From fa900a9003f0f9ce7d200041e87ccb6129cb7785 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 17:22:15 -0500 Subject: [PATCH 001/123] Removing some unused CNAMEs. --- cloudflare/cloudflare_resource_gen.tf | 234 -------------------------- 1 file changed, 234 deletions(-) diff --git a/cloudflare/cloudflare_resource_gen.tf b/cloudflare/cloudflare_resource_gen.tf index 55df90f..1203691 100644 --- a/cloudflare/cloudflare_resource_gen.tf +++ b/cloudflare/cloudflare_resource_gen.tf @@ -118,19 +118,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_7de07ff813f4bccc666 } } -resource "cloudflare_dns_record" "terraform_managed_resource_3dc156fc1047fe07dcea08cfac326eb8_9" { - content = "trez.wtf" - name = "ansible.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_4724ef076d56cec92de82f149b019a65_10" { content = "trez.wtf" name = "apc.trez.wtf" @@ -170,19 +157,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_de6fbdc83515827fad6 } } -resource "cloudflare_dns_record" "terraform_managed_resource_c7647ea568d3ef44e93596eddc023c98_13" { - content = "trez.wtf" - name = "appt.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_f29aed046c0fb5e05a9b1974f119eeaf_14" { content = "trez.wtf" name = "archive.trez.wtf" @@ -196,19 +170,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_f29aed046c0fb5e05a9 } } -resource "cloudflare_dns_record" "terraform_managed_resource_4774c5893f3cb0a20ea79250bf014ece_15" { - content = "trez.wtf" - name = "argus.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_ba773b8688e2366a2acc654f794bdb85_16" { content = "trez.wtf" name = "asciinema.trez.wtf" @@ -339,32 +300,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_e4d7085f7185601969b } } -resource "cloudflare_dns_record" "terraform_managed_resource_008596b917dabf5c4ce07b770f081c89_26" { - content = "trez.wtf" - name = "btmag.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - -resource "cloudflare_dns_record" "terraform_managed_resource_f7a17f97074e9739cc8761271edd73b0_27" { - content = "trez.wtf" - name = "bunker.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_95df59d673ce44b3cbe71487220d6a27_28" { content = "trez.wtf" name = "cchef.trez.wtf" @@ -521,19 +456,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_f68d0f0ff21ede0a63d } } -resource "cloudflare_dns_record" "terraform_managed_resource_4f43fc65db56a4a4d02d1de664e1ec46_40" { - content = "trez.wtf" - name = "deluge.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_2b1a8ace156657ee52656fba1c49ade3_41" { content = "trez.wtf" name = "devops.trez.wtf" @@ -950,19 +872,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_a70c09e3b78c1728261 } } -resource "cloudflare_dns_record" "terraform_managed_resource_6a92807e52e038c26af268c4597ebc1f_73" { - content = "trez.wtf" - name = "matrix.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_39fa401a6d962e2983b565afa9b342dc_74" { content = "trez.wtf" name = "meet-admin.trez.wtf" @@ -1002,32 +911,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_73ef2be84ef9350b31c } } -resource "cloudflare_dns_record" "terraform_managed_resource_fe64d5437e9a3dfde9c6dae4f38e4da5_77" { - content = "trez.wtf" - name = "mesh.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - -resource "cloudflare_dns_record" "terraform_managed_resource_b16d12c0494e7f4919227be13849b32a_78" { - content = "trez.wtf" - name = "mimir.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_7c5ed631e6ce51c04ea3bf5b4eef6f08_79" { content = "trez.wtf" name = "mon.trez.wtf" @@ -1093,19 +976,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_bf9e99fb61f7e290dc5 } } -resource "cloudflare_dns_record" "terraform_managed_resource_2378be8a63c169da5e33c50f83862828_84" { - content = "trez.wtf" - name = "netdata.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_9a5e88bf84f980cc1ad2a3234353bb2b_85" { content = "9ef0e85a-d2f5-45e0-9a26-06c0da483fef.cfargotunnel.com" name = "net.trez.wtf" @@ -1145,19 +1015,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_57e3006530bfe01e39e } } -resource "cloudflare_dns_record" "terraform_managed_resource_e1083efed3200637e26faee90fee0f4b_88" { - content = "trez.wtf" - name = "ntfy.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_0134cf3059dd98efb64a3da16d49e42f_89" { content = "trez.wtf" name = "ombi.trez.wtf" @@ -1184,19 +1041,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_c55083c8f8b2f79c035 } } -resource "cloudflare_dns_record" "terraform_managed_resource_7c1f042774795cb5b5b34d13fc76da46_91" { - content = "trez.wtf" - name = "patch.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_e7a6f3d25a3bdcc8a9c220ae70746e92_92" { content = "trez.wtf" name = "pdf.trez.wtf" @@ -1210,19 +1054,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_e7a6f3d25a3bdcc8a9c } } -resource "cloudflare_dns_record" "terraform_managed_resource_64528783fef4d97972834ac5271f7647_93" { - content = "trez.wtf" - name = "penpot.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_1322fe40ad6a7371919c8a4704e938ee_94" { content = "trez.wtf" name = "pg.trez.wtf" @@ -1587,19 +1418,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_3eb975ffec1d3cddafc } } -resource "cloudflare_dns_record" "terraform_managed_resource_f92aee107ba57417d368f034c5db5170_122" { - content = "trez.wtf" - name = "rustdesk.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_d8099b3c4bc3e1f9ce7eb12c7ef2f74f_123" { content = "trez.wtf" name = "s3.trez.wtf" @@ -1717,19 +1535,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_b24c55a07140cc138c9 } } -resource "cloudflare_dns_record" "terraform_managed_resource_55d6697514f334297cf8233850027c82_132" { - content = "trez.wtf" - name = "slurpit.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_694583ecf71a69b5ae319b06ea589b77_133" { content = "9ef0e85a-d2f5-45e0-9a26-06c0da483fef.cfargotunnel.com" name = "smartd.trez.wtf" @@ -1847,19 +1652,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_e63b9b49dbcc759d60f } } -resource "cloudflare_dns_record" "terraform_managed_resource_99187472f49f77031d99574fe7056405_142" { - content = "trez.wtf" - name = "store.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_fb897f9cbbb989e78ec0ea35e74ae2fa_143" { content = "trez.wtf" name = "subs.trez.wtf" @@ -1977,19 +1769,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_ec3211a1a01ce020d2b } } -resource "cloudflare_dns_record" "terraform_managed_resource_4c56f52a908d6972d68d3e34019bb82b_152" { - content = "trez.wtf" - name = "wallabag.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_6a7baf229fae585a31b885bac3438655_153" { content = "trez.wtf" name = "webhook.trez.wtf" @@ -2029,19 +1808,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_655f25482677e805e2c } } -resource "cloudflare_dns_record" "terraform_managed_resource_f9728b02a0472264d585182edfc4001e_156" { - content = "trez.wtf" - name = "yacht.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_2ed464f16e38f4a7d3b5b6b57818a2e7_157" { content = "trez.wtf" name = "ytdl.trez.wtf" From 089d978e3314f75afdd98d495f068c601eda9784 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 17:22:28 -0500 Subject: [PATCH 002/123] Changing comment step. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 37 +++---------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b6879d9..f7ac68d 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -105,7 +105,7 @@ jobs: chdir: cloudflare - name: Tofu Plan - id: tofu_plan + id: tofu-plan continue-on-error: true uses: dnogu/tofu-plan@v1 with: @@ -113,37 +113,12 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Build Markdown PR comment from plan file - run: | - mkdir -p tmp - { - echo "## 🧩 OpenTofu Plan — Cloudflare" - echo "**Branch:** \`${{ github.ref_name }}\`" - echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" - echo "**Working Directory:** \`cloudflare\`" - echo "" - echo "
🪶 Click to expand full plan output" - echo "" - echo '```hcl' - cat ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe - echo '```' - echo "" - echo "
" - echo "" - echo "*(This plan was automatically generated by the workflow.)*" - } > tmp/tofu-plan.md - echo "Markdown PR comment built: tmp/tofu-plan.md" - - - name: Comment full Tofu Plan on PR (Gitea safe) - uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + - name: Tofu PR Commenter + uses: alexnorell/tofu-pr-commenter@v2.0.0 with: - platform: gitea - api_url: https://git.trez.wtf/api/v1 - token: ${{ secrets.BOT_GITEA_TOKEN }} - pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} - repo_owner: ${{ github.repository_owner }} - repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - comment_template_path: tmp/tofu-plan.md + commenter_type: plan + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 From 120b147843f3a9b58009155093fc9c41b41e9004 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 19:58:26 -0500 Subject: [PATCH 003/123] Switching comment action to custom one. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 23 +++++++++++++++---- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index f7ac68d..1626124 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,12 +113,25 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Tofu PR Commenter - uses: alexnorell/tofu-pr-commenter@v2.0.0 + - name: PR Comment + uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + env: + DEBUG: true with: - commenter_type: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + debug: true + platform: gitea + api_url: https://git.trez.wtf/api/v1 + token: ${{ secrets.BOT_GITEA_TOKEN }} + pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} + repo_owner: ${{ github.repository_owner }} + repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} + plan_file: cloudflare/cloudflare.tfplan + comment_template: | + 🚀 **Tofu Plan Output** + --- + ${{ steps.tofu-plan.outputs.plan-output }} + + Exit Code: ${{ steps.tofu-plan.outputs.exitcode }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 From 8f597d6b09f0ca11053d89dcaccd459150778fa1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 21:19:00 -0500 Subject: [PATCH 004/123] Still tweaking the PR comment step... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 49 ++++++++++++++----- 1 file changed, 38 insertions(+), 11 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 1626124..039947f 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,25 +113,52 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: PR Comment + - name: Build Markdown PR comment from plan file + run: | + mkdir -p tmp + { + echo "## 🧩 OpenTofu Plan — Cloudflare" + echo "**Branch:** \`${{ github.ref_name }}\`" + echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" + echo "**Working Directory:** \`cloudflare\`" + echo "" + echo "
🪶 Click to expand full plan output" + echo "" + echo '```hcl' + tofu show cloudflare.tfplan # <-- read file directly, ACT-safe + echo '```' + echo "" + echo "
" + echo "" + echo "*(This plan was automatically generated by the workflow.)*" + } > tmp/tofu-plan.md + echo "Markdown PR comment built: tmp/tofu-plan.md" + + - name: Load markdown plan into env var (safe for large output) + id: load-plan-md + run: | + # Ensure file exists and isn't absurdly large + if [ ! -f tmp/tofu-plan.md ]; then + echo "❌ Missing tmp/tofu-plan.md" + exit 1 + fi + + # Collapse newlines for environment storage + plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) + echo "COMMENT_TEMPLATE<> $GITHUB_ENV + echo -e "$plan_md" >> $GITHUB_ENV + echo "EOF" >> $GITHUB_ENV + + - name: Comment full Tofu Plan on PR (Gitea safe) uses: https://git.trez.wtf/Trez.One/git-auto-comment@main - env: - DEBUG: true with: - debug: true platform: gitea api_url: https://git.trez.wtf/api/v1 token: ${{ secrets.BOT_GITEA_TOKEN }} pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} repo_owner: ${{ github.repository_owner }} repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - plan_file: cloudflare/cloudflare.tfplan - comment_template: | - 🚀 **Tofu Plan Output** - --- - ${{ steps.tofu-plan.outputs.plan-output }} - - Exit Code: ${{ steps.tofu-plan.outputs.exitcode }} + comment_template: ${{ env.COMMENT_TEMPLATE }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 From 4d711303616651ddcaff07914a55b0abf0d23ae3 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 21:24:57 -0500 Subject: [PATCH 005/123] Still tweaking the PR comment step... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 039947f..58cb9b1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -125,7 +125,7 @@ jobs: echo "
🪶 Click to expand full plan output" echo "" echo '```hcl' - tofu show cloudflare.tfplan # <-- read file directly, ACT-safe + tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe echo '```' echo "" echo "
" From 5b5ec6ca91f168e589aab7ce61312d55d9bf6c8f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 06:39:04 -0500 Subject: [PATCH 006/123] tfplan location. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 58cb9b1..15b6edf 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,6 +116,7 @@ jobs: - name: Build Markdown PR comment from plan file run: | mkdir -p tmp + pwd { echo "## 🧩 OpenTofu Plan — Cloudflare" echo "**Branch:** \`${{ github.ref_name }}\`" @@ -125,7 +126,7 @@ jobs: echo "
🪶 Click to expand full plan output" echo "" echo '```hcl' - tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe + tofu show cloudflare.tfplan # <-- read file directly, ACT-safe echo '```' echo "" echo "
" From a5f1e6347866404ff8ef82dd494327df8a837d38 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 06:44:54 -0500 Subject: [PATCH 007/123] Dir tshooting. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 15b6edf..8ea37d2 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,7 @@ jobs: - name: Build Markdown PR comment from plan file run: | mkdir -p tmp - pwd + cd cloudflare/ ; ls -altr { echo "## 🧩 OpenTofu Plan — Cloudflare" echo "**Branch:** \`${{ github.ref_name }}\`" From 34408061cb5b1023c093f89aca72045f75657320 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 06:48:07 -0500 Subject: [PATCH 008/123] Dir tshooting. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8ea37d2..58cb9b1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,6 @@ jobs: - name: Build Markdown PR comment from plan file run: | mkdir -p tmp - cd cloudflare/ ; ls -altr { echo "## 🧩 OpenTofu Plan — Cloudflare" echo "**Branch:** \`${{ github.ref_name }}\`" @@ -126,7 +125,7 @@ jobs: echo "
🪶 Click to expand full plan output" echo "" echo '```hcl' - tofu show cloudflare.tfplan # <-- read file directly, ACT-safe + tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe echo '```' echo "" echo "
" From 6da1b8538c1385a276527373382947e901aa4066 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 10:56:55 -0500 Subject: [PATCH 009/123] Expanding Tofu init step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 58cb9b1..78b4d12 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -103,6 +103,10 @@ jobs: with: working-directory: . chdir: cloudflare + upgrade: true + backend: true + get: true + reconfigure: true - name: Tofu Plan id: tofu-plan From cb06d3fe71710192a288b280d26cfad2c3384365 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 14:03:55 -0500 Subject: [PATCH 010/123] Clearing Tofu cache for provider refresh. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 78b4d12..af7036b 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -67,6 +67,10 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Clear Tofu cache + run: | + rm cloudflare/.terraform.lock.hcl + - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 with: From 24cbb9de456eb9b4f7a86b1795c9df8c1ee06019 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:05:01 -0500 Subject: [PATCH 011/123] Init output. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index af7036b..bfcb744 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -103,6 +103,7 @@ jobs: echo "repo_name=$repo_name" >> "$GITHUB_OUTPUT" - name: Run tofu init + id: tofu-init uses: dnogu/tofu-init@v1 with: working-directory: . @@ -112,6 +113,9 @@ jobs: get: true reconfigure: true + - run: | + echo ${{ steps.tofu-init.outputs.init-output }} + - name: Tofu Plan id: tofu-plan continue-on-error: true From b926eb571b8b45543f51b75ed4455a8e694c4e26 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:10:50 -0500 Subject: [PATCH 012/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index bfcb744..ddf85a8 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -114,7 +114,7 @@ jobs: reconfigure: true - run: | - echo ${{ steps.tofu-init.outputs.init-output }} + echo -e "${{ steps.tofu-init.outputs.init-output }}" - name: Tofu Plan id: tofu-plan From c97fd383481db85dff6208e8e3e14cc1fa199286 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:14:58 -0500 Subject: [PATCH 013/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index ddf85a8..89b9673 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,9 +113,6 @@ jobs: get: true reconfigure: true - - run: | - echo -e "${{ steps.tofu-init.outputs.init-output }}" - - name: Tofu Plan id: tofu-plan continue-on-error: true From b5b9d8138c0aa878c19d7e01fe104ab6253a3c2d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:24:58 -0500 Subject: [PATCH 014/123] Extending step for .tofurc creation. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 89b9673..fc43499 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -70,6 +70,14 @@ jobs: - name: Clear Tofu cache run: | rm cloudflare/.terraform.lock.hcl + cat > cloudflare/.tofurc <<'EOF' + provider_installation { + network_mirror { + url = "https://registry.terraform.io/" + } + direct {} + } + EOF - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 From dcb95351a91db5057853bc10a7f92bf617398c56 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:52:00 -0500 Subject: [PATCH 015/123] ... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 120 ++++++++++-------- 1 file changed, 66 insertions(+), 54 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index fc43499..c64f704 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -128,66 +128,78 @@ jobs: with: working-directory: . chdir: cloudflare + no-color: true out: cloudflare.tfplan - - name: Build Markdown PR comment from plan file + - name: Convert Plan to JSON run: | - mkdir -p tmp - { - echo "## 🧩 OpenTofu Plan — Cloudflare" - echo "**Branch:** \`${{ github.ref_name }}\`" - echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" - echo "**Working Directory:** \`cloudflare\`" - echo "" - echo "
🪶 Click to expand full plan output" - echo "" - echo '```hcl' - tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe - echo '```' - echo "" - echo "
" - echo "" - echo "*(This plan was automatically generated by the workflow.)*" - } > tmp/tofu-plan.md - echo "Markdown PR comment built: tmp/tofu-plan.md" + pwd + tofu show -json ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan > cloudflare_tf.json - - name: Load markdown plan into env var (safe for large output) - id: load-plan-md - run: | - # Ensure file exists and isn't absurdly large - if [ ! -f tmp/tofu-plan.md ]; then - echo "❌ Missing tmp/tofu-plan.md" - exit 1 - fi - - # Collapse newlines for environment storage - plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) - echo "COMMENT_TEMPLATE<> $GITHUB_ENV - echo -e "$plan_md" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - - name: Comment full Tofu Plan on PR (Gitea safe) - uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + - name: Tofu Plan Comment + uses: liatrio/terraform-change-pr-commenter@v1.14.0 with: - platform: gitea - api_url: https://git.trez.wtf/api/v1 - token: ${{ secrets.BOT_GITEA_TOKEN }} - pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} - repo_owner: ${{ github.repository_owner }} - repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - comment_template: ${{ env.COMMENT_TEMPLATE }} + json-file: cloudflare/cloudflare_tf.json + github-token: ${{ secrets.BOT_GITEA_TOKEN }} - - name: Wait for manual approval - uses: trstringer/manual-approval@v1 - with: - secret: ${{ secrets.BOT_GITEA_TOKEN }} - approvers: WTF - minimum-approvals: 1 - issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" - issue-body: "Please approve or deny the deployment of the below Tofu plan" - issue-body-file-path: cloudflare/cloudflare.tfplan - exclude-workflow-initiator-as-approver: false - fail-on-denial: true + # - name: Build Markdown PR comment from plan file + # run: | + # mkdir -p tmp + # { + # echo "## 🧩 OpenTofu Plan — Cloudflare" + # echo "**Branch:** \`${{ github.ref_name }}\`" + # echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" + # echo "**Working Directory:** \`cloudflare\`" + # echo "" + # echo "
🪶 Click to expand full plan output" + # echo "" + # echo '```hcl' + # tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe + # echo '```' + # echo "" + # echo "
" + # echo "" + # echo "*(This plan was automatically generated by the workflow.)*" + # } > tmp/tofu-plan.md + # echo "Markdown PR comment built: tmp/tofu-plan.md" + + # - name: Load markdown plan into env var (safe for large output) + # id: load-plan-md + # run: | + # # Ensure file exists and isn't absurdly large + # if [ ! -f tmp/tofu-plan.md ]; then + # echo "❌ Missing tmp/tofu-plan.md" + # exit 1 + # fi + + # # Collapse newlines for environment storage + # plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) + # echo "COMMENT_TEMPLATE<> $GITHUB_ENV + # echo -e "$plan_md" >> $GITHUB_ENV + # echo "EOF" >> $GITHUB_ENV + + # - name: Comment full Tofu Plan on PR (Gitea safe) + # uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + # with: + # platform: gitea + # api_url: https://git.trez.wtf/api/v1 + # token: ${{ secrets.BOT_GITEA_TOKEN }} + # pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} + # repo_owner: ${{ github.repository_owner }} + # repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} + # comment_template: ${{ env.COMMENT_TEMPLATE }} + + # - name: Wait for manual approval + # uses: trstringer/manual-approval@v1 + # with: + # secret: ${{ secrets.BOT_GITEA_TOKEN }} + # approvers: WTF + # minimum-approvals: 1 + # issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" + # issue-body: "Please approve or deny the deployment of the below Tofu plan" + # issue-body-file-path: cloudflare/cloudflare.tfplan + # exclude-workflow-initiator-as-approver: false + # fail-on-denial: true # apply: # name: Apply Tofu Plan From f8c1099a21b3e3ed9262bc07357014690bda64e3 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:58:40 -0500 Subject: [PATCH 016/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index c64f704..62d21c4 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -128,13 +128,12 @@ jobs: with: working-directory: . chdir: cloudflare - no-color: true out: cloudflare.tfplan - name: Convert Plan to JSON run: | pwd - tofu show -json ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan > cloudflare_tf.json + tofu show -json cloudflare/cloudflare.tfplan > cloudflare_tf.json - name: Tofu Plan Comment uses: liatrio/terraform-change-pr-commenter@v1.14.0 From 27512702d8c25e6d0889ffa9fd23e63f8e00c663 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 20:12:52 -0500 Subject: [PATCH 017/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 62d21c4..9422f93 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,8 +132,8 @@ jobs: - name: Convert Plan to JSON run: | - pwd - tofu show -json cloudflare/cloudflare.tfplan > cloudflare_tf.json + cd cloudflare + tofu show -json cloudflare.tfplan > cloudflare_tf.json - name: Tofu Plan Comment uses: liatrio/terraform-change-pr-commenter@v1.14.0 From 5f8f508d273d4fe5af70d5d549be9bb47c9e76bd Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 20:40:38 -0500 Subject: [PATCH 018/123] ... --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 9422f93..b4cbc41 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -83,7 +83,7 @@ jobs: uses: opentofu/setup-opentofu@v1.0.6 with: version: ${{ env.OPENTOFU_VERSION }} - tofu_wrapper: true + tofu_wrapper: false - name: Generate .env from Hashicorp Vault uses: https://git.trez.wtf/Trez/hc-vault-env@main @@ -133,13 +133,16 @@ jobs: - name: Convert Plan to JSON run: | cd cloudflare + tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json - - name: Tofu Plan Comment - uses: liatrio/terraform-change-pr-commenter@v1.14.0 + - name: Tofu Report + uses: ahmadnassri/action-terraform-report@v4.1.14 with: - json-file: cloudflare/cloudflare_tf.json - github-token: ${{ secrets.BOT_GITEA_TOKEN }} + # tell the action the plan outputs + terraform-text: ${{ github.workspace }}/terraform.text + terraform-json: ${{ github.workspace }}/terraform.json + remove-stale-reports: true # - name: Build Markdown PR comment from plan file # run: | From 29536213ca19e1a3d672e6f5ae5955e33f04c81a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 06:37:20 -0500 Subject: [PATCH 019/123] Testing out event path contexts... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b4cbc41..843ef88 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -135,14 +135,15 @@ jobs: cd cloudflare tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json + echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" - - name: Tofu Report - uses: ahmadnassri/action-terraform-report@v4.1.14 - with: - # tell the action the plan outputs - terraform-text: ${{ github.workspace }}/terraform.text - terraform-json: ${{ github.workspace }}/terraform.json - remove-stale-reports: true + # - name: Tofu Report + # uses: ahmadnassri/action-terraform-report@v4.1.14 + # with: + # # tell the action the plan outputs + # terraform-text: ${{ github.workspace }}/terraform.text + # terraform-json: ${{ github.workspace }}/terraform.json + # remove-stale-reports: true # - name: Build Markdown PR comment from plan file # run: | From 9c1e744bcd22a2f591d2eb3e0d10ef3970bd1548 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 06:40:31 -0500 Subject: [PATCH 020/123] Testing out event path contexts... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 843ef88..9fbb231 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -136,6 +136,7 @@ jobs: tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" + cat ${{ gitea.event_path }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From 4968329d5c7d06cd0a81d9bd403cbaf63a887602 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 06:57:09 -0500 Subject: [PATCH 021/123] Testing out event path contexts... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 9fbb231..8f78308 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -136,7 +136,8 @@ jobs: tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" - cat ${{ gitea.event_path }} + cat "${{ gitea.event_path }}" + cat /var/run/act/workflow/event.json # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From 581530204028a1efcb5685091e7cfc44a928cfcf Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:22:11 -0500 Subject: [PATCH 022/123] Re-enabling tofu_wrapper. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8f78308..8a667c7 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -83,7 +83,7 @@ jobs: uses: opentofu/setup-opentofu@v1.0.6 with: version: ${{ env.OPENTOFU_VERSION }} - tofu_wrapper: false + tofu_wrapper: true - name: Generate .env from Hashicorp Vault uses: https://git.trez.wtf/Trez/hc-vault-env@main From c4dd4c580ab13be56288cc08b6c11f002ff7c1a3 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:28:04 -0500 Subject: [PATCH 023/123] Testing PR comment action. --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8a667c7..71d16a6 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -130,14 +130,12 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Convert Plan to JSON - run: | - cd cloudflare - tofu show cloudflare.tfplan > cloudflare_tf.txt - tofu show -json cloudflare.tfplan > cloudflare_tf.json - echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" - cat "${{ gitea.event_path }}" - cat /var/run/act/workflow/event.json + - name: Tofu PR Commenter + uses: alexnorell/tofu-pr-commenter@v2.0.0 + with: + commenter_type: plan + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From 9f6d9596d4c6d62e660b21d7a0fa4e5a92199a3e Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:36:12 -0500 Subject: [PATCH 024/123] Testing PR comment action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 71d16a6..dfe8dfb 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,6 +132,8 @@ jobs: - name: Tofu PR Commenter uses: alexnorell/tofu-pr-commenter@v2.0.0 + env: + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} with: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From 0bc1c823c1a7875de724a83dd7c37510392c6bad Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:48:34 -0500 Subject: [PATCH 025/123] Testing PR comment action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index dfe8dfb..b41ef78 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -131,7 +131,7 @@ jobs: out: cloudflare.tfplan - name: Tofu PR Commenter - uses: alexnorell/tofu-pr-commenter@v2.0.0 + uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main env: PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} with: From a98c0c1778e60ea66446364b1912cb9bddb1b9d7 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:51:00 -0500 Subject: [PATCH 026/123] Testing PR comment action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b41ef78..627a751 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -133,6 +133,7 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main env: + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} with: commenter_type: plan From 8bf9040b5aef2429b5e3e45f79ed170e63e5c083 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 09:02:03 -0500 Subject: [PATCH 027/123] Testing still... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 627a751..4dc80ff 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -130,15 +130,21 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main - env: - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - with: - commenter_type: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + - run: | + echo ${{ gitea.event_path }} + cat ${{ gitea.event_path }} + cp ${{ gitea.event_path }} . + cat event.json | jq + + # - name: Tofu PR Commenter + # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main + # env: + # GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + # PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + # with: + # commenter_type: plan + # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + # commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From a2d5cc21923add7b7f6bad43f9a77e1b728a12b2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 09:29:06 -0500 Subject: [PATCH 028/123] Testing still... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4dc80ff..cd46411 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -131,10 +131,7 @@ jobs: out: cloudflare.tfplan - run: | - echo ${{ gitea.event_path }} - cat ${{ gitea.event_path }} - cp ${{ gitea.event_path }} . - cat event.json | jq + echo ${{ gitea.event }} # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main From 87e4b71e5412924ebd1833cf83c19854ca6be2c7 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 11:10:30 -0500 Subject: [PATCH 029/123] Experimenting... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index cd46411..7c7ffaf 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -19,6 +19,7 @@ jobs: name: Check and Create PR outputs: pr_number: ${{ steps.pr-check-create.outputs.pr_number }} + pr_url: ${{ steps.pr-check-create.outputs.pr_number }} runs-on: ubuntu-latest steps: - name: Checkout Code @@ -131,8 +132,9 @@ jobs: out: cloudflare.tfplan - run: | - echo ${{ gitea.event }} - + pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews"} + ${pr_comments_url} + pr_comment_id=$(curl -sS -X GET ${pr_comments_url} | jq '.[].id') # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main # env: From a0b5c86c9f508556b17da1f0d7276d69e6848963 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 11:21:33 -0500 Subject: [PATCH 030/123] Typo fix, L135. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 7c7ffaf..8134690 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,7 +132,7 @@ jobs: out: cloudflare.tfplan - run: | - pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews"} + pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews") ${pr_comments_url} pr_comment_id=$(curl -sS -X GET ${pr_comments_url} | jq '.[].id') # - name: Tofu PR Commenter From 81985551c3d5b04d5b52d63726aee9632e2f2946 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 15:15:09 -0500 Subject: [PATCH 031/123] Testing out PR URL... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8134690..c3a6a6f 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,9 +132,9 @@ jobs: out: cloudflare.tfplan - run: | - pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews") - ${pr_comments_url} - pr_comment_id=$(curl -sS -X GET ${pr_comments_url} | jq '.[].id') + echo ${{ needs.check-and-create-pr.outputs.pr_url }} + echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews" + # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main # env: From 106ea0f791579bb705d31c265a0543ecf9426ec1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 15:28:02 -0500 Subject: [PATCH 032/123] Correction on job output. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index c3a6a6f..dde80fd 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -19,7 +19,7 @@ jobs: name: Check and Create PR outputs: pr_number: ${{ steps.pr-check-create.outputs.pr_number }} - pr_url: ${{ steps.pr-check-create.outputs.pr_number }} + pr_url: ${{ steps.pr-check-create.outputs.pr_url }} runs-on: ubuntu-latest steps: - name: Checkout Code From 6a239276f8edb92f71d03588ee24e689282c3597 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 17:22:15 -0500 Subject: [PATCH 033/123] Removing some unused CNAMEs. --- cloudflare/cloudflare_resource_gen.tf | 234 -------------------------- 1 file changed, 234 deletions(-) diff --git a/cloudflare/cloudflare_resource_gen.tf b/cloudflare/cloudflare_resource_gen.tf index 55df90f..1203691 100644 --- a/cloudflare/cloudflare_resource_gen.tf +++ b/cloudflare/cloudflare_resource_gen.tf @@ -118,19 +118,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_7de07ff813f4bccc666 } } -resource "cloudflare_dns_record" "terraform_managed_resource_3dc156fc1047fe07dcea08cfac326eb8_9" { - content = "trez.wtf" - name = "ansible.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_4724ef076d56cec92de82f149b019a65_10" { content = "trez.wtf" name = "apc.trez.wtf" @@ -170,19 +157,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_de6fbdc83515827fad6 } } -resource "cloudflare_dns_record" "terraform_managed_resource_c7647ea568d3ef44e93596eddc023c98_13" { - content = "trez.wtf" - name = "appt.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_f29aed046c0fb5e05a9b1974f119eeaf_14" { content = "trez.wtf" name = "archive.trez.wtf" @@ -196,19 +170,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_f29aed046c0fb5e05a9 } } -resource "cloudflare_dns_record" "terraform_managed_resource_4774c5893f3cb0a20ea79250bf014ece_15" { - content = "trez.wtf" - name = "argus.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_ba773b8688e2366a2acc654f794bdb85_16" { content = "trez.wtf" name = "asciinema.trez.wtf" @@ -339,32 +300,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_e4d7085f7185601969b } } -resource "cloudflare_dns_record" "terraform_managed_resource_008596b917dabf5c4ce07b770f081c89_26" { - content = "trez.wtf" - name = "btmag.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - -resource "cloudflare_dns_record" "terraform_managed_resource_f7a17f97074e9739cc8761271edd73b0_27" { - content = "trez.wtf" - name = "bunker.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_95df59d673ce44b3cbe71487220d6a27_28" { content = "trez.wtf" name = "cchef.trez.wtf" @@ -521,19 +456,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_f68d0f0ff21ede0a63d } } -resource "cloudflare_dns_record" "terraform_managed_resource_4f43fc65db56a4a4d02d1de664e1ec46_40" { - content = "trez.wtf" - name = "deluge.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_2b1a8ace156657ee52656fba1c49ade3_41" { content = "trez.wtf" name = "devops.trez.wtf" @@ -950,19 +872,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_a70c09e3b78c1728261 } } -resource "cloudflare_dns_record" "terraform_managed_resource_6a92807e52e038c26af268c4597ebc1f_73" { - content = "trez.wtf" - name = "matrix.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_39fa401a6d962e2983b565afa9b342dc_74" { content = "trez.wtf" name = "meet-admin.trez.wtf" @@ -1002,32 +911,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_73ef2be84ef9350b31c } } -resource "cloudflare_dns_record" "terraform_managed_resource_fe64d5437e9a3dfde9c6dae4f38e4da5_77" { - content = "trez.wtf" - name = "mesh.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - -resource "cloudflare_dns_record" "terraform_managed_resource_b16d12c0494e7f4919227be13849b32a_78" { - content = "trez.wtf" - name = "mimir.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_7c5ed631e6ce51c04ea3bf5b4eef6f08_79" { content = "trez.wtf" name = "mon.trez.wtf" @@ -1093,19 +976,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_bf9e99fb61f7e290dc5 } } -resource "cloudflare_dns_record" "terraform_managed_resource_2378be8a63c169da5e33c50f83862828_84" { - content = "trez.wtf" - name = "netdata.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_9a5e88bf84f980cc1ad2a3234353bb2b_85" { content = "9ef0e85a-d2f5-45e0-9a26-06c0da483fef.cfargotunnel.com" name = "net.trez.wtf" @@ -1145,19 +1015,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_57e3006530bfe01e39e } } -resource "cloudflare_dns_record" "terraform_managed_resource_e1083efed3200637e26faee90fee0f4b_88" { - content = "trez.wtf" - name = "ntfy.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_0134cf3059dd98efb64a3da16d49e42f_89" { content = "trez.wtf" name = "ombi.trez.wtf" @@ -1184,19 +1041,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_c55083c8f8b2f79c035 } } -resource "cloudflare_dns_record" "terraform_managed_resource_7c1f042774795cb5b5b34d13fc76da46_91" { - content = "trez.wtf" - name = "patch.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_e7a6f3d25a3bdcc8a9c220ae70746e92_92" { content = "trez.wtf" name = "pdf.trez.wtf" @@ -1210,19 +1054,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_e7a6f3d25a3bdcc8a9c } } -resource "cloudflare_dns_record" "terraform_managed_resource_64528783fef4d97972834ac5271f7647_93" { - content = "trez.wtf" - name = "penpot.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_1322fe40ad6a7371919c8a4704e938ee_94" { content = "trez.wtf" name = "pg.trez.wtf" @@ -1587,19 +1418,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_3eb975ffec1d3cddafc } } -resource "cloudflare_dns_record" "terraform_managed_resource_f92aee107ba57417d368f034c5db5170_122" { - content = "trez.wtf" - name = "rustdesk.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_d8099b3c4bc3e1f9ce7eb12c7ef2f74f_123" { content = "trez.wtf" name = "s3.trez.wtf" @@ -1717,19 +1535,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_b24c55a07140cc138c9 } } -resource "cloudflare_dns_record" "terraform_managed_resource_55d6697514f334297cf8233850027c82_132" { - content = "trez.wtf" - name = "slurpit.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_694583ecf71a69b5ae319b06ea589b77_133" { content = "9ef0e85a-d2f5-45e0-9a26-06c0da483fef.cfargotunnel.com" name = "smartd.trez.wtf" @@ -1847,19 +1652,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_e63b9b49dbcc759d60f } } -resource "cloudflare_dns_record" "terraform_managed_resource_99187472f49f77031d99574fe7056405_142" { - content = "trez.wtf" - name = "store.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_fb897f9cbbb989e78ec0ea35e74ae2fa_143" { content = "trez.wtf" name = "subs.trez.wtf" @@ -1977,19 +1769,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_ec3211a1a01ce020d2b } } -resource "cloudflare_dns_record" "terraform_managed_resource_4c56f52a908d6972d68d3e34019bb82b_152" { - content = "trez.wtf" - name = "wallabag.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_6a7baf229fae585a31b885bac3438655_153" { content = "trez.wtf" name = "webhook.trez.wtf" @@ -2029,19 +1808,6 @@ resource "cloudflare_dns_record" "terraform_managed_resource_655f25482677e805e2c } } -resource "cloudflare_dns_record" "terraform_managed_resource_f9728b02a0472264d585182edfc4001e_156" { - content = "trez.wtf" - name = "yacht.trez.wtf" - proxied = true - tags = [] - ttl = 1 - type = "CNAME" - zone_id = "17dbb71212204583b777783d25eb6738" - settings = { - flatten_cname = false - } -} - resource "cloudflare_dns_record" "terraform_managed_resource_2ed464f16e38f4a7d3b5b6b57818a2e7_157" { content = "trez.wtf" name = "ytdl.trez.wtf" From 5be448e8d55cca174ba9b912ec72663909a2d616 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 17:22:28 -0500 Subject: [PATCH 034/123] Changing comment step. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 37 +++---------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b6879d9..f7ac68d 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -105,7 +105,7 @@ jobs: chdir: cloudflare - name: Tofu Plan - id: tofu_plan + id: tofu-plan continue-on-error: true uses: dnogu/tofu-plan@v1 with: @@ -113,37 +113,12 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Build Markdown PR comment from plan file - run: | - mkdir -p tmp - { - echo "## 🧩 OpenTofu Plan — Cloudflare" - echo "**Branch:** \`${{ github.ref_name }}\`" - echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" - echo "**Working Directory:** \`cloudflare\`" - echo "" - echo "
🪶 Click to expand full plan output" - echo "" - echo '```hcl' - cat ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe - echo '```' - echo "" - echo "
" - echo "" - echo "*(This plan was automatically generated by the workflow.)*" - } > tmp/tofu-plan.md - echo "Markdown PR comment built: tmp/tofu-plan.md" - - - name: Comment full Tofu Plan on PR (Gitea safe) - uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + - name: Tofu PR Commenter + uses: alexnorell/tofu-pr-commenter@v2.0.0 with: - platform: gitea - api_url: https://git.trez.wtf/api/v1 - token: ${{ secrets.BOT_GITEA_TOKEN }} - pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} - repo_owner: ${{ github.repository_owner }} - repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - comment_template_path: tmp/tofu-plan.md + commenter_type: plan + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 From 9c632ef06fed640130835891f75df3a9f109191a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 19:58:26 -0500 Subject: [PATCH 035/123] Switching comment action to custom one. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 23 +++++++++++++++---- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index f7ac68d..1626124 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,12 +113,25 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Tofu PR Commenter - uses: alexnorell/tofu-pr-commenter@v2.0.0 + - name: PR Comment + uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + env: + DEBUG: true with: - commenter_type: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + debug: true + platform: gitea + api_url: https://git.trez.wtf/api/v1 + token: ${{ secrets.BOT_GITEA_TOKEN }} + pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} + repo_owner: ${{ github.repository_owner }} + repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} + plan_file: cloudflare/cloudflare.tfplan + comment_template: | + 🚀 **Tofu Plan Output** + --- + ${{ steps.tofu-plan.outputs.plan-output }} + + Exit Code: ${{ steps.tofu-plan.outputs.exitcode }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 From d8adfc4f55f4a463738507508f790dafbda093ea Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 21:19:00 -0500 Subject: [PATCH 036/123] Still tweaking the PR comment step... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 49 ++++++++++++++----- 1 file changed, 38 insertions(+), 11 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 1626124..039947f 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,25 +113,52 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: PR Comment + - name: Build Markdown PR comment from plan file + run: | + mkdir -p tmp + { + echo "## 🧩 OpenTofu Plan — Cloudflare" + echo "**Branch:** \`${{ github.ref_name }}\`" + echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" + echo "**Working Directory:** \`cloudflare\`" + echo "" + echo "
🪶 Click to expand full plan output" + echo "" + echo '```hcl' + tofu show cloudflare.tfplan # <-- read file directly, ACT-safe + echo '```' + echo "" + echo "
" + echo "" + echo "*(This plan was automatically generated by the workflow.)*" + } > tmp/tofu-plan.md + echo "Markdown PR comment built: tmp/tofu-plan.md" + + - name: Load markdown plan into env var (safe for large output) + id: load-plan-md + run: | + # Ensure file exists and isn't absurdly large + if [ ! -f tmp/tofu-plan.md ]; then + echo "❌ Missing tmp/tofu-plan.md" + exit 1 + fi + + # Collapse newlines for environment storage + plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) + echo "COMMENT_TEMPLATE<> $GITHUB_ENV + echo -e "$plan_md" >> $GITHUB_ENV + echo "EOF" >> $GITHUB_ENV + + - name: Comment full Tofu Plan on PR (Gitea safe) uses: https://git.trez.wtf/Trez.One/git-auto-comment@main - env: - DEBUG: true with: - debug: true platform: gitea api_url: https://git.trez.wtf/api/v1 token: ${{ secrets.BOT_GITEA_TOKEN }} pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} repo_owner: ${{ github.repository_owner }} repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - plan_file: cloudflare/cloudflare.tfplan - comment_template: | - 🚀 **Tofu Plan Output** - --- - ${{ steps.tofu-plan.outputs.plan-output }} - - Exit Code: ${{ steps.tofu-plan.outputs.exitcode }} + comment_template: ${{ env.COMMENT_TEMPLATE }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 From abdb2cc2de3c820ecc83c0a482b8e15d4b23e4a9 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 3 Nov 2025 21:24:57 -0500 Subject: [PATCH 037/123] Still tweaking the PR comment step... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 039947f..58cb9b1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -125,7 +125,7 @@ jobs: echo "
🪶 Click to expand full plan output" echo "" echo '```hcl' - tofu show cloudflare.tfplan # <-- read file directly, ACT-safe + tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe echo '```' echo "" echo "
" From 3a0914859aa3c3849bdc468befe2712985f2453c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 06:39:04 -0500 Subject: [PATCH 038/123] tfplan location. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 58cb9b1..15b6edf 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,6 +116,7 @@ jobs: - name: Build Markdown PR comment from plan file run: | mkdir -p tmp + pwd { echo "## 🧩 OpenTofu Plan — Cloudflare" echo "**Branch:** \`${{ github.ref_name }}\`" @@ -125,7 +126,7 @@ jobs: echo "
🪶 Click to expand full plan output" echo "" echo '```hcl' - tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe + tofu show cloudflare.tfplan # <-- read file directly, ACT-safe echo '```' echo "" echo "
" From 096126dacb3bd515fb35632f35551a4f6c20c9af Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 06:44:54 -0500 Subject: [PATCH 039/123] Dir tshooting. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 15b6edf..8ea37d2 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,7 @@ jobs: - name: Build Markdown PR comment from plan file run: | mkdir -p tmp - pwd + cd cloudflare/ ; ls -altr { echo "## 🧩 OpenTofu Plan — Cloudflare" echo "**Branch:** \`${{ github.ref_name }}\`" From 7348d7e232b28d65fbb2a06a4b30343a429852d5 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 06:48:07 -0500 Subject: [PATCH 040/123] Dir tshooting. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8ea37d2..58cb9b1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,6 @@ jobs: - name: Build Markdown PR comment from plan file run: | mkdir -p tmp - cd cloudflare/ ; ls -altr { echo "## 🧩 OpenTofu Plan — Cloudflare" echo "**Branch:** \`${{ github.ref_name }}\`" @@ -126,7 +125,7 @@ jobs: echo "
🪶 Click to expand full plan output" echo "" echo '```hcl' - tofu show cloudflare.tfplan # <-- read file directly, ACT-safe + tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe echo '```' echo "" echo "
" From ae133bd3318aea87b649328426282c1ca1016849 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 10:56:55 -0500 Subject: [PATCH 041/123] Expanding Tofu init step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 58cb9b1..78b4d12 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -103,6 +103,10 @@ jobs: with: working-directory: . chdir: cloudflare + upgrade: true + backend: true + get: true + reconfigure: true - name: Tofu Plan id: tofu-plan From 59caf6ba4b621cf4b3399366c304feeb3181578d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 14:03:55 -0500 Subject: [PATCH 042/123] Clearing Tofu cache for provider refresh. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 78b4d12..af7036b 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -67,6 +67,10 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Clear Tofu cache + run: | + rm cloudflare/.terraform.lock.hcl + - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 with: From 361c38b80016cc4feb2fbe2544962b5a46179655 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:05:01 -0500 Subject: [PATCH 043/123] Init output. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index af7036b..bfcb744 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -103,6 +103,7 @@ jobs: echo "repo_name=$repo_name" >> "$GITHUB_OUTPUT" - name: Run tofu init + id: tofu-init uses: dnogu/tofu-init@v1 with: working-directory: . @@ -112,6 +113,9 @@ jobs: get: true reconfigure: true + - run: | + echo ${{ steps.tofu-init.outputs.init-output }} + - name: Tofu Plan id: tofu-plan continue-on-error: true From d243237cbf5fb99c6b2002d726d13a1a77d29d44 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:10:50 -0500 Subject: [PATCH 044/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index bfcb744..ddf85a8 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -114,7 +114,7 @@ jobs: reconfigure: true - run: | - echo ${{ steps.tofu-init.outputs.init-output }} + echo -e "${{ steps.tofu-init.outputs.init-output }}" - name: Tofu Plan id: tofu-plan From b2b137d75d1ed4547b58568d0c79782fb269c4a5 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:14:58 -0500 Subject: [PATCH 045/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index ddf85a8..89b9673 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,9 +113,6 @@ jobs: get: true reconfigure: true - - run: | - echo -e "${{ steps.tofu-init.outputs.init-output }}" - - name: Tofu Plan id: tofu-plan continue-on-error: true From c1a390d524c0774b5cd97984dc8654982a2da987 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:24:58 -0500 Subject: [PATCH 046/123] Extending step for .tofurc creation. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 89b9673..fc43499 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -70,6 +70,14 @@ jobs: - name: Clear Tofu cache run: | rm cloudflare/.terraform.lock.hcl + cat > cloudflare/.tofurc <<'EOF' + provider_installation { + network_mirror { + url = "https://registry.terraform.io/" + } + direct {} + } + EOF - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 From bc4bd06ac8c646da8d80fd7d5ac6f8e8bd3b150c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:52:00 -0500 Subject: [PATCH 047/123] ... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 120 ++++++++++-------- 1 file changed, 66 insertions(+), 54 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index fc43499..c64f704 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -128,66 +128,78 @@ jobs: with: working-directory: . chdir: cloudflare + no-color: true out: cloudflare.tfplan - - name: Build Markdown PR comment from plan file + - name: Convert Plan to JSON run: | - mkdir -p tmp - { - echo "## 🧩 OpenTofu Plan — Cloudflare" - echo "**Branch:** \`${{ github.ref_name }}\`" - echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" - echo "**Working Directory:** \`cloudflare\`" - echo "" - echo "
🪶 Click to expand full plan output" - echo "" - echo '```hcl' - tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe - echo '```' - echo "" - echo "
" - echo "" - echo "*(This plan was automatically generated by the workflow.)*" - } > tmp/tofu-plan.md - echo "Markdown PR comment built: tmp/tofu-plan.md" + pwd + tofu show -json ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan > cloudflare_tf.json - - name: Load markdown plan into env var (safe for large output) - id: load-plan-md - run: | - # Ensure file exists and isn't absurdly large - if [ ! -f tmp/tofu-plan.md ]; then - echo "❌ Missing tmp/tofu-plan.md" - exit 1 - fi - - # Collapse newlines for environment storage - plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) - echo "COMMENT_TEMPLATE<> $GITHUB_ENV - echo -e "$plan_md" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - - name: Comment full Tofu Plan on PR (Gitea safe) - uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + - name: Tofu Plan Comment + uses: liatrio/terraform-change-pr-commenter@v1.14.0 with: - platform: gitea - api_url: https://git.trez.wtf/api/v1 - token: ${{ secrets.BOT_GITEA_TOKEN }} - pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} - repo_owner: ${{ github.repository_owner }} - repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - comment_template: ${{ env.COMMENT_TEMPLATE }} + json-file: cloudflare/cloudflare_tf.json + github-token: ${{ secrets.BOT_GITEA_TOKEN }} - - name: Wait for manual approval - uses: trstringer/manual-approval@v1 - with: - secret: ${{ secrets.BOT_GITEA_TOKEN }} - approvers: WTF - minimum-approvals: 1 - issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" - issue-body: "Please approve or deny the deployment of the below Tofu plan" - issue-body-file-path: cloudflare/cloudflare.tfplan - exclude-workflow-initiator-as-approver: false - fail-on-denial: true + # - name: Build Markdown PR comment from plan file + # run: | + # mkdir -p tmp + # { + # echo "## 🧩 OpenTofu Plan — Cloudflare" + # echo "**Branch:** \`${{ github.ref_name }}\`" + # echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" + # echo "**Working Directory:** \`cloudflare\`" + # echo "" + # echo "
🪶 Click to expand full plan output" + # echo "" + # echo '```hcl' + # tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe + # echo '```' + # echo "" + # echo "
" + # echo "" + # echo "*(This plan was automatically generated by the workflow.)*" + # } > tmp/tofu-plan.md + # echo "Markdown PR comment built: tmp/tofu-plan.md" + + # - name: Load markdown plan into env var (safe for large output) + # id: load-plan-md + # run: | + # # Ensure file exists and isn't absurdly large + # if [ ! -f tmp/tofu-plan.md ]; then + # echo "❌ Missing tmp/tofu-plan.md" + # exit 1 + # fi + + # # Collapse newlines for environment storage + # plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) + # echo "COMMENT_TEMPLATE<> $GITHUB_ENV + # echo -e "$plan_md" >> $GITHUB_ENV + # echo "EOF" >> $GITHUB_ENV + + # - name: Comment full Tofu Plan on PR (Gitea safe) + # uses: https://git.trez.wtf/Trez.One/git-auto-comment@main + # with: + # platform: gitea + # api_url: https://git.trez.wtf/api/v1 + # token: ${{ secrets.BOT_GITEA_TOKEN }} + # pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} + # repo_owner: ${{ github.repository_owner }} + # repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} + # comment_template: ${{ env.COMMENT_TEMPLATE }} + + # - name: Wait for manual approval + # uses: trstringer/manual-approval@v1 + # with: + # secret: ${{ secrets.BOT_GITEA_TOKEN }} + # approvers: WTF + # minimum-approvals: 1 + # issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" + # issue-body: "Please approve or deny the deployment of the below Tofu plan" + # issue-body-file-path: cloudflare/cloudflare.tfplan + # exclude-workflow-initiator-as-approver: false + # fail-on-denial: true # apply: # name: Apply Tofu Plan From db634404a6c92c35dabd797acb17484b0f0ececa Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 15:58:40 -0500 Subject: [PATCH 048/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index c64f704..62d21c4 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -128,13 +128,12 @@ jobs: with: working-directory: . chdir: cloudflare - no-color: true out: cloudflare.tfplan - name: Convert Plan to JSON run: | pwd - tofu show -json ${GITHUB_WORKSPACE}/cloudflare/cloudflare.tfplan > cloudflare_tf.json + tofu show -json cloudflare/cloudflare.tfplan > cloudflare_tf.json - name: Tofu Plan Comment uses: liatrio/terraform-change-pr-commenter@v1.14.0 From 6ae4ec41b75e6415c28199e2d090bfecdf2b2027 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 20:12:52 -0500 Subject: [PATCH 049/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 62d21c4..9422f93 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,8 +132,8 @@ jobs: - name: Convert Plan to JSON run: | - pwd - tofu show -json cloudflare/cloudflare.tfplan > cloudflare_tf.json + cd cloudflare + tofu show -json cloudflare.tfplan > cloudflare_tf.json - name: Tofu Plan Comment uses: liatrio/terraform-change-pr-commenter@v1.14.0 From ace89a01b69f79701b3b2348fb09d3fe01f5153c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 4 Nov 2025 20:40:38 -0500 Subject: [PATCH 050/123] ... --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 9422f93..b4cbc41 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -83,7 +83,7 @@ jobs: uses: opentofu/setup-opentofu@v1.0.6 with: version: ${{ env.OPENTOFU_VERSION }} - tofu_wrapper: true + tofu_wrapper: false - name: Generate .env from Hashicorp Vault uses: https://git.trez.wtf/Trez/hc-vault-env@main @@ -133,13 +133,16 @@ jobs: - name: Convert Plan to JSON run: | cd cloudflare + tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json - - name: Tofu Plan Comment - uses: liatrio/terraform-change-pr-commenter@v1.14.0 + - name: Tofu Report + uses: ahmadnassri/action-terraform-report@v4.1.14 with: - json-file: cloudflare/cloudflare_tf.json - github-token: ${{ secrets.BOT_GITEA_TOKEN }} + # tell the action the plan outputs + terraform-text: ${{ github.workspace }}/terraform.text + terraform-json: ${{ github.workspace }}/terraform.json + remove-stale-reports: true # - name: Build Markdown PR comment from plan file # run: | From d963274f50b0152ffba38739d2c807f5c3d45f87 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 06:37:20 -0500 Subject: [PATCH 051/123] Testing out event path contexts... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b4cbc41..843ef88 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -135,14 +135,15 @@ jobs: cd cloudflare tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json + echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" - - name: Tofu Report - uses: ahmadnassri/action-terraform-report@v4.1.14 - with: - # tell the action the plan outputs - terraform-text: ${{ github.workspace }}/terraform.text - terraform-json: ${{ github.workspace }}/terraform.json - remove-stale-reports: true + # - name: Tofu Report + # uses: ahmadnassri/action-terraform-report@v4.1.14 + # with: + # # tell the action the plan outputs + # terraform-text: ${{ github.workspace }}/terraform.text + # terraform-json: ${{ github.workspace }}/terraform.json + # remove-stale-reports: true # - name: Build Markdown PR comment from plan file # run: | From 2cc9d449b5886d927fd61f12acc837d3f1a87edd Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 06:40:31 -0500 Subject: [PATCH 052/123] Testing out event path contexts... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 843ef88..9fbb231 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -136,6 +136,7 @@ jobs: tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" + cat ${{ gitea.event_path }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From d31f51ebf49ec5f957fa098c2b1add3331e66116 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 06:57:09 -0500 Subject: [PATCH 053/123] Testing out event path contexts... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 9fbb231..8f78308 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -136,7 +136,8 @@ jobs: tofu show cloudflare.tfplan > cloudflare_tf.txt tofu show -json cloudflare.tfplan > cloudflare_tf.json echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" - cat ${{ gitea.event_path }} + cat "${{ gitea.event_path }}" + cat /var/run/act/workflow/event.json # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From e09c40eab1472b56fc7eeddf485e8bc643c79a67 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:22:11 -0500 Subject: [PATCH 054/123] Re-enabling tofu_wrapper. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8f78308..8a667c7 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -83,7 +83,7 @@ jobs: uses: opentofu/setup-opentofu@v1.0.6 with: version: ${{ env.OPENTOFU_VERSION }} - tofu_wrapper: false + tofu_wrapper: true - name: Generate .env from Hashicorp Vault uses: https://git.trez.wtf/Trez/hc-vault-env@main From 51364a0a533ca710c4774459c871618bd91230e1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:28:04 -0500 Subject: [PATCH 055/123] Testing PR comment action. --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8a667c7..71d16a6 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -130,14 +130,12 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Convert Plan to JSON - run: | - cd cloudflare - tofu show cloudflare.tfplan > cloudflare_tf.txt - tofu show -json cloudflare.tfplan > cloudflare_tf.json - echo -e "Gitea: ${{ gitea.event_path }}\nGithub: ${{ github.event_path }}" - cat "${{ gitea.event_path }}" - cat /var/run/act/workflow/event.json + - name: Tofu PR Commenter + uses: alexnorell/tofu-pr-commenter@v2.0.0 + with: + commenter_type: plan + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From 9768b8e8e0cf4384e958b05ed79d0f4894b766a3 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:36:12 -0500 Subject: [PATCH 056/123] Testing PR comment action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 71d16a6..dfe8dfb 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,6 +132,8 @@ jobs: - name: Tofu PR Commenter uses: alexnorell/tofu-pr-commenter@v2.0.0 + env: + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} with: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From a53f939586c252d62645275e522125599373c4dd Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:48:34 -0500 Subject: [PATCH 057/123] Testing PR comment action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index dfe8dfb..b41ef78 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -131,7 +131,7 @@ jobs: out: cloudflare.tfplan - name: Tofu PR Commenter - uses: alexnorell/tofu-pr-commenter@v2.0.0 + uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main env: PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} with: From 71affe3b63274ff25022611ed7971d71aa83c3b8 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 08:51:00 -0500 Subject: [PATCH 058/123] Testing PR comment action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b41ef78..627a751 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -133,6 +133,7 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main env: + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} with: commenter_type: plan From f2a23e1fb63324e37a4c7d471be6cea7aa198a41 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 09:02:03 -0500 Subject: [PATCH 059/123] Testing still... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 627a751..4dc80ff 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -130,15 +130,21 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main - env: - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - with: - commenter_type: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + - run: | + echo ${{ gitea.event_path }} + cat ${{ gitea.event_path }} + cp ${{ gitea.event_path }} . + cat event.json | jq + + # - name: Tofu PR Commenter + # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main + # env: + # GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + # PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + # with: + # commenter_type: plan + # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + # commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From 43f00abe3c34ce65c10e178df7c50a584d215c3a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 09:29:06 -0500 Subject: [PATCH 060/123] Testing still... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4dc80ff..cd46411 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -131,10 +131,7 @@ jobs: out: cloudflare.tfplan - run: | - echo ${{ gitea.event_path }} - cat ${{ gitea.event_path }} - cp ${{ gitea.event_path }} . - cat event.json | jq + echo ${{ gitea.event }} # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main From efabc410423ed82bc38c736c06e015e670e69971 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 11:10:30 -0500 Subject: [PATCH 061/123] Experimenting... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index cd46411..7c7ffaf 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -19,6 +19,7 @@ jobs: name: Check and Create PR outputs: pr_number: ${{ steps.pr-check-create.outputs.pr_number }} + pr_url: ${{ steps.pr-check-create.outputs.pr_number }} runs-on: ubuntu-latest steps: - name: Checkout Code @@ -131,8 +132,9 @@ jobs: out: cloudflare.tfplan - run: | - echo ${{ gitea.event }} - + pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews"} + ${pr_comments_url} + pr_comment_id=$(curl -sS -X GET ${pr_comments_url} | jq '.[].id') # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main # env: From f378d0525ee0b46ade4eea724e32dfbf1975b295 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 11:21:33 -0500 Subject: [PATCH 062/123] Typo fix, L135. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 7c7ffaf..8134690 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,7 +132,7 @@ jobs: out: cloudflare.tfplan - run: | - pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews"} + pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews") ${pr_comments_url} pr_comment_id=$(curl -sS -X GET ${pr_comments_url} | jq '.[].id') # - name: Tofu PR Commenter From d808f1e3ebd7e47c6ac1449f11acb2dc4ac7b20b Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 15:15:09 -0500 Subject: [PATCH 063/123] Testing out PR URL... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 8134690..c3a6a6f 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,9 +132,9 @@ jobs: out: cloudflare.tfplan - run: | - pr_comments_url=${echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews") - ${pr_comments_url} - pr_comment_id=$(curl -sS -X GET ${pr_comments_url} | jq '.[].id') + echo ${{ needs.check-and-create-pr.outputs.pr_url }} + echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews" + # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main # env: From 27f3ec14e9a56ae7dd58504c8060fcf688f91a76 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 5 Nov 2025 15:28:02 -0500 Subject: [PATCH 064/123] Correction on job output. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index c3a6a6f..dde80fd 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -19,7 +19,7 @@ jobs: name: Check and Create PR outputs: pr_number: ${{ steps.pr-check-create.outputs.pr_number }} - pr_url: ${{ steps.pr-check-create.outputs.pr_number }} + pr_url: ${{ steps.pr-check-create.outputs.pr_url }} runs-on: ubuntu-latest steps: - name: Checkout Code From b58e4a69158a5e0853b7042f8fb726492ffa52df Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 6 Nov 2025 07:35:33 -0500 Subject: [PATCH 065/123] Tofu PR comment testing. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 35 ++++++++++++------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index dde80fd..153c250 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -122,6 +122,17 @@ jobs: get: true reconfigure: true + - name: Tofu PR Commenter + uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main + env: + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} + with: + commenter_type: init + commenter_input: ${{ steps.tofu-init.outputs.init-output }} + - name: Tofu Plan id: tofu-plan continue-on-error: true @@ -131,19 +142,17 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - run: | - echo ${{ needs.check-and-create-pr.outputs.pr_url }} - echo "${{ needs.check-and-create-pr.outputs.pr_url }}/reviews" - - # - name: Tofu PR Commenter - # uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main - # env: - # GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - # PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - # with: - # commenter_type: plan - # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - # commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + - name: Tofu PR Commenter + uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main + env: + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + with: + commenter_type: plan + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} # - name: Tofu Report # uses: ahmadnassri/action-terraform-report@v4.1.14 From ef53bc66b384d824b63ed55edefada40e93ba796 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 6 Nov 2025 07:46:36 -0500 Subject: [PATCH 066/123] Commenter exitcode Tofu init. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 153c250..a88c776 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -132,6 +132,7 @@ jobs: with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} + commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} - name: Tofu Plan id: tofu-plan From e2787a16403a8943f130704b5841db2509d2fec1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 6 Nov 2025 08:31:11 -0500 Subject: [PATCH 067/123] Env rename for Tofu comment steps. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index a88c776..1243f1f 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -127,7 +127,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} with: commenter_type: init @@ -148,7 +148,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} with: commenter_type: plan From 4032be67bc2567e98af6ee3bf9966990d8fef1d7 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 6 Nov 2025 09:51:10 -0500 Subject: [PATCH 068/123] Env var configuration. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 1243f1f..66a89bb 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -20,6 +20,9 @@ jobs: outputs: pr_number: ${{ steps.pr-check-create.outputs.pr_number }} pr_url: ${{ steps.pr-check-create.outputs.pr_url }} + pr_comments_url: ${{ steps.pr-check-create.outputs.pr_comments_url }} + pr_comment_id: ${{ steps.pr-check-create.outputs.pr_comment_id }} + pr_comment_uri: ${{ steps.pr-check-create.outputs.pr_comment_uri }} runs-on: ubuntu-latest steps: - name: Checkout Code @@ -60,6 +63,11 @@ jobs: needs: check-and-create-pr runs-on: ubuntu-latest env: + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} + PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} + PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} outputs: tofu-cloudflare-plan: ${{ steps.tofu_plan.outputs.plan-output }} @@ -126,9 +134,6 @@ jobs: uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main env: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_COMMENT_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} - PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} @@ -145,11 +150,6 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main - env: - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_COMMENT_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} - PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} with: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From 7fa19c65f57538adefc807588f3f0b813e408fb1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 04:54:32 -0500 Subject: [PATCH 069/123] Removing commented steps. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 55 ------------------- 1 file changed, 55 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 66a89bb..4964b88 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -155,61 +155,6 @@ jobs: commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} - # - name: Tofu Report - # uses: ahmadnassri/action-terraform-report@v4.1.14 - # with: - # # tell the action the plan outputs - # terraform-text: ${{ github.workspace }}/terraform.text - # terraform-json: ${{ github.workspace }}/terraform.json - # remove-stale-reports: true - - # - name: Build Markdown PR comment from plan file - # run: | - # mkdir -p tmp - # { - # echo "## 🧩 OpenTofu Plan — Cloudflare" - # echo "**Branch:** \`${{ github.ref_name }}\`" - # echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`" - # echo "**Working Directory:** \`cloudflare\`" - # echo "" - # echo "
🪶 Click to expand full plan output" - # echo "" - # echo '```hcl' - # tofu show cloudflare/cloudflare.tfplan # <-- read file directly, ACT-safe - # echo '```' - # echo "" - # echo "
" - # echo "" - # echo "*(This plan was automatically generated by the workflow.)*" - # } > tmp/tofu-plan.md - # echo "Markdown PR comment built: tmp/tofu-plan.md" - - # - name: Load markdown plan into env var (safe for large output) - # id: load-plan-md - # run: | - # # Ensure file exists and isn't absurdly large - # if [ ! -f tmp/tofu-plan.md ]; then - # echo "❌ Missing tmp/tofu-plan.md" - # exit 1 - # fi - - # # Collapse newlines for environment storage - # plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md) - # echo "COMMENT_TEMPLATE<> $GITHUB_ENV - # echo -e "$plan_md" >> $GITHUB_ENV - # echo "EOF" >> $GITHUB_ENV - - # - name: Comment full Tofu Plan on PR (Gitea safe) - # uses: https://git.trez.wtf/Trez.One/git-auto-comment@main - # with: - # platform: gitea - # api_url: https://git.trez.wtf/api/v1 - # token: ${{ secrets.BOT_GITEA_TOKEN }} - # pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} - # repo_owner: ${{ github.repository_owner }} - # repo_name: ${{ steps.env-vault-vars.outputs.repo_name }} - # comment_template: ${{ env.COMMENT_TEMPLATE }} - # - name: Wait for manual approval # uses: trstringer/manual-approval@v1 # with: From 139400104df5bbd5a02d2da9a85be46e4ee475fe Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 05:15:04 -0500 Subject: [PATCH 070/123] Moving around vars. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4964b88..96a3be8 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -63,11 +63,6 @@ jobs: needs: check-and-create-pr runs-on: ubuntu-latest env: - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} - PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} - PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} - PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} outputs: tofu-cloudflare-plan: ${{ steps.tofu_plan.outputs.plan-output }} @@ -133,6 +128,11 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main env: + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} + PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} + PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init @@ -150,6 +150,12 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main + env: + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} + PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} + PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} with: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From 58f2c2609dbbccc00fb1ed8912ce340441a2ceec Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 09:56:50 -0500 Subject: [PATCH 071/123] Plan comment step env fix. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 96a3be8..579716c 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -156,6 +156,7 @@ jobs: PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From 3f6b155c9ec884adab2f6be6d71672e52104ad48 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:01:42 -0500 Subject: [PATCH 072/123] Replacing TF PR commenter steps. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 25 ++++++------------- 1 file changed, 8 insertions(+), 17 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 579716c..4181bf9 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -63,6 +63,11 @@ jobs: needs: check-and-create-pr runs-on: ubuntu-latest env: + PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} + PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} + PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} + PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} outputs: tofu-cloudflare-plan: ${{ steps.tofu_plan.outputs.plan-output }} @@ -126,14 +131,7 @@ jobs: reconfigure: true - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main - env: - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} - PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} - PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} - PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + uses: https://git.trez.wtf/Trez/tf-pr-commenter@main with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} @@ -149,16 +147,9 @@ jobs: out: cloudflare.tfplan - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/terraform-tofu-pr-commenter@main - env: - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - PR_URL: ${{ needs.check-and-create-pr.outputs.pr_url }} - PR_COMMENTS_URL: ${{ needs.check-and-create-pr.outputs.pr_comments_url }} - PR_COMMENT_ID: ${{ needs.check-and-create-pr.outputs.pr_comment_id }} - PR_COMMENT_URI: ${{ needs.check-and-create-pr.outputs.pr_comment_uri }} - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + uses: https://git.trez.wtf/Trez/tf-pr-commenter@main with: - commenter_type: plan + command: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} From ce1fd20de05c840c4975a53218ee810d527ee3cf Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:08:29 -0500 Subject: [PATCH 073/123] Removing Tofu cache clear step. --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4181bf9..e1aba17 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -76,18 +76,6 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - name: Clear Tofu cache - run: | - rm cloudflare/.terraform.lock.hcl - cat > cloudflare/.tofurc <<'EOF' - provider_installation { - network_mirror { - url = "https://registry.terraform.io/" - } - direct {} - } - EOF - - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 with: From c52438e32f068a4f115c4cf42e80411d22c3a5ff Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:12:15 -0500 Subject: [PATCH 074/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index e1aba17..55bf7a8 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -80,7 +80,7 @@ jobs: uses: opentofu/setup-opentofu@v1.0.6 with: version: ${{ env.OPENTOFU_VERSION }} - tofu_wrapper: true + tofu_wrapper: false - name: Generate .env from Hashicorp Vault uses: https://git.trez.wtf/Trez/hc-vault-env@main From f46a2f1b89a73ec91371c56f96fec51f8082cf63 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:31:13 -0500 Subject: [PATCH 075/123] Adding env PATH for composite steps. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 55bf7a8..a209426 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -120,6 +120,8 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + PATH: ${{ env.PATH }}:/home/runner/.opentofu/bin with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} @@ -136,6 +138,8 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + PATH: ${{ env.PATH }}:/home/runner/.opentofu/bin with: command: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From c9ab9f24b4eb236a0b7a819379675ef61604697e Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:40:49 -0500 Subject: [PATCH 076/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index a209426..55bf7a8 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -120,8 +120,6 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main - env: - PATH: ${{ env.PATH }}:/home/runner/.opentofu/bin with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} @@ -138,8 +136,6 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main - env: - PATH: ${{ env.PATH }}:/home/runner/.opentofu/bin with: command: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From e5cccf7d934327a3041533f349f832ba7ead3f9f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:55:51 -0500 Subject: [PATCH 077/123] Working directory. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 55bf7a8..6ee4ce5 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -124,6 +124,7 @@ jobs: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} + working_directory: cloudflare - name: Tofu Plan id: tofu-plan @@ -140,6 +141,7 @@ jobs: command: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + working_directory: cloudflare # - name: Wait for manual approval # uses: trstringer/manual-approval@v1 From 4a4ae2fb8c0ade7733f15cb6834e35eba58d854d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 7 Nov 2025 12:59:36 -0500 Subject: [PATCH 078/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 6ee4ce5..e2e6fa9 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -80,7 +80,7 @@ jobs: uses: opentofu/setup-opentofu@v1.0.6 with: version: ${{ env.OPENTOFU_VERSION }} - tofu_wrapper: false + tofu_wrapper: true - name: Generate .env from Hashicorp Vault uses: https://git.trez.wtf/Trez/hc-vault-env@main From 454985fcd6eb341d812289b823e034d52d4d2146 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 8 Nov 2025 08:16:24 -0500 Subject: [PATCH 079/123] Removing extra inputs from tofu init step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index e2e6fa9..39b09dd 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -113,10 +113,6 @@ jobs: with: working-directory: . chdir: cloudflare - upgrade: true - backend: true - get: true - reconfigure: true - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main From 96e830c3858c396c566c143dd91877a48c9d39e4 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 8 Nov 2025 08:36:12 -0500 Subject: [PATCH 080/123] Comment steps. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 39b09dd..d08988c 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,6 +116,8 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} @@ -133,10 +135,12 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: - command: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + commenter_type: plan + commenter_input: ${{ steps.tofu-init.outputs.init-output }} + commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} working_directory: cloudflare # - name: Wait for manual approval From 013e07f32a3aca79e26b623bc173ed3155abfa09 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 9 Nov 2025 06:04:46 -0500 Subject: [PATCH 081/123] Adding Git token auth for comment steps. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index d08988c..a6f4c9d 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,13 +116,12 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main - env: - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} working_directory: cloudflare + git_token: ${{ secrets.BOT_GITEA_TOKEN }} - name: Tofu Plan id: tofu-plan @@ -142,6 +141,7 @@ jobs: commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} working_directory: cloudflare + git_token: ${{ secrets.BOT_GITEA_TOKEN }} # - name: Wait for manual approval # uses: trstringer/manual-approval@v1 From 04cc5a9f7f5b93e8d5eb922cc9aeeb1c20d8409c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 9 Nov 2025 06:20:15 -0500 Subject: [PATCH 082/123] Correcting plan step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index a6f4c9d..a2913ec 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -134,12 +134,10 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main - env: - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: plan - commenter_input: ${{ steps.tofu-init.outputs.init-output }} - commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} working_directory: cloudflare git_token: ${{ secrets.BOT_GITEA_TOKEN }} From ad5da8489dc99f6acd328e69589ac747a4bf8bb3 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 9 Nov 2025 06:35:09 -0500 Subject: [PATCH 083/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index a2913ec..66d0660 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,12 +116,16 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + GITEA_API_URL: ${{ gitea.api_url }} + GITEA_REPOSITORY: ${{ github.repository }} + GITEA_PULL_REQUEST_ID: ${{ github.event.pull_request.number }} + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} working_directory: cloudflare - git_token: ${{ secrets.BOT_GITEA_TOKEN }} - name: Tofu Plan id: tofu-plan @@ -134,6 +138,11 @@ jobs: - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + GITEA_API_URL: ${{ gitea.api_url }} + GITEA_REPOSITORY: ${{ github.repository }} + GITEA_PULL_REQUEST_ID: ${{ github.event.pull_request.number }} + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} From aaa7490b339269570637bf197441d711692cd1a5 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 06:20:45 -0500 Subject: [PATCH 084/123] Updating Gotify action and adding inputs for comment steps. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 66d0660..5196047 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -34,7 +34,7 @@ jobs: run: echo "VAULT_TOKEN=${{ secrets.VAULT_GITEA_TOKEN }}" >> $GITHUB_ENV - name: Gotify Notification - Start - uses: eikendev/gotify-action@master + uses: eikendev/gotify-action@0.0.3 with: gotify_api_base: ${{ secrets.RUNNER_GOTIFY_URL }} gotify_app_token: ${{ secrets.RUNNER_GOTIFY_TOKEN }} @@ -51,7 +51,7 @@ jobs: assignee: ${{ github.actor }} - name: Gotify Notification - Done - uses: eikendev/gotify-action@master + uses: eikendev/gotify-action@0.0.3 with: gotify_api_base: ${{ secrets.RUNNER_GOTIFY_URL }} gotify_app_token: ${{ secrets.RUNNER_GOTIFY_TOKEN }} @@ -125,6 +125,7 @@ jobs: commenter_type: init commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} + git_token: ${{ secrets.BOT_GITEA_TOKEN }} working_directory: cloudflare - name: Tofu Plan @@ -147,8 +148,8 @@ jobs: commenter_type: plan commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} - working_directory: cloudflare git_token: ${{ secrets.BOT_GITEA_TOKEN }} + working_directory: cloudflare # - name: Wait for manual approval # uses: trstringer/manual-approval@v1 From e3cb806e4bd02c30ece6f9c248a989d24e92e3dc Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 06:27:23 -0500 Subject: [PATCH 085/123] PR_COMMENTS_URL (testing on init step first). --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 5196047..39bb30a 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -126,6 +126,7 @@ jobs: commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} + pr_comments_url: ${{ env.PR_COMMENTS_URL }} working_directory: cloudflare - name: Tofu Plan From bcb0482b8a9a4fca1cd7a78856c16d1e1064af03 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 06:29:47 -0500 Subject: [PATCH 086/123] PR_COMMENTS_URL for the plan comment step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 39bb30a..a823943 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -150,6 +150,7 @@ jobs: commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} + pr_comments_url: ${{ env.PR_COMMENTS_URL }} working_directory: cloudflare # - name: Wait for manual approval From f111c76bd0106954701c89d746dac5bbe98a272b Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 06:52:22 -0500 Subject: [PATCH 087/123] Re-testing ANSI-to-HTML action... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index a823943..88d14f1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -114,6 +114,12 @@ jobs: working-directory: . chdir: cloudflare + - name: ANSI to HTML + id: ansi-to-html + uses: justinm/actions-ansi-to-html@v1.0.0 + with: + input: ${{ steps.tofu-init.outputs.init-output }} + - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: @@ -123,7 +129,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init - commenter_input: ${{ steps.tofu-init.outputs.init-output }} + commenter_input: ${{ steps.ansi-to-html.outputs.contents }} + # commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} From bca337b15781b03cbe042af730845f533babdea5 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 06:57:37 -0500 Subject: [PATCH 088/123] Testing custom ANSI to HTML action. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 88d14f1..2538163 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,7 @@ jobs: - name: ANSI to HTML id: ansi-to-html - uses: justinm/actions-ansi-to-html@v1.0.0 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@main with: input: ${{ steps.tofu-init.outputs.init-output }} From ef852ab54d711a3c9dd5780af0bdebe0c530fe37 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 11:41:07 -0500 Subject: [PATCH 089/123] After some long-ass testing, updating ansi-to-html step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 2538163..e2ce52b 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,7 @@ jobs: - name: ANSI to HTML id: ansi-to-html - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@main + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.0 with: input: ${{ steps.tofu-init.outputs.init-output }} From ab6488c8991894e9d0e43b1ce6e58d197a05928e Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 11:58:07 -0500 Subject: [PATCH 090/123] Updating ansi-to-html version. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index e2ce52b..ee5ae75 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,7 +116,7 @@ jobs: - name: ANSI to HTML id: ansi-to-html - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.0 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 with: input: ${{ steps.tofu-init.outputs.init-output }} From c0cf18032e3e47a6e80ea604dee6556e8aa92ccb Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 12:06:32 -0500 Subject: [PATCH 091/123] Changing inputs for Tofu PR comments. --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index ee5ae75..0d3cc1b 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -115,7 +115,7 @@ jobs: chdir: cloudflare - name: ANSI to HTML - id: ansi-to-html + id: ansi-to-html-init uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 with: input: ${{ steps.tofu-init.outputs.init-output }} @@ -129,7 +129,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init - commenter_input: ${{ steps.ansi-to-html.outputs.contents }} + commenter_input: ${{ steps.ansi-to-html-init.outputs.contents }} # commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} @@ -145,6 +145,12 @@ jobs: chdir: cloudflare out: cloudflare.tfplan + - name: ANSI to HTML + id: ansi-to-html-plan + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 + with: + input: ${{ steps.tofu-plan.outputs.plan-output }} + - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: @@ -154,7 +160,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_input: ${{ steps.ansi-to-html-plan.outputs.contents }} + # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} From cc7f950d0629446fc450119102341b0f576a30a2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 12:15:36 -0500 Subject: [PATCH 092/123] Still tweaking... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 0d3cc1b..2027931 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -114,11 +114,7 @@ jobs: working-directory: . chdir: cloudflare - - name: ANSI to HTML - id: ansi-to-html-init - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 - with: - input: ${{ steps.tofu-init.outputs.init-output }} + - run: echo "${{ steps.tofu-init.outputs.init-output }}" - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main @@ -129,8 +125,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init - commenter_input: ${{ steps.ansi-to-html-init.outputs.contents }} - # commenter_input: ${{ steps.tofu-init.outputs.init-output }} + commenter_input: ${{ steps.tofu-init.outputs.init-output }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} @@ -145,12 +140,6 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - name: ANSI to HTML - id: ansi-to-html-plan - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 - with: - input: ${{ steps.tofu-plan.outputs.plan-output }} - - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: @@ -160,8 +149,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: plan - commenter_input: ${{ steps.ansi-to-html-plan.outputs.contents }} - # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} From 1cb85a66f9231c62eb53f59a68d273e1eef8c9ec Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 12:39:57 -0500 Subject: [PATCH 093/123] Debugging at this point... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 2027931..4206352 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -116,6 +116,14 @@ jobs: - run: echo "${{ steps.tofu-init.outputs.init-output }}" + - name: ANSI to HTML + id: ansi-to-html-plan + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 + with: + input: ${{ steps.tofu-plan.outputs.plan-output }} + + - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" + - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: From f985a615056b725b4dba1aea3383520303f3f58f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 13:22:49 -0500 Subject: [PATCH 094/123] Debugging at this point... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4206352..36b6531 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -117,12 +117,14 @@ jobs: - run: echo "${{ steps.tofu-init.outputs.init-output }}" - name: ANSI to HTML - id: ansi-to-html-plan - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.1 + id: ansi-to-html-init + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 + env: + ACTIONS_STEP_DEBUG: true with: - input: ${{ steps.tofu-plan.outputs.plan-output }} + input: ${{ steps.tofu-init.outputs.init-output }} - - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" + - run: echo "${{ steps.ansi-to-html-init.outputs.contents }}" - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main @@ -148,6 +150,18 @@ jobs: chdir: cloudflare out: cloudflare.tfplan + - run: echo "${{ steps.tofu-plan.outputs.plan-output }}" + + - name: ANSI to HTML + id: ansi-to-html-plan + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 + env: + ACTIONS_STEP_DEBUG: true + with: + input: ${{ steps.tofu-init.outputs.plan-output }} + + - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" + - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: From 582b25a5259925ce78f2a186ea2dd3dc210538c8 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 13:29:32 -0500 Subject: [PATCH 095/123] Debugging at this point... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 36b6531..159aaa2 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -154,16 +154,16 @@ jobs: - name: ANSI to HTML id: ansi-to-html-plan - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.2 env: ACTIONS_STEP_DEBUG: true with: - input: ${{ steps.tofu-init.outputs.plan-output }} + input: ${{ steps.tofu-plan.outputs.plan-output }} - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + uses: https://git.trez.wtf/Trez/tf-pr-commenter@v1.0.2 env: GITEA_API_URL: ${{ gitea.api_url }} GITEA_REPOSITORY: ${{ github.repository }} From 5f5936291c3f3bf6ae55f8583ca673995d9f4753 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 13:32:53 -0500 Subject: [PATCH 096/123] Debugging still... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 159aaa2..abc3c86 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -118,7 +118,7 @@ jobs: - name: ANSI to HTML id: ansi-to-html-init - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.2 env: ACTIONS_STEP_DEBUG: true with: @@ -163,7 +163,7 @@ jobs: - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/tf-pr-commenter@v1.0.2 + uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: GITEA_API_URL: ${{ gitea.api_url }} GITEA_REPOSITORY: ${{ github.repository }} From 7fe79dc7e116b05d909c7a43785dab1d5471c456 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 19 Nov 2025 13:55:19 -0500 Subject: [PATCH 097/123] Debugging still... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index abc3c86..231c258 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -118,7 +118,7 @@ jobs: - name: ANSI to HTML id: ansi-to-html-init - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.2 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 env: ACTIONS_STEP_DEBUG: true with: @@ -154,7 +154,7 @@ jobs: - name: ANSI to HTML id: ansi-to-html-plan - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.2 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 env: ACTIONS_STEP_DEBUG: true with: From c6494d875ea9db3febdf2e83a52e51ca0e0da61c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 21 Nov 2025 07:31:58 -0500 Subject: [PATCH 098/123] Testing other actions... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 30 +++++++++++++++---- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 231c258..f02ae98 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -152,16 +152,36 @@ jobs: - run: echo "${{ steps.tofu-plan.outputs.plan-output }}" - - name: ANSI to HTML + # - name: ANSI to HTML + # id: ansi-to-html-plan + # uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 + # env: + # ACTIONS_STEP_DEBUG: true + # with: + # input: ${{ steps.tofu-plan.outputs.plan-output }} + + - name: Convert ANSI color codes to HTNL id: ansi-to-html-plan - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 - env: - ACTIONS_STEP_DEBUG: true + uses: justinm/actions-ansi-to-html@v0 with: - input: ${{ steps.tofu-plan.outputs.plan-output }} + path: ./cloudflare.tfplan - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" + - name: Comment PR with execution number + uses: thollander/actions-comment-pull-request@v3 + with: + message: | +
+ output.log + \`\`\` + ${{ steps.ansi-to-html-plan.outputs.contents }} + \`\`\` +
+ *${{ steps.resolve-comment-id.outputs.comment-id }}* + mode: upsert + pr-number: ${{ env.PR_NUMBER }} + - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: From 4770696d3e82a0bd08b1866829d94449a05ce95c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 21 Nov 2025 07:35:08 -0500 Subject: [PATCH 099/123] Version fix... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index f02ae98..53c797b 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -162,7 +162,7 @@ jobs: - name: Convert ANSI color codes to HTNL id: ansi-to-html-plan - uses: justinm/actions-ansi-to-html@v0 + uses: justinm/actions-ansi-to-html@v1.0.0 with: path: ./cloudflare.tfplan @@ -182,20 +182,20 @@ jobs: mode: upsert pr-number: ${{ env.PR_NUMBER }} - - name: Tofu PR Commenter - uses: https://git.trez.wtf/Trez/tf-pr-commenter@main - env: - GITEA_API_URL: ${{ gitea.api_url }} - GITEA_REPOSITORY: ${{ github.repository }} - GITEA_PULL_REQUEST_ID: ${{ github.event.pull_request.number }} - GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - with: - commenter_type: plan - commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} - git_token: ${{ secrets.BOT_GITEA_TOKEN }} - pr_comments_url: ${{ env.PR_COMMENTS_URL }} - working_directory: cloudflare + # - name: Tofu PR Commenter + # uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + # env: + # GITEA_API_URL: ${{ gitea.api_url }} + # GITEA_REPOSITORY: ${{ github.repository }} + # GITEA_PULL_REQUEST_ID: ${{ github.event.pull_request.number }} + # GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + # with: + # commenter_type: plan + # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} + # commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + # git_token: ${{ secrets.BOT_GITEA_TOKEN }} + # pr_comments_url: ${{ env.PR_COMMENTS_URL }} + # working_directory: cloudflare # - name: Wait for manual approval # uses: trstringer/manual-approval@v1 From ad5d92b7a90cac740d711118e35f41d87dcf6f7e Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 21 Nov 2025 07:41:35 -0500 Subject: [PATCH 100/123] Reverting to custom ANSI-to-HTML action... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 20 ++++++------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 53c797b..52f4359 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -150,23 +150,15 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - run: echo "${{ steps.tofu-plan.outputs.plan-output }}" + - run: pwd - # - name: ANSI to HTML - # id: ansi-to-html-plan - # uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 - # env: - # ACTIONS_STEP_DEBUG: true - # with: - # input: ${{ steps.tofu-plan.outputs.plan-output }} - - - name: Convert ANSI color codes to HTNL + - name: ANSI to HTML id: ansi-to-html-plan - uses: justinm/actions-ansi-to-html@v1.0.0 + uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 + env: + ACTIONS_STEP_DEBUG: true with: - path: ./cloudflare.tfplan - - - run: echo "${{ steps.ansi-to-html-plan.outputs.contents }}" + path: cloudflare/cloudflare.tfplan - name: Comment PR with execution number uses: thollander/actions-comment-pull-request@v3 From aa5b32ec69e1184ae3893daee72b0d040a8a5eb3 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 21 Nov 2025 07:47:15 -0500 Subject: [PATCH 101/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 52f4359..f19b0fe 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -165,10 +165,10 @@ jobs: with: message: |
- output.log - \`\`\` + Terraform/Tofu Plan + ``` ${{ steps.ansi-to-html-plan.outputs.contents }} - \`\`\` + ```
*${{ steps.resolve-comment-id.outputs.comment-id }}* mode: upsert From e75e35ffd1b20772751e19b2c9b6cd3bd55d8443 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 21 Nov 2025 09:29:17 -0500 Subject: [PATCH 102/123] ... --- .../cloudflare-auto-pr-tofu-pipeline.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index f19b0fe..5308797 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -163,14 +163,15 @@ jobs: - name: Comment PR with execution number uses: thollander/actions-comment-pull-request@v3 with: - message: | -
- Terraform/Tofu Plan - ``` - ${{ steps.ansi-to-html-plan.outputs.contents }} - ``` -
- *${{ steps.resolve-comment-id.outputs.comment-id }}* + # message: | + #
+ # Terraform/Tofu Plan + # \`\`\` + # ${{ steps.ansi-to-html-plan.outputs.contents }} + # \`\`\` + #
+ # *${{ steps.resolve-comment-id.outputs.comment-id }}* + file-path: cloudflare/cloudflare.tfplan mode: upsert pr-number: ${{ env.PR_NUMBER }} From a90d076042cbe00da9ab6321b284a9ed053c1719 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 22 Nov 2025 08:01:44 -0500 Subject: [PATCH 103/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 5308797..e190c87 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -163,17 +163,7 @@ jobs: - name: Comment PR with execution number uses: thollander/actions-comment-pull-request@v3 with: - # message: | - #
- # Terraform/Tofu Plan - # \`\`\` - # ${{ steps.ansi-to-html-plan.outputs.contents }} - # \`\`\` - #
- # *${{ steps.resolve-comment-id.outputs.comment-id }}* file-path: cloudflare/cloudflare.tfplan - mode: upsert - pr-number: ${{ env.PR_NUMBER }} # - name: Tofu PR Commenter # uses: https://git.trez.wtf/Trez/tf-pr-commenter@main From fad6dd57c11f63b80a886cbd9e791408082cf5eb Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 22 Nov 2025 10:39:41 -0500 Subject: [PATCH 104/123] Stripping ANSI codes from TF output. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 64 ++++++++----------- 1 file changed, 27 insertions(+), 37 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index e190c87..93fcea1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -114,17 +114,11 @@ jobs: working-directory: . chdir: cloudflare - - run: echo "${{ steps.tofu-init.outputs.init-output }}" - - - name: ANSI to HTML - id: ansi-to-html-init - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 - env: - ACTIONS_STEP_DEBUG: true + - name: Strip ANSI codes + id: plain-tofu-init + uses: marcransome/remove-ansi-colors@v1.7.56 with: - input: ${{ steps.tofu-init.outputs.init-output }} - - - run: echo "${{ steps.ansi-to-html-init.outputs.contents }}" + colored: ${{ steps.tofu-init.outputs.init-output }} - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main @@ -135,7 +129,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init - commenter_input: ${{ steps.tofu-init.outputs.init-output }} + commenter_input: ${{ steps.plain-tofu-init.outputs.init-uncolored }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} @@ -150,35 +144,31 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - run: pwd - - - name: ANSI to HTML - id: ansi-to-html-plan - uses: https://git.trez.wtf/Trez/actions-ansi-to-html@v1.0.3 - env: - ACTIONS_STEP_DEBUG: true + - name: Strip ANSI codes + id: plain-tofu-plan + uses: marcransome/remove-ansi-colors@v1.7.56 with: - path: cloudflare/cloudflare.tfplan + colored: ${{ steps.tofu-plan.outputs.plan-output }} - - name: Comment PR with execution number - uses: thollander/actions-comment-pull-request@v3 - with: - file-path: cloudflare/cloudflare.tfplan - - # - name: Tofu PR Commenter - # uses: https://git.trez.wtf/Trez/tf-pr-commenter@main - # env: - # GITEA_API_URL: ${{ gitea.api_url }} - # GITEA_REPOSITORY: ${{ github.repository }} - # GITEA_PULL_REQUEST_ID: ${{ github.event.pull_request.number }} - # GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + # - name: Comment PR with execution number + # uses: thollander/actions-comment-pull-request@v3 # with: - # commenter_type: plan - # commenter_input: ${{ steps.tofu-plan.outputs.plan-output }} - # commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} - # git_token: ${{ secrets.BOT_GITEA_TOKEN }} - # pr_comments_url: ${{ env.PR_COMMENTS_URL }} - # working_directory: cloudflare + # file-path: cloudflare/cloudflare.tfplan + + - name: Tofu PR Commenter + uses: https://git.trez.wtf/Trez/tf-pr-commenter@main + env: + GITEA_API_URL: ${{ gitea.api_url }} + GITEA_REPOSITORY: ${{ github.repository }} + GITEA_PULL_REQUEST_ID: ${{ github.event.pull_request.number }} + GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + with: + commenter_type: plan + commenter_input: ${{ steps.plain-tofu-plan.outputs.uncolored }} + commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} + git_token: ${{ secrets.BOT_GITEA_TOKEN }} + pr_comments_url: ${{ env.PR_COMMENTS_URL }} + working_directory: cloudflare # - name: Wait for manual approval # uses: trstringer/manual-approval@v1 From 53e21d28567690f1b66cd645ee38f758c2fa214a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 22 Nov 2025 10:48:40 -0500 Subject: [PATCH 105/123] Correcting typo. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 93fcea1..fadc948 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -129,7 +129,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: init - commenter_input: ${{ steps.plain-tofu-init.outputs.init-uncolored }} + commenter_input: ${{ steps.plain-tofu-init.outputs.uncolored }} commenter_exitcode: ${{ steps.tofu-init.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} From 9199c2857bd9db5d1d4205f5f83db953e832cda6 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 22 Nov 2025 10:59:45 -0500 Subject: [PATCH 106/123] Re-adding manual approval step... fingers crossed. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 28 ++++++++----------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index fadc948..b4eff22 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -150,11 +150,6 @@ jobs: with: colored: ${{ steps.tofu-plan.outputs.plan-output }} - # - name: Comment PR with execution number - # uses: thollander/actions-comment-pull-request@v3 - # with: - # file-path: cloudflare/cloudflare.tfplan - - name: Tofu PR Commenter uses: https://git.trez.wtf/Trez/tf-pr-commenter@main env: @@ -170,17 +165,18 @@ jobs: pr_comments_url: ${{ env.PR_COMMENTS_URL }} working_directory: cloudflare - # - name: Wait for manual approval - # uses: trstringer/manual-approval@v1 - # with: - # secret: ${{ secrets.BOT_GITEA_TOKEN }} - # approvers: WTF - # minimum-approvals: 1 - # issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" - # issue-body: "Please approve or deny the deployment of the below Tofu plan" - # issue-body-file-path: cloudflare/cloudflare.tfplan - # exclude-workflow-initiator-as-approver: false - # fail-on-denial: true + - name: Wait for manual approval + uses: trstringer/manual-approval@v1.12.0 + with: + secret: ${{ secrets.BOT_GITEA_TOKEN }} + approvers: WTF + minimum-approvals: 1 + issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" + issue-body: "Please approve or deny the deployment of the below Tofu plan" + additional-approved-words: app,lgtm,y,m + issue-body-file-path: cloudflare/cloudflare.tfplan + exclude-workflow-initiator-as-approver: false + fail-on-denial: true # apply: # name: Apply Tofu Plan From cf0d77dc4584c1439861729c8947c758ec6c5e20 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 10:00:56 -0500 Subject: [PATCH 107/123] Changing manual approval action... --- .../workflows/cloudflare-auto-pr-tofu-pipeline.yml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index b4eff22..9191e0e 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -166,17 +166,10 @@ jobs: working_directory: cloudflare - name: Wait for manual approval - uses: trstringer/manual-approval@v1.12.0 + uses: https://git.trez.wtf/Trez/gitea-manual-approval@main with: - secret: ${{ secrets.BOT_GITEA_TOKEN }} - approvers: WTF - minimum-approvals: 1 - issue-title: "Tofu Plan for ${{ needs.check-and-create-pr.outputs.pr_number }}" - issue-body: "Please approve or deny the deployment of the below Tofu plan" - additional-approved-words: app,lgtm,y,m - issue-body-file-path: cloudflare/cloudflare.tfplan - exclude-workflow-initiator-as-approver: false - fail-on-denial: true + token: ${{ secrets.BOT_GITEA_TOKEN }} + approvers: trez,gitea-sonarqube-bot,renovate-bot,root # apply: # name: Apply Tofu Plan From 0e5093f15f0c2aa53e82106a971a4b3fb4ab66bb Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 10:33:05 -0500 Subject: [PATCH 108/123] ... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 9191e0e..3a689af 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -169,7 +169,7 @@ jobs: uses: https://git.trez.wtf/Trez/gitea-manual-approval@main with: token: ${{ secrets.BOT_GITEA_TOKEN }} - approvers: trez,gitea-sonarqube-bot,renovate-bot,root + approvers: "trez.one,gitea-sonarqube-bot,renovate-bot,root" # apply: # name: Apply Tofu Plan From 8a184aa3cc0b3e46ff905d64be711c941bf850ea Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 19:18:45 -0500 Subject: [PATCH 109/123] Redoing manual approval step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 3a689af..22d5e00 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -169,7 +169,11 @@ jobs: uses: https://git.trez.wtf/Trez/gitea-manual-approval@main with: token: ${{ secrets.BOT_GITEA_TOKEN }} - approvers: "trez.one,gitea-sonarqube-bot,renovate-bot,root" + api_url: ${{ gitea.api_url }} + repo_owner: ${{ github.repository_owner }} + repo_name: ${{ github.event.repository.name }} + approvers: "WTF" + apprise_api_url: ${{ secrets.APPRISE_URL }} # apply: # name: Apply Tofu Plan From b81afb77fb536e8101acb54bad02db9183057b21 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 19:21:47 -0500 Subject: [PATCH 110/123] Updating approvers list. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 22d5e00..0e26bad 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -172,7 +172,7 @@ jobs: api_url: ${{ gitea.api_url }} repo_owner: ${{ github.repository_owner }} repo_name: ${{ github.event.repository.name }} - approvers: "WTF" + approvers: "Trez.One,gitea-sonarqube-bot" apprise_api_url: ${{ secrets.APPRISE_URL }} # apply: From 94f040c7b2691744b904539beb7f3c3c0ec48197 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 19:35:53 -0500 Subject: [PATCH 111/123] Adding initial comment for approval step. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 0e26bad..909afc2 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -174,6 +174,10 @@ jobs: repo_name: ${{ github.event.repository.name }} approvers: "Trez.One,gitea-sonarqube-bot" apprise_api_url: ${{ secrets.APPRISE_URL }} + initial_comment: | + ```terraform + ${{ steps.tofu-plan.outputs.plan-output }} + ```` # apply: # name: Apply Tofu Plan From 12d8f8c68fe4f0f1926560f54c4378658c019bad Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 19:45:39 -0500 Subject: [PATCH 112/123] Testing approval status. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 909afc2..6a00b67 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -166,6 +166,7 @@ jobs: working_directory: cloudflare - name: Wait for manual approval + id: tf-plan-approval uses: https://git.trez.wtf/Trez/gitea-manual-approval@main with: token: ${{ secrets.BOT_GITEA_TOKEN }} @@ -179,6 +180,11 @@ jobs: ${{ steps.tofu-plan.outputs.plan-output }} ```` + - name: Deploy if approved + if: steps.tf-plan-approval.outputs.approval_status == 'approved' + run: | + echo "✅ Approved! Proceeding with deployment..." + # apply: # name: Apply Tofu Plan # needs: plan-approval From f066886a93cd1fd7ba45fa6c4999188e7788d5b1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 19:52:25 -0500 Subject: [PATCH 113/123] Formatting plan comment. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 6a00b67..eb8043e 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -176,9 +176,11 @@ jobs: approvers: "Trez.One,gitea-sonarqube-bot" apprise_api_url: ${{ secrets.APPRISE_URL }} initial_comment: | +
Tofu Plan ```terraform - ${{ steps.tofu-plan.outputs.plan-output }} + ${{ steps.plain-tofu-plan.outputs.uncolored }} ```` +
- name: Deploy if approved if: steps.tf-plan-approval.outputs.approval_status == 'approved' From a4991fe3d863f87c7ceb12d7545570b7e386e111 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Mon, 24 Nov 2025 19:55:38 -0500 Subject: [PATCH 114/123] Formatting plan comment. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index eb8043e..96f8910 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -177,9 +177,9 @@ jobs: apprise_api_url: ${{ secrets.APPRISE_URL }} initial_comment: |
Tofu Plan - ```terraform + ${{ steps.plain-tofu-plan.outputs.uncolored }} - ```` +
- name: Deploy if approved From 755af200973bd6b58d465cffd77b63aba8be39e5 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 05:47:12 -0500 Subject: [PATCH 115/123] Testing approval status. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 96f8910..1cc58c9 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -187,6 +187,12 @@ jobs: run: | echo "✅ Approved! Proceeding with deployment..." + - name: Denial (seems it had to come...) + if: steps.tf-plan-approval.outputs.approval_status != 'approved' + run: | + echo "❌ Not approved. Exiting workflow..." + exit 1 + # apply: # name: Apply Tofu Plan # needs: plan-approval From 65f24e4beca97240b68bfdc274d6dcfc78548b21 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 05:51:00 -0500 Subject: [PATCH 116/123] Debugging approval status output. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 1cc58c9..d01631e 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -182,6 +182,8 @@ jobs: + - run: echo ${{ steps.tf-plan-approval.outputs.approval_status }} + - name: Deploy if approved if: steps.tf-plan-approval.outputs.approval_status == 'approved' run: | From a92c3fc76dba9114e5e53e41a3e8d6c5041875d1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 05:58:36 -0500 Subject: [PATCH 117/123] Debugging approval status output. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index d01631e..68b9667 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -184,17 +184,6 @@ jobs: - run: echo ${{ steps.tf-plan-approval.outputs.approval_status }} - - name: Deploy if approved - if: steps.tf-plan-approval.outputs.approval_status == 'approved' - run: | - echo "✅ Approved! Proceeding with deployment..." - - - name: Denial (seems it had to come...) - if: steps.tf-plan-approval.outputs.approval_status != 'approved' - run: | - echo "❌ Not approved. Exiting workflow..." - exit 1 - # apply: # name: Apply Tofu Plan # needs: plan-approval From a3ab2a8a6dfed87a976bbe8b3ebecbd75cf44309 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 06:33:02 -0500 Subject: [PATCH 118/123] Formatting plan comment. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 68b9667..ab3850b 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -176,11 +176,9 @@ jobs: approvers: "Trez.One,gitea-sonarqube-bot" apprise_api_url: ${{ secrets.APPRISE_URL }} initial_comment: | -
Tofu Plan - + ```terraform ${{ steps.plain-tofu-plan.outputs.uncolored }} - -
+ ``` - run: echo ${{ steps.tf-plan-approval.outputs.approval_status }} From 7400108cddc8b54abebb1bcbe456f726b171aaff Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 09:48:36 -0500 Subject: [PATCH 119/123] Formatting... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index ab3850b..0bc3715 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -176,10 +176,14 @@ jobs: approvers: "Trez.One,gitea-sonarqube-bot" apprise_api_url: ${{ secrets.APPRISE_URL }} initial_comment: | +
Tofu Plan (click to expand) + ```terraform ${{ steps.plain-tofu-plan.outputs.uncolored }} +
``` + - run: echo ${{ steps.tf-plan-approval.outputs.approval_status }} # apply: From 65e9063e412c77988cd49bdc53b90e6fbf638bf4 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 09:55:09 -0500 Subject: [PATCH 120/123] Attempting manual approval with raw plan... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 0bc3715..0df0217 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -179,10 +179,9 @@ jobs:
Tofu Plan (click to expand) ```terraform - ${{ steps.plain-tofu-plan.outputs.uncolored }} -
+ ${{ steps.tofu-plan.outputs.plan-output }} ``` - + - run: echo ${{ steps.tf-plan-approval.outputs.approval_status }} From 821bdf56b57f5ed6b798bf251ceb869328cac017 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 10:32:59 -0500 Subject: [PATCH 121/123] Details and summary tags for issue and PR comments. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 0df0217..4882186 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -159,7 +159,13 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} with: commenter_type: plan - commenter_input: ${{ steps.plain-tofu-plan.outputs.uncolored }} + commenter_input: | +
Tofu Plan (click to expand) + + ```terraform + ${{ steps.plain-tofu-plan.outputs.uncolored }} + ``` +
commenter_exitcode: ${{ steps.tofu-plan.outputs.exitcode }} git_token: ${{ secrets.BOT_GITEA_TOKEN }} pr_comments_url: ${{ env.PR_COMMENTS_URL }} @@ -179,7 +185,7 @@ jobs:
Tofu Plan (click to expand) ```terraform - ${{ steps.tofu-plan.outputs.plan-output }} + ${{ steps.plain-tofu-plan.outputs.uncolored }} ```
From 64f8aab93b54949a8470143f243982f9475a576f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 10:53:33 -0500 Subject: [PATCH 122/123] Reminder interval. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4882186..5fcc5f1 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -179,6 +179,7 @@ jobs: api_url: ${{ gitea.api_url }} repo_owner: ${{ github.repository_owner }} repo_name: ${{ github.event.repository.name }} + reminder_interval: 120 approvers: "Trez.One,gitea-sonarqube-bot" apprise_api_url: ${{ secrets.APPRISE_URL }} initial_comment: | From 01fde1f43689a70ddfdeeaf4388a5de8f4c940d1 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 12:36:08 -0500 Subject: [PATCH 123/123] Adding PR Merge and Apply jobs, artifact handling. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 129 +++++++++++++----- 1 file changed, 97 insertions(+), 32 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 5fcc5f1..4fa1b2f 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -59,7 +59,7 @@ jobs: notification_message: "PR Check done 🎟️" plan-approval: - name: OpenTofu Plan + name: OpenTofu Plan and Approval needs: check-and-create-pr runs-on: ubuntu-latest env: @@ -71,7 +71,7 @@ jobs: VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} outputs: tofu-cloudflare-plan: ${{ steps.tofu_plan.outputs.plan-output }} - + approval_status: ${{ steps.tf-plan-approval.outputs.approval_status }} steps: - name: Checkout uses: actions/checkout@v4 @@ -144,6 +144,14 @@ jobs: chdir: cloudflare out: cloudflare.tfplan + - run: pwd + + - name: Upload Tofu Plan as artifact + uses: actions/upload-artifact@v4 + with: + name: cloudflare-tfplan + path: cloudflare.tfplan + - name: Strip ANSI codes id: plain-tofu-plan uses: marcransome/remove-ansi-colors@v1.7.56 @@ -190,34 +198,91 @@ jobs: ``` - - run: echo ${{ steps.tf-plan-approval.outputs.approval_status }} + pr-merge: + name: PR Merge + needs: [check-and-create-pr, plan-approval] + env: + pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }} + if: github.ref != 'refs/heads/main' && ${{ needs.plan-approval.outputs.approval_status == 'approved' }} + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - # apply: - # name: Apply Tofu Plan - # needs: plan-approval - # runs-on: ubuntu-latest - # if: ${{ needs.plan-approval.result == 'success' }} - # env: - # VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} - # steps: - # - name: Checkout - # uses: actions/checkout@v4 - # - # - name: Setup OpenTofu - # uses: opentofu/setup-opentofu@v1.0.6 - # with: - # version: ${{ env.OPENTOFU_VERSION }} - # tofu_wrapper: true - # - # - name: Export env from Vault - # run: | - # set -a - # source cloudflare/.env - # set +a - # - # - name: Run Tofu Apply - # uses: dnogu/tofu-apply@v1 - # with: - # working-directory: . - # chdir: cloudflare - # plan: cloudflare.tfplan + - name: Install tea + uses: supplypike/setup-bin@8e3f88b4f143d9b5c3497f0fc12d45c83c123787 # v4.0.1 + with: + uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64 + name: tea + version: ${{ env.TEA_VERSION }} + + - name: PR Merge + id: pr_merge + run: | + tea login add \ + --name gitea-rinoa \ + --url "${{ secrets.TREZ_GITEA_URL }}" \ + --user gitea-sonarqube-bot \ + --password "${{ secrets.BOT_GITEA_PASSWORD }}" \ + --token ${{ secrets.BOT_GITEA_TOKEN }} + + tea login default gitea-rinoa + + echo "Merging PR..." + + tea pr m \ + --repo ${{ github.repository }} \ + --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" \ + --message "Merged by ${{ github.actor }}" ${pr_index} + + echo "pr_index=${pr_index}" >> $GITHUB_OUTPUT + + - name: Gotify Notification + uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4 + with: + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" + gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" + notification_title: "GITEA: PR Merge Successful" + notification_message: "PR #${{ steps.pr_merge.outputs.pr_index }} merged." + + apply: + name: Apply Tofu Plan + needs: [plan-approval,pr-merge] + runs-on: ubuntu-latest + if: ${{ needs.plan-approval.outputs.approval_status == 'approved' }} + env: + VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Download Tofu Plan + uses: actions/download-artifact@v3 + with: + name: cloudflare-tfplan + + - name: Setup OpenTofu + uses: opentofu/setup-opentofu@v1.0.6 + with: + version: ${{ env.OPENTOFU_VERSION }} + tofu_wrapper: true + + - name: Export env vars from Vault .env + id: env-vault-vars + run: | + sed -i 's/[\"'\'']//g' cloudflare/.env + set -a + source cloudflare/.env + set +a + while IFS='=' read -r key value; do + if [[ -n "$key" ]]; then + echo "$key=$value" >> $GITHUB_ENV + fi + done < cloudflare/.env + + # - name: Run Tofu Apply + # uses: dnogu/tofu-apply@v1 + # with: + # working-directory: . + # chdir: cloudflare + # plan: cloudflare.tfplan