From 02b2f1c2bc59b306645b6e09df8e61eb4b5277b4 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 23 Sep 2025 20:21:56 -0400 Subject: [PATCH] Changing workflow secrets. --- .gitea/workflows/dag-config-check.yml | 10 ++++---- .../gitea_tar-valon_ansible_deploy.yml | 24 +++++++++---------- .../workflows/homeassistant-config-check.yml | 4 ++-- .gitea/workflows/vault-auto-unseal-flow.yml | 22 ++++++++--------- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 76ff381..a7570c7 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -10,7 +10,7 @@ on: env: DAGS_PATH: "app-configs/rinoa/dagu/dags" - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} jobs: @@ -24,7 +24,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Dagu Validation" notification_message: "Setting up Ansible and Vault... 🏗️" @@ -61,7 +61,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Dagu Validation" notification_message: "Ansible and Vault setups completed, starting Dagu validation... 🔬" @@ -90,7 +90,7 @@ jobs: if: steps.validate-dags.outputs.exit_code == '0' uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Dagu Validation" notification_message: "Dagu DAG validation passed! 🏁" @@ -99,7 +99,7 @@ jobs: if: steps.validate-dags.outputs.exit_code != '0' uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Dagu Validation" notification_message: "Dagu DAG validation failed! 🚫" diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index ff7542e..12dd04b 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -23,7 +23,7 @@ on: env: TEA_VERSION: "0.10.1" - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} jobs: @@ -47,7 +47,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: PR Check" notification_message: "Checking for existing PR... 🔍" @@ -56,7 +56,7 @@ jobs: id: check-opened-pr-step continue-on-error: true run: | - tea login add --name gitea-rinoa --url "${{ secrets.TV_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + tea login add --name gitea-rinoa --url "${{ secrets.TREZ_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep '\[ANSIBLE\].*${{ github.ref_name }}' | tail -1 | wc -l) echo "exists=$pr_exists" >> $GITHUB_OUTPUT @@ -71,7 +71,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: PR Check" notification_message: "PR Created 🎟️" @@ -84,7 +84,7 @@ jobs: matrix: host: [rinoa, rikku, benedikta] env: - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} steps: - name: Checkout @@ -122,7 +122,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Ansible Dry Run" notification_message: "Starting dry run for ${{ matrix.host }}..." @@ -143,7 +143,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Ansible Dry Run" notification_message: "Dry run for ${{ matrix.host }} completed." @@ -166,7 +166,7 @@ jobs: - name: PR Merge id: pr_merge run: | - tea login add --name gitea-rinoa --url ${{ secrets.TV_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + tea login add --name gitea-rinoa --url ${{ secrets.TREZ_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} tea login default gitea-rinoa pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g') tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" ${pr_index} @@ -175,7 +175,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: PR Merge Successful" notification_message: "PR #${{ steps.pr_merge.outputs.pr_index }} merged." @@ -188,7 +188,7 @@ jobs: matrix: host: [rinoa, rikku, benedikta] env: - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} steps: - name: Checkout @@ -228,7 +228,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Ansible Config Deployment" notification_message: "Deploying configs to ${{ matrix.host }}..." @@ -248,7 +248,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: "${{ secrets.GOTIFY_URL }}" + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" notification_title: "GITEA: Deployment Completed" notification_message: "Deployment to ${{ matrix.host }} completed successfully." diff --git a/.gitea/workflows/homeassistant-config-check.yml b/.gitea/workflows/homeassistant-config-check.yml index 26edb5f..08aefba 100644 --- a/.gitea/workflows/homeassistant-config-check.yml +++ b/.gitea/workflows/homeassistant-config-check.yml @@ -20,7 +20,7 @@ jobs: - name: Gotify Notification (start check) uses: eikendev/gotify-action@master with: - gotify_api_base: ${{ secrets.GOTIFY_URL }} + gotify_api_base: ${{ secrets.RUNNER_GOTIFY_URL }} gotify_app_token: ${{ secrets.RUNNER_GOTIFY_TOKEN }} notification_title: "GITEA: Home Assistant Config Check" notification_message: "Starting config check..." @@ -34,7 +34,7 @@ jobs: - name: Gotify Notification (done) uses: eikendev/gotify-action@master with: - gotify_api_base: ${{ secrets.GOTIFY_URL }} + gotify_api_base: ${{ secrets.RUNNER_GOTIFY_URL }} gotify_app_token: ${{ secrets.RUNNER_GOTIFY_TOKEN }} notification_title: "GITEA: Home Assistant Config Check" notification_message: "🚀 Config check done!" diff --git a/.gitea/workflows/vault-auto-unseal-flow.yml b/.gitea/workflows/vault-auto-unseal-flow.yml index 545ca07..7ff07cc 100644 --- a/.gitea/workflows/vault-auto-unseal-flow.yml +++ b/.gitea/workflows/vault-auto-unseal-flow.yml @@ -3,17 +3,17 @@ name: Auto-Unseal for Vault on: workflow_dispatch: schedule: - - cron: '30 5 * * *' + - cron: "30 5 * * *" env: - HC_VAULT_VERSION: '1.20.0' + HC_VAULT_VERSION: "1.20.0" jobs: auto-unseal: name: Unseal Vault runs-on: ubuntu-latest env: - VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} VAULT_SHARDS: ${{ secrets.VAULT_UNSEAL_SHARDS }} VAULT_NAMESPACE: "" @@ -21,10 +21,10 @@ jobs: - name: Vault Unseal Start uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' - notification_title: 'GITEA: HC Vault @ Rinoa' - notification_message: 'Hashicorp Vault unsealing started... 🔐' + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" + gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" + notification_title: "GITEA: HC Vault @ Rinoa" + notification_message: "Hashicorp Vault unsealing started... 🔐" - name: Cache Vault install id: cache-vault @@ -48,7 +48,7 @@ jobs: - name: Vault Unseal Completion uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' - notification_title: 'GITEA: HC Vault @ Rinoa' - notification_message: 'Hashicorp Vault unsealed! 🔓' + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" + gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" + notification_title: "GITEA: HC Vault @ Rinoa" + notification_message: "Hashicorp Vault unsealed! 🔓"