Slide 1

Slide 1 text

Understanding the GitHub Provider for Terraform

Slide 2

Slide 2 text

@ksatirli on GitHub and Twitter

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

Terraform 125+ Official Providers AWS, GCP, Datadog, etc. 160+ Community Providers 1Password, Jira, Unifi, etc.

Slide 5

Slide 5 text

Terraform 0.12 and newer only

Slide 6

Slide 6 text

Provider Setup

Slide 7

Slide 7 text

Personal Access Token github.com/settings/token/new

Slide 8

Slide 8 text

Personal Access Token github.com/settings/token

Slide 9

Slide 9 text

Provider Setup CODE EDITOR provider "github" { version = "~> 2.3" organization = "operatehappy" token = "abc...890" }

Slide 10

Slide 10 text

TERMINAL > terraform init Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "github" (hashicorp/github) 2.3.0... Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure.

Slide 11

Slide 11 text

TERMINAL > terraform version Terraform v0.12.20 + provider.github v2.3.1

Slide 12

Slide 12 text

Team Management

Slide 13

Slide 13 text

Adding Members CODE EDITOR resource "github_membership" "kibertoad" { username = "kibertoad" role = "member" }

Slide 14

Slide 14 text

Adding Members TERMINAL > terraform fmt providers.tf members.tf

Slide 15

Slide 15 text

Creating Teams CODE EDITOR resource "github_team" "reviewers" { name = "reviewers" description = "Reviewer Team" privacy = "closed" }

Slide 16

Slide 16 text

Updating Teams CODE EDITOR resource "github_team_membership" "reviewers" { count = length(var.reviewers_team) team_id = github_team.reviewers.id username = element(var.reviewers_team, count.index) role = "maintainer" }

Slide 17

Slide 17 text

Repository Management

Slide 18

Slide 18 text

Managing Repositories CODE EDITOR resource "github_repository" "monitoring-app" { name = "monitoring-app" description = "Operate Happy’s monitoring app" homepage_url = "https://operatehappy.com/monitoring" private = false }

Slide 19

Slide 19 text

Managing Repositories CODE EDITOR resource "github_repository" "monitoring-app" { name = "monitoring-app" has_downloads = false has_issues = true has_projects = false has_wiki = false }

Slide 20

Slide 20 text

Managing Repositories CODE EDITOR resource "github_repository" "monitoring-app" { name = "monitoring-app" allow_merge_commit = false allow_rebase_merge = false allow_squash_merge = true }

Slide 21

Slide 21 text

Managing Repositories CODE EDITOR resource "github_repository" "monitoring-app" { name = "monitoring-app" auto_init = true }

Slide 22

Slide 22 text

Managing Repositories CODE EDITOR resource "github_repository" "monitoring-app" { name = "monitoring-app" auto_init = false template { owner = "operatehappy" repo = "terraform-module-template" } }

Slide 23

Slide 23 text

Managing Repositories CODE EDITOR resource "github_repository" "monitoring-app" { name = "monitoring-app" topics [ "application", "monitoring", } }

Slide 24

Slide 24 text

Renaming Repositories TERMINAL Terraform will perform the following actions: # github_repository.monitoring-app must be replaced -/+ resource "github_repository" "monitoring-app" { ~ id = "monitoring-app" -> (known after apply) ~ name = "monitoring-app" -> "monitoring-application" ... Plan: 1 to add, 0 to change, 1 to destroy.

Slide 25

Slide 25 text

Renaming Repositories github.com/operatehappy/monitoring-application/

Slide 26

Slide 26 text

Renaming Repositories TERMINAL > terraform state rm github_repository.monitoring-app > terraform import \ github_repository.monitoring-app \ monitoring-app

Slide 27

Slide 27 text

Managing Team Repositories CODE EDITOR resource "github_team_repository" "monitoring-app" { team_id = github_team.reviewers.id repository = github_repository.monitoring_app.name permission = "push" }

Slide 28

Slide 28 text

Managing Team Repositories CODE EDITOR resource "github_team_repository" "monitoring-app" { team_id = github_team.reviewers.id repository = github_repository.monitoring_app.name permission = "push" }

Slide 29

Slide 29 text

Managing Team Repositories CODE EDITOR resource "github_team_repository" "monitoring-app" { team_id = github_team.reviewers.id repository = github_repository.monitoring_app.name permission = "push" }

Slide 30

Slide 30 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "release-*" }

Slide 31

Slide 31 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "master" }

Slide 32

Slide 32 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "master" enforce_admins = true require_signed_commits = true }

Slide 33

Slide 33 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "master" enforce_admins = true require_signed_commits = true }

Slide 34

Slide 34 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "master" required_status_checks { strict = true contexts = ["ci/enforcer"] } }

Slide 35

Slide 35 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "master" required_pull_request_reviews { dismiss_stale_reviews = true dismissal_teams = [github_team.internal.slug] } }

Slide 36

Slide 36 text

Protecting Repository Branches CODE EDITOR resource "github_branch_protection" "monitoring-app" { repository = github_repository.monitoring_app.name branch = "master" required_pull_request_reviews { dismiss_stale_reviews = true dismissal_teams = [github_team.internal.slug] } }

Slide 37

Slide 37 text

Review ▪ Provider Setup ▪ Team Management ▪ Repository Management ▪ Branch Protection

Slide 38

Slide 38 text

Materials ▪ slides: speakerdeck.com/ksatirli ▪ code: git.io/Jv3YE

Slide 39

Slide 39 text

Thank You [email protected]