From 4033bb5114a476a425bc1b3cc2d0bd82ca60d27c Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 15:01:50 +0900
Subject: [PATCH 1/7] Add archived option to repository module

---
 modules/repository/repository.tf | 2 ++
 modules/repository/variables.tf  | 5 +++++
 repositories.tf                  | 2 ++
 3 files changed, 9 insertions(+)

diff --git a/modules/repository/repository.tf b/modules/repository/repository.tf
index 4d55ca3..66fb884 100644
--- a/modules/repository/repository.tf
+++ b/modules/repository/repository.tf
@@ -18,4 +18,6 @@ resource "github_repository" "repository" {
   gitignore_template = var.gitignore_template
 
   vulnerability_alerts = true
+
+  archived = var.archived
 }
diff --git a/modules/repository/variables.tf b/modules/repository/variables.tf
index b1b9d07..3164da6 100644
--- a/modules/repository/variables.tf
+++ b/modules/repository/variables.tf
@@ -30,3 +30,8 @@ variable "protected_branches" {
   type    = map(object({}))
   default = { main = {} }
 }
+
+variable "archived" {
+  type    = bool
+  default = false
+}
diff --git a/repositories.tf b/repositories.tf
index 5fc28e4..c5a10ae 100644
--- a/repositories.tf
+++ b/repositories.tf
@@ -57,4 +57,6 @@ module "repository" {
   protected_branches = lookup(each.value, "private", false) ? {} : { main = {} }
 
   status_checks = lookup(each.value, "status_checks", [])
+
+  archived = lookup(each.value, "archived", false)
 }

From 9f8dafac39c827df8f5ce4f8dac6c3e6c6c1ae8a Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 16:19:36 +0900
Subject: [PATCH 2/7] terraform init

---
 .terraform.lock.hcl | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index a436049..bab6494 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -39,5 +39,18 @@ provider "registry.terraform.io/integrations/github" {
     "h1:tHoFCFC0/9X+jFajYwHn1Drb5wNpd9asEoubZfyebQg=",
     "h1:xJrFx5pHr6dWjpQ089Bsa7q5Lb3t4s5QuBP+P5I/HME=",
     "h1:yKUB+2xIwWCQWZ8YCm//K3+a9H/wclLKHszx6blorhI=",
+    "zh:2fca3c83f7fec6ea3aabef1a69674e88b94b7ae5adf753b9ec4a92234aa3f2cd",
+    "zh:3c2acf95305b7f51dd10dfc735dfedb4d6237cab06913e819360a7a6b39ffd9b",
+    "zh:49f66b001b930073ea4d11d40922ac40820b512996e3ba5330986b2fb493a206",
+    "zh:4caba38c27bef0284a5cdeb33f7d69eff91204ed4ee0505dc46b93bea2f134bf",
+    "zh:7a7c6529043e55793fa2ed7a241dcdaa60f70413263348cfd7e26a0aaa686a9e",
+    "zh:a19af46649be35e28e8aa1b7dd3579234a19787d7238205c6e247a8a16f1d619",
+    "zh:a8aff33a3b0932f9dc9b0bb702d845d25de6495f383e6cbc2e69c40a61a8ac46",
+    "zh:bddbe0c4666469664dec37c17060d9b5852ad1c9857997d670e265633d50614b",
+    "zh:eac37b97f6518d43d9114616b1a49205a6ce262546961d0f7589084178e2be8b",
+    "zh:ecfcdcae1fecc19386758f5679498382cad0c973144bc247a4a622bd9ef2c719",
+    "zh:f0e856932aef6ded5ad66fc248e9707484a7ffe2ff8410bb6e64d8bb4f187705",
+    "zh:fe12cb9a7066fdee6470fa176fbaf717c2e943f25a33b75510f3f68f001d1c0e",
+    "zh:febacb1f224186d1d1553203658f39ddfd795052bf22ff0f62a7587272975f5d",
   ]
 }

From 23e18a1d74230ceb913e2d16dd20c37b07e66ec7 Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 16:19:53 +0900
Subject: [PATCH 3/7] Add slack-arigato-usagi

---
 repositories.tf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/repositories.tf b/repositories.tf
index c5a10ae..f3fdbfe 100644
--- a/repositories.tf
+++ b/repositories.tf
@@ -36,6 +36,10 @@ locals {
     makiton = {
       description = "github profile page"
     }
+    "slack-arigato-usagi" = {
+      description = ""
+      archived    = true
+    }
   }
 }
 

From dc3740b0e6cc5b80a34d9a1e6768726421fe994b Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 16:30:43 +0900
Subject: [PATCH 4/7] Run lint on pull_request only

---
 .github/workflows/lint.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index a95bf4d..f6ebd2e 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,5 +1,5 @@
 name: Lint
-on: [push, pull_request]
+on: [pull_request]
 jobs:
   tflint:
     runs-on: ubuntu-latest

From 2df5aa88a2a259c4753f3be8d561a5407e8e05c1 Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 16:53:43 +0900
Subject: [PATCH 5/7] Update github provider

---
 .terraform.lock.hcl | 77 +++++++++++++++++++--------------------------
 github.tf           |  2 +-
 2 files changed, 34 insertions(+), 45 deletions(-)

diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index bab6494..aeb2e52 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -2,55 +2,44 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.terraform.io/hashicorp/github" {
-  version     = "4.20.0"
-  constraints = "4.20.0"
+  version = "4.28.0"
   hashes = [
-    "h1:8aEltkf7TY+fPzD6t1jjk5zVEsj7FHLzhNFsUpZhohA=",
-    "zh:1501c3ccaf624cf6d9d311eb59f911fa0cf431d4728af3b103e01c0eb4201efb",
-    "zh:18eca616b2eb0868fd411835b5d04898ef7a82803ac900571bfc4bccdda1192e",
-    "zh:194a711aee04329bbfff57a7c882bca55e9d96fc665c4aefb0e73bd214587c35",
-    "zh:7f8e33504b148a0bd2653c570381a420fc60f441f73c8a37329c6f9874f086bc",
-    "zh:86a33d09438d32a2a888cad6ba4997fa0f8cf9ed8b286e1dc16923ce55e5b0de",
-    "zh:ba00fb5c62ed035fd4a39af1213059d3cef74fb2736dc3e0639a18bea43d0a2b",
-    "zh:c4210ca75475f67d2a4c21711176ca00622c18b8fbc34e03e7ebbb9b6f7f7e58",
-    "zh:cf4322242197ac2785246475d9152693c5602531ad564d492fe632f5e8c507f4",
-    "zh:d8f0fc65fea1eda41ba0f2431d06df0585b794686165aa1aa87a533023b90476",
-    "zh:ee7e0442fcfbc98fc71c0d8abe83b0c8794ab8f4b8d0384a1f9582c94f2bff71",
-    "zh:f40c44faa01d7f615a67711ebd01b8175ffc2121c35483905c1b1afedc1f1af5",
-    "zh:f4c2f8db3902803c2e06b3c36c58cb847f893e775e5855165300d8baa756199a",
-    "zh:fd329d9663e710ab6d35465c16a0a085463039740cb34458ee9f47b05402c736",
+    "h1:PRj9EXEvLgKTmQHKUtzIG28goXJX74aRt0b/4JH6qN8=",
+    "zh:125a1decda8a9d4c6d18010f3c66943c868da9e984298c0e2f9dfd240ec660ec",
+    "zh:23a4cb334a2fbead38264f434c81e52cb52fb115cbc39537fefc9c22aaecdf35",
+    "zh:3cf793b1d0bc30a703315c6ecb6bb2f36d14ed310dec7e300ae4a4a3a470aafe",
+    "zh:47cb06845730df19256882272690221db8314199a34012ac7e690e0550ca9404",
+    "zh:5d6e76624d60b6298ee47c10cc262adc9f361f4648f40faf81ee3a8d6beaad31",
+    "zh:6415a5c6ba5b28f1f410845706cff0390718113f7d987aaa011553b041ba2005",
+    "zh:70ce96d7aa424aef47d4b049d39aff036ae6377dacd5c077501eb0f353901cc6",
+    "zh:9803fc59cf71ea629308773d429c9ca00985acdcc02d9755fc59900bcf6d1d00",
+    "zh:a9a505f208f569ee44a0a6a7c975e3441bb8d61dbf9831c44c3be299e2cf1a21",
+    "zh:a9d9a17b0618ea14f9fa49dfc1329b01473a9d708011fca32cd01b474051d169",
+    "zh:bce0257085a5d6c9f0e6cdd5a704c50286c5382f840384a2a50c69d8488652bf",
+    "zh:d7272bb396e67ff22d7f4628d152fa66610cf7507a4e63d72ef50fde651e39bf",
+    "zh:e2aab496c17acb8c2bdd5af9e830e9f91f869d9fc173e6dd65b7475e8baa6f82",
+    "zh:ea20984a5386fc4a6856eed58d261c5124fc8ca72bc6ee142c1092036a3c8360",
   ]
 }
 
 provider "registry.terraform.io/integrations/github" {
-  version     = "4.22.0"
-  constraints = "4.22.0"
+  version     = "4.28.0"
+  constraints = ">= 4.22.0"
   hashes = [
-    "h1:+9wTueDW3ugbbXVZzir/wMCxbIEylzsebQNQV0U36kw=",
-    "h1:04pgLCsvuQDplMoaZ3DcoKRPPXlTl5dLwJ3/vlYvFN4=",
-    "h1:AnKwEH6YazKSoL97MBWa+9KkrgcHp9J9VbODv5F+in0=",
-    "h1:E4pq+hWRNVbUSc9DoBUa6as8tgohK2TvBtykjf4A2gU=",
-    "h1:PtLX49R08tRrXH9CaHCtNXhn5b3C/J7flYOx5K2VF8Q=",
-    "h1:R3pNcH8iKPkhI5t7bPwM1ppduyGjJtO5QZx4bu7n17E=",
-    "h1:eBMXHqbf4zGZejZly3+ilUmnONMA3FBpXrvxkGpPrLk=",
-    "h1:hivIeA0ZIJFOW06NgN6WtLxGly95+iPfcu1gWtpajCU=",
-    "h1:o/VbK5Z0xWqHcWJHtS6Zg0nTpDNasWn3IXDAnTm5cCE=",
-    "h1:qeXzbQlVjwhUND9yMv4lBTwaVW+9ema9t5o+uaqfKM0=",
-    "h1:tHoFCFC0/9X+jFajYwHn1Drb5wNpd9asEoubZfyebQg=",
-    "h1:xJrFx5pHr6dWjpQ089Bsa7q5Lb3t4s5QuBP+P5I/HME=",
-    "h1:yKUB+2xIwWCQWZ8YCm//K3+a9H/wclLKHszx6blorhI=",
-    "zh:2fca3c83f7fec6ea3aabef1a69674e88b94b7ae5adf753b9ec4a92234aa3f2cd",
-    "zh:3c2acf95305b7f51dd10dfc735dfedb4d6237cab06913e819360a7a6b39ffd9b",
-    "zh:49f66b001b930073ea4d11d40922ac40820b512996e3ba5330986b2fb493a206",
-    "zh:4caba38c27bef0284a5cdeb33f7d69eff91204ed4ee0505dc46b93bea2f134bf",
-    "zh:7a7c6529043e55793fa2ed7a241dcdaa60f70413263348cfd7e26a0aaa686a9e",
-    "zh:a19af46649be35e28e8aa1b7dd3579234a19787d7238205c6e247a8a16f1d619",
-    "zh:a8aff33a3b0932f9dc9b0bb702d845d25de6495f383e6cbc2e69c40a61a8ac46",
-    "zh:bddbe0c4666469664dec37c17060d9b5852ad1c9857997d670e265633d50614b",
-    "zh:eac37b97f6518d43d9114616b1a49205a6ce262546961d0f7589084178e2be8b",
-    "zh:ecfcdcae1fecc19386758f5679498382cad0c973144bc247a4a622bd9ef2c719",
-    "zh:f0e856932aef6ded5ad66fc248e9707484a7ffe2ff8410bb6e64d8bb4f187705",
-    "zh:fe12cb9a7066fdee6470fa176fbaf717c2e943f25a33b75510f3f68f001d1c0e",
-    "zh:febacb1f224186d1d1553203658f39ddfd795052bf22ff0f62a7587272975f5d",
+    "h1:PRj9EXEvLgKTmQHKUtzIG28goXJX74aRt0b/4JH6qN8=",
+    "zh:125a1decda8a9d4c6d18010f3c66943c868da9e984298c0e2f9dfd240ec660ec",
+    "zh:23a4cb334a2fbead38264f434c81e52cb52fb115cbc39537fefc9c22aaecdf35",
+    "zh:3cf793b1d0bc30a703315c6ecb6bb2f36d14ed310dec7e300ae4a4a3a470aafe",
+    "zh:47cb06845730df19256882272690221db8314199a34012ac7e690e0550ca9404",
+    "zh:5d6e76624d60b6298ee47c10cc262adc9f361f4648f40faf81ee3a8d6beaad31",
+    "zh:6415a5c6ba5b28f1f410845706cff0390718113f7d987aaa011553b041ba2005",
+    "zh:70ce96d7aa424aef47d4b049d39aff036ae6377dacd5c077501eb0f353901cc6",
+    "zh:9803fc59cf71ea629308773d429c9ca00985acdcc02d9755fc59900bcf6d1d00",
+    "zh:a9a505f208f569ee44a0a6a7c975e3441bb8d61dbf9831c44c3be299e2cf1a21",
+    "zh:a9d9a17b0618ea14f9fa49dfc1329b01473a9d708011fca32cd01b474051d169",
+    "zh:bce0257085a5d6c9f0e6cdd5a704c50286c5382f840384a2a50c69d8488652bf",
+    "zh:d7272bb396e67ff22d7f4628d152fa66610cf7507a4e63d72ef50fde651e39bf",
+    "zh:e2aab496c17acb8c2bdd5af9e830e9f91f869d9fc173e6dd65b7475e8baa6f82",
+    "zh:ea20984a5386fc4a6856eed58d261c5124fc8ca72bc6ee142c1092036a3c8360",
   ]
 }
diff --git a/github.tf b/github.tf
index dfc4d44..aa75898 100644
--- a/github.tf
+++ b/github.tf
@@ -9,7 +9,7 @@ terraform {
   required_providers {
     github = {
       source  = "integrations/github"
-      version = "4.22.0"
+      version = ">= 4.22.0"
     }
   }
 }

From 119f9dbe9614423f8e35eac3aed27b53494a24bf Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 15:27:54 +0900
Subject: [PATCH 6/7] Add terraform cloud workflow

---
 .github/workflows/terraform_cloud.yml | 96 +++++++++++++++++++++++++++
 1 file changed, 96 insertions(+)
 create mode 100644 .github/workflows/terraform_cloud.yml

diff --git a/.github/workflows/terraform_cloud.yml b/.github/workflows/terraform_cloud.yml
new file mode 100644
index 0000000..acaa5e9
--- /dev/null
+++ b/.github/workflows/terraform_cloud.yml
@@ -0,0 +1,96 @@
+name: terraform-cloud
+on: 
+  push:
+    branches: main
+  pull_request:
+jobs:
+  terraform:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: hashicorp/setup-terraform@v2
+        with:
+          cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
+          terraform_wrapper: false
+      - name: Terraform init
+        id: init
+        run: terraform init
+
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+
+      - name: Terraform plan
+        id: plan
+        env:
+          TF_VAR_token: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: terraform plan -no-color
+        continue-on-error: true
+      
+      - name: Terraform apply
+        id: apply
+        if: github.branch == 'main'
+        env:
+          TF_VAR_token: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: terraform apply -no-color -auto-approve
+
+      - name: Output results as a comment to PR
+        uses: actions/github-script@v6
+        if: github.event_name == 'pull_request'
+        env:
+          PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            // 1. Retrieve existing bot comments for the PR
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            })
+            const botComment = comments.find(comment => {
+              return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style')
+            })
+
+            // 2. Prepare format of the comment
+            const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+            #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
+            #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
+            <details><summary>Validation Output</summary>
+
+            \`\`\`\n
+            ${{ steps.validate.outputs.stdout }}
+            \`\`\`
+
+            </details>
+
+            #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
+
+            <details><summary>Show Plan</summary>
+
+            \`\`\`\n
+            ${process.env.PLAN}
+            \`\`\`
+
+            </details>
+
+            *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`;
+
+            // 3. If we have a comment, update it, otherwise create a new one
+            if (botComment) {
+              github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+                body: output
+              })
+            } else {
+              github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: output
+              })
+            }

From 6d5b16a14a1b8463fb697c78d3db8ad8b0069bf6 Mon Sep 17 00:00:00 2001
From: makiton <makiton@gmail.com>
Date: Sat, 13 Aug 2022 17:48:39 +0900
Subject: [PATCH 7/7] tmp

---
 .github/workflows/terraform_cloud.yml | 10 ++++++----
 github.tf                             |  8 +++++++-
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/terraform_cloud.yml b/.github/workflows/terraform_cloud.yml
index acaa5e9..f685407 100644
--- a/.github/workflows/terraform_cloud.yml
+++ b/.github/workflows/terraform_cloud.yml
@@ -23,8 +23,9 @@ jobs:
       - name: Terraform plan
         id: plan
         env:
-          TF_VAR_token: ${{ secrets.GITHUB_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_APP_ID: ${{ secrets.TF_GITHUB_APP_ID }}
+          GITHUB_APP_INSTALLATION_ID: ${{ secrets.TF_GITHUB_APP_INSTALLATION_ID }}
+          GITHUB_APP_PEM_FILE: ${{ secrets.TF_GITHUB_APP_PEM_FILE }}
         run: terraform plan -no-color
         continue-on-error: true
       
@@ -32,8 +33,9 @@ jobs:
         id: apply
         if: github.branch == 'main'
         env:
-          TF_VAR_token: ${{ secrets.GITHUB_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_APP_ID: ${{ secrets.TF_GITHUB_APP_ID }}
+          GITHUB_APP_INSTALLATION_ID: ${{ secrets.TF_GITHUB_APP_INSTALLATION_ID }}
+          GITHUB_APP_PEM_FILE: ${{ secrets.TF_GITHUB_APP_PEM_FILE }}
         run: terraform apply -no-color -auto-approve
 
       - name: Output results as a comment to PR
diff --git a/github.tf b/github.tf
index aa75898..e41af59 100644
--- a/github.tf
+++ b/github.tf
@@ -15,9 +15,15 @@ terraform {
 }
 
 variable "token" {
+  default = null
 }
 
 provider "github" {
   owner = "makiton"
-  token = var.token # or `GITHUB_TOKEN`
+  token = ""
+  app_auth {
+    # id              = var.app_id              # or `GITHUB_APP_ID`
+    # installation_id = var.app_installation_id # or `GITHUB_APP_INSTALLATION_ID`
+    # pem_file        = var.app_pem_file        # or `GITHUB_APP_PEM_FILE`
+  }
 }