Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/lasuillard/terraform-github-repository
Terraform module to create GitHub repository and relevant resources.
https://github.com/lasuillard/terraform-github-repository
github-repository terraform terraform-github-provider terraform-module
Last synced: 11 days ago
JSON representation
Terraform module to create GitHub repository and relevant resources.
- Host: GitHub
- URL: https://github.com/lasuillard/terraform-github-repository
- Owner: lasuillard
- License: mit
- Created: 2024-03-24T05:14:12.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2024-11-03T02:57:33.000Z (12 days ago)
- Last Synced: 2024-11-03T03:23:38.423Z (12 days ago)
- Topics: github-repository, terraform, terraform-github-provider, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/lasuillard/repository/github/latest
- Size: 89.8 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# terraform-github-repository
[](https://opensource.org/licenses/MIT)
[](https://github.com/lasuillard/terraform-github-repository/actions/workflows/ci.yaml)
Terraform module to create GitHub repository and relevant resources.
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | ~> 1.0 |
| [github](#requirement\_github) | ~> 6.2 |
## Providers
| Name | Version |
|------|---------|
| [github](#provider\_github) | ~> 6.2 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [actions](#module\_actions) | ./modules/actions | n/a |
| [rulesets](#module\_rulesets) | ./modules/rulesets | n/a |
| [secrets\_and\_variables](#module\_secrets\_and\_variables) | ./modules/secrets-and-variables | n/a |
## Resources
| Name | Type |
|------|------|
| [github_branch.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch) | resource |
| [github_branch_default.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_default) | resource |
| [github_branch_protection.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/branch_protection) | resource |
| [github_issue_label.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/issue_label) | resource |
| [github_issue_labels.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/issue_labels) | resource |
| [github_repository.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource |
| [github_repository_autolink_reference.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_autolink_reference) | resource |
| [github_repository_collaborator.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborator) | resource |
| [github_repository_collaborators.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborators) | resource |
| [github_repository_dependabot_security_updates.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_dependabot_security_updates) | resource |
| [github_repository_file.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource |
| [github_repository_webhook.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_webhook) | resource |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [actions\_repository\_access\_level](#input\_actions\_repository\_access\_level) | Where the actions or reusable workflows of the repository may be used. Possible values are `"none"`, `"user"`, `"organization"`, or `"enterprise"`.
If `null`, skip creation of `github_actions_repository_access_level` resource. | `string` | `null` | no |
| [actions\_repository\_permissions](#input\_actions\_repository\_permissions) | GitHub Actions permissions for a given repository. |
object({
allowed_actions = optional(string)
enabled = optional(bool)
allowed_actions_config = optional(object({
github_owned_allowed = bool
patterns_allowed = optional(set(string))
verified_allowed = optional(bool)
}))
}) | `null` | no |
| [allow\_auto\_merge](#input\_allow\_auto\_merge) | Set to `true` to allow auto-merging pull requests on the repository. | `bool` | `false` | no |
| [allow\_merge\_commit](#input\_allow\_merge\_commit) | Set to `false` to disable merge commits on the repository. | `bool` | `true` | no |
| [allow\_rebase\_merge](#input\_allow\_rebase\_merge) | Set to `false` to disable rebase merges on the repository. | `bool` | `true` | no |
| [allow\_squash\_merge](#input\_allow\_squash\_merge) | Set to `false` to disable squash merges on the repository. | `bool` | `true` | no |
| [allow\_update\_branch](#input\_allow\_update\_branch) | Set to `true` to always suggest updating pull request branches. | `bool` | `null` | no |
| [archive\_on\_destroy](#input\_archive\_on\_destroy) | Set to `true` to archive the repository instead of deleting on destroy. | `bool` | `true` | no |
| [archived](#input\_archived) | Specifies if the repository should be archived.
**NOTE** Currently, the API does not support unarchiving. | `bool` | `false` | no |
| [auto\_init](#input\_auto\_init) | Set to `true` to produce an initial commit in the repository. | `bool` | `null` | no |
| [autolink\_references](#input\_autolink\_references) | Autolink references. | list(object({
key_prefix = string
target_url_template = string
is_alphanumeric = optional(bool)
})) | `[]` | no |
| [branch\_protections](#input\_branch\_protections) | Branch protection rules. | list(object({
pattern = string
enforce_admins = optional(bool)
require_signed_commits = optional(bool)
required_linear_history = optional(bool)
require_conversation_resolution = optional(bool)
required_status_checks = optional(object({
strict = optional(bool)
contexts = optional(set(string))
}))
required_pull_request_reviews = optional(object({
dismiss_stale_reviews = optional(bool)
restrict_dismissals = optional(bool)
dismissal_restrictions = optional(set(string))
pull_request_bypassers = optional(set(string))
require_code_owner_reviews = optional(bool)
required_approving_review_count = optional(number)
require_last_push_approval = optional(bool)
}))
restrict_pushes = optional(object({
blocks_creations = optional(bool)
push_allowances = optional(set(string))
}))
force_push_bypassers = optional(set(string))
allows_deletions = optional(bool)
allows_force_pushes = optional(bool)
lock_branch = optional(bool)
})) | `[]` | no |
| [branches](#input\_branches) | Map of branch name and configuration to create. | map(object({
source_branch = optional(string)
source_sha = optional(string)
})) | `{}` | no |
| [collaborators](#input\_collaborators) | List of collaboratos. | object({
non_authoritative = optional(list(object({
username = string
permission = optional(string)
permission_diff_suppression = optional(bool)
})))
authoritative = optional(object({
users = optional(list(object({
username = string
permission = optional(string)
})))
teams = optional(list(object({
team_id = string
permission = optional(string)
})))
}))
}) | `{}` | no |
| [collaborators\_authoritative](#input\_collaborators\_authoritative) | Whether collaborators should be managed in authoritative way. If set `true`, `github_repository_collaborators` resource will be used. | `bool` | `false` | no |
| [create](#input\_create) | Whether to create this module or not. | `bool` | `true` | no |
| [default\_branch](#input\_default\_branch) | The name of the default branch of the repository. | `string` | `"main"` | no |
| [default\_branch\_rename](#input\_default\_branch\_rename) | Indicate if it should rename the branch rather than use an existing branch. | `bool` | `false` | no |
| [delete\_branch\_on\_merge](#input\_delete\_branch\_on\_merge) | Automatically delete head branch after a pull request is merged. | `bool` | `false` | no |
| [dependabot\_security\_updates\_enabled](#input\_dependabot\_security\_updates\_enabled) | Whether to enable Dependabot security updates. | `bool` | `false` | no |
| [deploy\_keys](#input\_deploy\_keys) | Deploy keys. | list(object({
key = string
read_only = bool
title = string
})) | `[]` | no |
| [deployment\_branch\_policies](#input\_deployment\_branch\_policies) | Deployment branch policies. | list(object({
environment = string
branch_pattern = string
})) | `[]` | no |
| [description](#input\_description) | A description of the repository. | `string` | `null` | no |
| [environments](#input\_environments) | List of GitHub repository environments. | map(object({
wait_timer = optional(number)
can_admins_bypass = optional(bool)
prevent_self_review = optional(bool)
reviewers = optional(object({
teams = optional(set(string))
users = optional(set(string))
}))
deployment_branch_policy = optional(object({
protected_branches = bool
custom_branch_policies = bool
}))
})) | `{}` | no |
| [files](#input\_files) | Repository files. | list(object({
file = string
content = string
branch = optional(string)
commit_author = optional(string)
commit_email = optional(string)
commit_message = optional(string)
overwrite_on_create = optional(bool)
})) | `[]` | no |
| [gitignore\_template](#input\_gitignore\_template) | Use the [name of the template](https://github.com/github/gitignore) without the extension. For example, `"Haskell"`. | `string` | `null` | no |
| [has\_discussions](#input\_has\_discussions) | Set to `true` to enable GitHub Discussions on the repository. | `bool` | `false` | no |
| [has\_downloads](#input\_has\_downloads) | Set to `true` to enable the (deprecated) downloads features on the repository. | `bool` | `null` | no |
| [has\_issues](#input\_has\_issues) | Set to `true` to enable the GitHub Issues features on the repository. | `bool` | `true` | no |
| [has\_projects](#input\_has\_projects) | Set to `true` to enable the GitHub Projects features on the repository.
Per the GitHub [documentation](https://developer.github.com/v3/repos/#create) when in an organization that has disabled repository projects it will default to `false` and will otherwise default to `true`.
If you specify `true` when it has been disabled it will return an error. | `bool` | `false` | no |
| [has\_wiki](#input\_has\_wiki) | Set to `true` to enable the GitHub Wiki features on the repository. | `bool` | `false` | no |
| [homepage\_url](#input\_homepage\_url) | URL of a page describing the project. | `string` | `null` | no |
| [ignore\_vulnerability\_alerts\_during\_read](#input\_ignore\_vulnerability\_alerts\_during\_read) | Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. | `bool` | `null` | no |
| [is\_template](#input\_is\_template) | Set to `true` to tell GitHub that this is a template repository. | `bool` | `false` | no |
| [issue\_labels](#input\_issue\_labels) | Issue labels. Starting prefix "#" in `color` will be ignored. | list(object({
name = string
color = string
description = optional(string)
})) | `[]` | no |
| [issue\_labels\_authoritative](#input\_issue\_labels\_authoritative) | Whether issue labels managed in authoritative ways. If `true`, issue labels will be created using `github_issue_labels` resource type, possibly causing all the labels not listed removed. | `bool` | `false` | no |
| [license\_template](#input\_license\_template) | Use the [name of the template](https://github.com/github/choosealicense.com/tree/gh-pages/_licenses) without the extension. For example, `"mit"` or `"mpl-2.0"`. | `string` | `null` | no |
| [merge\_commit\_message](#input\_merge\_commit\_message) | Can be `"PR_BODY"`, `"PR_TITLE"`, or `"BLANK"` for a default merge commit message. Applicable only if `allow_merge_commit` is `true`. | `string` | `null` | no |
| [merge\_commit\_title](#input\_merge\_commit\_title) | Can be `"PR_TITLE"` or `"MERGE_MESSAGE"` for a default merge commit title. Applicable only if `allow_merge_commit` is `true`. | `string` | `null` | no |
| [name](#input\_name) | The name of the repository. | `string` | n/a | yes |
| [pages](#input\_pages) | The repository's GitHub Pages configuration.
See [GitHub Pages Configuration](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository#github-pages-configuration) for details. | object({
source = optional(object({
branch = string
path = optional(string)
}))
build_type = optional(string)
cname = optional(string)
}) | `null` | no |
| [rulesets](#input\_rulesets) | Repository rulesets. | list(object({
enforcement = string
name = string
rules = object({
branch_name_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
commit_author_email_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
commit_message_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
committer_email_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
creation = optional(bool)
deletion = optional(bool)
non_fast_forward = optional(bool)
pull_request = optional(object({
dismiss_stale_reviews_on_push = optional(bool)
require_code_owner_review = optional(bool)
require_last_push_approval = optional(bool)
required_approving_review_count = optional(number)
required_review_thread_resolution = optional(bool)
}))
required_deployments = optional(object({
required_deployment_environments = set(string)
}))
required_linear_history = optional(bool)
required_signatures = optional(bool)
required_status_checks = optional(object({
required_check = list(object({
context = string
integration_id = optional(number)
}))
strict_required_status_checks_policy = optional(bool)
}))
tag_name_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
update = optional(bool)
update_allows_fetch_and_merge = optional(bool)
})
target = string
bypass_actors = optional(list(object({
actor_id = number
actor_type = string
bypass_mode = optional(string)
})))
conditions = optional(object({
ref_name = object({
exclude = set(string)
include = set(string)
})
}))
})) | `[]` | no |
| [secrets](#input\_secrets) | GitHub Actions secrets for this repository.
- Available values for `subject` are `"actions"`, `"codespaces"`, `"dependabot"`.
- `github_actions_environment_secret` resource will be created if `environment` key specified. | list(object({
subjects = set(string)
environment = optional(string)
secret_name = string
encrypted_value = optional(string)
plaintext_value = optional(string)
})) | `[]` | no |
| [security\_and\_analysis](#input\_security\_and\_analysis) | The repository's [security and analysis](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository) configuration.
See [Security and Analysis Configuration](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository#security-and-analysis-configuration) for details. | object({
advanced_security = optional(object({
status = string
}))
secret_scanning = optional(object({
status = string
}))
secret_scanning_push_protection = optional(object({
status = string
}))
}) | `null` | no |
| [squash\_merge\_commit\_message](#input\_squash\_merge\_commit\_message) | Can be `"PR_BODY"`, `"COMMIT_MESSAGES"`, or `"BLANK"` for a default squash merge commit message. Applicable only if `allow_squash_merge` is `true`. | `string` | `null` | no |
| [squash\_merge\_commit\_title](#input\_squash\_merge\_commit\_title) | Can be `"PR_TITLE"` or `"COMMIT_OR_PR_TITLE"` for a default squash merge commit title. Applicable only if `allow_squash_merge` is `true`. | `string` | `null` | no |
| [template](#input\_template) | Use a template repository to create this resource.
See [Template Repositories](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository#template-repositories) for details. | object({
owner = string
repository = string
include_all_branches = optional(bool)
}) | `null` | no |
| [topics](#input\_topics) | The list of topics of the repository.
NOTE: This attribute is not compatible with the `github_repository_topics` resource. Use one of them.
`github_repository_topics` is only meant to be used if the repository itself is not handled via terraform, for example if it's only read as a datasource (see issue [#1845](https://github.com/integrations/terraform-provider-github/issues/1845)). | `set(string)` | `null` | no |
| [variables](#input\_variables) | GitHub Actions variables for this repository. Create `github_actions_environment_variable` resource if `environment` key specified. | list(object({
environment = optional(string)
variable_name = string
value = optional(string)
})) | `[]` | no |
| [visibility](#input\_visibility) | Can be `"public"` or `"private"`.
If your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+, visibility can also be `"internal"`.
The `visibility` parameter overrides the `private` parameter." | `string` | `"private"` | no |
| [vulnerability\_alerts](#input\_vulnerability\_alerts) | Set to `true` to enable security alerts for vulnerable dependencies.
Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.)
See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details.
Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. | `bool` | `true` | no |
| [web\_commit\_signoff\_required](#input\_web\_commit\_signoff\_required) | Require contributors to sign off on web-based commits. See more [here](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-commit-signoff-policy-for-your-repository). | `bool` | `false` | no |
| [webhooks](#input\_webhooks) | List of webhooks. | list(object({
events = set(string)
configuration = object({
url = string
content_type = string
secret = optional(string)
insecure_ssl = optional(bool)
})
active = optional(bool)
})) | `[]` | no |
## Outputs
| Name | Description |
|------|-------------|
| [actions](#output\_actions) | GitHub Actions module outputs. |
| [autolink\_references](#output\_autolink\_references) | Autolink references. |
| [branch\_default](#output\_branch\_default) | Default branch name. |
| [branch\_protections](#output\_branch\_protections) | Branch protection rules. |
| [branches](#output\_branches) | Branches in repository. |
| [collaborators](#output\_collaborators) | List of repository collaborators. |
| [dependabot\_security\_updates\_enabled](#output\_dependabot\_security\_updates\_enabled) | Whether dependabot security updates enabled for this repository. |
| [files](#output\_files) | Files managed by this module. |
| [issue\_labels](#output\_issue\_labels) | Repository issue labels. |
| [repository](#output\_repository) | Repository details. |
| [rulesets](#output\_rulesets) | Repository rulesets. |
| [secrets\_and\_variables](#output\_secrets\_and\_variables) | Repository Actions, Codespaces and Dependabot secrets and variables. |
| [webhooks](#output\_webhooks) | Repository webhooks. |