki content not generated" - exit 0 - fi - working-directory: ./ - - - name: Upload Wiki to Gitea - if: success() - continue-on-error: true - run: | - cd ./terraform/authentik - - # Set variables - GITEA_URL="${{ secrets.GT_URL }}" - GITEA_TOKEN="${{ secrets.GT_WIKI_TOKEN }}" - GITEA_OWNER="${{ secrets.GT_OWNER }}" - GITEA_REPO="${{ secrets.GT_REPO }}" - - # Debug variables (without exposing token) - echo "🔍 Checking variables..." - echo "GITEA_URL: ${GITEA_URL:-NOT SET}" - echo "GITEA_OWNER: ${GITEA_OWNER:-NOT SET}" - echo "GITEA_REPO: ${GITEA_REPO:-NOT SET}" - echo "GITEA_TOKEN: $(if [ -n "$GITEA_TOKEN" ]; then echo "SET"; else echo "NOT SET"; fi)" - - # Check if file exists - if [ ! -f "Applications.md" ]; then - echo "⚠️ Applications.md not found, skipping wiki update" - exit 0 - fi - - echo "📤 Uploading to Gitea Wiki..." - - # Encode content to base64 - CONTENT=$(base64 -w 0 Applications.md) - - # Check if wiki page exists - WIKI_PAGE_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \ - -H "Authorization: token $GITEA_TOKEN" \ - "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "000") - - if [ "$WIKI_PAGE_EXISTS" = "200" ]; then - echo "📝 Updating existing wiki page..." - curl -X PATCH \ - -H "Authorization: token $GITEA_TOKEN" \ - -H "Content-Type: application/json" \ - -d "{ - \"title\": \"Applications\", - \"content_base64\": \"$CONTENT\", - \"message\": \"Update applications list from CI/CD [$(date)]\" - }" \ - "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "⚠️ Wiki update failed" - else - echo "📄 Creating new wiki page..." - curl -X POST \ - -H "Authorization: token $GITEA_TOKEN" \ - -H "Content-Type: application/json" \ - -d "{ - \"title\": \"Applications\", - \"content_base64\": \"$CONTENT\", - \"message\": \"Create applications list from CI/CD [$(date)]\" - }" \ - "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/new" || echo "⚠️ Wiki creation failed" - fi - - echo "✅ Wiki update process completed" - working-directory: ./ - + working-directory: ./terraform/keycloak diff --git a/terraform/keycloak/.terraform.lock.hcl b/terraform/keycloak/.terraform.lock.hcl index 987ce07..25c9123 100644 --- a/terraform/keycloak/.terraform.lock.hcl +++ b/terraform/keycloak/.terraform.lock.hcl @@ -6,6 +6,7 @@ provider "registry.terraform.io/hashicorp/kubernetes" { constraints = ">= 2.0.0" hashes = [ "h1:G9QqKNpcztBRqrywtlNylFJSpGzDfRFtO8hcWLdkvRY=", + "h1:iDIPyL9K9FXc8ievR5vRmXsgT1/I9Vq9CFDKm1Zo8bQ=", "zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0", "zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20", "zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c", @@ -26,6 +27,7 @@ provider "registry.terraform.io/keycloak/keycloak" { constraints = ">= 5.0.0" hashes = [ "h1:3DuKdVeOxwULh7l6bvJKWZvsgSZo92rtnrdvyp+X2Lc=", + "h1:reFEBcuBZf2SVqDa1YIaNLuIW72uEVsOu5hHhQgfHi0=", "zh:19be4505b17e4818db121a82917cb6723019cf379cfb82b720eaa2886f15bede", "zh:2bd1565ed22db6a9fb50d60626e22c277f3b034a71f65e6c0011e42f56cad2bb", "zh:34a9e2dfb06331dc6146491c4a0721001195c6a769cdc2d4546edb2acf2b39bd",