Skip to content

Commit

Permalink
feat!: Upgrade to github provider v6.0
Browse files Browse the repository at this point in the history
BREAKING CHANGE: `push_restrictions` argument is replaced by `restrict_pushes`
(Check integrations/terraform-provider-github#2045 for
more details)
  • Loading branch information
ninadpage committed Mar 12, 2024
1 parent 7d703d7 commit dbff522
Show file tree
Hide file tree
Showing 10 changed files with 29 additions and 15 deletions.
2 changes: 1 addition & 1 deletion examples/environments/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
github = {
source = "integrations/github"
version = ">= 5.18.3"
version = ">= 6.0.1, < 7.0.0"
}
}
}
2 changes: 0 additions & 2 deletions examples/main-protected/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,6 @@ module "test_main_protected" {
{
branches = ["main"]
enforce_admins = false
required_checks = null
push_restrictions = []
require_signed_commits = false

required_reviews = {
Expand Down
2 changes: 1 addition & 1 deletion examples/main-protected/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
github = {
source = "integrations/github"
version = ">= 5.18.3"
version = ">= 6.0.1, < 7.0.0"
}
}
}
2 changes: 1 addition & 1 deletion examples/main-unprotected/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
github = {
source = "integrations/github"
version = ">= 5.18.3"
version = ">= 6.0.1, < 7.0.0"
}
}
}
9 changes: 7 additions & 2 deletions examples/master-protected/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,15 @@ module "master_protected" {
{
branches = ["master"]
enforce_admins = false
required_checks = null
push_restrictions = []
require_signed_commits = false

restrict_pushes = {
blocks_creations = false
push_allowances = [
"/exampleuser",
]
}

required_reviews = {
dismiss_stale_reviews = true
dismissal_restrictions = []
Expand Down
2 changes: 1 addition & 1 deletion examples/master-protected/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
github = {
source = "integrations/github"
version = ">= 5.18.3"
version = ">= 6.0.1, < 7.0.0"
}
}
}
2 changes: 1 addition & 1 deletion examples/master-unprotected/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
github = {
source = "integrations/github"
version = ">= 5.18.3"
version = ">= 6.0.1, < 7.0.0"
}
}
}
12 changes: 10 additions & 2 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ locals {
for branch in config.branches : {
branch = branch
enforce_admins = config.enforce_admins
push_restrictions = config.push_restrictions
restrict_pushes = config.restrict_pushes
require_signed_commits = config.require_signed_commits
required_checks = config.required_checks
required_reviews = config.required_reviews
Expand Down Expand Up @@ -86,10 +86,18 @@ resource "github_branch_protection" "default" {

enforce_admins = local.protection[count.index].enforce_admins
pattern = local.protection[count.index].branch
push_restrictions = local.protection[count.index].push_restrictions
repository_id = github_repository.default.name
require_signed_commits = local.protection[count.index].require_signed_commits

dynamic "restrict_pushes" {
for_each = local.protection[count.index].restrict_pushes != null ? { create : true } : {}

content {
blocks_creations = local.protection[count.index].restrict_pushes.blocks_creations
push_allowances = local.protection[count.index].restrict_pushes.push_allowances
}
}

dynamic "required_pull_request_reviews" {
for_each = local.protection[count.index].required_reviews != null ? { create : true } : {}

Expand Down
9 changes: 6 additions & 3 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,12 @@ variable "auto_init" {

variable "branch_protection" {
type = list(object({
branches = list(string)
enforce_admins = bool
push_restrictions = list(string)
branches = list(string)
enforce_admins = bool
restrict_pushes = optional(object({
blocks_creations = optional(bool)
push_allowances = optional(list(string))
}))
require_signed_commits = bool

required_checks = object({
Expand Down
2 changes: 1 addition & 1 deletion versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
github = {
source = "integrations/github"
version = ">= 5.18.3"
version = ">= 6.0.1, < 7.0.0"
}
}
}

0 comments on commit dbff522

Please sign in to comment.