providing safe guards and bypasses

CSVD · Aug 7, 2024 · 6179403 · 6179403
1 parent e215d7b
commit 6179403
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 8 deletions.
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/main.tf b/main.tf
@@ -1,10 +1,13 @@
 locals {
    collaborators = {
-    naray007 = "admin",
+    naray007 = "push",
     morga471 = "admin",
-    lolli001 = "admin",
+    lolli001 = "push",
     gomez385 = "admin"
   }
+  pull_request_bypassers = [
+    "arnol377"
+  ]
 }
 
 # Add a team to the organization
@@ -39,6 +42,7 @@ module "elastic_beanstalk" {
   enforce_prs = false
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
@@ -54,11 +58,32 @@ module "win_image_pipeline" {
   is_template = true
   force_name = true
   create_codeowners = false
-  enforce_prs = false
+  enforce_prs = true
   collaborators = merge(local.collaborators, { garri325 = "admin" })
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
+
+module "linux_image_pipeline" {
+  source                  = "git@github.e.it.census.gov:CSVD/terraform-github-repo"
+  #github_codeowners_team  = "CSVD"
+  github_repo_description = "Template repo for windows image pipelines"
+  repo_org                = "arnol377"
+  name                    = "linux-image-pipeline"
+  github_repo_topics = [
+    "terraform"
+  ]
+  is_template = true
+  force_name = true
+  create_codeowners = false
+  enforce_prs = true
+  collaborators = merge(local.collaborators, { garri325 = "admin" })
+  admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
+}
+
+
 module "goss-testing" {
   source                  = "git@github.e.it.census.gov:CSVD/terraform-github-repo"
   #github_codeowners_team  = "CSVD"
@@ -71,9 +96,10 @@ module "goss-testing" {
   is_template = true
   force_name = true
   create_codeowners = false
-  enforce_prs = false
+  enforce_prs = true
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 # terraform-repos
@@ -91,6 +117,7 @@ module "automation-repos" {
   enforce_prs = false
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 # terraform-github-repo
@@ -108,6 +135,7 @@ module "terraform-github-repo" {
   create_codeowners = false
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
@@ -128,6 +156,7 @@ module "elastic_beanstalk_java" {
   template_repo = "aws-beanstalk"
   template_repo_org = "CSVD"  
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 module "elastic_beanstalk_php" {
@@ -147,6 +176,7 @@ module "elastic_beanstalk_php" {
   template_repo = "aws-beanstalk"
   template_repo_org = "CSVD"  
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 module "elastic_beanstalk_nodejs" {
@@ -166,6 +196,7 @@ module "elastic_beanstalk_nodejs" {
   template_repo = "aws-beanstalk"
   template_repo_org = "CSVD"  
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
@@ -187,6 +218,7 @@ module "elastic_beanstalk_docker" {
   template_repo = "aws-beanstalk"
   template_repo_org = "CSVD"  
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
@@ -202,9 +234,10 @@ module "image_pipeline" {
   ]
   force_name = true
   create_codeowners = false
-  enforce_prs = false
+  enforce_prs = true
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
@@ -223,6 +256,7 @@ module "beanstalk-demo" {
   is_template = true
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 module "image_pipeline_ansible_playbooks" {
@@ -236,14 +270,15 @@ module "image_pipeline_ansible_playbooks" {
   ]
   force_name = true
   create_codeowners = false
-  enforce_prs = false
+  enforce_prs = true
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 resource "aws_codecommit_repository" "image-pipeline-ansible-playbooks" {
-  repository_name = module.image_pipeline_ansible_playbooks.github_repo.name
-  description     = module.image_pipeline_ansible_playbooks.github_repo.description
+ repository_name = module.image_pipeline_ansible_playbooks.github_repo.name
+ description     = module.image_pipeline_ansible_playbooks.github_repo.description
 }
 
 
@@ -273,6 +308,7 @@ module "image-pipeline-playbook" {
   is_template = true
   collaborators = local.collaborators
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
@@ -290,13 +326,15 @@ module "windows-ami-build" {
   create_codeowners = false
   enforce_prs = false
   admin_teams = [github_team.team.name]
+  pull_request_bypassers = local.pull_request_bypassers
 }
 
 
 # image-pipeline-goss-testing
 resource "aws_codecommit_repository" "goss-testing" {
   repository_name = "image-pipeline-goss-testing"
   description     = "Goss testing suite for ec2 images"
+   default_branch  = "main"
 }