Trez/tar-valon-terraform
4
0
Fork 0
Code Issues Pull Requests Actions Packages Activity

Gotify notifications, no comments, full run. #29

Merged
gitea-sonarqube-bot merged 3 commits from cloudflare-cname-cleanup_2025-11-03T17-03-21 into main 2025-11-25 13:23:42 -05:00
Conversation 3 Commits 3 Files Changed 1
+45 -12
1 changed files with 45 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml
+45 -12
View File
@@ -47,7 +47,7 @@ jobs:
with:
url: ${{ secrets.TREZ_GITEA_URL }}
token: ${{ secrets.BOT_GITEA_TOKEN }}
pr-label: "docker-compose,manual"
pr-label: "opentofu,manual"
assignee: ${{ github.actor }}
- name: Gotify Notification - Done
@@ -76,6 +76,14 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Terraform/OpenTofu"
notification_message: "Starting plan..."
- name: Setup OpenTofu
uses: opentofu/setup-opentofu@v1.0.6
with:
@@ -144,13 +152,11 @@ jobs:
chdir: cloudflare
out: cloudflare.tfplan
- run: pwd
- name: Upload Tofu Plan as artifact
uses: actions/upload-artifact@v4
uses: https://github.com/christopherHX/gitea-upload-artifact@v4
with:
name: cloudflare-tfplan
path: cloudflare.tfplan
path: cloudflare/cloudflare.tfplan
- name: Strip ANSI codes
id: plain-tofu-plan
@@ -179,6 +185,14 @@ jobs:
pr_comments_url: ${{ env.PR_COMMENTS_URL }}
working_directory: cloudflare
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Terraform/OpenTofu"
notification_message: "Plan completed, awaiting approval..."
- name: Wait for manual approval
id: tf-plan-approval
uses: https://git.trez.wtf/Trez/gitea-manual-approval@main
@@ -198,6 +212,14 @@ jobs:
```
</details>
- name: Gotify Notification
uses: eikendev/gotify-action@ca0339b85ee8db9fda9c0718aaa7f95e17b3c617 # 0.0.4
with:
gotify_api_base: "${{ secrets.RUNNER_GOTIFY_URL }}"
gotify_app_token: "${{ secrets.RUNNER_GOTIFY_TOKEN }}"
notification_title: "GITEA: Terraform/OpenTofu"
notification_message: "Plan approved 👍🏽"
pr-merge:
name: PR Merge
needs: [check-and-create-pr, plan-approval]
@@ -257,9 +279,10 @@ jobs:
uses: actions/checkout@v4
- name: Download Tofu Plan
uses: actions/download-artifact@v3
uses: https://github.com/ChristopherHX/gitea-download-artifact@v4
with:
name: cloudflare-tfplan
path: cloudflare/cloudflare.tfplan
- name: Setup OpenTofu
uses: opentofu/setup-opentofu@v1.0.6
@@ -267,6 +290,16 @@ jobs:
version: ${{ env.OPENTOFU_VERSION }}
tofu_wrapper: true
- name: Generate .env from Hashicorp Vault
uses: https://git.trez.wtf/Trez/hc-vault-env@main
with:
HC_VAULT_VERSION: ${{ env.HC_VAULT_VERSION }}
HC_VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
HC_VAULT_AUTH: token
HC_VAULT_TOKEN: ${{ env.VAULT_TOKEN }}
HC_VAULT_SECRETS_PATH: tar-valon-terraform/env
ENV_FILE_NAME: cloudflare/.env
- name: Export env vars from Vault .env
id: env-vault-vars
run: |
@@ -280,9 +313,9 @@ jobs:
fi
done < cloudflare/.env
# - name: Run Tofu Apply
# uses: dnogu/tofu-apply@v1
# with:
# working-directory: .
# chdir: cloudflare
# plan: cloudflare.tfplan
- name: Run Tofu Apply
uses: dnogu/tofu-apply@v1
with:
working-directory: .
chdir: cloudflare
plan: cloudflare.tfplan