chore: publish provider to Terraform and OpenTofu registries under vmvarela/github

- Rewrite RELEASE.md with full CalVer process: GPG key setup, secrets, tag-and-push workflow, OpenTofu Registry auto-indexing, and verification steps
- Update README.md to point to vmvarela/github on both registries, add HCL usage snippet, list fork-specific enterprise features
- Simplify release-drafter version-resolver to patch-only (CalVer makes major/minor bumping meaningless)
- Update .goreleaser.yml header comment to identify vmvarela/github namespace and CalVer scheme

Closes #13

Author: vmvarela

.github/release-drafter.yml

@@ -42,15 +42,12 @@ autolabeler:
     title:
       - '/^spike(\(.+\))?!?:/i'
 version-resolver:
-  major:
+  patch:
     labels:
       - "breaking"
-  minor:
-    labels:
       - "type:feature"
-  patch:
-    labels:
       - "type:bug"
       - "type:chore"
       - "type:docs"
+      - "type:spike"
   default: patch

.goreleaser.yml

@@ -1,13 +1,13 @@
-# Visit https://goreleaser.com for documentation on how to customize this
-# behavior.
+# GoReleaser configuration for vmvarela/github (Terraform Registry + OpenTofu Registry).
+# Published under the namespace vmvarela/github using CalVer (vYY.MM.N).
+# See RELEASE.md for the full release process.
 version: 2
 
 env:
   - COSIGN_YES=true
 
 before:
   hooks:
-    # this is just an example and not a requirement for provider building/publishing
     - go mod tidy
 
 builds:

README.md

@@ -1,29 +1,54 @@
 # Terraform Provider GitHub
-=========================
 
 <img src="https://cloud.githubusercontent.com/assets/98681/24211275/c4ebd04e-0ee8-11e7-8606-061d656a42df.png" width="72" height="">
 
 <img src="https://raw.githubusercontent.com/hashicorp/terraform-website/d841a1e5fca574416b5ca24306f85a0f4f41b36d/content/source/assets/images/logo-terraform-main.svg" width="300px">
 
-This project is used to manipulate GitHub resources (repositories, teams, files, etc.) using Terraform. Its Terraform Registry page can be found [here](https://registry.terraform.io/providers/integrations/github/).
+This is a fork of the [official Terraform GitHub provider](https://github.com/integrations/terraform-provider-github) maintained by [@vmvarela](https://github.com/vmvarela), published under `vmvarela/github` with additional enterprise features pending upstream merge.
+
+- **Terraform Registry**: [registry.terraform.io/providers/vmvarela/github](https://registry.terraform.io/providers/vmvarela/github)
+- **OpenTofu Registry**: [search.opentofu.org/provider/vmvarela/github](https://search.opentofu.org/provider/vmvarela/github)
+- **Upstream**: [integrations/terraform-provider-github](https://github.com/integrations/terraform-provider-github)
 
 ## Requirements
 
-- [Terraform](https://www.terraform.io/downloads.html) 1.x
+- [Terraform](https://www.terraform.io/downloads.html) 1.x or [OpenTofu](https://opentofu.org/docs/intro/install/) 1.x
 - [Go](https://golang.org/doc/install) 1.26.x (to build the provider plugin)
 
 ## Usage
 
-Detailed documentation for the GitHub provider can be found [here](https://registry.terraform.io/providers/integrations/github).
+```hcl
+terraform {
+  required_providers {
+    github = {
+      source  = "vmvarela/github"
+      version = "~> 26.0"
+    }
+  }
+}
+```
+
+Full provider documentation is available on the [Terraform Registry](https://registry.terraform.io/providers/vmvarela/github/latest/docs).
+
+## Additional Features (vs upstream)
+
+This fork includes the following features that are open PRs against upstream:
+
+- **Enterprise Billing Usage** — `github_enterprise_billing_usage` data source
+- **Enterprise Cost Centers** — `github_enterprise_cost_center` resource and data sources
+- **Enterprise SCIM** — `github_enterprise_scim_*` resources for user and group provisioning
+- **Enterprise Teams** — enhanced enterprise team management resources
 
 ## Contributing
 
-Detailed documentation for contributing to the GitHub provider can be found [here](CONTRIBUTING.md).
+Detailed documentation for contributing to this provider can be found in [CONTRIBUTING.md](CONTRIBUTING.md).
+
+For release and publishing instructions, see [RELEASE.md](RELEASE.md).
 
 ## Roadmap
 
-This project uses [Milestones](https://github.com/integrations/terraform-provider-github/milestones) to scope upcoming features and bug fixes. Issues that receive the most recent discussion or the most reactions will be more likely to be included in an upcoming release.
+This project uses [Milestones](https://github.com/vmvarela/terraform-provider-github/milestones) to track upcoming features and fixes.
 
 ## Support
 
-GitHub Support does not provide support for this integration. This is a community-supported project. GitHub's SDK team triages issues and PRs periodically.
+This is a community-maintained fork. For issues specific to the additional enterprise features, open an issue in this repository. For upstream provider issues, refer to the [integrations/terraform-provider-github](https://github.com/integrations/terraform-provider-github) project.

RELEASE.md

@@ -1,22 +1,153 @@
-## Release Flow
+# Release Process
 
-The release process uses GitHub Actions and [`goreleaser`](https://github.com/goreleaser/goreleaser) to build, sign, and upload provider binaries to a GitHub release. Release are triggered by a tag with the pattern `v*` (e.g. `v1.2.3`); these tags may only be created from the default branch (`main`) or branches that match the pattern `release-v*`.
+This document describes the release pipeline for `vmvarela/github`, published to both the
+[Terraform Registry](https://registry.terraform.io/providers/vmvarela/github) and the
+[OpenTofu Registry](https://search.opentofu.org/provider/vmvarela/github).
 
-The release flow is as follows:
+## Versioning
 
-[!IMPORTANT]
-> In you're planning on releasing a major version, please ensure you've completed the following tasks:
-> 
-> - Read Hashicorp guidance on [incrementing the major version](https://developer.hashicorp.com/terraform/plugin/best-practices/versioning#example-major-number-increments).
-> - Check if there are any outstanding [PRs with breaking changes](https://github.com/integrations/terraform-provider-github/issues?q=state%3Aopen%20label%3A%22Type%3A%20Breaking%20change%22) that could be included in the release.
-> - Check that all deprecations have been addressed and removed from the codebase.
+This fork uses **CalVer** (`vYY.MM.N`) to avoid conflicts with upstream SemVer tags (`v6.x.x`):
 
-1. Navigate to the [repository's Releases page](https://github.com/integrations/terraform-provider-github/releases) and click _Draft a new release_.
-1. Create a new [SemVer](https://semver.org/) tag for the release.
-1. Select the target as either the default branch (`main`) or a release branch (a branch matching the pattern `release-v*`)
-1. Click _Generate release notes_.
-1. If this release is from a release branch (unless it really is the latest release) uncheck the _Set as the latest release_ checkbox.
-1. Click "Publish release".
-1. GitHub Actions will trigger the [release workflow](https://github.com/integrations/terraform-provider-github/actions/workflows/release.yaml).
+| Field | Meaning | Example |
+|-------|---------|---------|
+| `YY` | 2-digit year | `26` |
+| `MM` | Month (no zero-pad) | `3` |
+| `N` | Sequential release within the month, starting at 0 | `0` |
 
-After the workflow executes successfully, the GitHub release created in the prior step will have the relevant assets available for consumption and the new version will show up in the [Terraform Registry](https://registry.terraform.io/providers/integrations/github/latest).
+Examples: `v26.3.0`, `v26.3.1`, `v26.4.0`
+
+## One-Time Setup
+
+### 1. GPG Signing Key
+
+The Terraform Registry requires provider binaries to be signed with a GPG key. The public key must
+be registered in your Terraform Registry account, and the private key must be stored as a repository
+secret.
+
+```bash
+# Generate a new GPG key (RSA 4096, no expiry)
+gpg --full-generate-key
+
+# Export the private key (base64-encoded, for the secret)
+gpg --export-secret-keys --armor <KEY_ID> | base64
+
+# Export the public key (to register in the Terraform Registry)
+gpg --export --armor <KEY_ID>
+```
+
+Register the **public key** at:
+- Terraform Registry: Settings → GPG Keys → Add a GPG key
+  (`https://registry.terraform.io/settings/gpg-keys`)
+- OpenTofu Registry: follows the same Terraform Registry protocol; no separate key registration
+  is needed
+
+### 2. GitHub Repository Secrets
+
+Store the following secrets under **Settings → Environments → `release`** in this repository:
+
+| Secret | Value |
+|--------|-------|
+| `GPG_PRIVATE_KEY` | Base64-encoded private GPG key from the step above |
+| `PASSPHRASE` | Passphrase used when generating the GPG key |
+
+The `release` environment is referenced by `.github/workflows/release.yaml` and gates the signing
+step.
+
+### 3. Register the Provider
+
+**Terraform Registry** (`registry.terraform.io`):
+
+1. Sign in at <https://registry.terraform.io> with your GitHub account.
+2. Click **Publish → Provider**.
+3. Select the `vmvarela/terraform-provider-github` repository.
+4. Confirm the GPG public key is already registered (step 1 above).
+5. Click **Publish Provider**.
+
+The registry will detect the first CalVer tag (`v26.x.x`) automatically on the next push.
+
+**OpenTofu Registry** (`search.opentofu.org`):
+
+The OpenTofu Registry mirrors providers published to the Terraform Registry via the same GitHub
+release assets. No separate registration is required — once the Terraform Registry picks up a
+release, the OpenTofu Registry will index it automatically, provided the
+`terraform-registry-manifest.json` is included in the release (already configured in
+`.goreleaser.yml`).
+
+## Release Workflow
+
+### Normal Release (new CalVer tag on `master`)
+
+```bash
+# 1. Ensure master is up to date with upstream and all feature branches
+git checkout master
+git fetch upstream main
+git merge upstream/main
+git merge billing-usage
+git merge cost-centers
+git merge enterprise-scim
+git merge enterprise-teams
+
+# 2. Run the build and tests to confirm everything is green
+make build
+make test
+
+# 3. Create and push a CalVer tag
+#    Format: vYY.MM.N  (e.g. first release of April 2026 -> v26.4.0)
+git tag v26.4.0
+git push origin master --tags
+```
+
+The [release workflow](.github/workflows/release.yaml) triggers automatically on `v*` tags and:
+
+1. Builds binaries for all supported platforms (linux, darwin, windows, freebsd — amd64/arm64/386/arm)
+2. Generates an SBOM with Syft
+3. Signs the SHA256SUMS file with the GPG key from the `release` environment
+4. Signs the SBOM with Cosign (keyless, via OIDC)
+5. Creates a GitHub Release with all assets
+6. Attests build provenance with `actions/attest-build-provenance`
+
+Both registries poll GitHub Releases and will pick up the new version within minutes.
+
+### Patch Release (bug fix on current month)
+
+```bash
+# Increment only the patch counter
+git tag v26.4.1
+git push origin master --tags
+```
+
+### Feature Branch Merge Before Release
+
+When a feature branch has new commits that should be included in the next release:
+
+```bash
+git checkout master
+git merge <feature-branch>
+git push origin master
+# Then follow the normal release steps above
+```
+
+## Branch Protection Notes
+
+- **`main`** tracks `upstream/main` — never commit here directly.
+- **`master`** is the integration and release branch — all tags must be pushed from here.
+- Feature branches (`billing-usage`, `cost-centers`, `enterprise-scim`, `enterprise-teams`) each
+  have an open PR against upstream. Keep them rebased on `upstream/main`.
+
+## Verifying a Release
+
+After the workflow completes:
+
+```bash
+# Verify the GitHub release assets exist
+gh release view v26.4.0
+
+# Confirm the provider appears in the Terraform Registry (may take a few minutes)
+curl -s https://registry.terraform.io/v1/providers/vmvarela/github/versions | jq '.versions[-1].version'
+
+# Verify build attestation
+gh attestation verify ./dist/terraform-provider-github_v26.4.0_linux_amd64.zip \
+  --repo vmvarela/terraform-provider-github
+```
+
+Full attestation verification instructions are in [VERIFY_ATTESTATIONS.md](VERIFY_ATTESTATIONS.md).