name: 'Terraform' on: push: branches: [ "main" ] pull_request: permissions: contents: read jobs: terraform: name: 'Terraform' runs-on: ubuntu-latest environment: production defaults: run: shell: bash steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} - name: Terraform Init run: terraform init working-directory: ./terraform/authentik - name: Terraform Format run: terraform fmt -check continue-on-error: true working-directory: ./terraform/authentik - name: Terraform Apply run: terraform apply -var-file proxy-apps.tfvars -var-file oauth2-apps.tfvars -var-file terraform.tfvars -var-file groups.tfvars -input=false -auto-approve -parallelism=100 working-directory: ./terraform/authentik - name: Generate Wiki Content if: success() continue-on-error: true run: | echo "📋 Starting Wiki generation..." cd ./terraform/authentik # Get terraform output echo "🔍 Generating Terraform output..." terraform output -json applications_for_wiki > terraform-raw-output.json 2>&1 # Process output to extract clean JSON echo "📤 Processing Terraform output..." python3 ../../.gitea/scripts/process-terraform-output.py terraform-raw-output.json terraform-output.json # Run wiki generation echo "📊 Running wiki generation script..." if python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json; then echo "✅ Wiki content generated successfully" else echo "⚠️ Wiki generation failed, retrying with debug..." python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json --debug || echo "⚠️ Wiki generation failed" fi # Check results if [ -f "Applications.md" ]; then echo "✅ Wiki file created: $(wc -l < Applications.md) lines" else echo "⚠️ Wiki content not generated" exit 0 fi working-directory: ./ - name: Upload Wiki to Gitea if: success() continue-on-error: true run: | cd ./terraform/authentik # Set variables GITEA_URL="${{ secrets.GT_URL }}" GITEA_TOKEN="${{ secrets.GT_WIKI_TOKEN }}" GITEA_OWNER="${{ secrets.GT_OWNER }}" GITEA_REPO="${{ secrets.GT_REPO }}" # Debug variables (without exposing token) echo "🔍 Checking variables..." echo "GITEA_URL: ${GITEA_URL:-NOT SET}" echo "GITEA_OWNER: ${GITEA_OWNER:-NOT SET}" echo "GITEA_REPO: ${GITEA_REPO:-NOT SET}" echo "GITEA_TOKEN: $(if [ -n "$GITEA_TOKEN" ]; then echo "SET"; else echo "NOT SET"; fi)" # Check if file exists if [ ! -f "Applications.md" ]; then echo "⚠️ Applications.md not found, skipping wiki update" exit 0 fi echo "📤 Uploading to Gitea Wiki..." # Encode content to base64 CONTENT=$(base64 -w 0 Applications.md) # Check if wiki page exists WIKI_PAGE_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \ -H "Authorization: token $GITEA_TOKEN" \ "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "000") if [ "$WIKI_PAGE_EXISTS" = "200" ]; then echo "📝 Updating existing wiki page..." curl -X PATCH \ -H "Authorization: token $GITEA_TOKEN" \ -H "Content-Type: application/json" \ -d "{ \"title\": \"Applications\", \"content_base64\": \"$CONTENT\", \"message\": \"Update applications list from CI/CD [$(date)]\" }" \ "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "⚠️ Wiki update failed" else echo "📄 Creating new wiki page..." curl -X POST \ -H "Authorization: token $GITEA_TOKEN" \ -H "Content-Type: application/json" \ -d "{ \"title\": \"Applications\", \"content_base64\": \"$CONTENT\", \"message\": \"Create applications list from CI/CD [$(date)]\" }" \ "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/new" || echo "⚠️ Wiki creation failed" fi echo "✅ Wiki update process completed" working-directory: ./