6.6 KiB
FAST GitHub repository management
This small extra stage allows creation and management of GitHub repositories used to host FAST stage code, including initial population of files and rewriting of module sources.
This stage is designed for quick repository creation in a GitHub organization, and is not suited for medium or long-term repository management especially if you enable initial population of files.
Initial population caveats
Initial file population of repositories is controlled via the populate_from attribute, and needs a bit of care:
- never run this stage with the same variables used for population once the repository starts being used, as Terraform will manage file state and revert any changes at each apply, which is probably not what you want.
- initial population of the modules repository is discouraged, as the number of resulting files Terraform needs to manage is very close to the GitHub hourly limit for their API, it's much easier to populate modules via regular git commands
The scenario for which this stage has been designed is one-shot creation and/or population of stage repositories, running it multiple times with different variables and Terraform states if incremental creation is needed for subsequent FAST stages (e.g. GKE, data platform, etc.).
Once initial population is done, you need to manually push to the repository
- the
.tfvarsfile with custom variable values for your stages - the workflow configuration file generated by FAST stages
GitHub provider credentials
A GitHub token is needed to authenticate against their API. The token needs organization-level permissions, like shown in this screenshot:
Variable configuration
The organization required variable sets the GitHub organization where repositories will be created, and is used to configure the Terraform provider.
The repositories variable is where you configure which repositories to create, whether initial population of files is desired, and which repository is used to host modules.
This is an example that creates repositories for stages 00 and 01, defines an existing repositories as the source for modules, and populates initial files for stages 00, 01, and 02:
organization = "ludomagno"
repositories = {
fast_00_bootstrap = {
create_options = {
description = "FAST bootstrap."
features = {
issues = true
}
}
populate_from = "../../stages/00-bootstrap"
}
fast_01_resman = {
create_options = {
description = "FAST resource management."
features = {
issues = true
}
}
populate_from = "../../stages/01-resman"
}
fast_02_networking = {
populate_from = "../../stages/02-networking-peering"
}
fast_modules = {
has_modules = true
}
}
The create_options repository attribute controls creation: if the attribute is not present, the repository is assumed to be already existing.
Initial population depends on a modules repository being configured, identified by the has_modules attribute, and on populate_from attributes in each repository where population is required, pointing to the folder holding the files to be committed.
Finally, a commit_config variable is optional: it can be used to configure author, email and message used in commits for initial population of files, its defaults are probably fine for most use cases.
Modules secret
When initial population is configured for a repository, this stage also adds a secret with the private key used to authenticate against the modules repository. This matches the configuration of the GitHub workflow files created for each FAST stage when CI/CD is enabled.
Files
| name | description | resources |
|---|---|---|
| cicd-versions.tf | Provider version. | |
| main.tf | Module-level locals and resources. | github_actions_secret · github_repository · github_repository_deploy_key · github_repository_file · tls_private_key |
| outputs.tf | Module outputs. | |
| providers.tf | Provider configuration. | |
| variables.tf | Module variables. |
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| organization | GitHub organization. | string |
✓ | |
| commmit_config | Configure commit metadata. | object({…}) |
{} |
|
| modules_ref | Optional git ref used in module sources. | string |
null |
|
| repositories | Repositories to create. | map(object({…})) |
{} |
Outputs
| name | description | sensitive |
|---|---|---|
| clone | Clone repository commands. |