From 0b28977b27fbcc780a9af7ed867acf9fe27d647d Mon Sep 17 00:00:00 2001
From: arnol377 <david.j.arnold.jr@census.gov>
Date: Tue, 25 Mar 2025 16:14:19 -0400
Subject: [PATCH 1/2] feat: enhance README with deploy keys management details

---
 README.md | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index d93fc7c..bf965f4 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Terraform GitHub Repository Module
 
-A comprehensive Terraform module for managing GitHub repositories with advanced features like branch protection, file management, and team access control. You can use this module to create new repositories or manage existing ones.
+A comprehensive Terraform module for managing GitHub repositories with advanced features like branch protection, file management, team access control, and deployment keys. You can use this module to create new repositories or manage existing ones.
 
 ## Features
 - Create new repositories or manage existing ones
@@ -10,6 +10,7 @@ A comprehensive Terraform module for managing GitHub repositories with advanced
 - Team access configuration
 - Action secrets management
 - Repository collaborator management
+- Deploy key management
 - Automated README generation
 - Issue management
 
@@ -97,6 +98,30 @@ module "managed_repo" {
 }
 ```
 
+### Repository with Deploy Keys
+
+```hcl
+module "repo_with_deploy_keys" {
+  source = "HappyPathway/repo/github"
+  
+  name     = "my-project-with-deploy-keys"
+  repo_org = "MyOrganization"
+  
+  deploy_keys = [
+    {
+      title     = "CI Server Key"
+      key       = "ssh-rsa AAAAB3NzaC1yc2EAAA..."
+      read_only = true  # Default is true, can be omitted
+    },
+    {
+      title     = "Deploy Server Key"
+      key       = "ssh-rsa AAAAB3NzaC1yc2EBBB..."
+      read_only = false  # Write access for deployment
+    }
+  ]
+}
+```
+
 ## Inputs
 
 | Name | Description | Type | Required | Default |
@@ -327,6 +352,7 @@ No modules.
 | <a name="input_template_repo_org"></a> [template\_repo\_org](#input\_template\_repo\_org) | Template repository organization | `string` | `null` | no |
 | <a name="input_vars"></a> [vars](#input\_vars) | GitHub Actions variables | <pre>list(object({<br>    name  = string<br>    value = string<br>  }))</pre> | `[]` | no |
 | <a name="input_vulnerability_alerts"></a> [vulnerability\_alerts](#input\_vulnerability\_alerts) | Enable Dependabot alerts | `bool` | `false` | no |
+| <a name="input_deploy_keys"></a> [deploy\_keys](#input\_deploy\_keys) | List of SSH deploy keys to add to the repository | <pre>list(object({<br>    title     = string<br>    key       = string<br>    read_only = optional(bool, true)<br>  }))</pre> | `[]` | no |
 
 ## Outputs
 

From e4dab4475b521c13af00e0dc448faa026f5c1b24 Mon Sep 17 00:00:00 2001
From: arnol377 <david.j.arnold.jr@census.gov>
Date: Fri, 4 Apr 2025 18:17:38 -0400
Subject: [PATCH 2/2] fix: update dependencies in branch protection and
 uncomment repository data resources

---
 branch_protection.tf |  5 ++++-
 github_files.tf      | 32 ++++++++++++++++----------------
 2 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/branch_protection.tf b/branch_protection.tf
index 344bbd3..a60544c 100644
--- a/branch_protection.tf
+++ b/branch_protection.tf
@@ -52,6 +52,9 @@ resource "github_branch_protection" "protection" {
   depends_on = [
     github_repository.repo,
     github_branch.branch,
-    github_branch_default.default_main_branch
+    github_branch_default.default_main_branch,
+    github_repository_files.extra_files,
+    github_repository_file.codeowners,
+    github_repository_file.managed_extra_files
   ]
 }
\ No newline at end of file
diff --git a/github_files.tf b/github_files.tf
index e4dee3a..ebd4931 100644
--- a/github_files.tf
+++ b/github_files.tf
@@ -27,27 +27,27 @@ resource "github_repository_file" "codeowners" {
   }
 }
 
-# data "github_repository" "template_repo" {
-#   count     = var.template_repo == null && var.template_repo_org == var.repo_org ? 0 : 1
-#   full_name = "${var.template_repo_org == null ? "" : var.template_repo_org}/${var.template_repo == null ? "" : var.template_repo}"
-# }
+data "github_repository" "template_repo" {
+  count     = var.template_repo == null && var.template_repo_org == var.repo_org ? 0 : 1
+  full_name = "${var.template_repo_org == null ? "" : var.template_repo_org}/${var.template_repo == null ? "" : var.template_repo}"
+}
 
-# data "github_ref" "ref" {
-#   count      = var.template_repo == null && var.template_repo_org == var.repo_org ? 0 : 1
-#   owner      = var.template_repo_org
-#   repository = var.template_repo
-#   ref        = "heads/${element(data.github_repository.template_repo, 0).default_branch}"
-# }
+data "github_ref" "ref" {
+  count      = var.template_repo == null && var.template_repo_org == var.repo_org ? 0 : 1
+  owner      = var.template_repo_org
+  repository = var.template_repo
+  ref        = "heads/${element(data.github_repository.template_repo, 0).default_branch}"
+}
 
 locals {
   extra_files = concat(
     var.extra_files,
-    # var.template_repo == null && var.template_repo_org == var.repo_org ? [] : [
-    #   {
-    #     path    = ".TEMPLATE_SHA",
-    #     content = data.github_ref.ref[0].sha
-    #   }
-    # ]
+    var.template_repo == null && var.template_repo_org == var.repo_org ? [] : [
+      {
+        path    = ".TEMPLATE_SHA",
+        content = data.github_ref.ref[0].sha
+      }
+    ]
   )
   repository_name = var.create_repo ? local.github_repo.name : var.name
 }