ops(github): terraform configuration to manage GitHub

Import current GitHub repositories into terraform. This should be the
main way (going forward) to interact with GitHub to create / manage the
repositories and ensuring I'm consistent in the ways I want to use it.

1 files changed, 47 insertions, 0 deletions

diff --git a/ops/github/main.tf b/ops/github/main.tf
new file mode 100644
index 0000000..91f58cb
--- /dev/null
+++ b/ops/github/main.tf
@@ -0,0 +1,47 @@
+locals {
+  terraform_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com"
+}
+
+provider "google" {
+  alias = "impersonation"
+  scopes = [
+    "https://www.googleapis.com/auth/cloud-platform",
+    "https://www.googleapis.com/auth/userinfo.email",
+  ]
+}
+
+data "google_service_account_access_token" "default" {
+  provider               = google.impersonation
+  target_service_account = local.terraform_service_account
+  scopes                 = ["userinfo-email", "cloud-platform"]
+  lifetime               = "1200s"
+}
+
+provider "google" {
+  project         = "fcuny-homelab"
+  region          = "us-west1"
+  zone            = "us-west1-c"
+  access_token    = data.google_service_account_access_token.default.access_token
+  request_timeout = "60s"
+}
+
+terraform {
+  required_providers {
+    github = {
+      source  = "integrations/github"
+      version = "~> 4.0"
+    }
+  }
+
+  backend "gcs" {
+    bucket                      = "world-tf-state"
+    prefix                      = "github/state"
+    impersonate_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com"
+  }
+}
+
+# Configure the GitHub Provider. The environment variable
+# `GITHUB_TOKEN` needs to be set.
+provider "github" {
+  owner = "fcuny"
+}