Add configuration files for CSVD and SCT-Engineering repositories

- Created `csvd.json` and `csvd.tfvars` for CSVD organization with repository definitions and settings.
- Created `sct-engineering.json` and `sct-engineering.tfvars` for SCT-Engineering organization with repository definitions and settings.

.terraform_commits

@@ -10,5 +10,71 @@
     "commit_message": "Implement code changes to enhance functionality and improve performance",
     "author": "arnol377",
     "timestamp": "2025-03-19T20:31:17.707462"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-03-24T13:13:42.584172"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-01T14:28:11.225325"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-01T14:50:10.724540"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-01T14:55:59.018548"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-01T17:04:34.188861"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-01T17:17:31.000947"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-03T13:22:15.864776"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-03T13:24:46.568925"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-04T15:02:52.529487"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-04T15:08:59.428711"
+  },
+  {
+    "commit_hash": "bf88681509277e952417fa99b0f2d438453eba2b",
+    "commit_message": "Add repo topics for pip-config in default.tfvars",
+    "author": "arnol377",
+    "timestamp": "2025-04-04T17:10:52.321216"
   }
 ]

actions-bucket.tf

@@ -1,8 +1,8 @@
 locals {
-  base_bucket_name      = "csvd-dev-ew-github-actions"
+  base_bucket_name      = "${var.github_org}-dev-ew-github-actions"
   east_bucket_name      = "${local.base_bucket_name}-east"
   kms_key_deletion_days = 30
-  kms_description       = "KMS key for actions bucket encryption"
+  kms_description       = "KMS key for actions bucket @ ${var.github_org} encryption"
   enable_key_rotation   = true
 
   # S3 permissions for ECS role
@@ -20,11 +20,16 @@ data "aws_caller_identity" "current" {}
 
 # West Region Resources
 resource "aws_kms_key" "actions_bucket_west" {
-  provider                = aws.west
+  count                  = var.create_actions_bucket ? 1 : 0
+  provider               = aws.west
   description            = "${local.kms_description} (West)"
   deletion_window_in_days = local.kms_key_deletion_days
   enable_key_rotation    = local.enable_key_rotation
-
+  lifecycle {
+    ignore_changes = [
+      description
+    ]
+  }
   policy = jsonencode({
     Version = "2012-10-17"
     Statement = [
@@ -42,48 +47,54 @@ resource "aws_kms_key" "actions_bucket_west" {
 }
 
 resource "aws_kms_alias" "actions_bucket_west" {
+  count         = var.create_actions_bucket ? 1 : 0
   provider      = aws.west
   name          = "alias/${local.base_bucket_name}"
-  target_key_id = aws_kms_key.actions_bucket_west.key_id
+  target_key_id = aws_kms_key.actions_bucket_west[0].key_id
 }
 
 resource "aws_s3_bucket" "actions_west" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.west
   bucket   = local.base_bucket_name
 }
 
 resource "aws_s3_bucket_versioning" "actions_west" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.west
-  bucket   = aws_s3_bucket.actions_west.id
+  bucket   = aws_s3_bucket.actions_west[0].id
   versioning_configuration {
     status = "Enabled"
   }
 }
 
 resource "aws_s3_bucket_server_side_encryption_configuration" "actions_west" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.west
-  bucket   = aws_s3_bucket.actions_west.id
+  bucket   = aws_s3_bucket.actions_west[0].id
 
   rule {
     apply_server_side_encryption_by_default {
-      kms_master_key_id = aws_kms_key.actions_bucket_west.arn
+      kms_master_key_id = aws_kms_key.actions_bucket_west[0].arn
       sse_algorithm     = "aws:kms"
     }
   }
 }
 
 resource "aws_s3_bucket_public_access_block" "actions_west" {
+  count                   = var.create_actions_bucket ? 1 : 0
   provider                = aws.west
-  bucket                  = aws_s3_bucket.actions_west.id
+  bucket                  = aws_s3_bucket.actions_west[0].id
   block_public_acls       = true
   block_public_policy     = true
   ignore_public_acls      = true
   restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_policy" "actions_west" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.west
-  bucket   = aws_s3_bucket.actions_west.id
+  bucket   = aws_s3_bucket.actions_west[0].id
 
   policy = jsonencode({
     Version = "2012-10-17"
@@ -96,8 +107,8 @@ resource "aws_s3_bucket_policy" "actions_west" {
         }
         Action   = local.ecs_s3_actions
         Resource = [
-          aws_s3_bucket.actions_west.arn,
-          "${aws_s3_bucket.actions_west.arn}/*"
+          aws_s3_bucket.actions_west[0].arn,
+          "${aws_s3_bucket.actions_west[0].arn}/*"
         ]
       }
     ]
@@ -106,11 +117,16 @@ resource "aws_s3_bucket_policy" "actions_west" {
 
 # East Region Resources
 resource "aws_kms_key" "actions_bucket_east" {
-  provider                = aws.east
+  count                  = var.create_actions_bucket ? 1 : 0
+  provider               = aws.east
   description            = "${local.kms_description} (East)"
   deletion_window_in_days = local.kms_key_deletion_days
   enable_key_rotation    = local.enable_key_rotation
-
+  lifecycle {
+    ignore_changes = [
+      description
+    ]
+  }
   policy = jsonencode({
     Version = "2012-10-17"
     Statement = [
@@ -128,48 +144,54 @@ resource "aws_kms_key" "actions_bucket_east" {
 }
 
 resource "aws_kms_alias" "actions_bucket_east" {
+  count         = var.create_actions_bucket ? 1 : 0
   provider      = aws.east
   name          = "alias/${local.east_bucket_name}"
-  target_key_id = aws_kms_key.actions_bucket_east.key_id
+  target_key_id = aws_kms_key.actions_bucket_east[0].key_id
 }
 
 resource "aws_s3_bucket" "actions_east" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.east
   bucket   = local.east_bucket_name
 }
 
 resource "aws_s3_bucket_versioning" "actions_east" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.east
-  bucket   = aws_s3_bucket.actions_east.id
+  bucket   = aws_s3_bucket.actions_east[0].id
   versioning_configuration {
     status = "Enabled"
   }
 }
 
 resource "aws_s3_bucket_server_side_encryption_configuration" "actions_east" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.east
-  bucket   = aws_s3_bucket.actions_east.id
+  bucket   = aws_s3_bucket.actions_east[0].id
 
   rule {
     apply_server_side_encryption_by_default {
-      kms_master_key_id = aws_kms_key.actions_bucket_east.arn
+      kms_master_key_id = aws_kms_key.actions_bucket_east[0].arn
       sse_algorithm     = "aws:kms"
     }
   }
 }
 
 resource "aws_s3_bucket_public_access_block" "actions_east" {
+  count                   = var.create_actions_bucket ? 1 : 0
   provider                = aws.east
-  bucket                  = aws_s3_bucket.actions_east.id
+  bucket                  = aws_s3_bucket.actions_east[0].id
   block_public_acls       = true
   block_public_policy     = true
   ignore_public_acls      = true
   restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_policy" "actions_east" {
+  count    = var.create_actions_bucket ? 1 : 0
   provider = aws.east
-  bucket   = aws_s3_bucket.actions_east.id
+  bucket   = aws_s3_bucket.actions_east[0].id
 
   policy = jsonencode({
     Version = "2012-10-17"
@@ -182,8 +204,8 @@ resource "aws_s3_bucket_policy" "actions_east" {
         }
         Action   = local.ecs_s3_actions
         Resource = [
-          aws_s3_bucket.actions_east.arn,
-          "${aws_s3_bucket.actions_east.arn}/*"
+          aws_s3_bucket.actions_east[0].arn,
+          "${aws_s3_bucket.actions_east[0].arn}/*"
         ]
       }
     ]

automation-repos.code-workspace

@@ -1,19 +1,28 @@
 {
 	"folders": [
 		{
+			"name": "Automation Repos",
 			"path": "."
 		},
 		{
-			"path": "../terraform-provider-github/website/docs/d",
-			"name": "data-sources"
+			"name": "Template Repos",
+			"path": "../template-repos"
 		},
 		{
-			"path": "../terraform-provider-github/website/docs/r",
-			"name": "resources"
+			"name": "Module Decomposition",
+			"path": "../module-decomposition"
 		},
 		{
-			"path": "../terraform-github-repo",
-			"name": "github-repo"
+			"name": "Terraform Modules",
+			"path": "../terraform-modules"
+		},
+		{
+			"name": "terraform-github-repo",
+			"path": "../terraform-github-repo"
+		},
+		{
+			"name": "terraform-github-repo-subdir",
+			"path": "../terraform-github-repo-subdir"
 		}
 	],
 	"settings": {

image-pipeline.tf

@@ -1,3 +1,10 @@
+// This file is no longer needed as all repositories have been consolidated into the main repolist
+// and appropriate moved blocks have been created to handle the transition.
+// The image pipeline repositories are now defined in default.tfvars and created via the repo_list module.
+// The image_pipeline_workflows variable is still used by the repo_list module for workflow files.
+
+// Previous configuration:
+/*
 locals {
   pipeline_repos = [
     "image-pipeline-goss",
@@ -148,3 +155,4 @@ module "terraform_aws_image_pipeline" {
     }
   ]
 }
+*/

imported-repos.tf

@@ -1,19 +1,26 @@
-module "netbackup_automation_platform" {
-  source               = "HappyPathway/gh-actions/importer"
-  version              = "0.0.34"
-  github_repo_topics   = []
-  vulnerability_alerts = false
-  public_repo = {
-    default_branch = "main"
-    clone_url      = "https://github.com/VeritasOS/netbackup-automation-platform.git"
-  }
-  internal_repo = {
-    name   = "netbackup-automation-platform"
-    org    = "CSVD"
-    topics = ["automation-platform"]
-    collaborators = {
-      "littl381" = "admin"
-      "arnol377" = "admin"
-    }
-  }
-}
+// This file has been deprecated.
+// The repository imports have been moved to the imported_repos module in repolist.tf
+// and are now defined in the imported_repos variable in default.tfvars.
+// Moved blocks have been created in moved.tf to ensure proper state tracking.
+
+// Previous configuration:
+// module "netbackup_automation_platform" {
+//   source               = "HappyPathway/gh-actions/importer"
+//   count = var.netbackup_automation_platform ? 1 : 0
+//   version              = "0.0.34"
+//   github_repo_topics   = []
+//   vulnerability_alerts = false
+//   public_repo = {
+//     default_branch = "main"
+//     clone_url      = "https://github.com/VeritasOS/netbackup-automation-platform.git"
+//   }
+//   internal_repo = {
+//     name   = "netbackup-automation-platform"
+//     org    = "CSVD"
+//     topics = ["automation-platform"]
+//     collaborators = {
+//       "littl381" = "admin"
+//       "arnol377" = "admin"
+//     }
+//   }
+// }