-
Notifications
You must be signed in to change notification settings - Fork 743
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bugfix: Make security_and_analysis settings optional (#1489)
* make advanced security property optional, defaulting to disabled for public repositories - default to - not setting advanced_security - as it is enabled by default and uneditable - disabling - secret scanning and - secret scanning push protection. * add example repository security and analysis * make security_and_analysis secret_scanning and secret_scanning_and_push_protection properties optional Co-authored-by: Keegan Campbell <[email protected]>
- Loading branch information
1 parent
d27da35
commit c83839f
Showing
8 changed files
with
237 additions
and
115 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# Repository Visibility Example | ||
|
||
This demos setting `security_and_analysis` for a repository. See https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository for details on what these settings do. | ||
|
||
This example will create a repositories in the specified `owner` organization. See https://www.terraform.io/docs/providers/github/index.html for details on configuring [`providers.tf`](./providers.tf) accordingly. | ||
|
||
Alternatively, you may use variables passed via command line: | ||
|
||
```console | ||
export GITHUB_OWNER= | ||
export GITHUB_TOKEN= | ||
``` | ||
|
||
```console | ||
terraform apply \ | ||
-var "owner=${GITHUB_OWNER}" \ | ||
-var "github_token=${GITHUB_TOKEN}" | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
resource "github_repository" "terraformed" { | ||
name = "terraformed" | ||
description = "A repository created by terraform" | ||
visibility = "public" | ||
|
||
security_and_analysis { | ||
# Cannot set advanced_security for public repositories as it is always on by default. | ||
# advanced_security { | ||
# status = "enabled" | ||
# } | ||
secret_scanning { | ||
status = "enabled" | ||
} | ||
secret_scanning_push_protection { | ||
status = "enabled" | ||
} | ||
} | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
output "repository" { | ||
description = "Example repository JSON blob" | ||
value = github_repository.terraformed | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
provider "github" { | ||
owner = var.owner | ||
token = var.github_token | ||
} | ||
|
||
terraform { | ||
required_providers { | ||
github = { | ||
source = "integrations/github" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
variable "owner" { | ||
description = "GitHub owner used to configure the provider" | ||
type = string | ||
} | ||
|
||
variable "github_token" { | ||
description = "GitHub access token used to configure the provider" | ||
type = string | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.