Initial development

.github/CODEOWNERS

@@ -0,0 +1,4 @@
+# Code Owners
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
+
+* @osinfra-sa

.github/dependabot.yml

@@ -0,0 +1,12 @@
+# Dependabot
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates
+
+version: 2
+updates:
+  - package-ecosystem: github-actions
+
+    # NOTE: The "/" here is for checking for workflow files in .github/workflows
+
+    directory: /
+    schedule:
+      interval: daily

.github/workflows/add-to-projects.yml

@@ -0,0 +1,21 @@
+name: Add To GitHub Projects
+
+on:
+  issues:
+    types:
+      - opened
+  pull_request:
+    types:
+      - opened
+
+permissions:
+  issues: write
+
+jobs:
+  add-to-osinfra-project:
+    name: Open Source Infrastructure (as Code)
+    uses: osinfra-io/github-misc-called-workflows/.github/workflows/[email protected]
+    with:
+     project_id: 1
+    secrets:
+     add_to_project_pat: ${{ secrets.ADD_TO_PROJECT_PAT }}

.github/workflows/dependabot.yml

@@ -0,0 +1,13 @@
+name: Dependabot Approve and Merge
+
+on: pull_request_target
+
+permissions:
+  contents: read
+
+jobs:
+  dependabot:
+    name: Dependabot
+    uses: osinfra-io/github-misc-called-workflows/.github/workflows/[email protected]
+    secrets:
+      pr_approve_and_merge_pat: ${{ secrets.PR_APPROVE_AND_MERGE_PAT }}

.github/workflows/test.yml

@@ -0,0 +1,23 @@
+name: Terraform Tests
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+    paths-ignore:
+      - "**.md"
+
+permissions:
+  id-token: write
+
+jobs:
+  tests:
+    name: Tests
+    uses: osinfra-io/github-terraform-gcp-called-workflows/.github/workflows/[email protected]
+    if: github.actor != 'dependabot[bot]'
+    with:
+      service_account: plt-lz-testing-github@ptl-lz-terraform-tf91-sb.iam.gserviceaccount.com
+      terraform_version: ${{ vars.TERRAFORM_VERSION }}
+      workload_identity_provider: projects/746490462722/locations/global/workloadIdentityPools/github-actions/providers/github-actions-oidc

.gitignore

@@ -0,0 +1,43 @@
+# .gitignore
+# https://docs.github.com/en/get-started/getting-started-with-git/ignoring-files
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore provider lock file
+.terraform.lock.hcl
+
+# Ignore any local.tfvars. Most .tfvars files are managed as part of configuration and so should
+# be included in version control.
+local.tfvars
+
+# Provider.tf is used for local development of modules and shouldn't be added to repos.
+provider.tf
+
+# Ignore override files as they are usually used to override ressources locally
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore plan output files
+plan.out
+
+# Ignore Infracost directories and files
+.infracost
+
+# Other Files
+*.log
+*.bak
+*.swp
+*.tmp
+*.gz
+*.tgz
+*.tar

.pre-commit-config.yaml

@@ -0,0 +1,37 @@
+# Pre-commit
+# https://github.com/pre-commit/pre-commit
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+      - id: check-yaml
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: check-symlinks
+
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.92.0
+    hooks:
+      - id: terraform_fmt
+
+      # To speed up local validation add the following to your ~/.zshrc:
+      # export TF_PLUGIN_CACHE_DIR=$HOME/.terraform.d/plugin-cache
+
+      - id: terraform_validate
+        args:
+          - --hook-config=--retry-once-with-cleanup=true
+          - --tf-init-args=-upgrade
+        exclude: tests/fixtures/shared
+
+      # Always run after terraform_validate
+
+      - id: terraform_docs
+
+  - repo: https://github.com/bridgecrewio/checkov.git
+    rev: 3.2.186
+    hooks:
+      - id: checkov
+        verbose: true
+        args:
+          - --quiet

.terraform-docs.yml

@@ -0,0 +1,5 @@
+# Terraform Docs
+# https://github.com/terraform-docs/terraform-docs
+
+settings:
+  indent: 3