From 646c1b4e4d29fa0fdbdcd1dd131aeab3772ed6fa Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 12:52:20 -0500 Subject: [PATCH 1/3] Gotify notifications, no comments, full run. --- .../cloudflare-auto-pr-tofu-pipeline.yml | 51 +++++++++++++++---- 1 file changed, 42 insertions(+), 9 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 4fa1b2f..253a040 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -76,6 +76,14 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Gotify Notification + uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4 + with: + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" + gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" + notification_title: "GITEA: Terraform/OpenTofu" + notification_message: "Starting plan..." + - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 with: @@ -144,13 +152,11 @@ jobs: chdir: cloudflare out: cloudflare.tfplan - - run: pwd - - name: Upload Tofu Plan as artifact uses: actions/upload-artifact@v4 with: name: cloudflare-tfplan - path: cloudflare.tfplan + path: cloudflare/cloudflare.tfplan - name: Strip ANSI codes id: plain-tofu-plan @@ -179,6 +185,14 @@ jobs: pr_comments_url: ${{ env.PR_COMMENTS_URL }} working_directory: cloudflare + - name: Gotify Notification + uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4 + with: + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" + gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" + notification_title: "GITEA: Terraform/OpenTofu" + notification_message: "Plan completed, awaiting approval..." + - name: Wait for manual approval id: tf-plan-approval uses: https://git.trez.wtf/Trez/gitea-manual-approval@main @@ -198,6 +212,14 @@ jobs: ``` + - name: Gotify Notification + uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4 + with: + gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}" + gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}" + notification_title: "GITEA: Terraform/OpenTofu" + notification_message: "Plan approved 👍🏽" + pr-merge: name: PR Merge needs: [check-and-create-pr, plan-approval] @@ -260,6 +282,7 @@ jobs: uses: actions/download-artifact@v3 with: name: cloudflare-tfplan + path: cloudflare/cloudflare.tfplan - name: Setup OpenTofu uses: opentofu/setup-opentofu@v1.0.6 @@ -267,6 +290,16 @@ jobs: version: ${{ env.OPENTOFU_VERSION }} tofu_wrapper: true + - name: Generate .env from Hashicorp Vault + uses: https://git.trez.wtf/Trez/hc-vault-env@main + with: + HC_VAULT_VERSION: ${{ env.HC_VAULT_VERSION }} + HC_VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }} + HC_VAULT_AUTH: token + HC_VAULT_TOKEN: ${{ env.VAULT_TOKEN }} + HC_VAULT_SECRETS_PATH: tar-valon-terraform/env + ENV_FILE_NAME: cloudflare/.env + - name: Export env vars from Vault .env id: env-vault-vars run: | @@ -280,9 +313,9 @@ jobs: fi done < cloudflare/.env - # - name: Run Tofu Apply - # uses: dnogu/tofu-apply@v1 - # with: - # working-directory: . - # chdir: cloudflare - # plan: cloudflare.tfplan + - name: Run Tofu Apply + uses: dnogu/tofu-apply@v1 + with: + working-directory: . + chdir: cloudflare + plan: cloudflare.tfplan -- 2.52.0 From eeb8905a614fd47fc10c68c882d34dfc0fc1bccf Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 12:55:38 -0500 Subject: [PATCH 2/3] Gotify notifications, no comments, full run. --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 253a040..378eef2 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -47,7 +47,7 @@ jobs: with: url: ${{ secrets.TREZ_GITEA_URL }} token: ${{ secrets.BOT_GITEA_TOKEN }} - pr-label: "docker-compose,manual" + pr-label: "opentofu,manual" assignee: ${{ github.actor }} - name: Gotify Notification - Done -- 2.52.0 From d948b7e7299e1ac83385fcf2d6baf96803dabe11 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 25 Nov 2025 13:16:00 -0500 Subject: [PATCH 3/3] Switching artifact actions... --- .gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml index 378eef2..e3ecf79 100644 --- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml +++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml @@ -153,7 +153,7 @@ jobs: out: cloudflare.tfplan - name: Upload Tofu Plan as artifact - uses: actions/upload-artifact@v4 + uses: https://github.com/christopherHX/gitea-upload-artifact@v4 with: name: cloudflare-tfplan path: cloudflare/cloudflare.tfplan @@ -279,7 +279,7 @@ jobs: uses: actions/checkout@v4 - name: Download Tofu Plan - uses: actions/download-artifact@v3 + uses: https://github.com/ChristopherHX/gitea-download-artifact@v4 with: name: cloudflare-tfplan path: cloudflare/cloudflare.tfplan -- 2.52.0