A terraform module for creating repositories in your GitHub Organization.
This module is a "quick-and-dirty" way of achieving reusable, automated github repo provisioning & configuration. I would like to make org & team input optional, but the limitations of terraform's HCL configuration language have made this a challenge. With that said, the recent syntax improvements introduced in Terraform 0.12 release may open up some possibilities of improvement, and higher flexibility for this module.
Created using Terraform v0.11.13
Set the following environment variables before running:
export GITHUB_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
export GITHUB_ORGANIZATION=your-org-name
The account that is associated with the above token must have "owner" permissions on the organization that is referenced as an input variable.
This module requires the existance of a GitHub team to be given access to the repository.
The following input variables are intended to be written as a "list of maps". While this is more complex thatn granular parameters for each map, it allows the user to be more specific and flexible when setting details access policies.
Example:
required_status_checks = [
{
strict = false
contexts = ["ci/travis"]
}
]Example:
required_pull_request_reviews = [
{
dismiss_stale_reviews = true
dismissal_users = ["foo-user"]
dismissal_teams = ["${var.github_team}", "${var.github_team_2}"]
}
] Example:
restrictions = [
{
users = ["foo-user"]
teams = ["${var.github_team}"]
}
]| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | (Required) The name of the repository. | string | n/a | yes |
| allow_merge_commit | (Optional) Set to false to disable merge commits on the repository. | string | "true" |
no |
| allow_rebase_merge | (Optional) Set to false to disable rebase merges on the repository. | string | "true" |
no |
| allow_squash_merge | (Optional) Set to false to disable squash merges on the repository. | string | "true" |
no |
| archived | (Optional) Specifies if the repository should be archived. Defaults to false. | string | "false" |
no |
| auto_init | (Optional) Set to true to produce an initial commit in the repository. | string | "false" |
no |
| default_branch | (Optional) The name of the default branch of the repository. NOTE: This can only be set after a repository has already been created, and after a correct reference has been created for the target branch inside the repository. This means a user will have to omit this parameter from the initial repository creation and create the target branch inside of the repository prior to setting this attribute. | string | "" |
no |
| description | (Optional) A description of the repository. | string | "" |
no |
| enforce_admins | (Optional) Boolean, setting this to true enforces status checks for repository administrators. | string | "false" |
no |
| gitignore_template | (Optional) Use the name of the template without the extension. For example, "Haskell". | string | "" |
no |
| has_downloads | (Optional) Set to true to enable the (deprecated) downloads features on the repository. | string | "false" |
no |
| has_issues | (Optional) Set to true to enable the GitHub Issues features on the repository. | string | "false" |
no |
| has_projects | (Optional) Set to true to enable the GitHub Projects features on the repository. Per the github documentation when in an organization that has disabled repository projects it will default to false and will otherwise default to true. If you specify true when it has been disabled it will return an error. | string | "false" |
no |
| has_wiki | (Optional) Set to true to enable the GitHub Wiki features on the repository. | string | "false" |
no |
| homepage_url | (Optional) URL of a page describing the project. | string | "" |
no |
| license_template | (Optional) Use the name of the template without the extension. For example, "mit" or "mpl-2.0". | string | "" |
no |
| permission | (Optional) The permissions of team members regarding the repository. Must be one of pull, push, or admin. Defaults to pull. | string | "pull" |
no |
| private | (Optional) Set to true to create a private repository. Repositories are created as public (e.g. open source) by default. | string | "false" |
no |
| required_pull_request_reviews | (Optional) Enforce restrictions for pull request reviews. | list | <list> |
no |
| required_status_checks | (Optional) Enforce restrictions for required status checks. | list | <list> |
no |
| restrictions | (Optional) Enforce restrictions for the users and teams that may push to the branch. | list | <list> |
no |
| team_slug | (Required) The GitHub team slug | string | "" |
yes |
| topics | (Optional) The list of topics of the repository. | list | <list> |
no |
| Name | Description |
|---|---|
| full_name | A string of the form "orgname/reponame". |
| git_clone_url | URL that can be provided to git clone to clone the repository anonymously via the git protocol. |
| html_url | URL to the repository on the web. |
| http_clone_url | URL that can be provided to git clone to clone the repository via HTTPS. |
| ssh_clone_url | URL that can be provided to git clone to clone the repository via SSH. |
| svn_url | URL that can be provided to svn checkout to check out the repository via GitHub's Subversion protocol emulation. |