Manage GitHub with Terraform

Manage GitHub with Terraform

2022/04/04
Josh Pollara
Name
Josh Pollara

Managing a GitHub organization for any sized company can be complicated. This is especially true when you have many teams and projects. Leveraging Terraform and its GitHub provider can make management of a GitHub organization a breeze.

Provider Setup and Authentication

In order to start using the Terraform GitHub provider (opens in a new tab), you need to first set up the required provider and configure authentication. There are multiple ways to authenticate against GitHub. We'll cover authentication with a Personal Access Token in this tutorial.

Required provider

terraform {
  required_providers {
    github = {
      source  = "integrations/github"
      version = "~> 4.0"
    }
  }
}

Personal Access Token

Create a new Personal Access Token (opens in a new tab). Make sure to configure your desired scopes.

Provider Configuration

provider "github" {
  token = "<personal-access-token>"
  owner = "<organization>"
}

Repository

Create a new repository

resource "github_repository" "sre_scripts" {
  name        = "sre-scripts"
  description = "Internal scripts for SRE"
}

Teams

Create a new team

resource "github_team" "sre" {
  name        = "SRE"
  description = "Site Reliability Engineering"
  privacy     = "closed"
}

Members

Add members to your new team

resource "github_team_membership" "sre_team_membership" {
  team_id  = github_team.sre.id
  username = "<username>"
  role     = "member"
}

Repository

Grant your team access to your repository

resource "github_team_repository" "sre_team_repo" {
  team_id    = github_team.sre.id
  repository = github_repository.sre_scripts.name
  permission = "push"
}

Apply

Apply your new changes against your GitHub organization

$ terraform init
$ terraform validate
$ terraform plan
$ terraform apply

That's it

This is a very basic example of how to manage your GitHub organization with Terraform.

Give Terrateam (opens in a new tab) a try for free to manage your IaC lifecycle.