name: Gitea Destroy Terraform
run-name: ${{ gitea.actor }} triggered a Terraform Destroy 🧨

on:
  workflow_dispatch: # Manual trigger

jobs:
  destroy:
    name: "Terraform Destroy"
    runs-on: ubuntu-latest

    permissions:
      contents: read
      pull-requests: write

    env:
        TF_VAR_SSH_KEY: ${{ secrets.SSH_KEY }}
        TF_VAR_TS_AUTHKEY: ${{ secrets.TAILSCALE_KEY }}
        TF_VAR_ssh_key: ${{ secrets.SSH_PUBLIC_KEY }}


    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Set up Terraform
        uses: hashicorp/setup-terraform@v2
        with:
          terraform_version: 1.6.6

      - name: Inject sensitive secrets
        working-directory: terraform
        run: |
          echo 'proxmox_password = "${{ secrets.PROXMOX_PASSWORD }}"' >> terraform.tfvars

      - name: Terraform Init
        working-directory: terraform
        run: terraform init

      - name: Terraform Destroy
        working-directory: terraform
        run: terraform destroy -auto-approve