prefapp · frmadem · Mar 8, 2026 · Mar 8, 2026 · Mar 8, 2026 · Mar 8, 2026
@@ -0,0 +1,48 @@
+formatter: "markdown"
+
+version: ""
+
+header-from: docs/header.md
+footer-from: docs/footer.md
+
+recursive:
+  enabled: false
+  path: modules
+  include-main: true
+
+sections:
+  hide: []
+  show: []
+
+content: ""
+
+output:
+  file: "README.md"
+  mode: inject
+  template: |-
+    <!-- BEGIN_TF_DOCS -->
+    {{ .Content }}
+    <!-- END_TF_DOCS -->
+
+output-values:
+  enabled: false
+  from: ""
+
+sort:
+  enabled: true
+  by: name
+
+settings:
+  anchor: true
+  color: true
+  default: true
+  description: false
+  escape: true
+  hide-empty: false
+  html: true
+  indent: 2
+  lockfile: true
+  read-comments: true
+  required: true
+  sensitive: true
+  type: true
@@ -0,0 +1,82 @@
+<!-- BEGIN_TF_DOCS -->
+# **GitHub Files Set Terraform Module**
+
+## Overview
+
+This module creates or updates one or more files in GitHub repositories using the `github_repository_file` resource.  
+It is designed to be used in automated repository bootstrapping / golden-path workflows.
+
+It accepts a list of files in a single `config` object — ideal for YAML/JSON input from external tools.
+
+## Key Features
+
+- Multiple files in one module call
+- Per-file branch, commit message, overwrite control
+- Native GitHub provider integration
+- Input validation on required fields
+- Clean outputs for downstream usage
+
+## Basic Usage
+
+```hcl
+module "files" {
+  source = "git::https://github.com/prefapp/tfm.git//modules/gh-files-set"
+
+  config = yamldecode(file("${path.module}/files.yaml"))
+  # or jsondecode(...) if using JSON
+}
+```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_github"></a> [github](#requirement\_github) | ~> 6.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_github"></a> [github](#provider\_github) | ~> 6.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [github_repository_file.managed](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource |
+| [github_repository_file.user_managed](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource |
+| [github_repository.this](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_config"></a> [config](#input\_config) | GitHub files configuration — userManaged files are provisioned once and survive destroy | <pre>object({<br/>    files = list(object({<br/>      branch            = string<br/>      commitMessage     = string<br/>      content           = string<br/>      file              = string<br/>      repository        = string<br/>      overwriteOnCreate = optional(bool, true)<br/>      userManaged       = optional(bool, false)<br/>    }))<br/><br/>    repository = string<br/>  })</pre> | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_user_managed_files"></a> [user\_managed\_files](#output\_user\_managed\_files) | Files marked as userManaged (will survive destroy) |
+
+### 5. `docs/footer.md`
+
+```markdown
+## Examples
+
+See [_examples/basic](https://github.com/prefapp/tfm/tree/main/modules/gh-files-set/_examples/basic)
+
+## Resources
+
+- **github_repository_file**  
+  https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file
+
+## Support
+
+Open issues in https://github.com/prefapp/tfm/issues
+```
+<!-- END_TF_DOCS -->
@@ -0,0 +1,12 @@
+config:
+  repository: org/component_c
+  files:
+    - branch: main
+      commitMessage: "feat: hello-world-ee87ccfc-5d0a-4ad0-b9ee-4c142f40e00b main"
+      content: |
+        # Hello World!
+
+        From my-org/
+      file: hello.md
+      overwriteOnCreate: true
+      lifecycle: {}     # optional / placeholder
@@ -0,0 +1,12 @@
+## Examples
+
+See [_examples/basic](https://github.com/prefapp/tfm/tree/main/modules/gh-files-set/_examples/basic)
+
+## Resources
+
+- **github_repository_file**  
+  https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file
+
+## Support
+
+Open issues in https://github.com/prefapp/tfm/issues
@@ -0,0 +1,27 @@
+# **GitHub Files Set Terraform Module**
+
+## Overview
+
+This module creates or updates one or more files in GitHub repositories using the `github_repository_file` resource.  
+It is designed to be used in automated repository bootstrapping / golden-path workflows.
+
+It accepts a list of files in a single `config` object — ideal for YAML/JSON input from external tools.
+
+## Key Features
+
+- Multiple files in one module call
+- Per-file branch, commit message, overwrite control
+- Native GitHub provider integration
+- Input validation on required fields
+- Clean outputs for downstream usage
+
+## Basic Usage
+
+```hcl
+module "files" {
+  source = "git::https://github.com/prefapp/tfm.git//modules/gh-files-set"
+
+  config = yamldecode(file("${path.module}/files.yaml"))
+  # or jsondecode(...) if using JSON
+}
+```
@@ -0,0 +1,40 @@
+# ─────────────────────────────────────────────────────────────
+# Fetch repository info (validates existence + gives canonical name)
+# ─────────────────────────────────────────────────────────────
+data "github_repository" "this" {
+  full_name = var.config.repository
+}
+
+# Normal files — Terraform fully enforces content
+resource "github_repository_file" "managed" {
+  for_each = {
+    for f in var.config.files : "${f.repository}/${f.file}/${f.branch}" => f
+    if !f.userManaged
+  }
+
+  repository          = data.github_repository.this.name
+  branch              = each.value.branch
+  file                = each.value.file
+  content             = each.value.content
+  commit_message      = each.value.commitMessage
+  overwrite_on_create = each.value.overwriteOnCreate
+}
+
+# User-managed files — provision once + ignore content drift
+resource "github_repository_file" "user_managed" {
+  for_each = {
+    for f in var.config.files : "${f.repository}/${f.file}/${f.branch}" => f
+    if f.userManaged
+  }
+
+  repository          = data.github_repository.this.name
+  branch              = each.value.branch
+  file                = each.value.file
+  content             = each.value.content
+  commit_message      = each.value.commitMessage
+  overwrite_on_create = each.value.overwriteOnCreate
+
+  lifecycle {
+    ignore_changes = [content]
+  }
+}
@@ -0,0 +1,4 @@
+output "user_managed_files" {
+  description = "Files marked as userManaged (will survive destroy)"
+  value       = [for f in var.config.files : "${f.repository}/${f.file}" if f.userManaged]
+}
@@ -0,0 +1,37 @@
+variable "config" {
+  description = "GitHub files configuration — userManaged files are provisioned once and survive destroy"
+  type = object({
+    files = list(object({
+      branch            = string
+      commitMessage     = string
+      content           = string
+      file              = string
+      repository        = string
+      overwriteOnCreate = optional(bool, true)
+      userManaged       = optional(bool, false)
+    }))
+
+    repository = string
+  })
+
+  validation {
+    condition     = length(var.config.files) > 0
+    error_message = "At least one file must be defined in config.files"
+  }
+
+  validation {
+    condition = can(regex("^[a-zA-Z0-9_-]+/[a-zA-Z0-9_.-]+$", var.config.repository))
+    error_message = "config.repository must be in 'owner/repo' format."
+  }
+
+  validation {
+    condition = alltrue([
+      for f in var.config.files :
+      length(trimspace(f.branch)) > 0 &&
+      length(trimspace(f.commitMessage)) > 0 &&
+      length(trimspace(f.file)) > 0 &&
+      length(trimspace(f.repository)) > 0
+    ])
+    error_message = "Every file must have non-empty branch, commitMessage, file path, and repository."
+  }
+}
@@ -0,0 +1,9 @@
+terraform {
+  required_providers {
+    github = {
+      source  = "integrations/github"
+      version = "~> 6.0"
+    }
+  }
+}
+
@@ -151,6 +151,9 @@
         "modules/aws-secretsmanager-replication": {
             "package-name": "aws-secretsmanager-replication"
         },
+        "modules/gh-files-set": {
+            "package-name": "gh-files-set"
+        },
         "modules/azure-vnet-gateway": {
             "package-name": "azure-vnet-gateway"
         },