Add IaC for Forgejo Actions secrets via Ansible #107

Merged

eblume merged 1 commit from feature/forgejo-actions-secrets-iac into main 2026-02-04 09:11:02 -08:00

Conversation 0 Commits 1 Files changed 5 +97 -6

eblume commented 2026-02-04 09:09:46 -08:00

Owner

Copy link

Summary

• New forgejo_actions_secrets Ansible role syncs repository-level Actions secrets from 1Password to Forgejo via the Forgejo API
• Replaces manual process of copying secrets from 1Password to Forgejo UI
• Documents the one-time PAT setup requirement in forgejo.md

Manual Setup Required

Before this role can run, a Forgejo PAT must be created:

1. Go to https://forge.ops.eblu.me/user/settings/applications
2. Create a new token with write:repository scope
3. Store it in 1Password → "Forgejo Secrets" item → api-token field

This has already been done.

Test Plan

• Ran mise run provision-indri -- --tags forgejo_actions_secrets successfully
• Verified secret synced (API returned 204 = updated existing)
• Ansible-lint passes

🤖 Generated with Claude Code

## Summary - New `forgejo_actions_secrets` Ansible role syncs repository-level Actions secrets from 1Password to Forgejo via the Forgejo API - Replaces manual process of copying secrets from 1Password to Forgejo UI - Documents the one-time PAT setup requirement in forgejo.md ## Manual Setup Required Before this role can run, a Forgejo PAT must be created: 1. Go to https://forge.ops.eblu.me/user/settings/applications 2. Create a new token with `write:repository` scope 3. Store it in 1Password → "Forgejo Secrets" item → `api-token` field This has already been done. ## Test Plan - [x] Ran `mise run provision-indri -- --tags forgejo_actions_secrets` successfully - [x] Verified secret synced (API returned 204 = updated existing) - [x] Ansible-lint passes 🤖 Generated with [Claude Code](https://claude.ai/code)

eblume added 1 commit 2026-02-04 09:09:47 -08:00

Add IaC for Forgejo Actions secrets via Ansible ... 64a99071e3

New `forgejo_actions_secrets` role syncs repository-level Actions secrets
from 1Password to Forgejo via the Forgejo API. This replaces the previous
manual process of copying secrets from 1Password to Forgejo UI.

Requires a one-time manual setup of a Forgejo PAT with write:repository
scope, stored in 1Password as the `api-token` field.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

eblume merged commit 74bd5abe54 into main 2026-02-04 09:11:02 -08:00

eblume referenced this pull request from a commit 2026-02-04 09:11:03 -08:00

Add IaC for Forgejo Actions secrets via Ansible (#107)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

eblume/blumeops!107

No description provided.