From 31f7f2e1c90d131ba8138f72e13ddca24598ebfe Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Fri, 30 Sep 2022 17:56:56 -0700 Subject: ops(github): terraform configuration to manage GitHub Import current GitHub repositories into terraform. This should be the main way (going forward) to interact with GitHub to create / manage the repositories and ensuring I'm consistent in the ways I want to use it. --- ops/github/main.tf | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 ops/github/main.tf (limited to 'ops/github/main.tf') diff --git a/ops/github/main.tf b/ops/github/main.tf new file mode 100644 index 0000000..91f58cb --- /dev/null +++ b/ops/github/main.tf @@ -0,0 +1,47 @@ +locals { + terraform_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com" +} + +provider "google" { + alias = "impersonation" + scopes = [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/userinfo.email", + ] +} + +data "google_service_account_access_token" "default" { + provider = google.impersonation + target_service_account = local.terraform_service_account + scopes = ["userinfo-email", "cloud-platform"] + lifetime = "1200s" +} + +provider "google" { + project = "fcuny-homelab" + region = "us-west1" + zone = "us-west1-c" + access_token = data.google_service_account_access_token.default.access_token + request_timeout = "60s" +} + +terraform { + required_providers { + github = { + source = "integrations/github" + version = "~> 4.0" + } + } + + backend "gcs" { + bucket = "world-tf-state" + prefix = "github/state" + impersonate_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com" + } +} + +# Configure the GitHub Provider. The environment variable +# `GITHUB_TOKEN` needs to be set. +provider "github" { + owner = "fcuny" +} -- cgit 1.4.1