diff --git a/.github/workflows/pac.yml b/.github/workflows/pac.yml
deleted file mode 100644
index e0dfc4986..000000000
--- a/.github/workflows/pac.yml
+++ /dev/null
@@ -1,85 +0,0 @@
-name: Policy as Code
-
-on:
- pull_request:
- paths:
- - repo-policy/**
-
-env:
- TERRAFORM_DIR: "./repo-policy"
-
-jobs:
- terraform:
- runs-on: ubuntu-latest
- permissions:
- id-token: write
- pull-requests: write
-
- steps:
- - name: Checkout
- uses: actions/checkout@v3
- with:
- fetch-depth: 1
-
- - uses: aws-actions/configure-aws-credentials@v1
- with:
- role-to-assume: arn:aws:iam::754489498669:role/gromit-ci
- role-session-name: gromitci
- aws-region: eu-central-1
-
- - uses: hashicorp/setup-terraform@v2
- with:
- terraform_version: 1.3.0
- cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
-
- - name: Terraform Init
- working-directory: ${{ env.TERRAFORM_DIR }}
- id: init
- run: terraform init -input=false
-
- - name: Terraform Validate
- id: validate
- run: terraform validate -no-color
-
- - name: Terraform Plan
- working-directory: ${{ env.TERRAFORM_DIR }}
- id: plan
- run: |
- echo "::group::Terraform Plan"
- terraform plan -no-color -input=false
- echo "::endgroup::"
- continue-on-error: true
-
- - name: Update Pull Request
- uses: actions/github-script@v6
- if: github.event_name == 'pull_request'
- env:
- PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
- with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
- script: |
- const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
- #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
- #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
- #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
-
- Show Plan
-
- \`\`\`\n
- ${process.env.PLAN}
- \`\`\`
-
-
-
- *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
-
- github.rest.issues.createComment({
- issue_number: context.issue.number,
- owner: context.repo.owner,
- repo: context.repo.repo,
- body: output
- })
-
- - name: Terraform Plan Status
- if: steps.plan.outcome == 'failure'
- run: exit 1
\ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a5000860e..f08142e69 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,5 +1,5 @@
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
# Distribution channels covered by this workflow
# - Ubuntu and Debian
@@ -42,11 +42,15 @@ jobs:
debvers: 'ubuntu/xenial ubuntu/bionic ubuntu/focal ubuntu/jammy debian/jessie debian/buster debian/bullseye debian/bookworm'
outputs:
tags: ${{ steps.metadata.outputs.tags }}
+ commit_author: ${{ steps.fetch-author.outputs.commit_author}}
steps:
- name: Checkout of tyk-pump
uses: actions/checkout@v4
with:
fetch-depth: 1
+ - name: Get commit author
+ id: fetch-author
+ run: echo "commit_author=$(git show -s --format='%ae' HEAD)" >> $GITHUB_OUTPUT
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
@@ -62,7 +66,7 @@ jobs:
registry: docker.tyk.io
username: ${{ secrets.CLOUDSMITH_USERNAME }}
password: ${{ secrets.CLOUDSMITH_API_KEY }}
- - uses: actions/cache@v3
+ - uses: actions/cache@v4
with:
path: |
~/.cache/go-build
@@ -140,7 +144,7 @@ jobs:
done
docker manifest create ${tag} ${tag}-amd64 ${tag}-arm64 && docker manifest push ${tag}
done
- - uses: actions/upload-artifact@v3
+ - uses: actions/upload-artifact@v4
if: ${{ matrix.golang_cross == '1.21-bullseye' }}
with:
name: deb
@@ -148,7 +152,7 @@ jobs:
path: |
dist/*.deb
!dist/*PAYG*.deb
- - uses: actions/upload-artifact@v3
+ - uses: actions/upload-artifact@v4
if: ${{ matrix.golang_cross == '1.21-bullseye' }}
with:
name: rpm
@@ -156,13 +160,13 @@ jobs:
path: |
dist/*.rpm
!dist/*PAYG*.rpm
- test-controller:
+ test-controller-api:
needs: goreleaser
runs-on: ubuntu-latest
- container: tykio/gromit:v1.6
+ container: tykio/gromit:v1.7
outputs:
- conf: ${{ steps.params.outputs.conf }}
- db: ${{ steps.params.outputs.db }}
+ conf: ${{ steps.params.outputs.api_conf }}
+ db: ${{ steps.params.outputs.api_db }}
pump: ${{ steps.params.outputs.pump }}
sink: ${{ steps.params.outputs.sink }}
gd_tag: ${{ steps.params.outputs.gd_tag }}
@@ -177,9 +181,10 @@ jobs:
TAGS: ${{ needs.goreleaser.outputs.tags }}
IS_PR: ${{startsWith(github.event_name, 'pull_request') && 'yes' }}
IS_TAG: ${{startsWith(github.ref, 'refs/tags') && 'yes' }}
+ JOB: api
run: gromit policy controller --loglevel debug | tee -a "$GITHUB_OUTPUT"
api-tests:
- needs: test-controller
+ needs: [goreleaser, test-controller-api]
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the Github JWT
@@ -187,9 +192,9 @@ jobs:
strategy:
fail-fast: false
matrix:
- conf: ${{ fromJson(needs.test-controller.outputs.conf) }}
- db: ${{ fromJson(needs.test-controller.outputs.db) }}
- sink: ${{ fromJson(needs.test-controller.outputs.sink) }}
+ conf: ${{ fromJson(needs.test-controller-api.outputs.conf) }}
+ db: ${{ fromJson(needs.test-controller-api.outputs.db) }}
+ sink: ${{ fromJson(needs.test-controller-api.outputs.sink) }}
include:
- db: postgres15
markers: "and not sql"
@@ -207,7 +212,7 @@ jobs:
# See https://github.com/mxschmitt/action-tmate#use-registered-public-ssh-keys
- name: Setup tmate session only in debug mode
uses: mxschmitt/action-tmate@v3
- if: ${{ runner.debug == '1' }}
+ if: runner.debug == '1'
with:
detached: true
limit-access-to-actor: true
@@ -227,41 +232,67 @@ jobs:
TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }}
TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }}
ECR: ${{ steps.ecr.outputs.registry }}
- VERSIONS: ${{ needs.test-controller.outputs.versions}}
+ VERSIONS: ${{ needs.test-controller-api.outputs.versions}}
run: "echo \"ECR=${ECR}\n$VERSIONS\n\ntyk_sink_image=${{matrix.sink}} \n# base dir for config files\nconfs_dir=./pro-ha\n# pick database to use\nenv_file=local-${{ matrix.db }}.env\n\" > versions.env\nprintf '::group::versions\\n%s\\n::endgroup::' \"$(cat versions.env)\"\n# Add Tyk component config variations to $env_file\ncat confs/${{ matrix.conf }}.env >> local-${{ matrix.db }}.env\n# bring up env, the project name is important\ndocker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d\n./dash-bootstrap.sh http://localhost:3000\ndocker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d\n"
- name: Run tests
working-directory: auto
id: test_execution
run: |
+ set -o pipefail
echo "### API tests ${{ matrix.db }} ${{ matrix.conf }}" >> $GITHUB_STEP_SUMMARY
if docker run --rm --network auto_default --env-file pytest.env -v ${{ github.workspace }}/reports:/app/reports \
- ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ needs.test-controller.outputs.gd_tag }} \
+ ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ needs.test-controller-api.outputs.gd_tag }} \
pytest -c pytest_ci.ini --ci -m "not local and not dind ${{ matrix.markers }}" | tee tests.out; then
echo "All tests passed!" >> $GITHUB_STEP_SUMMARY
else
echo "::error title=API tests ${{ matrix.db }} ${{ matrix.conf }}::Test execution failed"
cat tests.out >> $GITHUB_STEP_SUMMARY
- docker logs tyk tyk-analytics
exit 1
fi
+ - name: Docker logs for all components
+ if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success')
+ working-directory: auto
+ env:
+ pull_policy: 'if_not_present'
+ GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }}
+ TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }}
+ TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }}
+ ECR: ${{ steps.ecr.outputs.registry }}
+ VERSIONS: ${{ needs.test-controller-api.outputs.versions }}
+ run: |
+ docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile all logs | sort > ${{ github.workspace }}/docker-compose-api.log
+ echo "::group::DockerLogs"
+ cat ${{ github.workspace }}/docker-compose-api.log
+ echo "::endgroup::"
+ - name: Upload Artifact
+ uses: actions/upload-artifact@v4
+ if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success')
+ with:
+ name: docker-compose-logs-api-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }}
+ path: ${{ github.workspace }}/docker-compose-api.log
+ retention-days: 3
+ override: true
- name: Archive Integration tests report
- if: ${{ always() }}
- uses: actions/upload-artifact@v3
+ if: always()
+ uses: actions/upload-artifact@v4
with:
- name: api-test-report
+ name: api-test-report-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }}
retention-days: 3
path: ${{ github.workspace }}/reports
+ override: true
- name: Fetch commit author
- if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }}
- run: echo "GIT_USER_EMAIL=$(git show -s --format='%ae' HEAD)" >> $GITHUB_ENV
+ if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push'
+ env:
+ USER_EMAIL: ${{ needs.goreleaser.outputs.commit_author }}
+ run: echo "GIT_USER_EMAIL=$USER_EMAIL" >> $GITHUB_ENV
- name: Fetch slack user
- if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }}
+ if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push'
id: fetch_slack_user
uses: TykTechnologies/github-actions/.github/actions/github-to-slack@main
with:
github_email: ${{ env.GIT_USER_EMAIL }}
- name: Notify slack
- if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }}
+ if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push'
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.API_TEST_ALERT_SLACK_WEBHOOK }}
@@ -270,15 +301,6 @@ jobs:
SLACK_USERNAME: API INTEGRATION TESTS
SLACK_MESSAGE: "*Test*: ${{ matrix.db }}-${{ matrix.conf }}, *Author*: ${{ steps.fetch_slack_user.outputs.slack-user-name }}"
SLACK_FOOTER: ""
- - name: Comment on PR
- if: ${{ always() && !github.event.pull_request.draft }}
- uses: mshick/add-pr-comment@v2
- with:
- message: "**API tests result - ${{ matrix.db }}-${{ matrix.conf }} env: ${{ steps.test_execution.outcome }}** ${{ env.STATUS }} \nBranch used: ${{ github.ref }}\nCommit: ${{ github.event.after }} ${{ github.event.commits[0].message }}\nTriggered by: ${{ github.event_name }} (@${{ github.actor }})\n[Execution page](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})\n"
- repo-token: ${{ secrets.ORG_GH_TOKEN }}
- message-id: ${{ matrix.db }}-${{ matrix.conf }}
- env:
- STATUS: "${{ steps.test_execution.outcome == 'success' && ':white_check_mark:' || ':no_entry_sign:' }}"
upgrade-deb:
services:
httpbin.org:
@@ -301,7 +323,7 @@ jobs:
- uses: actions/checkout@v4
with:
fetch-depth: 1
- - uses: actions/download-artifact@v3
+ - uses: actions/download-artifact@v4
with:
name: deb
- uses: docker/setup-qemu-action@v3
@@ -339,7 +361,7 @@ jobs:
- uses: actions/checkout@v4
with:
fetch-depth: 1
- - uses: actions/download-artifact@v3
+ - uses: actions/download-artifact@v4
with:
name: rpm
- uses: docker/setup-buildx-action@v3
diff --git a/ci/Dockerfile.std b/ci/Dockerfile.std
index 3cb4e961b..29b7e1d5f 100644
--- a/ci/Dockerfile.std
+++ b/ci/Dockerfile.std
@@ -1,5 +1,5 @@
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
FROM debian:bullseye-slim
ARG TARGETARCH
diff --git a/ci/bin/pc.sh b/ci/bin/pc.sh
index 9cd2734c9..0d5ee9689 100755
--- a/ci/bin/pc.sh
+++ b/ci/bin/pc.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
# goreleaser calls a custom publisher for each artefact packagecloud
# expects the distro version when pushing this script bridges both by
diff --git a/ci/bin/unlock-agent.sh b/ci/bin/unlock-agent.sh
index b9b41293a..02d1d6fff 100755
--- a/ci/bin/unlock-agent.sh
+++ b/ci/bin/unlock-agent.sh
@@ -1,7 +1,7 @@
#!/usr/bin/env bash
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
# Get the GPG fingerprint with gpg --with-keygrip --list-secret-keys
if [[ -z "${PKG_SIGNING_KEY}" || -z "${NFPM_STD_PASSPHRASE}" || -z "${GPG_FINGERPRINT}" ]]; then
diff --git a/ci/goreleaser/goreleaser.yml b/ci/goreleaser/goreleaser.yml
index f642f67e4..fbf8da06a 100644
--- a/ci/goreleaser/goreleaser.yml
+++ b/ci/goreleaser/goreleaser.yml
@@ -1,5 +1,5 @@
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
# Check the documentation at http://goreleaser.com
# This project needs CGO_ENABLED=1 and the cross-compiler toolchains for
@@ -126,10 +126,7 @@ publishers:
- name: tyk-pump-unstable
env:
- PACKAGECLOUD_TOKEN={{ .Env.PACKAGECLOUD_TOKEN }}
- - REPO=tyk/tyk-pump-unstable
- - RPMVERS={{ .Env.RPMVERS }}
- - DEBVERS={{ .Env.DEBVERS }}
- cmd: ./ci/bin/pc.sh {{ .ArtifactPath }}
+ cmd: packagecloud publish --debvers "{{ .Env.DEBVERS }}" --rpmvers "{{ .Env.RPMVERS }}" tyk/tyk-pump-unstable {{ .ArtifactPath }}
# This disables archives
archives:
- format: binary
diff --git a/ci/install/before_install.sh b/ci/install/before_install.sh
index 1a7e8f005..461c11d93 100755
--- a/ci/install/before_install.sh
+++ b/ci/install/before_install.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
echo "Creating user and group..."
GROUPNAME="tyk"
diff --git a/ci/install/post_install.sh b/ci/install/post_install.sh
index d6c026dca..7790cd384 100755
--- a/ci/install/post_install.sh
+++ b/ci/install/post_install.sh
@@ -2,7 +2,7 @@
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
# If "True" the install directory ownership will be changed to "tyk:tyk"
change_ownership="True"
diff --git a/ci/install/post_remove.sh b/ci/install/post_remove.sh
index fbc24a11c..760217c70 100755
--- a/ci/install/post_remove.sh
+++ b/ci/install/post_remove.sh
@@ -1,7 +1,7 @@
#!/bin/sh
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
cleanRemove() {
diff --git a/ci/install/post_trans.sh b/ci/install/post_trans.sh
index 4d500b54f..4422bd3d9 100755
--- a/ci/install/post_trans.sh
+++ b/ci/install/post_trans.sh
@@ -1,7 +1,7 @@
#!/bin/sh
# Generated by: gromit policy
-# Generated on: Thu Jan 18 17:24:56 UTC 2024
+# Generated on: Mon Mar 11 11:43:04 UTC 2024
if command -V systemctl >/dev/null 2>&1; then
if [ ! -f /lib/systemd/system/tyk-pump.service ]; then
diff --git a/repo-policy/historical-branches.auto.tfvars b/repo-policy/historical-branches.auto.tfvars
deleted file mode 100644
index d7fecac6d..000000000
--- a/repo-policy/historical-branches.auto.tfvars
+++ /dev/null
@@ -1,10 +0,0 @@
-# This file contains the branches that are no longer active with respect to releng
-# Branches here are required for the gpac bundle to work but it is not necessary to clutter the gromit
-# config file or main.tf with these.
-historical_branches = [
- { branch = "release-1.7",
- reviewers = "0",
- convos = "false",
- source_branch = "master",
- required_tests = ["1.15", "Go 1.16 tests"] }
-]
diff --git a/repo-policy/main.tf b/repo-policy/main.tf
deleted file mode 100644
index cc6d22f5e..000000000
--- a/repo-policy/main.tf
+++ /dev/null
@@ -1,59 +0,0 @@
-terraform {
-
- #Being used until TFCloud can be used
- backend "remote" {
- hostname = "app.terraform.io"
- organization = "Tyk"
- workspaces {
- name = "repo-policy-tyk-pump"
- }
- }
-
- required_providers {
- github = {
- source = "integrations/github"
- }
- }
-}
-
-provider "github" {
- owner = "TykTechnologies"
-}
-
-# Copypasta from modules/github-repos/variables.tf
-# FIXME: Unmodularise the github-repos module
-variable "historical_branches" {
- type = list(object({
- branch = string # Name of the branch
- source_branch = optional(string) # Source of the branch, needed when creating it
- reviewers = number # Min number of reviews needed
- required_tests = list(string) # Workflows that need to pass before merging
- convos = bool # Should conversations be resolved before merging
-
- }))
- description = "List of branches managed by terraform"
-}
-
-module "tyk-pump" {
- source = "./modules/github-repos"
- repo = "tyk-pump"
- description = "Tyk Analytics Pump to move analytics data from Redis to any supported back end (multiple back ends can be written to at once)."
- default_branch = "master"
- topics = []
- visibility = "public"
- wiki = false
- vulnerability_alerts = true
- squash_merge_commit_message = "COMMIT_MESSAGES"
- squash_merge_commit_title = "COMMIT_OR_PR_TITLE"
- release_branches = concat(var.historical_branches, [
- { branch = "master",
- reviewers = "1",
- convos = "false",
- required_tests = ["1.21-bullseye", "Go 1.21 tests", "api-tests (sha256, mongo44)", "api-tests (sha256, postgres15)", "api-tests (murmur64, mongo44)", "api-tests (murmur64, postgres15)"] },
- { branch = "release-1.8",
- reviewers = "0",
- convos = "false",
- source_branch = "master",
- required_tests = ["1.19-bullseye", "Go 1.19 tests"] },
- ])
-}
diff --git a/repo-policy/modules/github-repos/repo.tf b/repo-policy/modules/github-repos/repo.tf
deleted file mode 100644
index d8c273ba0..000000000
--- a/repo-policy/modules/github-repos/repo.tf
+++ /dev/null
@@ -1,75 +0,0 @@
-terraform {
- required_providers {
- github = {
- source = "integrations/github"
- version = "5.16.0"
- }
- }
-
-}
-
-resource "github_repository" "repository" {
- name = var.repo
- description = var.description
- visibility = var.visibility
- allow_rebase_merge = var.rebase_merge
- allow_squash_merge = true
- squash_merge_commit_message = var.squash_merge_commit_message
- squash_merge_commit_title = var.squash_merge_commit_title
- allow_merge_commit = var.merge_commit
- allow_auto_merge = true
- delete_branch_on_merge = var.delete_branch_on_merge
- vulnerability_alerts = var.vulnerability_alerts
- allow_update_branch = true
- has_downloads = true
- has_issues = true
- has_wiki = var.wiki
- has_projects = true
- topics = var.topics
-}
-
-resource "github_branch" "default" {
- repository = github_repository.repository.name
- branch = var.default_branch
-}
-
-resource "github_branch" "release_branches" {
- for_each = { for i, b in var.release_branches :
- b.branch => b }
- repository = github_repository.repository.name
- branch = each.value.branch
- source_branch = each.value.source_branch
-}
-
-resource "github_branch_default" "default" {
- repository = github_repository.repository.name
- branch = github_branch.default.branch
-}
-
-
-resource "github_branch_protection" "automerge" {
- for_each = { for i, b in var.release_branches :
- b.branch => b }
-
- repository_id = github_repository.repository.node_id
- pattern = each.value.branch
-
- #checks for automerge
- require_signed_commits = false
- require_conversation_resolution = each.value.convos
- required_linear_history = false
- enforce_admins = false
- allows_deletions = false
- allows_force_pushes = false
-
- required_status_checks {
- strict = true
- contexts = each.value.required_tests
- }
-
- required_pull_request_reviews {
- require_code_owner_reviews = false
- required_approving_review_count = each.value.reviewers
-
- }
-}
diff --git a/repo-policy/modules/github-repos/variables.tf b/repo-policy/modules/github-repos/variables.tf
deleted file mode 100644
index c7e304a79..000000000
--- a/repo-policy/modules/github-repos/variables.tf
+++ /dev/null
@@ -1,78 +0,0 @@
-variable "repo" {
- type = string
- description = "Repository name"
-}
-
-variable "description" {
- type = string
- description = "Repository description"
-}
-
-variable "visibility" {
- type = string
- description = "Repository visibility , private or public"
- default = "public"
-}
-
-variable "wiki" {
- type = bool
- description = "Repository has wiki enabled or not"
- default = true
-}
-
-variable "topics" {
- type = list(string)
- description = "Github topics"
-}
-
-variable "default_branch" {
- type = string
- description = "Repository default branch name"
-}
-
-variable "merge_commit" {
- type = bool
- description = "Set to false to disable merge commits on the repository"
- default = false
-}
-
-variable "rebase_merge" {
- type = bool
- description = "Set to false to disable rebase merges on the repository"
- default = false
-}
-
-variable "delete_branch_on_merge" {
- type = bool
- description = "Automatically delete head branch after a pull request is merged"
- default = true
-}
-
-variable "vulnerability_alerts" {
- type = bool
- description = "Set to true to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.)"
- default = true
-}
-
-variable "squash_merge_commit_message" {
- type = string
- description = "Can be PR_BODY, COMMIT_MESSAGES, or BLANK for a default squash merge commit message."
- default = "COMMIT_MESSAGES"
-}
-
-variable "squash_merge_commit_title" {
- type = string
- description = "Can be PR_TITLE or COMMIT_OR_PR_TITLE for a default squash merge commit title."
- default = "COMMIT_OR_PR_TITLE"
-}
-
-variable "release_branches" {
- type = list(object({
- branch = string # Name of the branch
- source_branch = optional(string) # Source of the branch, needed when creating it
- reviewers = number # Min number of reviews needed
- required_tests = list(string) # Workflows that need to pass before merging
- convos = bool # Should conversations be resolved before merging
- }))
- description = "List of branches managed by terraform"
-}