Skip to content
This repository was archived by the owner on Dec 21, 2024. It is now read-only.

lasuillard/terraform-github-organization

BranchesTags

Repository files navigation

terraform-github-organization

License: MIT CI GitHub Release

Terraform module to create GitHub organization relevant resources.

Requirements

Name Version
terraform ~> 1.0
github ~> 6.2

Providers

Name Version
github ~> 6.2

Modules

Name Source Version
actions ./modules/actions n/a
rulesets ./modules/rulesets n/a
secrets_and_variables ./modules/secrets-and-variables n/a
teams ./modules/team n/a

Resources

Name Type
github_app_installation_repositories.this resource
github_organization_block.this resource
github_organization_custom_role.this resource
github_organization_settings.this resource
github_organization_webhook.this resource

Inputs

Name Description Type Default Required
actions_oidc_subject_claim_customization_template A list of OpenID Connect claims. 
object({
    include_claim_keys = set(string)
  })
 null no
actions_organization_permissions GitHub Actions permissions for current organization. 
object({
    allowed_actions      = optional(string)
    enabled_repositories = optional(string)
    allowed_actions_config = optional(object({
      github_owned_allowed = bool
      patterns_allowed     = optional(set(string))
      verified_allowed     = optional(bool)
    }))
    enabled_repositories_config = optional(object({
      repository_ids = set(number)
    }))
  })
 null no
actions_runner_groups GitHub Actions runner groups for this organization. 
list(object({
    name                       = string
    restricted_to_workflows    = optional(bool)
    selected_repository_ids    = optional(set(number))
    selected_workflows         = optional(set(string))
    visibility                 = optional(string)
    allows_public_repositories = optional(bool)
  }))
 [] no
app_installations List of relationships between app installations and repositories. 
list(object({
    installation_id       = string
    selected_repositories = set(string)
  }))
 [] no
blocks List of users to block. set(string) [] no
create Whether to create this module or not. bool true no
custom_roles Custom roles. 
list(object({
    name        = string
    description = optional(string)
    base_role   = string
    permissions = set(string)
  }))
 [] no
rulesets Repository rulesets. 
list(object({
    enforcement = string
    name        = string
    rules = object({
      branch_name_pattern = optional(object({
        operator = string
        pattern  = string
        name     = optional(string)
        negate   = optional(bool)
      }))
      commit_author_email_pattern = optional(object({
        operator = string
        pattern  = string
        name     = optional(string)
        negate   = optional(bool)
      }))
      commit_message_pattern = optional(object({
        operator = string
        pattern  = string
        name     = optional(string)
        negate   = optional(bool)
      }))
      committer_email_pattern = optional(object({
        operator = string
        pattern  = string
        name     = optional(string)
        negate   = optional(bool)
      }))
      creation         = optional(bool)
      deletion         = optional(bool)
      non_fast_forward = optional(bool)
      pull_request = optional(object({
        dismiss_stale_reviews_on_push     = optional(bool)
        require_code_owner_review         = optional(bool)
        require_last_push_approval        = optional(bool)
        required_approving_review_count   = optional(number)
        required_review_thread_resolution = optional(bool)
      }))
      required_linear_history = optional(bool)
      required_signatures     = optional(bool)
      required_status_checks = optional(object({
        required_check = list(object({
          context        = string
          integration_id = optional(number)
        }))
        strict_required_status_checks_policy = optional(bool)
      }))
      required_workflows = optional(object({
        required_workflow = object({
          repository_id = number
          path          = string
          ref           = optional(string)
        })
      }))
      tag_name_pattern = optional(object({
        operator = string
        pattern  = string
        name     = optional(string)
        negate   = optional(bool)
      }))
      update                        = optional(bool)
      update_allows_fetch_and_merge = optional(bool)
    })
    target = string
    bypass_actors = optional(list(object({
      actor_id    = number
      actor_type  = string
      bypass_mode = optional(string)
    })))
    conditions = optional(object({
      ref_name = object({
        exclude = set(string)
        include = set(string)
      })
    }))
  }))
 [] no
secrets GitHub Actions secrets for this organization.

- Available values for subject are "actions", "codespaces", "dependabot".		 
list(object({
    subjects                = set(string)
    secret_name             = string
    encrypted_value         = optional(string)
    plaintext_value         = optional(string)
    visibility              = string
    selected_repository_ids = optional(set(number))
  }))
 [] no
settings Organization settings. 
object({
    billing_email                                                = string
    company                                                      = string
    blog                                                         = string
    email                                                        = string
    twitter_username                                             = string
    location                                                     = string
    name                                                         = string
    description                                                  = string
    has_organization_projects                                    = optional(bool)
    has_repository_projects                                      = optional(bool)
    default_repository_permission                                = optional(string)
    members_can_create_repositories                              = optional(bool)
    members_can_create_public_repositories                       = optional(bool)
    members_can_create_private_repositories                      = optional(bool)
    members_can_create_internal_repositories                     = optional(bool)
    members_can_create_pages                                     = optional(bool)
    members_can_create_public_pages                              = optional(bool)
    members_can_create_private_pages                             = optional(bool)
    members_can_fork_private_repositories                        = optional(bool)
    web_commit_signoff_required                                  = optional(bool)
    advanced_security_enabled_for_new_repositories               = optional(bool)
    dependabot_alerts_enabled_for_new_repositories               = optional(bool)
    dependabot_security_updates_enabled_for_new_repositories     = optional(bool)
    dependency_graph_enabled_for_new_repositories                = optional(bool)
    secret_scanning_enabled_for_new_repositories                 = optional(bool)
    secret_scanning_push_protection_enabled_for_new_repositories = optional(bool)
  })
 null no
teams NOTE: Forwarded variable 
list(object({
    name                      = string
    description               = optional(string)
    privacy                   = optional(string)
    parent_team_id            = optional(string)
    ldap_dn                   = optional(string)
    create_default_maintainer = optional(bool)
    settings = optional(object({
      review_request_delegation = optional(object({
        algorithm    = optional(string)
        member_count = optional(number)
        notify       = optional(bool)
      }))
    }))
    is_security_manager = optional(bool)
    members = optional(list(object({
      username = string
      role     = optional(string)
    })))
    members_authoritative = optional(bool)
    repositories = optional(list(object({
      repository = string
      permission = optional(string)
    })))
    sync_group_mapping = optional(object({
      groups = optional(list(object({
        group_id          = string
        group_name        = string
        group_description = string
      })))
    }))
  }))
 null no
variables GitHub Actions variables for this organization. 
list(object({
    variable_name           = string
    value                   = optional(string)
    visibility              = string
    selected_repository_ids = optional(set(number))
  }))
 [] no
webhooks List of webhooks. 
list(object({
    events = set(string)
    configuration = object({
      url          = string
      content_type = string
      secret       = optional(string)
      insecure_ssl = optional(bool)
    })
    active = optional(bool)
    name   = optional(string)
  }))
 [] no

Outputs

Name Description
actions GitHub Actions module outputs.
app_installations GitHub App installations.
blocks Organization blocks.
custom_roles Custom roles.
rulesets Repository rulesets.
secrets_and_variables Repository Actions, Codespaces and Dependabot secrets and variables.
settings Organization settings.
teams Organization teams.
webhooks Repository webhooks.

About

Terraform module to create GitHub organization relevant resources.

registry.terraform.io/modules/lasuillard/organization/github/latest

Topics

terraform github-organization terraform-module terraform-github-provider

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.1.0 Latest
Sep 22, 2024

Contributors 2

  •  
  •  

Languages