In this blog post, I will walk you through using HashiCorp Terraform to create and configure repositories and branches on an existing GitHub account. Before we begin, it's important to note that you should already have an active GitHub account.
To allow Terraform to interact with your GitHub account and perform the necessary operations, you'll need to generate a Personal Access Token (PAT). This token will serve as an authentication mechanism, enabling Terraform to securely access your GitHub account and automate the creation and management of repositories and branches.
By the end of this guide, you'll have a clear understanding of how to leverage Terraform's capabilities to streamline your GitHub repository management.
To start configuration of Personal access Token click the icon on right top extreme corner on GitHub Portal, make sure you are logged in before it. From the pane click settings. In the next window click Developer Settings.
Check this Series of Articles:
Part 1: Create GitHub repository and branches using Terraform
Part 2 Terraform modules using a github.com repository as a source
Part 3 Automating and Planning Azure Resources with Terraform and GitHub Actions
Part 4 GitHub Actions deploy azure resources with Terraform backend
Part 4.1 GitHub Actions deploy azure resources with PowerShell
Part 4.2 GitHub Actions manage Microsoft Azure Cloud with az CLI
Collapse Personal access tokens and choose Tokens (classic). Click Generate new token and select 2nd option Generate new token (classic) which is For general use.
Personal access tokens (classic) function like ordinary OAuth access tokens. They can be used instead of a password for Git over HTTPs. or can be used to authenticate to the API over Basic Authentication.
Related Article: HashiCorp HCP Terraform Cloud backend configuration
In the Note provide name of the PAT, for example What's this token for? Next inside select scopes provide access permissions. (Additionally you can configure Expiration of token in days) I am choosing basic permissions here such as repo (status, deployment, public_repo, invite, security_events), workflow and delete_repo. In the bottom click Generate token button.
Once PAT (token) is generated make sure you copy it or store somewhere, as once you move or refresh the page, you won't be able see it again.
On the Terraform Terminal create a environment variable called GITHUB_TOKEN as shown in the below screenshot. To create environment variable on PowerShell use $env: and in the Linux use export. Next initialize terraform directory with terraform init command. It will download required GitHub providers.
Below is the complete terraform configuration code to setup GitHub repository and branch. Once configuration completed it will output GitHub remote URL.
Download this Create GitHub repository and branches using Terraform.tf here or it is also available on github.com.
terraform { required_providers { github = { source = "integrations/github" #version = "~> 6.0" } } } provider "github" {} ########################################### variable "repository_name" { type = string description = "Name of repository to create in github.com" default = "vcloud-lab.com" } ########################################### resource "github_repository" "main" { name = var.repository_name description = "Terraform test repository for vcloud-lab.com" visibility = "public" auto_init = true gitignore_template = "Terraform" } resource "github_branch" "main" { repository = github_repository.main.name branch = "main" } resource "github_branch_default" "default" { repository = github_repository.main.name branch = github_branch.main.branch } ########################################### output "remote_url" { value = github_repository.main.http_clone_url description = "URL to use when adding remote to local git repo." }
Here is the output on the terminal after applying terraform configuration. All the three resources GitHub repository and branches are getting created without any issue. Note down the remote_url output for git repo.
Here on the GitHub portal I can verify Repository is created and looks good.
Below is the terminal output for complete GitHub configurations via terraform.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> $env:GITHUB_TOKEN = 'ghp_pqsfawFd3gp2iJ' PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> terraform init Initializing the backend... Initializing provider plugins... - Reusing previous version of integrations/github from the dependency lock file - Installing integrations/github v6.2.3... - Installed integrations/github v6.2.3 (signed by a HashiCorp partner, key ID 38027F80D7FD5FB2) Partner and community providers are signed by their developers. If you'd like to know more about provider signing, you can read about it here: https://www.terraform.io/docs/cli/plugins/signing.html Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> terraform apply --auto-approve Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # github_branch.main will be created + resource "github_branch" "main" { + branch = "main" + etag = (known after apply) + id = (known after apply) + ref = (known after apply) + repository = "vcloud-lab.com" + sha = (known after apply) + source_branch = "main" + source_sha = (known after apply) } # github_branch_default.default will be created + resource "github_branch_default" "default" { + branch = "main" + etag = (known after apply) + id = (known after apply) + rename = false + repository = "vcloud-lab.com" } # github_repository.main will be created + resource "github_repository" "main" { + allow_auto_merge = false + allow_merge_commit = true + allow_rebase_merge = true + allow_squash_merge = true + archived = false + auto_init = true + default_branch = (known after apply) + delete_branch_on_merge = false + description = "Terraform test repository for vcloud-lab.com" + etag = (known after apply) + full_name = (known after apply) + git_clone_url = (known after apply) + gitignore_template = "Terraform" + html_url = (known after apply) + http_clone_url = (known after apply) + id = (known after apply) + merge_commit_message = "PR_TITLE" + merge_commit_title = "MERGE_MESSAGE" + name = "vcloud-lab.com" + node_id = (known after apply) + primary_language = (known after apply) + private = (known after apply) + repo_id = (known after apply) + squash_merge_commit_message = "COMMIT_MESSAGES" + squash_merge_commit_title = "COMMIT_OR_PR_TITLE" + ssh_clone_url = (known after apply) + svn_url = (known after apply) + topics = (known after apply) + visibility = "public" + web_commit_signoff_required = false + security_and_analysis (known after apply) } Plan: 3 to add, 0 to change, 0 to destroy. Changes to Outputs: + remote_url = (known after apply) github_repository.main: Creating... github_repository.main: Creation complete after 5s [id=vcloud-lab.com] github_branch.main: Creating... github_branch.main: Creation complete after 2s [id=vcloud-lab.com:main] github_branch_default.default: Creating... github_branch_default.default: Creation complete after 2s [id=vcloud-lab.com] Apply complete! Resources: 3 added, 0 changed, 0 destroyed. Outputs: remote_url = "https://github.com/janviudapi/vcloud-lab.com.git" PS D:\Projects\Terraform\\extreme_examples\06-github_configuration> |
Useful Articles
Terraform using for loop in attribute value without for_each
Terraform variable multiple validation advanced blocks example
Terraform variable type list with for_each for loop examples
Terraform convert single string to list or set
Terraform workspaces with example
Terraform map of object for loop with if condition example
Terraform for_each for loop list of object without count example
Hashicorp Terraform map and object inside module and variable example
Terraform one module deploy null or multiple resources based on input
Terraform A reference to a resource type must be followed by at least one attribute access, specifying the resource name
Terraform fore_each for loop filter with if condition example
Terraform remote-exec provisioner with ssh connection in null_resource
Terraform count vs for_each for examples with map of objects
Terraform one module deploy null or multiple resources based on input (nested for loop) Example of Terraform functions flatten() and coalesce()
Terraform Azure Create Private Endpoint to existing Storage Account with Custom Private DNS zone record link
Creating a Private Endpoint for Azure Storage Account with required sub services using Terraform Example Terraform functions of lookup() and lower()
Using element function with count meta argument example Terraform Azure subnets Example Terraform functions of element(), count() and sum()
Terraform create Azure Virtual Network subnets from map of object and show name in the header Header name change in the output
Creating a Private Endpoint for Azure Storage Account with Terraform example 2 Example of for_each with toset() function
Creating a Private Endpoint for Azure Storage Account with Terraform example 3