Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/lasuillard/terraform-github-organization
Terraform module to create GitHub organization relevant resources.
https://github.com/lasuillard/terraform-github-organization
github-organization terraform terraform-github-provider terraform-module
Last synced: 27 days ago
JSON representation
Terraform module to create GitHub organization relevant resources.
- Host: GitHub
- URL: https://github.com/lasuillard/terraform-github-organization
- Owner: lasuillard
- License: mit
- Created: 2024-03-25T13:12:35.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2024-12-01T09:41:33.000Z (about 1 month ago)
- Last Synced: 2024-12-01T10:38:22.235Z (about 1 month ago)
- Topics: github-organization, terraform, terraform-github-provider, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/lasuillard/organization/github/latest
- Size: 31.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# terraform-github-organization
[](https://opensource.org/licenses/MIT)
[](https://github.com/lasuillard/terraform-github-organization/actions/workflows/ci.yaml)
Terraform module to create GitHub organization relevant resources.
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | ~> 1.0 |
| [github](#requirement\_github) | ~> 6.2 |
## Providers
| Name | Version |
|------|---------|
| [github](#provider\_github) | ~> 6.2 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [actions](#module\_actions) | ./modules/actions | n/a |
| [rulesets](#module\_rulesets) | ./modules/rulesets | n/a |
| [secrets\_and\_variables](#module\_secrets\_and\_variables) | ./modules/secrets-and-variables | n/a |
| [teams](#module\_teams) | ./modules/team | n/a |
## Resources
| Name | Type |
|------|------|
| [github_app_installation_repositories.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/app_installation_repositories) | resource |
| [github_organization_block.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_block) | resource |
| [github_organization_custom_role.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_custom_role) | resource |
| [github_organization_settings.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_settings) | resource |
| [github_organization_webhook.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_webhook) | resource |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [actions\_oidc\_subject\_claim\_customization\_template](#input\_actions\_oidc\_subject\_claim\_customization\_template) | A list of OpenID Connect claims. |
object({
include_claim_keys = set(string)
}) | `null` | no |
| [actions\_organization\_permissions](#input\_actions\_organization\_permissions) | GitHub Actions permissions for current organization. | object({
allowed_actions = optional(string)
enabled_repositories = optional(string)
allowed_actions_config = optional(object({
github_owned_allowed = bool
patterns_allowed = optional(set(string))
verified_allowed = optional(bool)
}))
enabled_repositories_config = optional(object({
repository_ids = set(number)
}))
}) | `null` | no |
| [actions\_runner\_groups](#input\_actions\_runner\_groups) | GitHub Actions runner groups for this organization. | list(object({
name = string
restricted_to_workflows = optional(bool)
selected_repository_ids = optional(set(number))
selected_workflows = optional(set(string))
visibility = optional(string)
allows_public_repositories = optional(bool)
})) | `[]` | no |
| [app\_installations](#input\_app\_installations) | List of relationships between app installations and repositories. | list(object({
installation_id = string
selected_repositories = set(string)
})) | `[]` | no |
| [blocks](#input\_blocks) | List of users to block. | `set(string)` | `[]` | no |
| [create](#input\_create) | Whether to create this module or not. | `bool` | `true` | no |
| [custom\_roles](#input\_custom\_roles) | Custom roles. | list(object({
name = string
description = optional(string)
base_role = string
permissions = set(string)
})) | `[]` | no |
| [rulesets](#input\_rulesets) | Repository rulesets. | list(object({
enforcement = string
name = string
rules = object({
branch_name_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
commit_author_email_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
commit_message_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
committer_email_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
creation = optional(bool)
deletion = optional(bool)
non_fast_forward = optional(bool)
pull_request = optional(object({
dismiss_stale_reviews_on_push = optional(bool)
require_code_owner_review = optional(bool)
require_last_push_approval = optional(bool)
required_approving_review_count = optional(number)
required_review_thread_resolution = optional(bool)
}))
required_linear_history = optional(bool)
required_signatures = optional(bool)
required_status_checks = optional(object({
required_check = list(object({
context = string
integration_id = optional(number)
}))
strict_required_status_checks_policy = optional(bool)
}))
required_workflows = optional(object({
required_workflow = object({
repository_id = number
path = string
ref = optional(string)
})
}))
tag_name_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
update = optional(bool)
update_allows_fetch_and_merge = optional(bool)
})
target = string
bypass_actors = optional(list(object({
actor_id = number
actor_type = string
bypass_mode = optional(string)
})))
conditions = optional(object({
ref_name = object({
exclude = set(string)
include = set(string)
})
}))
})) | `[]` | no |
| [secrets](#input\_secrets) | GitHub Actions secrets for this organization.
- Available values for `subject` are `"actions"`, `"codespaces"`, `"dependabot"`. | list(object({
subjects = set(string)
secret_name = string
encrypted_value = optional(string)
plaintext_value = optional(string)
visibility = string
selected_repository_ids = optional(set(number))
})) | `[]` | no |
| [settings](#input\_settings) | Organization settings. | object({
billing_email = string
company = string
blog = string
email = string
twitter_username = string
location = string
name = string
description = string
has_organization_projects = optional(bool)
has_repository_projects = optional(bool)
default_repository_permission = optional(string)
members_can_create_repositories = optional(bool)
members_can_create_public_repositories = optional(bool)
members_can_create_private_repositories = optional(bool)
members_can_create_internal_repositories = optional(bool)
members_can_create_pages = optional(bool)
members_can_create_public_pages = optional(bool)
members_can_create_private_pages = optional(bool)
members_can_fork_private_repositories = optional(bool)
web_commit_signoff_required = optional(bool)
advanced_security_enabled_for_new_repositories = optional(bool)
dependabot_alerts_enabled_for_new_repositories = optional(bool)
dependabot_security_updates_enabled_for_new_repositories = optional(bool)
dependency_graph_enabled_for_new_repositories = optional(bool)
secret_scanning_enabled_for_new_repositories = optional(bool)
secret_scanning_push_protection_enabled_for_new_repositories = optional(bool)
}) | `null` | no |
| [teams](#input\_teams) | NOTE: Forwarded variable | list(object({
name = string
description = optional(string)
privacy = optional(string)
parent_team_id = optional(string)
ldap_dn = optional(string)
create_default_maintainer = optional(bool)
settings = optional(object({
review_request_delegation = optional(object({
algorithm = optional(string)
member_count = optional(number)
notify = optional(bool)
}))
}))
is_security_manager = optional(bool)
members = optional(list(object({
username = string
role = optional(string)
})))
members_authoritative = optional(bool)
repositories = optional(list(object({
repository = string
permission = optional(string)
})))
sync_group_mapping = optional(object({
groups = optional(list(object({
group_id = string
group_name = string
group_description = string
})))
}))
})) | `null` | no |
| [variables](#input\_variables) | GitHub Actions variables for this organization. | list(object({
variable_name = string
value = optional(string)
visibility = string
selected_repository_ids = optional(set(number))
})) | `[]` | no |
| [webhooks](#input\_webhooks) | List of webhooks. | list(object({
events = set(string)
configuration = object({
url = string
content_type = string
secret = optional(string)
insecure_ssl = optional(bool)
})
active = optional(bool)
name = optional(string)
})) | `[]` | no |
## Outputs
| Name | Description |
|------|-------------|
| [actions](#output\_actions) | GitHub Actions module outputs. |
| [app\_installations](#output\_app\_installations) | GitHub App installations. |
| [blocks](#output\_blocks) | Organization blocks. |
| [custom\_roles](#output\_custom\_roles) | Custom roles. |
| [rulesets](#output\_rulesets) | Repository rulesets. |
| [secrets\_and\_variables](#output\_secrets\_and\_variables) | Repository Actions, Codespaces and Dependabot secrets and variables. |
| [settings](#output\_settings) | Organization settings. |
| [teams](#output\_teams) | Organization teams. |
| [webhooks](#output\_webhooks) | Repository webhooks. |