From 30851e45515270412119955e05bbe38b7644c476 Mon Sep 17 00:00:00 2001
From: Dave Arnold <dave@roknsound.com>
Date: Tue, 18 Feb 2025 16:24:26 -0800
Subject: [PATCH] Refactor repository references to use local variable for
 consistency

---
 action_secrets.tf     |  4 ++--
 collaborators.tf      |  5 +----
 github_branch.tf      |  7 +++----
 github_files.tf       |  6 +++---
 github_repo.tf        | 12 +++++++++---
 github_team_access.tf | 10 +---------
 outputs.tf            |  4 ++--
 variables.tf          |  6 ++++++
 8 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/action_secrets.tf b/action_secrets.tf
index 0470449..6152380 100644
--- a/action_secrets.tf
+++ b/action_secrets.tf
@@ -2,12 +2,12 @@ resource "github_actions_secret" "secret" {
   for_each        = tomap({ for secret in var.secrets : secret.name => secret.value })
   secret_name     = each.key
   plaintext_value = each.value
-  repository      = github_repository.repo.name
+  repository      = local.github_repo.name
 }
 
 resource "github_actions_variable" "variable" {
   for_each      = tomap({ for _var in var.vars : _var.name => _var.value })
-  repository    = github_repository.repo.name
+  repository    = local.github_repo.name
   variable_name = each.key
   value         = each.value
 }
diff --git a/collaborators.tf b/collaborators.tf
index 5ffe416..0025b82 100644
--- a/collaborators.tf
+++ b/collaborators.tf
@@ -1,10 +1,7 @@
 # Add a collaborator to a repository
 resource "github_repository_collaborator" "collaborators" {
   for_each   = tomap(var.collaborators)
-  repository = github_repository.repo.name
+  repository = local.github_repo.name
   username   = each.key
   permission = each.value
-  depends_on = [
-    github_repository.repo
-  ]
 }
diff --git a/github_branch.tf b/github_branch.tf
index cce7ccd..6c03592 100644
--- a/github_branch.tf
+++ b/github_branch.tf
@@ -1,4 +1,3 @@
-
 # https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/team
 # data "github_team" "github_codeowners_team" {
 #   slug = var.github_codeowners_team
@@ -7,7 +6,7 @@
 # not creating main branch because its created by default when repo is created
 resource "github_branch" "branch" {
   count      = var.github_default_branch == "main" ? 0 : 1
-  repository = github_repository.repo.name
+  repository = local.github_repo.name
   branch     = var.github_default_branch
 }
 
@@ -15,7 +14,7 @@ resource "github_branch" "branch" {
 # https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default
 resource "github_branch_default" "default_main_branch" {
   count      = var.github_default_branch == "main" ? 0 : 1
-  repository = github_repository.repo.name
+  repository = local.github_repo.name
   branch     = var.github_default_branch
   depends_on = [
     github_branch.branch
@@ -38,7 +37,7 @@ resource "github_branch_protection" "main" {
   enforce_admins = var.github_enforce_admins_branch_protection
   pattern        = var.github_default_branch
   # push_restrictions = var.github_push_restrictions
-  repository_id = github_repository.repo.node_id
+  repository_id = local.github_repo.node_id
   required_pull_request_reviews {
     dismiss_stale_reviews           = var.github_dismiss_stale_reviews
     require_code_owner_reviews      = var.github_require_code_owner_reviews
diff --git a/github_files.tf b/github_files.tf
index a0335c1..406c71d 100644
--- a/github_files.tf
+++ b/github_files.tf
@@ -1,7 +1,7 @@
 # https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file
 resource "github_repository_file" "codeowners" {
   count               = var.create_codeowners ? 1 : 0
-  repository          = github_repository.repo.name
+  repository          = local.github_repo.name
   branch              = var.github_default_branch
   file                = "CODEOWNERS"
   content             = templatefile("${path.module}/templates/CODEOWNERS", { codeowners = local.codeowners })
@@ -41,7 +41,7 @@ locals {
 
 resource "github_repository_file" "extra_files" {
   for_each            = tomap({ for file in local.extra_files : "${element(split("/", file.path), length(split("/", file.path)) - 1)}" => file })
-  repository          = github_repository.repo.name
+  repository          = local.github_repo.name
   branch              = var.github_default_branch
   file                = each.value.path
   content             = each.value.content
@@ -56,7 +56,7 @@ resource "github_repository_file" "extra_files" {
 
 resource "github_repository_file" "managed_extra_files" {
   for_each            = tomap({ for file in var.managed_extra_files : "${element(split("/", file.path), length(split("/", file.path)) - 1)}" => file })
-  repository          = github_repository.repo.name
+  repository          = local.github_repo.name
   branch              = var.github_default_branch
   file                = each.value.path
   content             = each.value.content
diff --git a/github_repo.tf b/github_repo.tf
index e642209..fea05e0 100644
--- a/github_repo.tf
+++ b/github_repo.tf
@@ -1,9 +1,11 @@
 locals {
   repo_name = var.force_name ? var.name : "${var.name}-${formatdate("YYYYMMDD", timestamp())}"
+  
+  github_repo = var.create_repo ? github_repository.repo[0] : data.github_repository.existing[0]
 }
 
-
 resource "github_repository" "repo" {
+  count                  = var.create_repo ? 1 : 0
   name                   = local.repo_name
   description            = var.github_repo_description
   visibility             = var.github_is_private ? "private" : "public"
@@ -24,12 +26,16 @@ resource "github_repository" "repo" {
   vulnerability_alerts   = var.vulnerability_alerts
 
   dynamic "template" {
-    # A bogus map for a conditional block
     for_each = var.template_repo == null ? [] : ["*"]
     content {
       owner      = var.template_repo_org
       repository = var.template_repo
-      # include_all_branches = var.template_include_all_branches
     }
   }
 }
+
+data "github_repository" "existing" {
+  count       = var.create_repo ? 0 : 1
+  name        = local.repo_name
+  full_name   = var.repo_org != null ? "${var.repo_org}/${local.repo_name}" : local.repo_name
+}
diff --git a/github_team_access.tf b/github_team_access.tf
index c530e6a..3949835 100644
--- a/github_team_access.tf
+++ b/github_team_access.tf
@@ -9,22 +9,14 @@ locals {
   github_teams     = { for obj in local.github_org_teams : "${obj.slug}" => obj.id }
 }
 
-# data "github_team" "nit_admin" {
-#   slug = "nit"
-# }
-
-# https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository
 resource "github_team_repository" "admin" {
   for_each   = toset(var.admin_teams)
   team_id    = lookup(local.github_teams, each.value)
-  repository = github_repository.repo.name
+  repository = local.github_repo.name
   permission = "admin"
   lifecycle {
     ignore_changes = [
       team_id
     ]
   }
-  depends_on = [
-    github_repository.repo
-  ]
 }
diff --git a/outputs.tf b/outputs.tf
index 1d937cf..50dc163 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,8 +1,8 @@
 output "github_repo" {
-  value = github_repository.repo
+  value = local.github_repo
 }
 
 output "ssh_clone_url" {
   description = "URL that can be provided to git clone to clone the repository via SSH"
-  value       = github_repository.repo.ssh_clone_url
+  value       = local.github_repo.ssh_clone_url
 }
diff --git a/variables.tf b/variables.tf
index 717a775..293790c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -212,6 +212,12 @@ variable "homepage_url" {
   default = null
 }
 
+variable "create_repo" {
+  description = "Whether to create a new repository or lookup an existing one"
+  type        = bool
+  default     = true
+}
+
 variable "security_and_analysis" {
   description = <<EOT
   Security and Analysis Configuration