From 1c0e7be35e3b39a1fb01f28573098961b6c9397a Mon Sep 17 00:00:00 2001
From: arnol377 <david.j.arnold.jr@census.gov>
Date: Tue, 25 Mar 2025 14:53:48 -0400
Subject: [PATCH] feat: add deploy keys variable and implement GitHub Deploy
 Keys resource

---
 github_deploy_keys.tf | 14 ++++++++++++++
 variables.tf          | 10 ++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 github_deploy_keys.tf

diff --git a/github_deploy_keys.tf b/github_deploy_keys.tf
new file mode 100644
index 0000000..79eb4c3
--- /dev/null
+++ b/github_deploy_keys.tf
@@ -0,0 +1,14 @@
+// This file implements GitHub Deploy Keys functionality for the repository
+
+resource "github_repository_deploy_key" "deploy_key" {
+  for_each   = { for k, v in var.deploy_keys : k => v }
+  
+  title      = each.value.title
+  repository = local.github_repo.name
+  key        = each.value.key
+  read_only  = each.value.read_only
+  
+  depends_on = [
+    github_repository.repo
+  ]
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index c33ddfc..21c9187 100644
--- a/variables.tf
+++ b/variables.tf
@@ -408,3 +408,13 @@ variable "github_pro_enabled" {
   default     = false
   description = "Is this a Github Pro Account? If not, then it's limited in feature set"
 }
+
+variable "deploy_keys" {
+  description = "List of SSH deploy keys to add to the repository"
+  type = list(object({
+    title     = string
+    key       = string
+    read_only = optional(bool, true)
+  }))
+  default = []
+}