Merge pull request #40 from hearchco/as/feat/github-oidc

feat: github oidc

live/dev/github-oidc/terragrunt.hcl

@@ -0,0 +1,16 @@
+include "root" {
+  path   = find_in_parent_folders()
+  expose = true
+}
+
+terraform {
+  source = "${path_relative_from_include()}/../..//stacks/github-oidc"
+}
+
+locals {
+  aws_profile = include.root.locals.aws_profile
+  environment = include.root.locals.environment
+  domain_name = include.root.locals.domain_name
+}
+
+inputs = {}

live/prod/github-oidc/terragrunt.hcl

@@ -0,0 +1,16 @@
+include "root" {
+  path   = find_in_parent_folders()
+  expose = true
+}
+
+terraform {
+  source = "${path_relative_from_include()}/../..//stacks/github-oidc"
+}
+
+locals {
+  aws_profile = include.root.locals.aws_profile
+  environment = include.root.locals.environment
+  domain_name = include.root.locals.domain_name
+}
+
+inputs = {}

stacks/github-oidc/main.tf

@@ -5,8 +5,8 @@ module "github_oidc" {
 module "github_oidc_infra_deploy_role" {
   source = "../../modules/oidc-iam-role"
 
-  name       = "github-auth-tf-state-lock"
-  repository = "hearchco/infra"
+  name       = var.name
+  repository = var.repository
   scope      = var.scope
   statements = var.statements
 }

stacks/github-oidc/variables.tf

@@ -1,3 +1,15 @@
+variable "name" {
+  description = "The name of the IAM role"
+  type        = string
+  default     = "github-oidc-auth-role"
+}
+
+variable "repository" {
+  description = "The GitHub repository to grant access to"
+  type        = string
+  default     = "hearchco/infra"
+}
+
 variable "scope" {
   description = "The scope of the access, e.g. 'ref:refs/heads/main', 'ref:refs/heads/*' or '*'"
   type        = string