name: 'Terraform' on: push: branches: [ "main" ] pull_request: permissions: contents: read jobs: terraform: name: 'Terraform' runs-on: ubuntu-latest environment: production defaults: run: shell: bash steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} - name: Terraform Init run: terraform init working-directory: ./terraform/authentik - name: Terraform Format run: terraform fmt -check continue-on-error: true working-directory: ./terraform/authentik - name: Terraform Apply run: terraform apply -var-file proxy-apps.tfvars -var-file oauth2-apps.tfvars -var-file terraform.tfvars -var-file groups.tfvars -input=false -auto-approve -parallelism=100 working-directory: ./terraform/authentik - name: Generate Wiki Content if: success() continue-on-error: true run: | echo "📋 Starting Wiki generation..." cd ./terraform/authentik # Generate terraform output echo "🔍 Generating Terraform output..." # Method 1: Try to get clean JSON output if terraform output -json > terraform-output.json 2>/dev/null; then echo "✅ Direct JSON output successful" else echo "⚠️ Direct JSON failed, trying alternative method..." # Method 2: Get specific output terraform output -json applications_for_wiki > terraform-output.json 2>&1 fi # Clean up the output if needed if grep -q '^\[command\]' terraform-output.json; then echo "⚠️ Detected command prefix in output, cleaning..." tail -n +2 terraform-output.json > terraform-output-clean.json mv terraform-output-clean.json terraform-output.json fi # Debug output echo "📄 Output file size: $(wc -c < terraform-output.json) bytes" echo "🔍 Content preview:" head -c 500 terraform-output.json echo "" # Run wiki generation with debug if first attempt fails echo "📊 Running wiki generation script..." if ! python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json; then echo "⚠️ First attempt failed, retrying with debug..." python3 ../../.gitea/scripts/generate-apps-wiki.py terraform-output.json --debug || echo "⚠️ Wiki generation failed" fi # Check if wiki file was created if [ -f "Applications.md" ]; then echo "✅ Wiki content generated successfully" else echo "⚠️ Wiki content not generated" exit 0 fi working-directory: ./ - name: Upload Wiki to Gitea if: success() continue-on-error: true run: | cd ./terraform/authentik # Set variables GITEA_URL="${{ secrets.GT_WIKI_URL }}" GITEA_TOKEN="${{ secrets.GT_WIKI_TOKEN }}" GITEA_OWNER="${{ secrets.GT_WIKI_OWNER }}" GITEA_REPO="${{ secrets.GT_WIKI_REPO }}" # Check if file exists if [ ! -f "Applications.md" ]; then echo "⚠️ Applications.md not found, skipping wiki update" exit 0 fi echo "📤 Uploading to Gitea Wiki..." # Encode content to base64 CONTENT=$(base64 -w 0 Applications.md) # Check if wiki page exists WIKI_PAGE_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" \ -H "Authorization: token $GITEA_TOKEN" \ "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "000") if [ "$WIKI_PAGE_EXISTS" = "200" ]; then echo "📝 Updating existing wiki page..." curl -X PATCH \ -H "Authorization: token $GITEA_TOKEN" \ -H "Content-Type: application/json" \ -d "{ \"title\": \"Applications\", \"content_base64\": \"$CONTENT\", \"message\": \"Update applications list from CI/CD [$(date)]\" }" \ "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/page/Applications" || echo "⚠️ Wiki update failed" else echo "📄 Creating new wiki page..." curl -X POST \ -H "Authorization: token $GITEA_TOKEN" \ -H "Content-Type: application/json" \ -d "{ \"title\": \"Applications\", \"content_base64\": \"$CONTENT\", \"message\": \"Create applications list from CI/CD [$(date)]\" }" \ "$GITEA_URL/api/v1/repos/$GITEA_OWNER/$GITEA_REPO/wiki/new" || echo "⚠️ Wiki creation failed" fi echo "✅ Wiki update process completed" working-directory: ./