Skip to content
/ terraform-github-archimedes Public

Terraform module to create compliant GitHub Enterprise resources.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

stigian/terraform-github-archimedes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.github
.github
 
 
modules
modules
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

terraform-github-archimedes

This Terraform module is used to create compliant GitHub Enterprise resources for Federal and US Department of Defense software development projects. The module is based on the CIS Software Supply Chain Security Guide 1.0 and can be used to create repositories, teams, and other resources in a GitHub Enterprise Cloud or Server environment.

Prerequisites

  • Existing GitHub Enterprise Cloud license
  • Terraform or OpenTofu
  • GitHub Personal Access Token (PAT) or equivalent GitHub App credentials:
    • repo(all)
    • admin:org

Usage

Sample code for using modules individually is included in the respective README.md file with each module. The sample code can be copied and pasted into your Terraform configuration file(s) to create the resources. An example showing the modules used together is provided below:

module "org" {
  source = "github.com/stigian/terraform-github-archimedes//modules/organization"
  version = "0.1.0"

  billing_email    = var.billing_email
  company_name     = var.company_name
  blog_url         = var.blog_url
  email            = var.email
  twitter_username = var.twitter_username
  location         = var.location
  name             = var.name
  description      = var.description
}

module "repository" {
  source  = "github.com/stigian/terraform-github-archimedes//modules/repository"
  version = "0.1.0"

  name                 = "example-repo"
  description          = "example-description"
  visibility           = "private"
  push_allowances      = ["example-org/example-team"] # org-name/team-name
  vulnerability_alerts = var.vulnerability_alerts
}

module "team" {
  source  = "github.com/stigian/terraform-github-archimedes//modules/team"
  version = "0.1.0"

  name        = "team1"
  description = "This is team1"
  privacy     = "closed"
  members     = [
    {
      username = "user1"
      role = "maintainer"
    },
    {
      username = "user2"
      role = "member"
    }
  ]
}

module "team_assignment" {
  source  = "github.com/stigian/terraform-github-archimedes//modules/team-repository"
  version = "0.1.0"

  repository = "example-repo"
  teams      = [
    {
      name = "team1"
      role = "admin"
    },
    {
      name = "team2"
      role = "push"
    }
  ]
}

Roadmap

  • Implement remaining CIS 1.0 checks (~7 in-progress)

Contributing

Contributions are welcome! Please read the contributing guidelines for more information.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

License

This project is licensed under the Apache-2.0 License - see the LICENSE.md file for details

About

Terraform module to create compliant GitHub Enterprise resources.

Resources

Readme

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 1

0.1.0 Latest
Jun 28, 2024

Packages

No packages published

Languages