From 85c7ea1dbb086a66e64caf7fc61d07862ab102d5 Mon Sep 17 00:00:00 2001
From: "franz.germann" <franz.germann@telekom.de>
Date: Fri, 11 Apr 2025 15:37:30 +0200
Subject: [PATCH] adds job to append the sso config to the values.yaml of
 Forgejo

---
 .../core/forgejo-sso/forgejo-sso-config.yaml  | 70 ++++++++++++++++---
 1 file changed, 60 insertions(+), 10 deletions(-)

diff --git a/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml b/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml
index dc8264c..6b4a9f2 100644
--- a/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml
+++ b/template/stacks/core/forgejo-sso/forgejo-sso-config.yaml
@@ -1,10 +1,60 @@
-gitea:
-  config:
-    oauth2_client:
-      ENABLE_AUTO_REGISTRATION: true
-      ACCOUNT_LINKING: auto
-  oauth:
-    - name: 'Keycloak'
-      provider: 'openidConnect'
-      existingSecret: auth-generic-oauth-secret
-      autoDiscoverUrl: 'https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/.well-known/openid-configuration'
\ No newline at end of file
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: forgejo-config
+  namespace: gitea
+#  annotations:
+#    argocd.argoproj.io/hook: PostSync
+spec:
+  template:
+    metadata:
+      generateName: forgejo-config-
+    spec:
+      # serviceAccountName: forgejo-config
+      restartPolicy: Never
+      containers:
+        - name: push
+          image: docker.io/library/ubuntu:22.04
+          command: ["/bin/bash", "-c"]
+          args:
+            - |
+              #! /bin/bash
+
+              apt-get install git-all
+              wget https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY} -O /usr/bin/yq && chmod +x /usr/bin/yq
+
+              DOMAIN=192-168-197-2.c-one-infra.de
+              
+              git clone https://gitea-${DOMAIN}/giteaAdmin/edfbuilder.git
+              cd edfbuilder
+              yq eval ".gitea.oauth = [
+                {
+                  \"name\": \"Keycloak\",
+                  \"provider\": \"openidConnect\",
+                  \"existingSecret\": \"auth-generic-oauth-secret\",
+                  \"autoDiscoverUrl\": \"https://${DOMAIN}/keycloak/realms/cnoe/.well-known/openid-configuration\"
+                }
+              ] |
+                (.gitea.oauth[] | .name) |= (. style=\"single\")
+                |
+                (.gitea.oauth[] | .provider) |= (. style=\"single\")
+                |
+                (.gitea.oauth[] | .existingSecret) |= (. style=\"single\")
+                |
+                (.gitea.oauth[] | .autoDiscoverUrl) |= (. style=\"single\")
+              " -i stacks/core/forgejo/values.yaml
+
+              yq eval '.gitea.config.oauth2_client = 
+                {
+                  "ENABLE_AUTO_REGISTRATION" : true,
+                  "ACCOUNT_LINKING" : "auto"
+                }
+              ' -i stacks/core/forgejo/values.yaml
+              
+              git add stacks/core/forgejo/values.yaml
+              git commit -m "adds Forgejo SSO config"
+              git push
+              
+
+