ci(tofu): Manage Github settings as code

[lens0021]

• ci(tofu): Add tf.yaml
• ci(tofu): Manage Github settings as code

[github-actions]

OpenTofu Plan

github_repository.this: Preparing import... [id=setup-amber]
github_repository.this: Refreshing state... [id=setup-amber]
github_repository_ruleset.default: Preparing import... [id=setup-amber:10629749]
github_repository_ruleset.default: Refreshing state... [id=10629749]

OpenTofu used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place (current -> planned)

OpenTofu will perform the following actions:

  # github_repository.this will be updated in-place
  # (imported from "setup-amber")
  ~ resource "github_repository" "this" {
      ~ allow_auto_merge                        = false -> true
        allow_forking                           = true
        allow_merge_commit                      = false
        allow_rebase_merge                      = false
      ~ allow_squash_merge                      = false -> true
      ~ allow_update_branch                     = false -> true
      + archive_on_destroy                      = true
        archived                                = false
        auto_init                               = false
        default_branch                          = "main"
      ~ delete_branch_on_merge                  = false -> true
        description                             = "Download amber compiler"
        etag                                    = "W/\"fd62acb998bbb5cf6212c406a177795e6609c5f97ecd2aec97b85486c3756bcd\""
        fork                                    = "false"
        full_name                               = "lens0021/setup-amber-action"
        git_clone_url                           = "git://github.com/lens0021/setup-amber-action.git"
        has_discussions                         = false
      - has_downloads                           = true -> null
        has_issues                              = true
        has_projects                            = false
        has_wiki                                = false
        html_url                                = "https://github.com/lens0021/setup-amber-action"
        http_clone_url                          = "https://github.com/lens0021/setup-amber-action.git"
        id                                      = "setup-amber"
      + ignore_vulnerability_alerts_during_read = false
        is_template                             = false
      + merge_commit_message                    = "PR_TITLE"
      + merge_commit_title                      = "MERGE_MESSAGE"
        name                                    = "setup-amber"
        node_id                                 = "R_kgDOQfjxKA"
        private                                 = false
        repo_id                                 = 1106833704
      + squash_merge_commit_message             = "BLANK"
      + squash_merge_commit_title               = "PR_TITLE"
        ssh_clone_url                           = "git@github.com:lens0021/setup-amber-action.git"
        svn_url                                 = "https://github.com/lens0021/setup-amber-action"
      ~ topics                                  = [
          + "amber",
        ]
        visibility                              = "public"
      + vulnerability_alerts                    = true
        web_commit_signoff_required             = false

      + security_and_analysis {
          + secret_scanning {
              + status = "enabled"
            }
          + secret_scanning_push_protection {
              + status = "enabled"
            }
        }
    }

  # github_repository_ruleset.default will be updated in-place
  # (imported from "setup-amber:10629749")
  ~ resource "github_repository_ruleset" "default" {
        enforcement = "active"
        etag        = "W/\"1997e991b1632c0ee87d73325ee545cc1b1fdf64d3f20d3d7984d7c7464994ca\""
        id          = "10629749"
      ~ name        = "main" -> "default"
        node_id     = "RRS_lACqUmVwb3NpdG9yec5B-PEozgCiMnU"
      ~ repository  = "setup-amber-action" -> "setup-amber"
        ruleset_id  = 10629749
        target      = "branch"

        conditions {
            ref_name {
                exclude = []
                include = [
                    "~DEFAULT_BRANCH",
                ]
            }
        }

      ~ rules {
            creation                      = false
            deletion                      = true
            non_fast_forward              = true
            required_linear_history       = true
            required_signatures           = false
          ~ update                        = false -> true
            update_allows_fetch_and_merge = false

            pull_request {
                allowed_merge_methods             = [
                    "squash",
                ]
                dismiss_stale_reviews_on_push     = false
                require_code_owner_review         = false
                require_last_push_approval        = false
                required_approving_review_count   = 0
                required_review_thread_resolution = false
            }

          ~ required_status_checks {
                do_not_enforce_on_create             = false
                strict_required_status_checks_policy = false

                required_check {
                    context        = "--> Linted: CHECKOV"
                    integration_id = 15368
                }
                required_check {
                    context        = "--> Linted: GITHUB_ACTIONS"
                    integration_id = 15368
                }
                required_check {
                    context        = "--> Linted: GITLEAKS"
                    integration_id = 15368
                }
                required_check {
                    context        = "--> Linted: GIT_MERGE_CONFLICT_MARKERS"
                    integration_id = 15368
                }
                required_check {
                    context        = "--> Linted: JSCPD"
                    integration_id = 15368
                }
              - required_check {
                  - context        = "--> Linted: JSON" -> null
                  - integration_id = 15368 -> null
                }
              - required_check {
                  - context        = "--> Linted: YAML" -> null
                  - integration_id = 15368 -> null
                }
                required_check {
                    context        = "Test with default settings (macos-latest)"
                    integration_id = 15368
                }
                required_check {
                    context        = "Test with default settings (ubuntu-latest)"
                    integration_id = 15368
                }
                required_check {
                    context        = "check-dist"
                    integration_id = 15368
                }
                required_check {
                    context        = "rumdl"
                    integration_id = 15368
                }
                required_check {
                    context        = "zizmor"
                    integration_id = 15368
                }
              + required_check {
                  + context        = "biome"
                  + integration_id = 15368
                }
            }
        }
    }

Plan: 2 to import, 0 to add, 2 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so OpenTofu can't
guarantee to take exactly these actions if you run "tofu apply" now.