From 89649463744c1a683d75f9b297f7830dbc8d479d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?c=C4=83t=C4=83lin?= <catalin@roboces.dev>
Date: Tue, 26 Mar 2024 08:25:24 +0100
Subject: [PATCH] feat: update gitea to v1.21.10

---
 Makefile                                |  3 ++
 ansible/gitea/roles/gitea/vars/main.yml |  2 +-
 k8s/argo-apps/fireflyiii.yaml           | 27 ++++++++++++++
 k8s/services/argo/project-roboces.yaml  |  2 +-
 scripts/encode-secrets.sh               | 49 +++++++++++++++++++++++++
 5 files changed, 81 insertions(+), 2 deletions(-)
 create mode 100644 k8s/argo-apps/fireflyiii.yaml
 create mode 100755 scripts/encode-secrets.sh

diff --git a/Makefile b/Makefile
index f6b3405..3192733 100644
--- a/Makefile
+++ b/Makefile
@@ -10,6 +10,9 @@ lint--kubescore:
 lint--tflint:
 	tflint --recursive
 
+lint--scripts:
+	shellcheck scripts/**.sh
+
 lint:
 	make lint--pre-commit
 	make lint--kubeconform
diff --git a/ansible/gitea/roles/gitea/vars/main.yml b/ansible/gitea/roles/gitea/vars/main.yml
index 53ff7f3..8702e21 100644
--- a/ansible/gitea/roles/gitea/vars/main.yml
+++ b/ansible/gitea/roles/gitea/vars/main.yml
@@ -1,5 +1,5 @@
 ---
-gitea_version: 1.21.9
+gitea_version: 1.21.10
 gitea_jwt_secret: "{{ lookup('env', 'GITEA_JWT_SECRET') }}"
 gitea_internal_token: "{{ lookup('env', 'GITEA_INTERNAL_TOKEN') }}"
 gitea_secret_key: "{{ lookup('env', 'GITEA_SECRET_KEY') }}"
diff --git a/k8s/argo-apps/fireflyiii.yaml b/k8s/argo-apps/fireflyiii.yaml
new file mode 100644
index 0000000..2250689
--- /dev/null
+++ b/k8s/argo-apps/fireflyiii.yaml
@@ -0,0 +1,27 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: firefly
+  namespace: argocd
+spec:
+  destination:
+    name: ''
+    namespace: 'apps-roboces'
+    server: "https://kubernetes.default.svc"
+  project: roboces
+  sources:
+    - chart: firefly-iii-stack
+      repoURL: https://firefly-iii.github.io/kubernetes
+      targetRevision: 0.7.2
+      helm:
+        valuesObject:
+          firefly-db:
+            enabled: false
+          config:
+            existingSecret: firefly
+            env:
+              TZ: Europe/Madrid
+              APP_URL: https://moneis.roboces.dev
+          service:
+            type: LoadBalancer
+            port: 8889
diff --git a/k8s/services/argo/project-roboces.yaml b/k8s/services/argo/project-roboces.yaml
index dbbb7b5..9417522 100644
--- a/k8s/services/argo/project-roboces.yaml
+++ b/k8s/services/argo/project-roboces.yaml
@@ -8,6 +8,6 @@ spec:
   destinations:
     - namespace: apps-roboces
       server: https://kubernetes.default.svc
-
   sourceRepos:
     - https://git.roboces.dev/catalin/fukuops.git
+    - https://firefly-iii.github.io/kubernetes
diff --git a/scripts/encode-secrets.sh b/scripts/encode-secrets.sh
new file mode 100755
index 0000000..642d018
--- /dev/null
+++ b/scripts/encode-secrets.sh
@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+
+me=$(basename "$0")
+usage="Usage: $me [FILE]
+
+Given a secrets YAML manifest, convert each secret value to base64
+"
+
+if [ $# -ne 1 ]; then
+    echo "$usage"
+    exit 1
+fi
+
+if ! [ -x "$(command -v yq)" ]; then
+    echo 'Error: yq is not installed.' >&2
+    exit 1
+fi
+
+file=$1
+if [ ! -f "$file" ]; then
+    echo "No such file: $file"
+    exit 1
+fi
+
+# Read the YAML file
+map=$(yq eval '.' "$file")
+
+# Check if 'data' key exists
+if ! yq eval '.data' "$file" > /dev/null 2>&1; then
+    echo "The YAML file does not contain a 'data' key"
+    exit 1
+fi
+
+# Get the 'data' object
+data=$(yq eval '.data' "$file")
+
+# For each key in the 'data' object
+while IFS= read -r key; do
+    # Base64 encode the value
+    value=$(echo -n "$(yq eval ".${key}" <<< "$data")" | base64)
+    # Update the 'data' object with the new value
+    data=$(yq eval ".${key} = \"${value}\"" <<< "$data")
+done <<< "$(yq eval '.data | keys | .[]' <<< "$map")"
+
+# Update the YAML with the new 'data' object
+map=$(yq eval ".data = \"${data}\"" <<< "$map")
+
+# Print the new YAML
+echo "$map"