{"id":32806932,"url":"https://github.com/patel5d2/github-terraform-infra","last_synced_at":"2026-05-07T14:36:01.716Z","repository":{"id":321454946,"uuid":"1085915296","full_name":"patel5d2/github-terraform-infra","owner":"patel5d2","description":"Terraform infrastructure for managing GitHub repositories as code - includes auto-updates, branch protection, multi-environment support, and complete automation","archived":false,"fork":false,"pushed_at":"2025-10-29T17:36:10.000Z","size":39,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-29T19:38:11.685Z","etag":null,"topics":["automation","dependabot","devops","github","github-actions","iac","infrastructure-as-code","terraform"],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/patel5d2.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-29T17:25:17.000Z","updated_at":"2025-10-29T17:36:13.000Z","dependencies_parsed_at":"2025-10-29T19:38:16.894Z","dependency_job_id":null,"html_url":"https://github.com/patel5d2/github-terraform-infra","commit_stats":null,"previous_names":["patel5d2/github-terraform-infra"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/patel5d2/github-terraform-infra","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patel5d2%2Fgithub-terraform-infra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patel5d2%2Fgithub-terraform-infra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patel5d2%2Fgithub-terraform-infra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patel5d2%2Fgithub-terraform-infra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/patel5d2","download_url":"https://codeload.github.com/patel5d2/github-terraform-infra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patel5d2%2Fgithub-terraform-infra/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":283027924,"owners_count":26767085,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-06T02:00:06.180Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","dependabot","devops","github","github-actions","iac","infrastructure-as-code","terraform"],"created_at":"2025-11-06T15:00:58.112Z","updated_at":"2025-11-06T15:01:39.077Z","avatar_url":"https://github.com/patel5d2.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Repository Infrastructure as Code\n\nThis Terraform configuration manages GitHub repositories, their settings, branch protection rules, secrets, and auto-update mechanisms.\n\n## Features\n\n- šŸ—ļø **Repository Management**: Define repositories as code with complete settings\n- šŸ”’ **Branch Protection**: Configure protection rules for main/production branches\n- šŸ” **Secrets Management**: Store and manage repository secrets\n- šŸ”„ **Auto-Updates**: Maintain Dependabot and GitHub Actions workflows\n- šŸŒ **Multi-Environment**: Support for dev, staging, and production\n- šŸŽÆ **Webhooks**: Configure repository webhooks\n- šŸ‘„ **Team Management**: Manage repository access and permissions\n\n## Prerequisites\n\n1. **Terraform**: Install Terraform \u003e= 1.0\n ```bash\n brew install terraform # macOS\n ```\n\n2. **GitHub Personal Access Token**: Create a token with the following scopes:\n - `repo` (Full control of private repositories)\n - `admin:repo_hook` (Full control of repository hooks)\n - `delete_repo` (Delete repositories)\n - `admin:org` (Full control of orgs and teams) - if managing org repos\n\n Create token at: https://github.com/settings/tokens/new\n\n3. **Environment Variables**: Set your GitHub token\n ```bash\n export GITHUB_TOKEN=\"your_github_token_here\"\n export GITHUB_OWNER=\"your_github_username_or_org\"\n ```\n\n## Quick Start\n\n### 1. Initialize Terraform\n```bash\ncd github-terraform-infra\nterraform init\n```\n\n### 2. Configure Your Repositories\nEdit `repositories.tf` to define your repositories or use `terraform.tfvars` for customization.\n\n### 3. Plan Your Changes\n```bash\nterraform plan -var=\"github_owner=$GITHUB_OWNER\"\n```\n\n### 4. Apply Configuration\n```bash\nterraform apply -var=\"github_owner=$GITHUB_OWNER\"\n```\n\n### 5. Destroy Resources (if needed)\n```bash\nterraform destroy -var=\"github_owner=$GITHUB_OWNER\"\n```\n\n## Project Structure\n\n```\ngithub-terraform-infra/\nā”œā”€ā”€ README.md # This file\nā”œā”€ā”€ main.tf # Provider configuration\nā”œā”€ā”€ variables.tf # Variable definitions\nā”œā”€ā”€ terraform.tfvars.example # Example variable values\nā”œā”€ā”€ repositories.tf # Repository definitions\nā”œā”€ā”€ branch-protection.tf # Branch protection rules\nā”œā”€ā”€ secrets.tf # Repository secrets\nā”œā”€ā”€ webhooks.tf # Webhook configurations\nā”œā”€ā”€ workflows/ # GitHub Actions workflows\nā”‚ ā”œā”€ā”€ dependabot-auto-merge.yml\nā”‚ ā””ā”€ā”€ auto-update.yml\nā”œā”€ā”€ modules/ # Reusable Terraform modules\nā”‚ ā””ā”€ā”€ repository/ # Repository module\nā”‚ ā”œā”€ā”€ main.tf\nā”‚ ā”œā”€ā”€ variables.tf\nā”‚ ā””ā”€ā”€ outputs.tf\nā”œā”€ā”€ environments/ # Environment-specific configs\nā”‚ ā”œā”€ā”€ dev/\nā”‚ ā”œā”€ā”€ staging/\nā”‚ ā””ā”€ā”€ production/\nā””ā”€ā”€ outputs.tf # Output values\n\n```\n\n## Configuration Examples\n\n### Adding a New Repository\n\n```hcl\nmodule \"my_new_repo\" {\n source = \"./modules/repository\"\n \n name = \"my-awesome-project\"\n description = \"My awesome project description\"\n visibility = \"private\"\n \n enable_auto_updates = true\n enable_dependabot = true\n \n branch_protection = {\n pattern = \"main\"\n required_reviews = 1\n require_code_owner_reviews = true\n }\n \n secrets = {\n DEPLOYMENT_TOKEN = \"sensitive_value\"\n }\n \n environment = \"production\"\n}\n```\n\n### Multi-Environment Setup\n\n```bash\n# Deploy to development\nterraform workspace new dev\nterraform apply -var-file=\"environments/dev/terraform.tfvars\"\n\n# Deploy to production\nterraform workspace new production\nterraform apply -var-file=\"environments/production/terraform.tfvars\"\n```\n\n## Common Use Cases\n\n### 1. Replicate Repository Across Organizations\n```hcl\n# In different workspaces or state files\nprovider \"github\" {\n owner = var.github_owner # Change per environment\n}\n```\n\n### 2. Bulk Repository Creation\nDefine multiple repositories in `repositories.tf` and apply once.\n\n### 3. Standardize Branch Protection\nUse the repository module to enforce consistent protection rules.\n\n### 4. Secret Rotation\nUpdate secrets in Terraform and apply to rotate across all repos.\n\n## Best Practices\n\n1. **State Management**: Use remote state (S3, Terraform Cloud) for team collaboration\n2. **Sensitive Data**: Never commit secrets to version control - use environment variables or secret managers\n3. **Workspaces**: Use Terraform workspaces for environment separation\n4. **Modules**: Create reusable modules for common patterns\n5. **Version Control**: Commit Terraform files (except `*.tfstate`, `*.tfvars` with secrets)\n\n## Troubleshooting\n\n### Authentication Issues\n```bash\n# Verify token has correct permissions\ncurl -H \"Authorization: token $GITHUB_TOKEN\" https://api.github.com/user\n```\n\n### State Conflicts\n```bash\n# Refresh state\nterraform refresh\n\n# Import existing resources\nterraform import github_repository.example repository-name\n```\n\n### Dependency Errors\n```bash\n# Re-initialize\nrm -rf .terraform\nterraform init\n```\n\n## Security Notes\n\nāš ļø **Important Security Considerations**:\n- Never commit `terraform.tfvars` with sensitive data\n- Use GitHub Actions secrets or HashiCorp Vault for production secrets\n- Rotate GitHub tokens regularly\n- Use least-privilege access for tokens\n- Enable 2FA on your GitHub account\n\n## Contributing\n\n1. Fork the repository\n2. Create a feature branch\n3. Make your changes\n4. Test with `terraform plan`\n5. Submit a pull request\n\n## License\n\nMIT License - Feel free to use and modify for your needs.\n\n## Resources\n\n- [Terraform GitHub Provider Documentation](https://registry.terraform.io/providers/integrations/github/latest/docs)\n- [GitHub API Documentation](https://docs.github.com/en/rest)\n- [Terraform Best Practices](https://www.terraform.io/docs/cloud/guides/recommended-practices/index.html)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpatel5d2%2Fgithub-terraform-infra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpatel5d2%2Fgithub-terraform-infra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpatel5d2%2Fgithub-terraform-infra/lists"}