From 1a152978dc6ffbc1d49a52bcfc719c9d157fcf80 Mon Sep 17 00:00:00 2001 From: harturicko <104152747+harturicko@users.noreply.github.com> Date: Wed, 8 Apr 2026 09:58:13 +0200 Subject: [PATCH 1/3] Add .github/CODEOWNERS --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..e32a21f --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @softservedata From 0b5b30aa91ea4d669dbd68e46e09a8c374a5e0cb Mon Sep 17 00:00:00 2001 From: harturicko <104152747+harturicko@users.noreply.github.com> Date: Wed, 8 Apr 2026 10:42:56 +0200 Subject: [PATCH 2/3] Add Terraform configuration for GitHub integration --- main.tf | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 main.tf diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..066ecf4 --- /dev/null +++ b/main.tf @@ -0,0 +1,94 @@ +terraform { + required_providers { + github = { + source = "integrations/github" + version = "~> 6.2" + } + } +} + +provider "github" { + token = var.github_token + owner = "Practical-DevOps-GitHub" # the org that owns the repo +} + +variable "github_token" { + description = "Your Github PAT" + type = string + sensitive = true +} + +locals { + repo_name = "github-terraform-task-harturicko" # short name only +} + +data "github_repository" "repo" { + full_name = "Practical-DevOps-GitHub/${local.repo_name}" # full_name for data source +} + +resource "github_repository_collaborator" "repo_collaborator" { + repository = local.repo_name # short name — owner comes from provider + username = "softservedata" + permission = "admin" +} + +resource "github_branch" "develop" { + repository = local.repo_name + branch = "develop" +} + +resource "github_branch_default" "default" { + repository = local.repo_name + branch = github_branch.develop.branch +} + +resource "github_repository_file" "codeowners_main" { + repository = local.repo_name + branch = "main" + file = ".github/CODEOWNERS" + content = "* @softservedata\n" + overwrite_on_create = true +} + +resource "github_repository_file" "codeowners_develop" { + repository = local.repo_name + branch = github_branch.develop.branch + file = ".github/CODEOWNERS" + content = "* @softservedata\n" + overwrite_on_create = true + depends_on = [github_branch.develop] +} + +resource "github_branch_protection" "main_protection" { + repository_id = data.github_repository.repo.node_id # node_id is fine here + pattern = "main" + enforce_admins = true + + required_pull_request_reviews { + required_approving_review_count = 1 + require_code_owner_reviews = true + dismiss_stale_reviews = true + } + depends_on = [github_repository_file.codeowners_main] +} + +resource "github_branch_protection" "develop_protection" { + repository_id = data.github_repository.repo.node_id + pattern = "develop" + enforce_admins = true + + required_pull_request_reviews { + required_approving_review_count = 2 + require_code_owner_reviews = true + dismiss_stale_reviews = true + } + depends_on = [github_repository_file.codeowners_develop] +} + + +resource "github_actions_secret" "terraform_secret" { + repository = local.repo_name + secret_name = "TERRAFORM" + plaintext_value = file("${path.module}/demo.tf") # reads your .tf file content +} + From a4e0b471ab7ad3303e0e884689d3fc4713433300 Mon Sep 17 00:00:00 2001 From: harturicko <104152747+harturicko@users.noreply.github.com> Date: Wed, 8 Apr 2026 10:44:00 +0200 Subject: [PATCH 3/3] Delete main.tf --- main.tf | 94 --------------------------------------------------------- 1 file changed, 94 deletions(-) delete mode 100644 main.tf diff --git a/main.tf b/main.tf deleted file mode 100644 index 066ecf4..0000000 --- a/main.tf +++ /dev/null @@ -1,94 +0,0 @@ -terraform { - required_providers { - github = { - source = "integrations/github" - version = "~> 6.2" - } - } -} - -provider "github" { - token = var.github_token - owner = "Practical-DevOps-GitHub" # the org that owns the repo -} - -variable "github_token" { - description = "Your Github PAT" - type = string - sensitive = true -} - -locals { - repo_name = "github-terraform-task-harturicko" # short name only -} - -data "github_repository" "repo" { - full_name = "Practical-DevOps-GitHub/${local.repo_name}" # full_name for data source -} - -resource "github_repository_collaborator" "repo_collaborator" { - repository = local.repo_name # short name — owner comes from provider - username = "softservedata" - permission = "admin" -} - -resource "github_branch" "develop" { - repository = local.repo_name - branch = "develop" -} - -resource "github_branch_default" "default" { - repository = local.repo_name - branch = github_branch.develop.branch -} - -resource "github_repository_file" "codeowners_main" { - repository = local.repo_name - branch = "main" - file = ".github/CODEOWNERS" - content = "* @softservedata\n" - overwrite_on_create = true -} - -resource "github_repository_file" "codeowners_develop" { - repository = local.repo_name - branch = github_branch.develop.branch - file = ".github/CODEOWNERS" - content = "* @softservedata\n" - overwrite_on_create = true - depends_on = [github_branch.develop] -} - -resource "github_branch_protection" "main_protection" { - repository_id = data.github_repository.repo.node_id # node_id is fine here - pattern = "main" - enforce_admins = true - - required_pull_request_reviews { - required_approving_review_count = 1 - require_code_owner_reviews = true - dismiss_stale_reviews = true - } - depends_on = [github_repository_file.codeowners_main] -} - -resource "github_branch_protection" "develop_protection" { - repository_id = data.github_repository.repo.node_id - pattern = "develop" - enforce_admins = true - - required_pull_request_reviews { - required_approving_review_count = 2 - require_code_owner_reviews = true - dismiss_stale_reviews = true - } - depends_on = [github_repository_file.codeowners_develop] -} - - -resource "github_actions_secret" "terraform_secret" { - repository = local.repo_name - secret_name = "TERRAFORM" - plaintext_value = file("${path.module}/demo.tf") # reads your .tf file content -} -