feat: implement GitHub deploy keys generation and add output for gene…

…rated keys

github_deploy_keys.tf

@@ -1,14 +1,27 @@
-// This file implements GitHub Deploy Keys functionality for the repository
+// Generate SSH keys when create is true
+resource "tls_private_key" "deploy_key" {
+  for_each = {
+    for k, v in var.deploy_keys : k => v
+    if v.create == true
+  }
+
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
 
+// Create GitHub deploy keys for all entries
 resource "github_repository_deploy_key" "deploy_key" {
-  for_each = { for k, v in var.deploy_keys : k => v }
+  for_each = {
+    for k, v in var.deploy_keys : k => v
+  }
 
   title      = each.value.title
   repository = local.github_repo.name
-  key        = each.value.key
+  key        = each.value.create ? tls_private_key.deploy_key[each.key].public_key_openssh : each.value.key
   read_only  = each.value.read_only
 
   depends_on = [
-    github_repository.repo
+    github_repository.repo,
+    data.github_repository.existing
   ]
-}
+}

outputs.tf

@@ -57,3 +57,12 @@ output "template" {
   description = "Template repository this repository was created from"
   value       = local.github_repo.template
 }
+
+
+output "generated_deploy_keys" {
+  description = "Generated private keys for deploy keys with create=true"
+  value = {
+    for k, v in tls_private_key.deploy_key : k => v.private_key_pem
+  }
+  sensitive = true
+}

variables.tf

@@ -413,8 +413,12 @@ variable "deploy_keys" {
   description = "List of SSH deploy keys to add to the repository"
   type = list(object({
     title     = string
-    key       = string
+    key       = optional(string, "")
+    # The key is optional because it can be generated
+    # by the module itself if create is set to true
+    # and the key is not provided
     read_only = optional(bool, true)
+    create = optional(bool, false)
   }))
   default = []
 }