---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: cleanup-hetzner-infra
  namespace: {{ .Values.pipelineNamespace }}
  labels:
    {{- include "tekton-pipelines.labels" . | nindent 4 }}
spec:
  params:
    - name: namespace
      type: string
    - name: environment
      type: string
  steps:
    - name: create-hetzner-infra
      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
      env:
        - name: SP_STATE
          value: absent
        - name: SP_ENV
          value: $(params.environment)
        - name: SP_CUSTOMER
          value: $(params.namespace)
        - name: SOPS_AGE_KEY
          value: AGE-SECRET-KEY-1VXYUK7MAGR6KMZJ6ZMPD35EQ9LVXXKQ2HHE6Z8T828WWT03EH8LS6G9AS8
      script: |-
        #!/bin/sh
        mkdir -p /tmp/outputs
        ssh-keygen -t rsa -f /tmp/outputs/ssh_key -N ""
        ansible-playbook /src/playbooks/providers/hetzner/playbook.yml || true
    - name: remove-secrets
      image: alpine/k8s:1.29.2
      script: |-
        #!/bin/sh
        kubectl delete secret \
          "$(params.environment)-inventory" \
          --namespace "$(params.namespace)"
        kubectl delete secret \
          "$(params.environment)-ssh" \
          --namespace "$(params.namespace)"
        kubectl delete secret \
          "$(params.environment)-config" \
          --namespace "$(params.namespace)"