Comments (1)
All done! GitHub actions ended up working pretty well for this. It keeps the credential somewhere that it can't even be read, and I was even able to (ab)use actions/cache
so that I don't need to store the terraform.tfstate
anywhere. This should be fine because all state is on GitHub and can just be imported in the even that the cache is lost.
There is one caveat: if something (e.g. a repo) is removed and the cache is lost, the Import step won't import it, so it won't be destroyed. I have mitigated this by configuring the workflow to run daily, which should keep the cache from expiring, or at least narrow the window of the cache not existing. Running periodically is a good thing to do anyway - it's how we can detect drift and make sure things are staying in sync with the source of truth (this repo).
Another workaround could be to have Import work based on the actual state (e.g. all repos in the org) instead of the desired state (all repos in the repo), but that's a little hardcore; it would mean anything not created through this repo would be destroyed or archived.
For posterity:
from governance.
Related Issues (15)
- concourse/concourse discussion got disabled by daily run terraforms github action HOT 1
- Configurable repository branch protection
- Automate Discord configuration HOT 3
- Grant triage permission to all contributors HOT 1
- Open up maintainers team to non-VMware employees
- Integrate governance model into contributing docs and website
- Transfer oddball repos to internal GitLab
- Set up a Security team and email forwarding for security issues
- Set up a Community team-controlled email address for Code of Conduct reports
- Ability to configure repository deploy keys
- Figure out how to set up a mailing list HOT 1
- Run tests in GitHub actions
- Community team should be able to write blog posts HOT 1
- add additional team for resource-types and reusable tasks HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from governance.