31 lines
926 B
HCL
31 lines
926 B
HCL
|
|
resource "random_password" "tofu" {
|
|
length = 32
|
|
}
|
|
resource "gitea_user" "tofu" {
|
|
username = "tofu_module_reader"
|
|
login_name = "tofu_module_reader"
|
|
password = random_password.tofu.result
|
|
email = "tofu-module-reader@arcodange.fake"
|
|
must_change_password = false
|
|
full_name = "restricted CI user"
|
|
prohibit_login = false
|
|
restricted = true
|
|
visibility = "private"
|
|
}
|
|
resource "tls_private_key" "tofu" {
|
|
algorithm = "ED25519"
|
|
}
|
|
resource "gitea_public_key" "tofu" {
|
|
title = "tofu"
|
|
key = tls_private_key.tofu.public_key_openssh
|
|
username = gitea_user.tofu.username
|
|
}
|
|
|
|
resource "vault_kv_secret" "gitea_admin_token" {
|
|
path = "kvv1/gitea/tofu_module_reader"
|
|
data_json = jsonencode({
|
|
ssh_private_key = tls_private_key.tofu.private_key_openssh
|
|
ssh_public_key = tls_private_key.tofu.public_key_openssh
|
|
})
|
|
} |