Added keycloak TF
This commit is contained in:
@@ -1,10 +1,10 @@
|
|||||||
name: 'Terraform'
|
name: 'Keycloak Terraform'
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [ "main" ]
|
branches: [ "main" ]
|
||||||
paths:
|
paths:
|
||||||
- 'terraform/authentik/**'
|
- 'terraform/keycloak/**'
|
||||||
pull_request:
|
pull_request:
|
||||||
|
|
||||||
permissions:
|
permissions:
|
||||||
@@ -13,7 +13,6 @@ permissions:
|
|||||||
jobs:
|
jobs:
|
||||||
terraform:
|
terraform:
|
||||||
name: 'Terraform'
|
name: 'Terraform'
|
||||||
if: false
|
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
environment: production
|
environment: production
|
||||||
|
|
||||||
@@ -30,119 +29,25 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
|
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
|
||||||
|
|
||||||
|
- name: Setup kubeconfig
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.kube
|
||||||
|
echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
|
||||||
|
chmod 600 ~/.kube/config
|
||||||
|
|
||||||
- name: Terraform Init
|
- name: Terraform Init
|
||||||
env:
|
|
||||||
TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }}
|
|
||||||
run: terraform init
|
run: terraform init
|
||||||
working-directory: ./terraform/authentik
|
working-directory: ./terraform/keycloak
|
||||||
|
|
||||||
- name: Terraform Format
|
- name: Terraform Format
|
||||||
env:
|
|
||||||
TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }}
|
|
||||||
run: terraform fmt -check
|
run: terraform fmt -check
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
working-directory: ./terraform/authentik
|
working-directory: ./terraform/keycloak
|
||||||
|
|
||||||
- name: Terraform Apply
|
- name: Terraform Apply
|
||||||
env:
|
env:
|
||||||
TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }}
|
TF_VAR_keycloak_client_secret: ${{ secrets.KEYCLOAK_CLIENT_SECRET }}
|
||||||
|
TF_VAR_google_client_id: ${{ secrets.GOOGLE_CLIENT_ID }}
|
||||||
|
TF_VAR_google_client_secret: ${{ secrets.GOOGLE_CLIENT_SECRET }}
|
||||||
run: terraform apply -input=false -auto-approve -parallelism=100
|
run: terraform apply -input=false -auto-approve -parallelism=100
|
||||||
working-directory: ./terraform/authentik
|
working-directory: ./terraform/keycloak
|
||||||
|
|
||||||
- name: Generate Wiki Content
|
|
||||||
if: success()
|
|
||||||
continue-on-error: true
|
|
||||||
env:
|
|
||||||
TF_VAR_authentik_token: ${{ secrets.AUTHENTIK_TOKEN }}
|
|
||||||
run: |
|
|
||||||
echo "📋 Starting Wiki generation..."
|
|
||||||
cd ./terraform/authentik
|
|
||||||
|
|
||||||
# Get terraform output
|
|
||||||
echo "🔍 Generating Terraform output..."
|
|
||||||
terraform output -json applications_for_wiki > terraform-raw-output.json 2>&1
|
|
||||||
|
|
||||||
# Process output to extract clean JSON
|
|
||||||
echo "📤 Processing Terraform output..."
|
|
||||||
python3 ../../.gitea/scripts/process-terraform-output.py terraform-raw-output.json terraform-output.json
|
|
||||||
|
|
||||||
# Run wiki generation
|
|
||||||
echo "📊 Running wiki generation script..."
|
|
||||||
if python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json; then
|
|
||||||
echo "✅ Wiki content generated successfully"
|
|
||||||
else
|
|
||||||
echo "⚠️ Wiki generation failed, retrying with debug..."
|
|
||||||
python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json --debug || echo "⚠️ Wiki generation failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check results
|
|
||||||
if [ -f "Applications.md" ]; then
|
|
||||||
echo "✅ Wiki file created: $(wc -l < Applications.md) lines"
|
|
||||||
else
|
|
||||||
echo "⚠️ Wiki content not generated"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
working-directory: ./
|
|
||||||
|
|
||||||
- name: Upload Wiki to Gitea
|
|
||||||
if: success()
|
|
||||||
continue-on-error: true
|
|
||||||
run: |
|
|
||||||
cd ./terraform/authentik
|
|
||||||
|
|
||||||
# Set variables
|
|
||||||
GITEA_URL="${{ secrets.GT_URL }}"
|
|
||||||
GITEA_TOKEN="${{ secrets.GT_WIKI_TOKEN }}"
|
|
||||||
GITEA_OWNER="${{ secrets.GT_OWNER }}"
|
|
||||||
GITEA_REPO="${{ secrets.GT_REPO }}"
|
|
||||||
|
|
||||||
# Debug variables (without exposing token)
|
|
||||||
echo "🔍 Checking variables..."
|
|
||||||
echo "GITEA_URL: ${GITEA_URL:-NOT SET}"
|
|
||||||
echo "GITEA_OWNER: ${GITEA_OWNER:-NOT SET}"
|
|
||||||
echo "GITEA_REPO: ${GITEA_REPO:-NOT SET}"
|
|
||||||
echo "GITEA_TOKEN: $(if [ -n "$GITEA_TOKEN" ]; then echo "SET"; else echo "NOT SET"; fi)"
|
|
||||||
|
|
||||||
# Check if file exists
|
|
||||||
if [ ! -f "Applications.md" ]; then
|
|
||||||
echo "⚠️ Applications.md not found, skipping wiki update"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "📤 Uploading to Gitea Wiki..."
|
|
||||||
|
|
||||||
# Encode content to base64
|
|
||||||
CONTENT=$(base64 -w 0 Applications.md)
|
|
||||||
|
|
||||||
# Check if wiki page exists
|
|
||||||
WIKI_PAGE_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \
|
|
||||||
-H "Authorization: token $GITEA_TOKEN" \
|
|
||||||
"$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "000")
|
|
||||||
|
|
||||||
if [ "$WIKI_PAGE_EXISTS" = "200" ]; then
|
|
||||||
echo "📝 Updating existing wiki page..."
|
|
||||||
curl -X PATCH \
|
|
||||||
-H "Authorization: token $GITEA_TOKEN" \
|
|
||||||
-H "Content-Type: application/json" \
|
|
||||||
-d "{
|
|
||||||
\"title\": \"Applications\",
|
|
||||||
\"content_base64\": \"$CONTENT\",
|
|
||||||
\"message\": \"Update applications list from CI/CD [$(date)]\"
|
|
||||||
}" \
|
|
||||||
"$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "⚠️ Wiki update failed"
|
|
||||||
else
|
|
||||||
echo "📄 Creating new wiki page..."
|
|
||||||
curl -X POST \
|
|
||||||
-H "Authorization: token $GITEA_TOKEN" \
|
|
||||||
-H "Content-Type: application/json" \
|
|
||||||
-d "{
|
|
||||||
\"title\": \"Applications\",
|
|
||||||
\"content_base64\": \"$CONTENT\",
|
|
||||||
\"message\": \"Create applications list from CI/CD [$(date)]\"
|
|
||||||
}" \
|
|
||||||
"$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/new" || echo "⚠️ Wiki creation failed"
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "✅ Wiki update process completed"
|
|
||||||
working-directory: ./
|
|
||||||
|
|
||||||
|
|||||||
Generated
+2
@@ -6,6 +6,7 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
|
|||||||
constraints = ">= 2.0.0"
|
constraints = ">= 2.0.0"
|
||||||
hashes = [
|
hashes = [
|
||||||
"h1:G9QqKNpcztBRqrywtlNylFJSpGzDfRFtO8hcWLdkvRY=",
|
"h1:G9QqKNpcztBRqrywtlNylFJSpGzDfRFtO8hcWLdkvRY=",
|
||||||
|
"h1:iDIPyL9K9FXc8ievR5vRmXsgT1/I9Vq9CFDKm1Zo8bQ=",
|
||||||
"zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0",
|
"zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0",
|
||||||
"zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20",
|
"zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20",
|
||||||
"zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c",
|
"zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c",
|
||||||
@@ -26,6 +27,7 @@ provider "registry.terraform.io/keycloak/keycloak" {
|
|||||||
constraints = ">= 5.0.0"
|
constraints = ">= 5.0.0"
|
||||||
hashes = [
|
hashes = [
|
||||||
"h1:3DuKdVeOxwULh7l6bvJKWZvsgSZo92rtnrdvyp+X2Lc=",
|
"h1:3DuKdVeOxwULh7l6bvJKWZvsgSZo92rtnrdvyp+X2Lc=",
|
||||||
|
"h1:reFEBcuBZf2SVqDa1YIaNLuIW72uEVsOu5hHhQgfHi0=",
|
||||||
"zh:19be4505b17e4818db121a82917cb6723019cf379cfb82b720eaa2886f15bede",
|
"zh:19be4505b17e4818db121a82917cb6723019cf379cfb82b720eaa2886f15bede",
|
||||||
"zh:2bd1565ed22db6a9fb50d60626e22c277f3b034a71f65e6c0011e42f56cad2bb",
|
"zh:2bd1565ed22db6a9fb50d60626e22c277f3b034a71f65e6c0011e42f56cad2bb",
|
||||||
"zh:34a9e2dfb06331dc6146491c4a0721001195c6a769cdc2d4546edb2acf2b39bd",
|
"zh:34a9e2dfb06331dc6146491c4a0721001195c6a769cdc2d4546edb2acf2b39bd",
|
||||||
|
|||||||
Reference in New Issue
Block a user