From cf3a5c368925b78a2dde13afdc8bff590fa9d74e Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Mon, 8 Jul 2024 10:48:19 -0700 Subject: [PATCH 01/68] Update github_repo.tf --- github_repo.tf | 45 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/github_repo.tf b/github_repo.tf index 7cfe650..275b17d 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -2,7 +2,50 @@ locals { repo_name = var.force_name ? var.name : "${var.name}-${formatdate("YYYYMMDD", timestamp())}" } -resource "github_repository" "repo" { +moved { + from = github_repository.repo + to = github_repository.repo_force_name +} + +resource "github_repository" "repo_force_name" { + count = var.force_name ? 1 : 0 + name = local.repo_name + description = var.github_repo_description + visibility = var.github_is_private ? "private" : "public" + auto_init = var.github_auto_init + allow_merge_commit = var.github_allow_merge_commit + allow_squash_merge = var.github_allow_squash_merge + allow_rebase_merge = var.github_allow_rebase_merge + archive_on_destroy = true + delete_branch_on_merge = var.github_delete_branch_on_merge + has_projects = var.github_has_projects + has_issues = var.github_has_issues + has_wiki = var.github_has_wiki + topics = var.github_repo_topics + gitignore_template = "Terraform" + is_template = var.is_template + archived = var.archived + lifecycle { + ignore_changes = [ + has_issues, + has_projects, + has_wiki + ] + } + dynamic "template" { + # A bogus map for a conditional block + for_each = var.template_repo == null ? [] : ["*"] + content { + owner = var.template_repo_org + repository = var.template_repo + # include_all_branches = var.template_include_all_branches + } + } +} + + +resource "github_repository" "repo_ignore_name_change" { + count = var.force_name ? 0 : 1 name = local.repo_name description = var.github_repo_description visibility = var.github_is_private ? "private" : "public" From b6176dd010ab7769ac5aa82c2be41aeab99b35ae Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Mon, 8 Jul 2024 10:50:28 -0700 Subject: [PATCH 02/68] chore: Refactor Terraform code for consistency and readability --- collaborators.tf | 2 +- github_repo.tf | 8 ++++---- variables.tf | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/collaborators.tf b/collaborators.tf index 2f51727..12ee2d6 100644 --- a/collaborators.tf +++ b/collaborators.tf @@ -1,6 +1,6 @@ # Add a collaborator to a repository resource "github_repository_collaborator" "collaborators" { - for_each = tomap(var.collaborators) + for_each = tomap(var.collaborators) repository = github_repository.repo.name username = each.key permission = each.value diff --git a/github_repo.tf b/github_repo.tf index 275b17d..e766595 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -3,12 +3,12 @@ locals { } moved { - from = github_repository.repo - to = github_repository.repo_force_name + from = "github_repository.repo" + to = "github_repository.repo_force_name" } resource "github_repository" "repo_force_name" { - count = var.force_name ? 1 : 0 + count = var.force_name ? 1 : 0 name = local.repo_name description = var.github_repo_description visibility = var.github_is_private ? "private" : "public" @@ -45,7 +45,7 @@ resource "github_repository" "repo_force_name" { resource "github_repository" "repo_ignore_name_change" { - count = var.force_name ? 0 : 1 + count = var.force_name ? 0 : 1 name = local.repo_name description = var.github_repo_description visibility = var.github_is_private ? "private" : "public" diff --git a/variables.tf b/variables.tf index ee0abc0..02cf9f4 100644 --- a/variables.tf +++ b/variables.tf @@ -162,8 +162,8 @@ variable "enforce_prs" { type = bool } -variable collaborators { - type = map(string) +variable "collaborators" { + type = map(string) description = "list of repo callaborators" - default = {} + default = {} } From 9be6fa533117c92fa82672c5249378dcfc5c94d8 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Mon, 8 Jul 2024 10:52:16 -0700 Subject: [PATCH 03/68] Refactor Terraform code for consistency and readability --- github_repo.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/github_repo.tf b/github_repo.tf index e766595..9e44f83 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -2,11 +2,6 @@ locals { repo_name = var.force_name ? var.name : "${var.name}-${formatdate("YYYYMMDD", timestamp())}" } -moved { - from = "github_repository.repo" - to = "github_repository.repo_force_name" -} - resource "github_repository" "repo_force_name" { count = var.force_name ? 1 : 0 name = local.repo_name From 9bc43137578b4cabdf342c06776917e61875d4b6 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Mon, 8 Jul 2024 10:53:35 -0700 Subject: [PATCH 04/68] Refactor Terraform code for consistency and readability --- github_repo.tf | 41 +---------------------------------------- 1 file changed, 1 insertion(+), 40 deletions(-) diff --git a/github_repo.tf b/github_repo.tf index 9e44f83..85f372d 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -2,8 +2,7 @@ locals { repo_name = var.force_name ? var.name : "${var.name}-${formatdate("YYYYMMDD", timestamp())}" } -resource "github_repository" "repo_force_name" { - count = var.force_name ? 1 : 0 +resource "github_repository" "repo" { name = local.repo_name description = var.github_repo_description visibility = var.github_is_private ? "private" : "public" @@ -37,41 +36,3 @@ resource "github_repository" "repo_force_name" { } } } - - -resource "github_repository" "repo_ignore_name_change" { - count = var.force_name ? 0 : 1 - name = local.repo_name - description = var.github_repo_description - visibility = var.github_is_private ? "private" : "public" - auto_init = var.github_auto_init - allow_merge_commit = var.github_allow_merge_commit - allow_squash_merge = var.github_allow_squash_merge - allow_rebase_merge = var.github_allow_rebase_merge - archive_on_destroy = true - delete_branch_on_merge = var.github_delete_branch_on_merge - has_projects = var.github_has_projects - has_issues = var.github_has_issues - has_wiki = var.github_has_wiki - topics = var.github_repo_topics - gitignore_template = "Terraform" - is_template = var.is_template - archived = var.archived - lifecycle { - ignore_changes = [ - name, - has_issues, - has_projects, - has_wiki - ] - } - dynamic "template" { - # A bogus map for a conditional block - for_each = var.template_repo == null ? [] : ["*"] - content { - owner = var.template_repo_org - repository = var.template_repo - # include_all_branches = var.template_include_all_branches - } - } -} From e55c1e5d4d2b18068bb559d05052a0618c058a27 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Mon, 8 Jul 2024 21:14:24 -0700 Subject: [PATCH 05/68] adding .TEMPLATE_SHA --- github_files.tf | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/github_files.tf b/github_files.tf index ca280c4..f9abb76 100644 --- a/github_files.tf +++ b/github_files.tf @@ -14,8 +14,33 @@ resource "github_repository_file" "codeowners" { } } + +data "github_repository" "template_repo" { + count = var.template_repo == null ? 0 : 1 + full_name = "${var.template_repo_org}/${var.template_repo}" +} + +data "github_ref" "ref" { + count = var.template_repo == null ? 0 : 1 + owner = var.template_repo_org + repository = var.template_repo + ref = "heads/${element(data.github_repository.template_repo, 0).default_branch}" +} + +locals { + extra_files = concat( + var.extra_files, + var.template_repo == null ? [] : [ + { + path = ".TEMPLATE_SHA", + content = data.github_ref.ref[0].sha + } + ] + ) +} + resource "github_repository_file" "extra_files" { - for_each = tomap({ for file in var.extra_files : "${element(split("/", file.path), length(split("/", file.path)) - 1)}" => file }) + for_each = tomap({ for file in local.extra_files : "${element(split("/", file.path), length(split("/", file.path)) - 1)}" => file }) repository = github_repository.repo.name branch = var.github_default_branch file = each.value.path @@ -28,3 +53,5 @@ resource "github_repository_file" "extra_files" { ] } } + + From 99e0d28418d33419b534dbf033af94ad8b54492b Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Sat, 10 Aug 2024 08:51:02 -0700 Subject: [PATCH 06/68] chore: Update Terraform provider version for GitHub to >= 6.2.3 --- versions.tf | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 versions.tf diff --git a/versions.tf b/versions.tf new file mode 100644 index 0000000..cb9ed3e --- /dev/null +++ b/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + github = { + source = "integrations/github" + version = ">= 6.2.3" + } + } +} From 6a6b8e0281314926074db465836ecee5f2256169 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 14 Aug 2024 12:00:47 -0700 Subject: [PATCH 07/68] Update versions.tf --- versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.tf b/versions.tf index cb9ed3e..9fecb91 100644 --- a/versions.tf +++ b/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { github = { source = "integrations/github" - version = ">= 6.2.3" + version = ">= 6.2.2" } } } From 63043430fd1e86919619a9e762203e29e0a8e565 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Wed, 14 Aug 2024 16:15:55 -0700 Subject: [PATCH 08/68] updating --- github_files.tf | 14 +++++++++++++- variables.tf | 8 ++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/github_files.tf b/github_files.tf index f9abb76..a0335c1 100644 --- a/github_files.tf +++ b/github_files.tf @@ -54,4 +54,16 @@ resource "github_repository_file" "extra_files" { } } - +resource "github_repository_file" "managed_extra_files" { + for_each = tomap({ for file in var.managed_extra_files : "${element(split("/", file.path), length(split("/", file.path)) - 1)}" => file }) + repository = github_repository.repo.name + branch = var.github_default_branch + file = each.value.path + content = each.value.content + overwrite_on_create = true + lifecycle { + ignore_changes = [ + branch + ] + } +} diff --git a/variables.tf b/variables.tf index 02cf9f4..6a2f959 100644 --- a/variables.tf +++ b/variables.tf @@ -146,6 +146,14 @@ variable "extra_files" { description = "Extra Files" } +variable "managed_extra_files" { + type = list(object({ + path = string, + content = string + })) + default = [] + description = "Managed Extra Files. Changes to Content will be updated" +} variable "pull_request_bypassers" { default = [] From e7684185a9d1f584ce841dbc30f1086d2a013551 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 09:15:05 -0700 Subject: [PATCH 09/68] Update github_branch.tf --- github_branch.tf | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/github_branch.tf b/github_branch.tf index db022d7..642037a 100644 --- a/github_branch.tf +++ b/github_branch.tf @@ -52,11 +52,10 @@ resource "github_branch_protection" "main" { } dynamic "required_status_checks" { - # A bogus map for a conditional block - for_each = length(var.required_status_checks) > 0 ? ["*"] : [] + for_each = var.required_status_checks == null ? [] : ["*"] content { - contexts = var.required_status_checks - strict = true + contexts = required_status_checks.value.contexts + strict = required_status_checks.value.strict } } From e6a8606bcc775586e6169eecb513c1865e58877f Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 09:18:01 -0700 Subject: [PATCH 10/68] Update variables.tf --- variables.tf | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/variables.tf b/variables.tf index 6a2f959..a005bfe 100644 --- a/variables.tf +++ b/variables.tf @@ -108,11 +108,25 @@ variable "admin_teams" { default = [] } - +# Required Status Checks +# required_status_checks supports the following arguments: +# strict: (Optional) Require branches to be up to date before merging. Defaults to false. +# contexts: (Optional) The list of status checks to require in order to merge into this branch. +# No status checks are required by default. +# Note: This attribute can contain multiple string patterns. If specified, usual value is the job name. +# Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the +# value using the following pattern ([, ]). Matrixes should be specified +# based on the order of matrix properties in the workflow file. See GitHub Documentation for more +# information. For workflows that use reusable workflows, +# the pattern is / . +# This can extend multiple levels. variable "required_status_checks" { description = "Required Status Checks" - type = list(any) - default = [] + type = object({ + contexts = list(string) + strict = optional(bool, true) + }) + default = null } variable "archived" { From bbfab25a1713016ee9812dc6af93765eea71295c Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 09:18:54 -0700 Subject: [PATCH 11/68] Update variables.tf --- variables.tf | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/variables.tf b/variables.tf index a005bfe..f5c797f 100644 --- a/variables.tf +++ b/variables.tf @@ -108,20 +108,23 @@ variable "admin_teams" { default = [] } -# Required Status Checks -# required_status_checks supports the following arguments: -# strict: (Optional) Require branches to be up to date before merging. Defaults to false. -# contexts: (Optional) The list of status checks to require in order to merge into this branch. -# No status checks are required by default. -# Note: This attribute can contain multiple string patterns. If specified, usual value is the job name. -# Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the -# value using the following pattern ([, ]). Matrixes should be specified -# based on the order of matrix properties in the workflow file. See GitHub Documentation for more -# information. For workflows that use reusable workflows, -# the pattern is / . -# This can extend multiple levels. + variable "required_status_checks" { - description = "Required Status Checks" + description = <[, ]). Matrixes should be specified +based on the order of matrix properties in the workflow file. See GitHub Documentation for more +information. For workflows that use reusable workflows, +the pattern is / . +This can extend multiple levels. +EOT type = object({ contexts = list(string) strict = optional(bool, true) From 43aa05effa5e6d593d4d3c81c115f07894df43d8 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 09:19:26 -0700 Subject: [PATCH 12/68] Update variables.tf --- variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/variables.tf b/variables.tf index f5c797f..0523e85 100644 --- a/variables.tf +++ b/variables.tf @@ -127,7 +127,7 @@ This can extend multiple levels. EOT type = object({ contexts = list(string) - strict = optional(bool, true) + strict = optional(bool, false) }) default = null } From 73edcf4d3b5dfddc734257cd8be29be3a1eadc9d Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Wed, 21 Aug 2024 16:51:53 -0700 Subject: [PATCH 13/68] chore: Update Terraform provider version for GitHub to >= 6.2.3 --- .github/workflows/terraform.yml | 17 +++++++++++++++++ github_repo.tf | 3 ++- variables.tf | 10 ++++++++-- 3 files changed, 27 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/terraform.yml diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 0000000..bf78fd0 --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,17 @@ +name: "Terraform" + +on: + workflow_dispatch: + pull_request: + +jobs: + terraform: + uses: HappyPathway/centralized-actions/.github/workflows/terraform.yml@main + with: + terraform_version: 1.9.1 + terraform_api: app.terraform.io + github_username: djaboxx + github_email: git@roknsound.com + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/github_repo.tf b/github_repo.tf index 85f372d..4e542bd 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -2,6 +2,7 @@ locals { repo_name = var.force_name ? var.name : "${var.name}-${formatdate("YYYYMMDD", timestamp())}" } + resource "github_repository" "repo" { name = local.repo_name description = var.github_repo_description @@ -10,7 +11,7 @@ resource "github_repository" "repo" { allow_merge_commit = var.github_allow_merge_commit allow_squash_merge = var.github_allow_squash_merge allow_rebase_merge = var.github_allow_rebase_merge - archive_on_destroy = true + archive_on_destroy = var.archive_on_destroy delete_branch_on_merge = var.github_delete_branch_on_merge has_projects = var.github_has_projects has_issues = var.github_has_issues diff --git a/variables.tf b/variables.tf index 0523e85..cf78f8e 100644 --- a/variables.tf +++ b/variables.tf @@ -125,11 +125,11 @@ information. For workflows that use reusable workflows, the pattern is / . This can extend multiple levels. EOT - type = object({ + type = object({ contexts = list(string) strict = optional(bool, false) }) - default = null + default = null } variable "archived" { @@ -192,3 +192,9 @@ variable "collaborators" { description = "list of repo callaborators" default = {} } + + +variable "archive_on_destroy" { + type = bool + default = true +} From bea36a37daedecdde8491ccb4458dbf1162c3aa6 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 16:56:11 -0700 Subject: [PATCH 14/68] Update terraform.yml --- .github/workflows/terraform.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index bf78fd0..c85a1f7 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -14,4 +14,3 @@ jobs: github_email: git@roknsound.com secrets: TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From 1654d766434448e9f48d1f103e7b840251a62975 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Wed, 21 Aug 2024 16:59:18 -0700 Subject: [PATCH 15/68] re-adding tests --- github_repo.tftest.hcl | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 github_repo.tftest.hcl diff --git a/github_repo.tftest.hcl b/github_repo.tftest.hcl new file mode 100644 index 0000000..8c0471c --- /dev/null +++ b/github_repo.tftest.hcl @@ -0,0 +1,19 @@ +# valid_string_concat.tftest.hcl +variables { + force_name = true + github_is_private = true + repo_org = "HappyPathway" + name = "github-repo-test" + enforce_prs = false + archive_on_destroy = false +} + +run "repo_tests" { + + command = plan + + assert { + condition = github_repository.repo.name == "github-repo-test" + error_message = "Github Repo name did not match expected" + } +} From 409c2486eed9a8e8f4e6864d5f0ec1e006974729 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 17:10:09 -0700 Subject: [PATCH 16/68] Update terraform.yml --- .github/workflows/terraform.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index bf78fd0..a3d67a0 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -12,6 +12,7 @@ jobs: terraform_api: app.terraform.io github_username: djaboxx github_email: git@roknsound.com + github_org: HappyPathway secrets: TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3c6e8bb6a86c5a34dd252183f16da4dab3afbddd Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 21 Aug 2024 17:21:27 -0700 Subject: [PATCH 17/68] Update github_repo.tftest.hcl --- github_repo.tftest.hcl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/github_repo.tftest.hcl b/github_repo.tftest.hcl index 8c0471c..25ccacb 100644 --- a/github_repo.tftest.hcl +++ b/github_repo.tftest.hcl @@ -6,6 +6,8 @@ variables { name = "github-repo-test" enforce_prs = false archive_on_destroy = false + github_org_teams = [] + admin_teams = [] } run "repo_tests" { From 295659ac9847523ecc8e6b43edbcfff6f8711934 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 22 Aug 2024 10:40:33 -0700 Subject: [PATCH 18/68] Update github_repo.tf --- github_repo.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/github_repo.tf b/github_repo.tf index 4e542bd..d103042 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -20,6 +20,7 @@ resource "github_repository" "repo" { gitignore_template = "Terraform" is_template = var.is_template archived = var.archived + vulnerability_alerts = var.vulnerability_alerts lifecycle { ignore_changes = [ has_issues, From 11d1612142ffaf09468f10c4de526c7463420cac Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 22 Aug 2024 10:40:54 -0700 Subject: [PATCH 19/68] Update github_repo.tf --- github_repo.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github_repo.tf b/github_repo.tf index d103042..b2bd8f0 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -20,7 +20,7 @@ resource "github_repository" "repo" { gitignore_template = "Terraform" is_template = var.is_template archived = var.archived - vulnerability_alerts = var.vulnerability_alerts + vulnerability_alerts = var.vulnerability_alerts lifecycle { ignore_changes = [ has_issues, From a18369e533ed95e0b127a95bdf347b76113026c7 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 22 Aug 2024 10:41:24 -0700 Subject: [PATCH 20/68] Update variables.tf --- variables.tf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/variables.tf b/variables.tf index cf78f8e..1aaaa5e 100644 --- a/variables.tf +++ b/variables.tf @@ -198,3 +198,8 @@ variable "archive_on_destroy" { type = bool default = true } + +variable vulnerability_alerts { + type = bool + default = true +} From 5eaba8129e05abe02d285a827ec8d1306c575c01 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Fri, 23 Aug 2024 11:37:46 -0700 Subject: [PATCH 21/68] Update vulnerability_alerts default value to false --- variables.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/variables.tf b/variables.tf index 1aaaa5e..ad7de82 100644 --- a/variables.tf +++ b/variables.tf @@ -199,7 +199,7 @@ variable "archive_on_destroy" { default = true } -variable vulnerability_alerts { +variable "vulnerability_alerts" { type = bool - default = true + default = false } From b8d3857ac6f231230f42df58e4501f6fd4815ede Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 27 Aug 2024 21:02:48 -0700 Subject: [PATCH 22/68] Create modtest.yml --- .github/workflows/modtest.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/modtest.yml diff --git a/.github/workflows/modtest.yml b/.github/workflows/modtest.yml new file mode 100644 index 0000000..b29072c --- /dev/null +++ b/.github/workflows/modtest.yml @@ -0,0 +1,22 @@ +name: "ModTest" + +on: + workflow_dispatch: + pull_request: + push: + branches: + - prod + +jobs: + modtest: + uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main + with: + workspace: github-repos + github_server: github.com + github_org: HappyPathway + mod_source: repo/github + branch: ${{ github.head_ref }} + terraform_version: 1.9.1 + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} From 4969dd344283611cdb04f5ff06f52f63d744343e Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 27 Aug 2024 21:27:52 -0700 Subject: [PATCH 23/68] Update modtest.yml --- .github/workflows/modtest.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/modtest.yml b/.github/workflows/modtest.yml index b29072c..86a4e1d 100644 --- a/.github/workflows/modtest.yml +++ b/.github/workflows/modtest.yml @@ -1,11 +1,9 @@ name: "ModTest" on: - workflow_dispatch: pull_request: - push: branches: - - prod + - main jobs: modtest: From d54bfaa8fdbe7437a793e8bc3aa470e30901d948 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 3 Sep 2024 13:09:44 -0700 Subject: [PATCH 24/68] Update modtest.yml --- .github/workflows/modtest.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/modtest.yml b/.github/workflows/modtest.yml index 86a4e1d..ca4c63a 100644 --- a/.github/workflows/modtest.yml +++ b/.github/workflows/modtest.yml @@ -1,6 +1,9 @@ name: "ModTest" on: + push: + branchs: + - main pull_request: branches: - main From 1c4fb4054420cb02169bc134afe53d6fad1b2604 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:04:59 -0700 Subject: [PATCH 25/68] Add .github/workflows/terraform.yaml --- .github/workflows/terraform.yaml | 33 ++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/terraform.yaml diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml new file mode 100644 index 0000000..3c54a0d --- /dev/null +++ b/.github/workflows/terraform.yaml @@ -0,0 +1,33 @@ +name: "Gtag" + +on: + workflow_dispatch: + pull_request: + push: + branches: + - main + +jobs: + terraform: + uses: HappyPathway/centralized-actions/.github/workflows/terraform-test.yml@main + with: + terraform_version: ${{vars.TERRAFORM_VERSION}} + terraform_api: ${{vars.TERRAFORM_API}} + github_username: ${{vars.GH_USERNAME}} + github_email: ${{vars.GH_EMAIL}} + github_org: ${{ vars.GH_ORG }} + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} + + gtag: + if: ${{ github.event_name }} != "pull_request" + needs: terraform + uses: HappyPathway/centralized-actions/.github/workflows/gtag.yml@main + with: + patch: true + github_org: ${{ vars.GH_ORG }} + github_username: ${{ vars.GH_USERNAME }} + github_email: ${{ vars.GH_EMAIL }} + secrets: + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From 20d3b8366142bb5edad18a3d3b42dcde0a37b3d4 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:05:04 -0700 Subject: [PATCH 26/68] Add CODEOWNERS --- CODEOWNERS | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 1ff224d..d91b77f 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1 +1,3 @@ -# These owners will be the default owners for everything in the repo. Unless a later match takes precedence \ No newline at end of file +#### How to use this file: https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners +# These owners will be the default owners for everything in the repo. Unless a later match takes precedence +* @roknsound/terraform-reviewers From b444d758ab62224e66b4ffb68b58fcee15c83148 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:05:06 -0700 Subject: [PATCH 27/68] Add .github/workflows/modtest-github-repos.yaml --- .github/workflows/modtest-github-repos.yaml | 27 +++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/modtest-github-repos.yaml diff --git a/.github/workflows/modtest-github-repos.yaml b/.github/workflows/modtest-github-repos.yaml new file mode 100644 index 0000000..9d86471 --- /dev/null +++ b/.github/workflows/modtest-github-repos.yaml @@ -0,0 +1,27 @@ +name: "ModTest: github-repos" + +on: + pull_request: + branches: + - main + +jobs: + modtest: + uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main + with: + workspace: github-repos + workspace_repo: github-repos + workspace_branch: main + repo_clone_type: https + mod_source: repo/github + + github_server: ${{vars.GITHUB_SERVER}} + github_org: ${{ github.repository_owner }} + branch: ${{ github.head_ref }} + terraform_version: ${{vars.TERRAFORM_VERSION}} + terraform_api_token_name: ${{ vars.TERRAFORM_API_TOKEN_NAME }} + terraform_api: ${{vars.TERRAFORM_API}} + + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From cddc2e476900a96f2c7816ccd8463632d7eaab28 Mon Sep 17 00:00:00 2001 From: djaboxx Date: Wed, 4 Sep 2024 19:12:39 +0000 Subject: [PATCH 28/68] AutoFormat Commit --- README.md | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/README.md b/README.md index 413393e..52a6a1e 100644 --- a/README.md +++ b/README.md @@ -6,3 +6,92 @@ Module to automate creation of * branch protection rule for main branch * default codeowners and backend.tf file * team access + + +## Requirements + +| Name | Version | +|------|---------| +| [github](#requirement\_github) | >= 6.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [github](#provider\_github) | 6.2.3 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | +| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | +| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | +| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | +| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | +| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | +| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | +| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | +| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | +| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | +| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | +| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | +| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | +| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | +| [archived](#input\_archived) | n/a | `bool` | `false` | no | +| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | +| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | +| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | +| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | +| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | +| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | +| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | +| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | +| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | +| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | +| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | +| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | +| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | +| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | +| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | +| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | +| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | +| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | +| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | +| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | +| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | +| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | +| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | +| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | +| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | +| [prefix](#input\_prefix) | n/a | `any` | `null` | no | +| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | +| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | +| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | +| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | +| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | +| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [github\_repo](#output\_github\_repo) | n/a | + \ No newline at end of file From 91a5e678626a4653cedff4500ef694d51bc423c4 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:15:33 -0700 Subject: [PATCH 29/68] Update modtest-github-repos.yaml --- .github/workflows/modtest-github-repos.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/modtest-github-repos.yaml b/.github/workflows/modtest-github-repos.yaml index 9d86471..687a808 100644 --- a/.github/workflows/modtest-github-repos.yaml +++ b/.github/workflows/modtest-github-repos.yaml @@ -2,8 +2,7 @@ name: "ModTest: github-repos" on: pull_request: - branches: - - main + workflow_dispatch: jobs: modtest: @@ -24,4 +23,4 @@ jobs: secrets: TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file + GH_TOKEN: ${{ secrets.GH_TOKEN }} From c3d807cfbe35c1ef3d1a3e406eb485c8e0ecb8f4 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:22:45 -0700 Subject: [PATCH 30/68] Add .github/workflows/modtest-github-repos.yaml --- .github/workflows/modtest-github-repos.yaml | 26 --------------------- 1 file changed, 26 deletions(-) delete mode 100644 .github/workflows/modtest-github-repos.yaml diff --git a/.github/workflows/modtest-github-repos.yaml b/.github/workflows/modtest-github-repos.yaml deleted file mode 100644 index 687a808..0000000 --- a/.github/workflows/modtest-github-repos.yaml +++ /dev/null @@ -1,26 +0,0 @@ -name: "ModTest: github-repos" - -on: - pull_request: - workflow_dispatch: - -jobs: - modtest: - uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main - with: - workspace: github-repos - workspace_repo: github-repos - workspace_branch: main - repo_clone_type: https - mod_source: repo/github - - github_server: ${{vars.GITHUB_SERVER}} - github_org: ${{ github.repository_owner }} - branch: ${{ github.head_ref }} - terraform_version: ${{vars.TERRAFORM_VERSION}} - terraform_api_token_name: ${{ vars.TERRAFORM_API_TOKEN_NAME }} - terraform_api: ${{vars.TERRAFORM_API}} - - secrets: - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} From 89b25ab3b1249b2b771ea94294feeaff2aefa33b Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:22:47 -0700 Subject: [PATCH 31/68] Add .github/workflows/modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 .github/workflows/modtest-dev.yaml diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml new file mode 100644 index 0000000..b5696b8 --- /dev/null +++ b/.github/workflows/modtest-dev.yaml @@ -0,0 +1,26 @@ +name: "ModTest: dev" + +on: + workflow_dispatch: + pull_request: + +jobs: + modtest: + uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main + with: + workspace: dev + workspace_repo: github-repos + workspace_branch: main + repo_clone_type: https + mod_source: repo/github + + github_server: ${{vars.GITHUB_SERVER}} + github_org: ${{ github.repository_owner }} + branch: ${{ github.head_ref }} + terraform_version: ${{vars.TERRAFORM_VERSION}} + terraform_api_token_name: ${{ vars.TERRAFORM_API_TOKEN_NAME }} + terraform_api: ${{vars.TERRAFORM_API}} + + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From bc4603695c0f421a3ba563ddf11dd4cee934fc10 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 12:50:26 -0700 Subject: [PATCH 32/68] Update modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml index b5696b8..9de667c 100644 --- a/.github/workflows/modtest-dev.yaml +++ b/.github/workflows/modtest-dev.yaml @@ -14,7 +14,7 @@ jobs: repo_clone_type: https mod_source: repo/github - github_server: ${{vars.GITHUB_SERVER}} + github_server: ${{vars.GH_SERVER}} github_org: ${{ github.repository_owner }} branch: ${{ github.head_ref }} terraform_version: ${{vars.TERRAFORM_VERSION}} @@ -23,4 +23,4 @@ jobs: secrets: TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file + GH_TOKEN: ${{ secrets.GH_TOKEN }} From c74b36b39cf1c8f25fc6507db7254b4cd4c010b5 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 13:03:49 -0700 Subject: [PATCH 33/68] Update .github/workflows/modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml index 9de667c..aad386d 100644 --- a/.github/workflows/modtest-dev.yaml +++ b/.github/workflows/modtest-dev.yaml @@ -11,6 +11,7 @@ jobs: workspace: dev workspace_repo: github-repos workspace_branch: main + branch: ${{ github.head_ref }} repo_clone_type: https mod_source: repo/github @@ -23,4 +24,4 @@ jobs: secrets: TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From 02389b5a44c9cb89aea8339a834486c3cc120c5d Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Sep 2024 13:14:08 -0700 Subject: [PATCH 34/68] Update .github/workflows/modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml index aad386d..f7e89d3 100644 --- a/.github/workflows/modtest-dev.yaml +++ b/.github/workflows/modtest-dev.yaml @@ -1,17 +1,16 @@ name: "ModTest: dev" on: - workflow_dispatch: pull_request: jobs: modtest: + if : ${{ github.event_name }} == "pull_request" uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main with: workspace: dev workspace_repo: github-repos workspace_branch: main - branch: ${{ github.head_ref }} repo_clone_type: https mod_source: repo/github From 7325265c481db829e03df0657fae9278dc4cb843 Mon Sep 17 00:00:00 2001 From: roknpublic Date: Fri, 6 Sep 2024 10:11:22 -0700 Subject: [PATCH 35/68] Initial commit --- .gitignore | 37 +++++++++++++++++++++++++++++++++++++ README.md | 2 ++ 2 files changed, 39 insertions(+) create mode 100644 .gitignore create mode 100644 README.md diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2faf43d --- /dev/null +++ b/.gitignore @@ -0,0 +1,37 @@ +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log +crash.*.log + +# Exclude all .tfvars files, which are likely to contain sensitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +*.tfvars +*.tfvars.json + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Ignore transient lock info files created by terraform apply +.terraform.tfstate.lock.info + +# Include override files you do wish to add to version control using negated pattern +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc diff --git a/README.md b/README.md new file mode 100644 index 0000000..08a4172 --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +# terraform-github-repo +Terraform Module From fafd6e902f4c80e9249d93379d34fe19200abe9f Mon Sep 17 00:00:00 2001 From: roknpublic Date: Fri, 6 Sep 2024 10:15:18 -0700 Subject: [PATCH 36/68] Add .github/workflows/terraform.yaml --- .github/workflows/terraform.yaml | 33 ++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/terraform.yaml diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml new file mode 100644 index 0000000..3c54a0d --- /dev/null +++ b/.github/workflows/terraform.yaml @@ -0,0 +1,33 @@ +name: "Gtag" + +on: + workflow_dispatch: + pull_request: + push: + branches: + - main + +jobs: + terraform: + uses: HappyPathway/centralized-actions/.github/workflows/terraform-test.yml@main + with: + terraform_version: ${{vars.TERRAFORM_VERSION}} + terraform_api: ${{vars.TERRAFORM_API}} + github_username: ${{vars.GH_USERNAME}} + github_email: ${{vars.GH_EMAIL}} + github_org: ${{ vars.GH_ORG }} + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} + + gtag: + if: ${{ github.event_name }} != "pull_request" + needs: terraform + uses: HappyPathway/centralized-actions/.github/workflows/gtag.yml@main + with: + patch: true + github_org: ${{ vars.GH_ORG }} + github_username: ${{ vars.GH_USERNAME }} + github_email: ${{ vars.GH_EMAIL }} + secrets: + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From 0041c007499c5af314f6150eae205b82f402ee7e Mon Sep 17 00:00:00 2001 From: roknpublic Date: Fri, 6 Sep 2024 10:15:26 -0700 Subject: [PATCH 37/68] Add .github/workflows/modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 .github/workflows/modtest-dev.yaml diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml new file mode 100644 index 0000000..f7e89d3 --- /dev/null +++ b/.github/workflows/modtest-dev.yaml @@ -0,0 +1,26 @@ +name: "ModTest: dev" + +on: + pull_request: + +jobs: + modtest: + if : ${{ github.event_name }} == "pull_request" + uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main + with: + workspace: dev + workspace_repo: github-repos + workspace_branch: main + repo_clone_type: https + mod_source: repo/github + + github_server: ${{vars.GH_SERVER}} + github_org: ${{ github.repository_owner }} + branch: ${{ github.head_ref }} + terraform_version: ${{vars.TERRAFORM_VERSION}} + terraform_api_token_name: ${{ vars.TERRAFORM_API_TOKEN_NAME }} + terraform_api: ${{vars.TERRAFORM_API}} + + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From c331c44911f9bd39b8d56ca1a89270e3278053bd Mon Sep 17 00:00:00 2001 From: roknpublic Date: Fri, 6 Sep 2024 10:15:31 -0700 Subject: [PATCH 38/68] Add CODEOWNERS --- CODEOWNERS | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..b3ac177 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,3 @@ +#### How to use this file: https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners +# These owners will be the default owners for everything in the repo. Unless a later match takes precedence +* @RoknSound-Public-Modules/terraform-reviewers From 64216b82e9c88489c4473b1ca77b9ae9cb553813 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:28:50 -0700 Subject: [PATCH 39/68] Add README.md --- README.md | 97 ------------------------------------------------------- 1 file changed, 97 deletions(-) diff --git a/README.md b/README.md index 52a6a1e..e69de29 100644 --- a/README.md +++ b/README.md @@ -1,97 +0,0 @@ -# terraform-github-repo -Module to automate creation of -* github related resources - * repo - * default branch - * branch protection rule for main branch - * default codeowners and backend.tf file - * team access - - -## Requirements - -| Name | Version | -|------|---------| -| [github](#requirement\_github) | >= 6.2.2 | - -## Providers - -| Name | Version | -|------|---------| -| [github](#provider\_github) | 6.2.3 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | -| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | -| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | -| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | -| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | -| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | -| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | -| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | -| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | -| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | -| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | -| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | -| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | -| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | -| [archived](#input\_archived) | n/a | `bool` | `false` | no | -| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | -| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | -| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | -| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | -| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | -| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | -| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | -| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | -| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | -| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | -| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | -| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | -| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | -| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | -| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | -| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | -| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | -| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | -| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | -| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | -| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | -| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | -| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | -| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | -| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | -| [prefix](#input\_prefix) | n/a | `any` | `null` | no | -| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | -| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | -| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | -| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | -| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | -| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [github\_repo](#output\_github\_repo) | n/a | - \ No newline at end of file From 42ce2884f359cb179159b5006152f7bce4f6df57 Mon Sep 17 00:00:00 2001 From: djaboxx Date: Thu, 12 Sep 2024 18:29:08 +0000 Subject: [PATCH 40/68] AutoFormat Commit --- README.md | 88 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/README.md b/README.md index e69de29..fa2674f 100644 --- a/README.md +++ b/README.md @@ -0,0 +1,88 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [github](#requirement\_github) | >= 6.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [github](#provider\_github) | 6.2.3 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | +| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | +| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | +| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | +| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | +| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | +| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | +| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | +| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | +| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | +| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | +| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | +| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | +| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | +| [archived](#input\_archived) | n/a | `bool` | `false` | no | +| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | +| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | +| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | +| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | +| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | +| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | +| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | +| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | +| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | +| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | +| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | +| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | +| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | +| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | +| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | +| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | +| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | +| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | +| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | +| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | +| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | +| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | +| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | +| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | +| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | +| [prefix](#input\_prefix) | n/a | `any` | `null` | no | +| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | +| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | +| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | +| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | +| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | +| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [github\_repo](#output\_github\_repo) | n/a | + \ No newline at end of file From 9470e63b28591391e489af5756593f9ce973d51d Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:47:53 -0700 Subject: [PATCH 41/68] Update README.md --- README.md | 88 ------------------------------------------------------- 1 file changed, 88 deletions(-) diff --git a/README.md b/README.md index fa2674f..e69de29 100644 --- a/README.md +++ b/README.md @@ -1,88 +0,0 @@ - -## Requirements - -| Name | Version | -|------|---------| -| [github](#requirement\_github) | >= 6.2.2 | - -## Providers - -| Name | Version | -|------|---------| -| [github](#provider\_github) | 6.2.3 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | -| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | -| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | -| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | -| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | -| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | -| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | -| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | -| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | -| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | -| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | -| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | -| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | -| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | -| [archived](#input\_archived) | n/a | `bool` | `false` | no | -| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | -| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | -| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | -| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | -| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | -| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | -| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | -| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | -| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | -| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | -| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | -| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | -| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | -| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | -| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | -| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | -| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | -| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | -| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | -| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | -| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | -| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | -| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | -| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | -| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | -| [prefix](#input\_prefix) | n/a | `any` | `null` | no | -| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | -| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | -| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | -| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | -| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | -| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [github\_repo](#output\_github\_repo) | n/a | - \ No newline at end of file From 99c7ab023a253a8a92cd8ff7cc99ffa5f6c7699c Mon Sep 17 00:00:00 2001 From: djaboxx Date: Thu, 12 Sep 2024 18:48:12 +0000 Subject: [PATCH 42/68] AutoFormat Commit --- README.md | 88 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/README.md b/README.md index e69de29..fa2674f 100644 --- a/README.md +++ b/README.md @@ -0,0 +1,88 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [github](#requirement\_github) | >= 6.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [github](#provider\_github) | 6.2.3 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | +| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | +| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | +| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | +| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | +| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | +| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | +| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | +| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | +| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | +| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | +| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | +| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | +| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | +| [archived](#input\_archived) | n/a | `bool` | `false` | no | +| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | +| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | +| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | +| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | +| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | +| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | +| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | +| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | +| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | +| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | +| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | +| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | +| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | +| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | +| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | +| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | +| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | +| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | +| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | +| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | +| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | +| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | +| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | +| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | +| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | +| [prefix](#input\_prefix) | n/a | `any` | `null` | no | +| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | +| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | +| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | +| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | +| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | +| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [github\_repo](#output\_github\_repo) | n/a | + \ No newline at end of file From 4aa3d428ed158e3f0817cf5a67f19980e1d0c20c Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 12 Sep 2024 11:48:59 -0700 Subject: [PATCH 43/68] Update .github/workflows/modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml index f7e89d3..c98e5f1 100644 --- a/.github/workflows/modtest-dev.yaml +++ b/.github/workflows/modtest-dev.yaml @@ -2,6 +2,9 @@ name: "ModTest: dev" on: pull_request: + push: + branches: + - main jobs: modtest: From bd3584f237177d1b2459408c63e614fedb005b87 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:58:41 -0700 Subject: [PATCH 44/68] Update .github/workflows/terraform.yaml From f8a165974c9d1ab472bc637705951a7bad254b6c Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:58:42 -0700 Subject: [PATCH 45/68] Update CODEOWNERS From 297e15ca928eb6c9c1299827445ef7ab23d27d89 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:58:44 -0700 Subject: [PATCH 46/68] Update README.md From 984b5fdfdf821002c2271cbd85e594bede29f7d6 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:58:57 -0700 Subject: [PATCH 47/68] Update .github/workflows/modtest-dev.yaml From d02284444eba9adfde38b9cb5d0a6cf680aeb8db Mon Sep 17 00:00:00 2001 From: djaboxx Date: Wed, 18 Sep 2024 17:59:13 +0000 Subject: [PATCH 48/68] AutoFormat Commit --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index fa2674f..cf60864 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ | Name | Version | |------|---------| -| [github](#provider\_github) | 6.2.3 | +| [github](#provider\_github) | 6.3.0 | ## Modules From 7b6a833c4929b15496c4d8782f354431ac59c45c Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Thu, 19 Sep 2024 15:03:42 -0700 Subject: [PATCH 49/68] Update collaborators.tf --- collaborators.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/collaborators.tf b/collaborators.tf index 12ee2d6..d8680ac 100644 --- a/collaborators.tf +++ b/collaborators.tf @@ -4,9 +4,4 @@ resource "github_repository_collaborator" "collaborators" { repository = github_repository.repo.name username = each.key permission = each.value - lifecycle { - ignore_changes = [ - permission - ] - } } From 549e95cdbb14f072f4463acb29e168dcd3dfe5f3 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 25 Sep 2024 12:23:22 -0700 Subject: [PATCH 50/68] Update README.md --- README.md | 88 ------------------------------------------------------- 1 file changed, 88 deletions(-) delete mode 100644 README.md diff --git a/README.md b/README.md deleted file mode 100644 index cf60864..0000000 --- a/README.md +++ /dev/null @@ -1,88 +0,0 @@ - -## Requirements - -| Name | Version | -|------|---------| -| [github](#requirement\_github) | >= 6.2.2 | - -## Providers - -| Name | Version | -|------|---------| -| [github](#provider\_github) | 6.3.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | -| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | -| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | -| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | -| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | -| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | -| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | -| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | -| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | -| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | -| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | -| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | -| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | -| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | -| [archived](#input\_archived) | n/a | `bool` | `false` | no | -| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | -| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | -| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | -| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | -| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | -| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | -| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | -| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | -| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | -| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | -| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | -| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | -| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | -| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | -| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | -| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | -| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | -| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | -| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | -| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | -| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | -| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | -| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | -| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | -| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | -| [prefix](#input\_prefix) | n/a | `any` | `null` | no | -| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | -| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | -| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | -| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | -| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | -| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [github\_repo](#output\_github\_repo) | n/a | - \ No newline at end of file From 73571976314c341f38e8c04f4e8ffa09d1c94f55 Mon Sep 17 00:00:00 2001 From: djaboxx Date: Wed, 25 Sep 2024 19:24:11 +0000 Subject: [PATCH 51/68] AutoFormat Commit --- README.md | 88 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..cf60864 --- /dev/null +++ b/README.md @@ -0,0 +1,88 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [github](#requirement\_github) | >= 6.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [github](#provider\_github) | 6.3.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | +| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | +| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | +| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | +| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | +| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | +| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | +| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | +| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | +| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | +| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | +| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | +| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | +| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | +| [archived](#input\_archived) | n/a | `bool` | `false` | no | +| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | +| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | +| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | +| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | +| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | +| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | +| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | +| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | +| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | +| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | +| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | +| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | +| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | +| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | +| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | +| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | +| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | +| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | +| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | +| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | +| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | +| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | +| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | +| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | +| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | +| [prefix](#input\_prefix) | n/a | `any` | `null` | no | +| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | +| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | +| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | +| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | +| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | +| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [github\_repo](#output\_github\_repo) | n/a | + \ No newline at end of file From 8deaeec74d3df5f87cc326f74c4eb16156b633c3 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 25 Sep 2024 12:25:05 -0700 Subject: [PATCH 52/68] Add README.md --- README.md | 87 ++----------------------------------------------------- 1 file changed, 2 insertions(+), 85 deletions(-) diff --git a/README.md b/README.md index cf60864..11c4c27 100644 --- a/README.md +++ b/README.md @@ -1,88 +1,5 @@ - -## Requirements -| Name | Version | -|------|---------| -| [github](#requirement\_github) | >= 6.2.2 | +[![Terraform Validation](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/terraform.yaml/badge.svg)](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/terraform.yaml) -## Providers -| Name | Version | -|------|---------| -| [github](#provider\_github) | 6.3.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | -| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | -| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | -| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | -| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | -| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | -| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | -| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | -| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | -| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | -| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | -| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | -| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | -| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | -| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | -| [archived](#input\_archived) | n/a | `bool` | `false` | no | -| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | -| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | -| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | -| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | -| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | -| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | -| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | -| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | -| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | -| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | -| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | -| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | -| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | -| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | -| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | -| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | -| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | -| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | -| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | -| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | -| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | -| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | -| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | -| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | -| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | -| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | -| [prefix](#input\_prefix) | n/a | `any` | `null` | no | -| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | -| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | -| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | -| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | -| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | -| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | -| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [github\_repo](#output\_github\_repo) | n/a | - \ No newline at end of file +[![Modtest Dev](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/modtest-dev.yaml/badge.svg)](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/modtest-dev.yaml) From 9cc2fae30b5b7b40323b20a679f66f6e78023f0f Mon Sep 17 00:00:00 2001 From: djaboxx Date: Wed, 25 Sep 2024 19:26:19 +0000 Subject: [PATCH 53/68] AutoFormat Commit --- README.md | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/README.md b/README.md index 11c4c27..6c8e1c8 100644 --- a/README.md +++ b/README.md @@ -3,3 +3,92 @@ [![Modtest Dev](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/modtest-dev.yaml/badge.svg)](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/modtest-dev.yaml) + + +## Requirements + +| Name | Version | +|------|---------| +| [github](#requirement\_github) | >= 6.2.2 | + +## Providers + +| Name | Version | +|------|---------| +| [github](#provider\_github) | 6.3.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [github_actions_secret.secret](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource | +| [github_actions_variable.variable](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource | +| [github_branch.branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource | +| [github_branch_default.default_main_branch](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource | +| [github_branch_protection.main](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource | +| [github_repository.repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource | +| [github_repository_collaborator.collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource | +| [github_repository_file.codeowners](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_repository_file.managed_extra_files](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource | +| [github_team_repository.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_repository) | resource | +| [github_organization_teams.root_teams](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization_teams) | data source | +| [github_ref.ref](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/ref) | data source | +| [github_repository.template_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/repository) | data source | +| [github_user.pull_request_bypassers](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/user) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [additional\_codeowners](#input\_additional\_codeowners) | Enable adding of Codeowner Teams | `list(any)` | `[]` | no | +| [admin\_teams](#input\_admin\_teams) | Admin Teams | `list(any)` | `[]` | no | +| [archive\_on\_destroy](#input\_archive\_on\_destroy) | n/a | `bool` | `true` | no | +| [archived](#input\_archived) | n/a | `bool` | `false` | no | +| [collaborators](#input\_collaborators) | list of repo callaborators | `map(string)` | `{}` | no | +| [create\_codeowners](#input\_create\_codeowners) | n/a | `bool` | `true` | no | +| [enforce\_prs](#input\_enforce\_prs) | n/a | `bool` | `true` | no | +| [extra\_files](#input\_extra\_files) | Extra Files | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [force\_name](#input\_force\_name) | Force Naming of Repo. If forced, archive management will not operate on this repo | `bool` | `false` | no | +| [github\_allow\_merge\_commit](#input\_github\_allow\_merge\_commit) | n/a | `bool` | `false` | no | +| [github\_allow\_rebase\_merge](#input\_github\_allow\_rebase\_merge) | n/a | `bool` | `false` | no | +| [github\_allow\_squash\_merge](#input\_github\_allow\_squash\_merge) | n/a | `bool` | `true` | no | +| [github\_auto\_init](#input\_github\_auto\_init) | n/a | `bool` | `true` | no | +| [github\_codeowners\_team](#input\_github\_codeowners\_team) | n/a | `string` | `"terraform-reviewers"` | no | +| [github\_default\_branch](#input\_github\_default\_branch) | n/a | `string` | `"main"` | no | +| [github\_delete\_branch\_on\_merge](#input\_github\_delete\_branch\_on\_merge) | n/a | `bool` | `true` | no | +| [github\_dismiss\_stale\_reviews](#input\_github\_dismiss\_stale\_reviews) | n/a | `bool` | `true` | no | +| [github\_enforce\_admins\_branch\_protection](#input\_github\_enforce\_admins\_branch\_protection) | n/a | `bool` | `true` | no | +| [github\_has\_issues](#input\_github\_has\_issues) | n/a | `bool` | `false` | no | +| [github\_has\_projects](#input\_github\_has\_projects) | n/a | `bool` | `true` | no | +| [github\_has\_wiki](#input\_github\_has\_wiki) | n/a | `bool` | `true` | no | +| [github\_is\_private](#input\_github\_is\_private) | n/a | `bool` | `true` | no | +| [github\_org\_teams](#input\_github\_org\_teams) | provide module with list of teams so that module does not need to look them up | `list(any)` | `null` | no | +| [github\_push\_restrictions](#input\_github\_push\_restrictions) | Github Push Restrictions | `list(any)` | `[]` | no | +| [github\_repo\_description](#input\_github\_repo\_description) | n/a | `any` | `null` | no | +| [github\_repo\_topics](#input\_github\_repo\_topics) | Github Repo Topics | `list(any)` | `[]` | no | +| [github\_require\_code\_owner\_reviews](#input\_github\_require\_code\_owner\_reviews) | n/a | `bool` | `true` | no | +| [github\_required\_approving\_review\_count](#input\_github\_required\_approving\_review\_count) | n/a | `number` | `1` | no | +| [is\_template](#input\_is\_template) | n/a | `bool` | `false` | no | +| [managed\_extra\_files](#input\_managed\_extra\_files) | Managed Extra Files. Changes to Content will be updated | 
list(object({
    path    = string,
    content = string
  }))
| `[]` | no | +| [name](#input\_name) | Name of the terraform workspace and optionally github repo | `any` | n/a | yes | +| [prefix](#input\_prefix) | n/a | `any` | `null` | no | +| [pull\_request\_bypassers](#input\_pull\_request\_bypassers) | n/a | `list(any)` | `[]` | no | +| [repo\_org](#input\_repo\_org) | n/a | `any` | `null` | no | +| [required\_status\_checks](#input\_required\_status\_checks) | Required Status Checks
required\_status\_checks supports the following arguments:

strict: (Optional) Require branches to be up to date before merging. Defaults to false.
contexts: (Optional) The list of status checks to require in order to merge into this branch.
No status checks are required by default.
Note: This attribute can contain multiple string patterns. If specified, usual value is the job name.
Otherwise, the job id is defaulted to. For workflows that use matrixes, append the matrix name to the
value using the following pattern ([, ]). Matrixes should be specified
based on the order of matrix properties in the workflow file. See GitHub Documentation for more
information. For workflows that use reusable workflows,
the pattern is / .
This can extend multiple levels. | 
object({
    contexts = list(string)
    strict   = optional(bool, false)
  })
| `null` | no | +| [secrets](#input\_secrets) | Github Action Secrets | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [template\_repo](#input\_template\_repo) | n/a | `any` | `null` | no | +| [template\_repo\_org](#input\_template\_repo\_org) | n/a | `any` | `null` | no | +| [vars](#input\_vars) | Github Action Vars | 
list(object({
    name  = string,
    value = string
  }))
| `[]` | no | +| [vulnerability\_alerts](#input\_vulnerability\_alerts) | n/a | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [github\_repo](#output\_github\_repo) | n/a | + \ No newline at end of file From 13ef109fdf7698bc88cd71ca2b16418eed32a119 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 16 Oct 2024 23:13:18 -0700 Subject: [PATCH 54/68] Update .github/workflows/terraform.yaml --- .github/workflows/terraform.yaml | 77 ++++++++++++++++++++++++++------ 1 file changed, 64 insertions(+), 13 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 3c54a0d..0df3f90 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -1,28 +1,79 @@ -name: "Gtag" +name: "Terraform Validate" on: workflow_dispatch: - pull_request: push: branches: - main - + +env: + GITHUB_OWNER: ${{ vars.GH_ORG }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + TF_WORKSPACE: happypathway + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + jobs: - terraform: + setup-terraform: + outputs: + commit_sha: ${{ steps.checkout.outputs.commit }} + + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v4 + id: checkout + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3.1.2 + with: + terraform_version: ${{ vars.terraform_version }} + cli_config_credentials_token: ${{ secrets.TFE_TOKEN }} + cli_config_credentials_hostname: ${{ vars.terraform_api }} + + - name: terraform init + run: terraform init -upgrade + + - uses: actions/upload-artifact@master + name: Archive Configuration + if: github.ref == 'refs/heads/main' + with: + name: terraform_dir + path: .terraform + retention-days: 1 + include-hidden-files: true + + - uses: actions/upload-artifact@master + name: Archive Lockfile + if: github.ref == 'refs/heads/main' + with: + name: terraform_lockfile + path: .terraform.lock.hcl + retention-days: 1 + include-hidden-files: true + + terraform-validate: + needs: setup-terraform uses: HappyPathway/centralized-actions/.github/workflows/terraform-test.yml@main with: - terraform_version: ${{vars.TERRAFORM_VERSION}} - terraform_api: ${{vars.TERRAFORM_API}} - github_username: ${{vars.GH_USERNAME}} - github_email: ${{vars.GH_EMAIL}} - github_org: ${{ vars.GH_ORG }} + terraform_version: ${{ vars.terraform_version }} + terraform_api: ${{ vars.terraform_api }} + github_username: ${{ github.actor }} + github_email: ${{ github.actor }}@roknsound.com + github_org: ${{ github.repository_owner }} + setup_terraform: true + terraform_init: false + cache: ${{ github.workspace }} + download_cache: true + commit_sha: ${{ needs.setup-terraform.outputs.commit_sha }} secrets: TFE_TOKEN: ${{ secrets.TFE_TOKEN }} GH_TOKEN: ${{ secrets.GH_TOKEN }} - + GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + gtag: - if: ${{ github.event_name }} != "pull_request" - needs: terraform + needs: terraform-validate + if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request' uses: HappyPathway/centralized-actions/.github/workflows/gtag.yml@main with: patch: true @@ -30,4 +81,4 @@ jobs: github_username: ${{ vars.GH_USERNAME }} github_email: ${{ vars.GH_EMAIL }} secrets: - GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file + GH_TOKEN: ${{ secrets.GH_TOKEN }} From 607e6dcf22f561a30a83b7cae530c562cfaf225a Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Mon, 21 Oct 2024 11:14:55 -0700 Subject: [PATCH 55/68] Update versions.tf --- versions.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/versions.tf b/versions.tf index 9fecb91..73db9d5 100644 --- a/versions.tf +++ b/versions.tf @@ -2,7 +2,6 @@ terraform { required_providers { github = { source = "integrations/github" - version = ">= 6.2.2" } } } From 92d216ca3fba19819a8665da4c24f27c596732f6 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 29 Oct 2024 11:32:30 -0700 Subject: [PATCH 56/68] Update github_team_access.tf --- github_team_access.tf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/github_team_access.tf b/github_team_access.tf index f825ff8..c530e6a 100644 --- a/github_team_access.tf +++ b/github_team_access.tf @@ -24,4 +24,7 @@ resource "github_team_repository" "admin" { team_id ] } -} \ No newline at end of file + depends_on = [ + github_repository.repo + ] +} From 8a3f1e141377f563f8945dc1eee3d1e4346b68d1 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 29 Oct 2024 11:32:47 -0700 Subject: [PATCH 57/68] Update collaborators.tf --- collaborators.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/collaborators.tf b/collaborators.tf index d8680ac..5ffe416 100644 --- a/collaborators.tf +++ b/collaborators.tf @@ -4,4 +4,7 @@ resource "github_repository_collaborator" "collaborators" { repository = github_repository.repo.name username = each.key permission = each.value + depends_on = [ + github_repository.repo + ] } From 1f4aacf30d1a4bddb1c16687fc8407956998c692 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 5 Nov 2024 20:08:22 -0800 Subject: [PATCH 58/68] Update github_repo.tf (#11) * Update github_repo.tf * Update variables.tf --- github_repo.tf | 3 ++- variables.tf | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/github_repo.tf b/github_repo.tf index b2bd8f0..c000836 100644 --- a/github_repo.tf +++ b/github_repo.tf @@ -17,9 +17,10 @@ resource "github_repository" "repo" { has_issues = var.github_has_issues has_wiki = var.github_has_wiki topics = var.github_repo_topics - gitignore_template = "Terraform" + gitignore_template = var.gitignore_template is_template = var.is_template archived = var.archived + homepage_url = var.homepage_url vulnerability_alerts = var.vulnerability_alerts lifecycle { ignore_changes = [ diff --git a/variables.tf b/variables.tf index ad7de82..86f8989 100644 --- a/variables.tf +++ b/variables.tf @@ -203,3 +203,11 @@ variable "vulnerability_alerts" { type = bool default = false } + +variable gitignore_template { + default = null +} + +variable homepage_url { + default = null +} From 24539365e330ab75229fa8721d491287e84a4093 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Tue, 3 Dec 2024 17:03:49 -0800 Subject: [PATCH 59/68] Update variables.tf --- variables.tf | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/variables.tf b/variables.tf index 86f8989..4e066ca 100644 --- a/variables.tf +++ b/variables.tf @@ -211,3 +211,27 @@ variable gitignore_template { variable homepage_url { default = null } + +variable security_and_analysis { + description = < Date: Tue, 3 Dec 2024 17:10:18 -0800 Subject: [PATCH 60/68] Remove deprecated GitHub workflow files and update variable definitions for consistency --- .github/workflows/modtest-dev.yaml | 29 ----------------------------- .github/workflows/modtest.yml | 23 ----------------------- variables.tf | 12 ++++++------ versions.tf | 2 +- 4 files changed, 7 insertions(+), 59 deletions(-) delete mode 100644 .github/workflows/modtest-dev.yaml delete mode 100644 .github/workflows/modtest.yml diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml deleted file mode 100644 index c98e5f1..0000000 --- a/.github/workflows/modtest-dev.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: "ModTest: dev" - -on: - pull_request: - push: - branches: - - main - -jobs: - modtest: - if : ${{ github.event_name }} == "pull_request" - uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main - with: - workspace: dev - workspace_repo: github-repos - workspace_branch: main - repo_clone_type: https - mod_source: repo/github - - github_server: ${{vars.GH_SERVER}} - github_org: ${{ github.repository_owner }} - branch: ${{ github.head_ref }} - terraform_version: ${{vars.TERRAFORM_VERSION}} - terraform_api_token_name: ${{ vars.TERRAFORM_API_TOKEN_NAME }} - terraform_api: ${{vars.TERRAFORM_API}} - - secrets: - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/modtest.yml b/.github/workflows/modtest.yml deleted file mode 100644 index ca4c63a..0000000 --- a/.github/workflows/modtest.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: "ModTest" - -on: - push: - branchs: - - main - pull_request: - branches: - - main - -jobs: - modtest: - uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main - with: - workspace: github-repos - github_server: github.com - github_org: HappyPathway - mod_source: repo/github - branch: ${{ github.head_ref }} - terraform_version: 1.9.1 - secrets: - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} diff --git a/variables.tf b/variables.tf index 4e066ca..d454359 100644 --- a/variables.tf +++ b/variables.tf @@ -204,15 +204,15 @@ variable "vulnerability_alerts" { default = false } -variable gitignore_template { +variable "gitignore_template" { default = null } -variable homepage_url { +variable "homepage_url" { default = null } -variable security_and_analysis { +variable "security_and_analysis" { description = < Date: Tue, 3 Dec 2024 17:11:39 -0800 Subject: [PATCH 61/68] Fix variable definition formatting in variables.tf for consistency --- variables.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/variables.tf b/variables.tf index d454359..48de740 100644 --- a/variables.tf +++ b/variables.tf @@ -226,12 +226,12 @@ EOT type = object({ advanced_security = optional(object({ status = string - }, { status = "disabled" })) + }), { status = "disabled" }) secret_scanning = optional(object({ status = string - }, { status = "disabled" })) + }), { status = "disabled" }) secret_scanning_push_protection = optional(object({ status = string - }, { status = "disabled" })) + }), { status = "disabled" }) }) } From 7919fbcb0f7e6869473427b0ec42ff2aa1883e51 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Tue, 3 Dec 2024 17:12:57 -0800 Subject: [PATCH 62/68] Add default values for advanced security and secret scanning in variables.tf --- variables.tf | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/variables.tf b/variables.tf index 48de740..128c9f6 100644 --- a/variables.tf +++ b/variables.tf @@ -234,4 +234,15 @@ EOT status = string }), { status = "disabled" }) }) + default = { + advanced_security = { + status = "disabled" + } + secret_scanning = { + status = "disabled" + } + secret_scanning_push_protection = { + status = "disabled" + } + } } From 0c4725b3c8909e9521bff8625f3be4af73306407 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 4 Dec 2024 11:49:36 -0800 Subject: [PATCH 63/68] Update github_branch.tf --- github_branch.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github_branch.tf b/github_branch.tf index 642037a..cce7ccd 100644 --- a/github_branch.tf +++ b/github_branch.tf @@ -34,7 +34,7 @@ locals { # https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection resource "github_branch_protection" "main" { - count = var.enforce_prs ? 1 : 0 + count = var.enforce_prs && !var.github_is_private ? 1 : 0 enforce_admins = var.github_enforce_admins_branch_protection pattern = var.github_default_branch # push_restrictions = var.github_push_restrictions From 85aa6f47a5e158010fbec171580984ecacf2ba10 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 11 Dec 2024 12:53:14 -0800 Subject: [PATCH 64/68] Add README.md --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..3ccb028 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ + + +[![Terraform Validation](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/terraform.yaml/badge.svg)](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/terraform.yaml) + + +[![Modtest Dev](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/modtest-dev.yaml/badge.svg)](https://github.com/HappyPathway/terraform-github-repo/actions/workflows/modtest-dev.yaml) + + +{{ .Content }} + \ No newline at end of file From 600202670441272bf8c362804d8d0b690fe0c286 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 11 Dec 2024 12:53:17 -0800 Subject: [PATCH 65/68] Add .github/workflows/modtest-dev.yaml --- .github/workflows/modtest-dev.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/modtest-dev.yaml diff --git a/.github/workflows/modtest-dev.yaml b/.github/workflows/modtest-dev.yaml new file mode 100644 index 0000000..c98e5f1 --- /dev/null +++ b/.github/workflows/modtest-dev.yaml @@ -0,0 +1,29 @@ +name: "ModTest: dev" + +on: + pull_request: + push: + branches: + - main + +jobs: + modtest: + if : ${{ github.event_name }} == "pull_request" + uses: HappyPathway/centralized-actions/.github/workflows/modtest.yml@main + with: + workspace: dev + workspace_repo: github-repos + workspace_branch: main + repo_clone_type: https + mod_source: repo/github + + github_server: ${{vars.GH_SERVER}} + github_org: ${{ github.repository_owner }} + branch: ${{ github.head_ref }} + terraform_version: ${{vars.TERRAFORM_VERSION}} + terraform_api_token_name: ${{ vars.TERRAFORM_API_TOKEN_NAME }} + terraform_api: ${{vars.TERRAFORM_API}} + + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} \ No newline at end of file From dacc9a0615c9a46305bb6fec320eeb21d1292b34 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 29 Jan 2025 12:57:14 -0800 Subject: [PATCH 66/68] Update .github/workflows/terraform.yaml --- .github/workflows/terraform.yaml | 84 -------------------------------- 1 file changed, 84 deletions(-) delete mode 100644 .github/workflows/terraform.yaml diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml deleted file mode 100644 index 0df3f90..0000000 --- a/.github/workflows/terraform.yaml +++ /dev/null @@ -1,84 +0,0 @@ -name: "Terraform Validate" - -on: - workflow_dispatch: - push: - branches: - - main - -env: - GITHUB_OWNER: ${{ vars.GH_ORG }} - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} - TF_WORKSPACE: happypathway - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - -jobs: - setup-terraform: - outputs: - commit_sha: ${{ steps.checkout.outputs.commit }} - - runs-on: ubuntu-latest - steps: - - name: Checkout Code - uses: actions/checkout@v4 - id: checkout - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v3.1.2 - with: - terraform_version: ${{ vars.terraform_version }} - cli_config_credentials_token: ${{ secrets.TFE_TOKEN }} - cli_config_credentials_hostname: ${{ vars.terraform_api }} - - - name: terraform init - run: terraform init -upgrade - - - uses: actions/upload-artifact@master - name: Archive Configuration - if: github.ref == 'refs/heads/main' - with: - name: terraform_dir - path: .terraform - retention-days: 1 - include-hidden-files: true - - - uses: actions/upload-artifact@master - name: Archive Lockfile - if: github.ref == 'refs/heads/main' - with: - name: terraform_lockfile - path: .terraform.lock.hcl - retention-days: 1 - include-hidden-files: true - - terraform-validate: - needs: setup-terraform - uses: HappyPathway/centralized-actions/.github/workflows/terraform-test.yml@main - with: - terraform_version: ${{ vars.terraform_version }} - terraform_api: ${{ vars.terraform_api }} - github_username: ${{ github.actor }} - github_email: ${{ github.actor }}@roknsound.com - github_org: ${{ github.repository_owner }} - setup_terraform: true - terraform_init: false - cache: ${{ github.workspace }} - download_cache: true - commit_sha: ${{ needs.setup-terraform.outputs.commit_sha }} - secrets: - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} - GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} - - gtag: - needs: terraform-validate - if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request' - uses: HappyPathway/centralized-actions/.github/workflows/gtag.yml@main - with: - patch: true - github_org: ${{ vars.GH_ORG }} - github_username: ${{ vars.GH_USERNAME }} - github_email: ${{ vars.GH_EMAIL }} - secrets: - GH_TOKEN: ${{ secrets.GH_TOKEN }} From fddbd2fcb298544aef0edd814cd7b08b3dd710bd Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 29 Jan 2025 12:58:08 -0800 Subject: [PATCH 67/68] Add .github/workflows/terraform.yaml --- .github/workflows/terraform.yaml | 84 ++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 .github/workflows/terraform.yaml diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml new file mode 100644 index 0000000..0df3f90 --- /dev/null +++ b/.github/workflows/terraform.yaml @@ -0,0 +1,84 @@ +name: "Terraform Validate" + +on: + workflow_dispatch: + push: + branches: + - main + +env: + GITHUB_OWNER: ${{ vars.GH_ORG }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + TF_WORKSPACE: happypathway + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + +jobs: + setup-terraform: + outputs: + commit_sha: ${{ steps.checkout.outputs.commit }} + + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v4 + id: checkout + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3.1.2 + with: + terraform_version: ${{ vars.terraform_version }} + cli_config_credentials_token: ${{ secrets.TFE_TOKEN }} + cli_config_credentials_hostname: ${{ vars.terraform_api }} + + - name: terraform init + run: terraform init -upgrade + + - uses: actions/upload-artifact@master + name: Archive Configuration + if: github.ref == 'refs/heads/main' + with: + name: terraform_dir + path: .terraform + retention-days: 1 + include-hidden-files: true + + - uses: actions/upload-artifact@master + name: Archive Lockfile + if: github.ref == 'refs/heads/main' + with: + name: terraform_lockfile + path: .terraform.lock.hcl + retention-days: 1 + include-hidden-files: true + + terraform-validate: + needs: setup-terraform + uses: HappyPathway/centralized-actions/.github/workflows/terraform-test.yml@main + with: + terraform_version: ${{ vars.terraform_version }} + terraform_api: ${{ vars.terraform_api }} + github_username: ${{ github.actor }} + github_email: ${{ github.actor }}@roknsound.com + github_org: ${{ github.repository_owner }} + setup_terraform: true + terraform_init: false + cache: ${{ github.workspace }} + download_cache: true + commit_sha: ${{ needs.setup-terraform.outputs.commit_sha }} + secrets: + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} + GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + + gtag: + needs: terraform-validate + if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request' + uses: HappyPathway/centralized-actions/.github/workflows/gtag.yml@main + with: + patch: true + github_org: ${{ vars.GH_ORG }} + github_username: ${{ vars.GH_USERNAME }} + github_email: ${{ vars.GH_EMAIL }} + secrets: + GH_TOKEN: ${{ secrets.GH_TOKEN }} From 0cefe5ee5e655fa0e8371a4bca4f737cb82cda00 Mon Sep 17 00:00:00 2001 From: David Arnold <10138997+djaboxx@users.noreply.github.com> Date: Wed, 29 Jan 2025 12:58:10 -0800 Subject: [PATCH 68/68] Add .github/workflows/terraform-doc.yaml --- .github/workflows/terraform-doc.yaml | 45 ++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/terraform-doc.yaml diff --git a/.github/workflows/terraform-doc.yaml b/.github/workflows/terraform-doc.yaml new file mode 100644 index 0000000..aeb3272 --- /dev/null +++ b/.github/workflows/terraform-doc.yaml @@ -0,0 +1,45 @@ +name: "Terraform Doc" + +on: + pull_request: + +env: + GITHUB_OWNER: ${{ vars.GH_ORG }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + TF_WORKSPACE: happypathway + TFE_TOKEN: ${{ secrets.TFE_TOKEN }} + +jobs: + tf-doc: + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v4 + id: checkout + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3.1.2 + with: + terraform_version: ${{ vars.terraform_version }} + cli_config_credentials_token: ${{ secrets.TFE_TOKEN }} + cli_config_credentials_hostname: ${{ vars.terraform_api }} + + - name: terraform init + run: terraform init -upgrade + + - name: Render terraform docs inside the README.md and push changes back to PR branch + uses: terraform-docs/gh-actions@v1.2.0 + with: + working-dir: . + output-file: README.md + output-method: inject + git-push: "true" + + # terraform-docs/gh-actions@v1.0.0 modifies .git files with owner root:root, and the following steps fail with + # insufficient permission for adding an object to repository database .git/objects + # since the expected user is runner:docker. See https://github.com/terraform-docs/gh-actions/issues/90 + - name: Fix .git owner + run: sudo chown runner:docker -R .git \ No newline at end of file