diff --git a/.github/workflows/pac.yml b/.github/workflows/pac.yml deleted file mode 100644 index e0dfc4986..000000000 --- a/.github/workflows/pac.yml +++ /dev/null @@ -1,85 +0,0 @@ -name: Policy as Code - -on: - pull_request: - paths: - - repo-policy/** - -env: - TERRAFORM_DIR: "./repo-policy" - -jobs: - terraform: - runs-on: ubuntu-latest - permissions: - id-token: write - pull-requests: write - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - fetch-depth: 1 - - - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::754489498669:role/gromit-ci - role-session-name: gromitci - aws-region: eu-central-1 - - - uses: hashicorp/setup-terraform@v2 - with: - terraform_version: 1.3.0 - cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} - - - name: Terraform Init - working-directory: ${{ env.TERRAFORM_DIR }} - id: init - run: terraform init -input=false - - - name: Terraform Validate - id: validate - run: terraform validate -no-color - - - name: Terraform Plan - working-directory: ${{ env.TERRAFORM_DIR }} - id: plan - run: | - echo "::group::Terraform Plan" - terraform plan -no-color -input=false - echo "::endgroup::" - continue-on-error: true - - - name: Update Pull Request - uses: actions/github-script@v6 - if: github.event_name == 'pull_request' - env: - PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` - #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` - #### Terraform Plan 📖\`${{ steps.plan.outcome }}\` - #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` - -
Show Plan - - \`\`\`\n - ${process.env.PLAN} - \`\`\` - -
- - *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; - - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: output - }) - - - name: Terraform Plan Status - if: steps.plan.outcome == 'failure' - run: exit 1 \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a5000860e..f08142e69 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,5 +1,5 @@ # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 # Distribution channels covered by this workflow # - Ubuntu and Debian @@ -42,11 +42,15 @@ jobs: debvers: 'ubuntu/xenial ubuntu/bionic ubuntu/focal ubuntu/jammy debian/jessie debian/buster debian/bullseye debian/bookworm' outputs: tags: ${{ steps.metadata.outputs.tags }} + commit_author: ${{ steps.fetch-author.outputs.commit_author}} steps: - name: Checkout of tyk-pump uses: actions/checkout@v4 with: fetch-depth: 1 + - name: Get commit author + id: fetch-author + run: echo "commit_author=$(git show -s --format='%ae' HEAD)" >> $GITHUB_OUTPUT - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - name: Login to DockerHub @@ -62,7 +66,7 @@ jobs: registry: docker.tyk.io username: ${{ secrets.CLOUDSMITH_USERNAME }} password: ${{ secrets.CLOUDSMITH_API_KEY }} - - uses: actions/cache@v3 + - uses: actions/cache@v4 with: path: | ~/.cache/go-build @@ -140,7 +144,7 @@ jobs: done docker manifest create ${tag} ${tag}-amd64 ${tag}-arm64 && docker manifest push ${tag} done - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: ${{ matrix.golang_cross == '1.21-bullseye' }} with: name: deb @@ -148,7 +152,7 @@ jobs: path: | dist/*.deb !dist/*PAYG*.deb - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: ${{ matrix.golang_cross == '1.21-bullseye' }} with: name: rpm @@ -156,13 +160,13 @@ jobs: path: | dist/*.rpm !dist/*PAYG*.rpm - test-controller: + test-controller-api: needs: goreleaser runs-on: ubuntu-latest - container: tykio/gromit:v1.6 + container: tykio/gromit:v1.7 outputs: - conf: ${{ steps.params.outputs.conf }} - db: ${{ steps.params.outputs.db }} + conf: ${{ steps.params.outputs.api_conf }} + db: ${{ steps.params.outputs.api_db }} pump: ${{ steps.params.outputs.pump }} sink: ${{ steps.params.outputs.sink }} gd_tag: ${{ steps.params.outputs.gd_tag }} @@ -177,9 +181,10 @@ jobs: TAGS: ${{ needs.goreleaser.outputs.tags }} IS_PR: ${{startsWith(github.event_name, 'pull_request') && 'yes' }} IS_TAG: ${{startsWith(github.ref, 'refs/tags') && 'yes' }} + JOB: api run: gromit policy controller --loglevel debug | tee -a "$GITHUB_OUTPUT" api-tests: - needs: test-controller + needs: [goreleaser, test-controller-api] runs-on: ubuntu-latest permissions: id-token: write # This is required for requesting the Github JWT @@ -187,9 +192,9 @@ jobs: strategy: fail-fast: false matrix: - conf: ${{ fromJson(needs.test-controller.outputs.conf) }} - db: ${{ fromJson(needs.test-controller.outputs.db) }} - sink: ${{ fromJson(needs.test-controller.outputs.sink) }} + conf: ${{ fromJson(needs.test-controller-api.outputs.conf) }} + db: ${{ fromJson(needs.test-controller-api.outputs.db) }} + sink: ${{ fromJson(needs.test-controller-api.outputs.sink) }} include: - db: postgres15 markers: "and not sql" @@ -207,7 +212,7 @@ jobs: # See https://github.com/mxschmitt/action-tmate#use-registered-public-ssh-keys - name: Setup tmate session only in debug mode uses: mxschmitt/action-tmate@v3 - if: ${{ runner.debug == '1' }} + if: runner.debug == '1' with: detached: true limit-access-to-actor: true @@ -227,41 +232,67 @@ jobs: TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} ECR: ${{ steps.ecr.outputs.registry }} - VERSIONS: ${{ needs.test-controller.outputs.versions}} + VERSIONS: ${{ needs.test-controller-api.outputs.versions}} run: "echo \"ECR=${ECR}\n$VERSIONS\n\ntyk_sink_image=${{matrix.sink}} \n# base dir for config files\nconfs_dir=./pro-ha\n# pick database to use\nenv_file=local-${{ matrix.db }}.env\n\" > versions.env\nprintf '::group::versions\\n%s\\n::endgroup::' \"$(cat versions.env)\"\n# Add Tyk component config variations to $env_file\ncat confs/${{ matrix.conf }}.env >> local-${{ matrix.db }}.env\n# bring up env, the project name is important\ndocker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d\n./dash-bootstrap.sh http://localhost:3000\ndocker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d\n" - name: Run tests working-directory: auto id: test_execution run: | + set -o pipefail echo "### API tests ${{ matrix.db }} ${{ matrix.conf }}" >> $GITHUB_STEP_SUMMARY if docker run --rm --network auto_default --env-file pytest.env -v ${{ github.workspace }}/reports:/app/reports \ - ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ needs.test-controller.outputs.gd_tag }} \ + ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ needs.test-controller-api.outputs.gd_tag }} \ pytest -c pytest_ci.ini --ci -m "not local and not dind ${{ matrix.markers }}" | tee tests.out; then echo "All tests passed!" >> $GITHUB_STEP_SUMMARY else echo "::error title=API tests ${{ matrix.db }} ${{ matrix.conf }}::Test execution failed" cat tests.out >> $GITHUB_STEP_SUMMARY - docker logs tyk tyk-analytics exit 1 fi + - name: Docker logs for all components + if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') + working-directory: auto + env: + pull_policy: 'if_not_present' + GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} + TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} + TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} + ECR: ${{ steps.ecr.outputs.registry }} + VERSIONS: ${{ needs.test-controller-api.outputs.versions }} + run: | + docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile all logs | sort > ${{ github.workspace }}/docker-compose-api.log + echo "::group::DockerLogs" + cat ${{ github.workspace }}/docker-compose-api.log + echo "::endgroup::" + - name: Upload Artifact + uses: actions/upload-artifact@v4 + if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') + with: + name: docker-compose-logs-api-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }} + path: ${{ github.workspace }}/docker-compose-api.log + retention-days: 3 + override: true - name: Archive Integration tests report - if: ${{ always() }} - uses: actions/upload-artifact@v3 + if: always() + uses: actions/upload-artifact@v4 with: - name: api-test-report + name: api-test-report-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }} retention-days: 3 path: ${{ github.workspace }}/reports + override: true - name: Fetch commit author - if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }} - run: echo "GIT_USER_EMAIL=$(git show -s --format='%ae' HEAD)" >> $GITHUB_ENV + if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push' + env: + USER_EMAIL: ${{ needs.goreleaser.outputs.commit_author }} + run: echo "GIT_USER_EMAIL=$USER_EMAIL" >> $GITHUB_ENV - name: Fetch slack user - if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }} + if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push' id: fetch_slack_user uses: TykTechnologies/github-actions/.github/actions/github-to-slack@main with: github_email: ${{ env.GIT_USER_EMAIL }} - name: Notify slack - if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }} + if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push' uses: rtCamp/action-slack-notify@v2 env: SLACK_WEBHOOK: ${{ secrets.API_TEST_ALERT_SLACK_WEBHOOK }} @@ -270,15 +301,6 @@ jobs: SLACK_USERNAME: API INTEGRATION TESTS SLACK_MESSAGE: "*Test*: ${{ matrix.db }}-${{ matrix.conf }}, *Author*: ${{ steps.fetch_slack_user.outputs.slack-user-name }}" SLACK_FOOTER: "" - - name: Comment on PR - if: ${{ always() && !github.event.pull_request.draft }} - uses: mshick/add-pr-comment@v2 - with: - message: "**API tests result - ${{ matrix.db }}-${{ matrix.conf }} env: ${{ steps.test_execution.outcome }}** ${{ env.STATUS }} \nBranch used: ${{ github.ref }}\nCommit: ${{ github.event.after }} ${{ github.event.commits[0].message }}\nTriggered by: ${{ github.event_name }} (@${{ github.actor }})\n[Execution page](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})\n" - repo-token: ${{ secrets.ORG_GH_TOKEN }} - message-id: ${{ matrix.db }}-${{ matrix.conf }} - env: - STATUS: "${{ steps.test_execution.outcome == 'success' && ':white_check_mark:' || ':no_entry_sign:' }}" upgrade-deb: services: httpbin.org: @@ -301,7 +323,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 1 - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 with: name: deb - uses: docker/setup-qemu-action@v3 @@ -339,7 +361,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 1 - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 with: name: rpm - uses: docker/setup-buildx-action@v3 diff --git a/ci/Dockerfile.std b/ci/Dockerfile.std index 3cb4e961b..29b7e1d5f 100644 --- a/ci/Dockerfile.std +++ b/ci/Dockerfile.std @@ -1,5 +1,5 @@ # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 FROM debian:bullseye-slim ARG TARGETARCH diff --git a/ci/bin/pc.sh b/ci/bin/pc.sh index 9cd2734c9..0d5ee9689 100755 --- a/ci/bin/pc.sh +++ b/ci/bin/pc.sh @@ -1,7 +1,7 @@ #!/bin/bash # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 # goreleaser calls a custom publisher for each artefact packagecloud # expects the distro version when pushing this script bridges both by diff --git a/ci/bin/unlock-agent.sh b/ci/bin/unlock-agent.sh index b9b41293a..02d1d6fff 100755 --- a/ci/bin/unlock-agent.sh +++ b/ci/bin/unlock-agent.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 # Get the GPG fingerprint with gpg --with-keygrip --list-secret-keys if [[ -z "${PKG_SIGNING_KEY}" || -z "${NFPM_STD_PASSPHRASE}" || -z "${GPG_FINGERPRINT}" ]]; then diff --git a/ci/goreleaser/goreleaser.yml b/ci/goreleaser/goreleaser.yml index f642f67e4..fbf8da06a 100644 --- a/ci/goreleaser/goreleaser.yml +++ b/ci/goreleaser/goreleaser.yml @@ -1,5 +1,5 @@ # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 # Check the documentation at http://goreleaser.com # This project needs CGO_ENABLED=1 and the cross-compiler toolchains for @@ -126,10 +126,7 @@ publishers: - name: tyk-pump-unstable env: - PACKAGECLOUD_TOKEN={{ .Env.PACKAGECLOUD_TOKEN }} - - REPO=tyk/tyk-pump-unstable - - RPMVERS={{ .Env.RPMVERS }} - - DEBVERS={{ .Env.DEBVERS }} - cmd: ./ci/bin/pc.sh {{ .ArtifactPath }} + cmd: packagecloud publish --debvers "{{ .Env.DEBVERS }}" --rpmvers "{{ .Env.RPMVERS }}" tyk/tyk-pump-unstable {{ .ArtifactPath }} # This disables archives archives: - format: binary diff --git a/ci/install/before_install.sh b/ci/install/before_install.sh index 1a7e8f005..461c11d93 100755 --- a/ci/install/before_install.sh +++ b/ci/install/before_install.sh @@ -1,7 +1,7 @@ #!/bin/bash # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 echo "Creating user and group..." GROUPNAME="tyk" diff --git a/ci/install/post_install.sh b/ci/install/post_install.sh index d6c026dca..7790cd384 100755 --- a/ci/install/post_install.sh +++ b/ci/install/post_install.sh @@ -2,7 +2,7 @@ # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 # If "True" the install directory ownership will be changed to "tyk:tyk" change_ownership="True" diff --git a/ci/install/post_remove.sh b/ci/install/post_remove.sh index fbc24a11c..760217c70 100755 --- a/ci/install/post_remove.sh +++ b/ci/install/post_remove.sh @@ -1,7 +1,7 @@ #!/bin/sh # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 cleanRemove() { diff --git a/ci/install/post_trans.sh b/ci/install/post_trans.sh index 4d500b54f..4422bd3d9 100755 --- a/ci/install/post_trans.sh +++ b/ci/install/post_trans.sh @@ -1,7 +1,7 @@ #!/bin/sh # Generated by: gromit policy -# Generated on: Thu Jan 18 17:24:56 UTC 2024 +# Generated on: Mon Mar 11 11:43:04 UTC 2024 if command -V systemctl >/dev/null 2>&1; then if [ ! -f /lib/systemd/system/tyk-pump.service ]; then diff --git a/repo-policy/historical-branches.auto.tfvars b/repo-policy/historical-branches.auto.tfvars deleted file mode 100644 index d7fecac6d..000000000 --- a/repo-policy/historical-branches.auto.tfvars +++ /dev/null @@ -1,10 +0,0 @@ -# This file contains the branches that are no longer active with respect to releng -# Branches here are required for the gpac bundle to work but it is not necessary to clutter the gromit -# config file or main.tf with these. -historical_branches = [ - { branch = "release-1.7", - reviewers = "0", - convos = "false", - source_branch = "master", - required_tests = ["1.15", "Go 1.16 tests"] } -] diff --git a/repo-policy/main.tf b/repo-policy/main.tf deleted file mode 100644 index cc6d22f5e..000000000 --- a/repo-policy/main.tf +++ /dev/null @@ -1,59 +0,0 @@ -terraform { - - #Being used until TFCloud can be used - backend "remote" { - hostname = "app.terraform.io" - organization = "Tyk" - workspaces { - name = "repo-policy-tyk-pump" - } - } - - required_providers { - github = { - source = "integrations/github" - } - } -} - -provider "github" { - owner = "TykTechnologies" -} - -# Copypasta from modules/github-repos/variables.tf -# FIXME: Unmodularise the github-repos module -variable "historical_branches" { - type = list(object({ - branch = string # Name of the branch - source_branch = optional(string) # Source of the branch, needed when creating it - reviewers = number # Min number of reviews needed - required_tests = list(string) # Workflows that need to pass before merging - convos = bool # Should conversations be resolved before merging - - })) - description = "List of branches managed by terraform" -} - -module "tyk-pump" { - source = "./modules/github-repos" - repo = "tyk-pump" - description = "Tyk Analytics Pump to move analytics data from Redis to any supported back end (multiple back ends can be written to at once)." - default_branch = "master" - topics = [] - visibility = "public" - wiki = false - vulnerability_alerts = true - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - release_branches = concat(var.historical_branches, [ - { branch = "master", - reviewers = "1", - convos = "false", - required_tests = ["1.21-bullseye", "Go 1.21 tests", "api-tests (sha256, mongo44)", "api-tests (sha256, postgres15)", "api-tests (murmur64, mongo44)", "api-tests (murmur64, postgres15)"] }, - { branch = "release-1.8", - reviewers = "0", - convos = "false", - source_branch = "master", - required_tests = ["1.19-bullseye", "Go 1.19 tests"] }, - ]) -} diff --git a/repo-policy/modules/github-repos/repo.tf b/repo-policy/modules/github-repos/repo.tf deleted file mode 100644 index d8c273ba0..000000000 --- a/repo-policy/modules/github-repos/repo.tf +++ /dev/null @@ -1,75 +0,0 @@ -terraform { - required_providers { - github = { - source = "integrations/github" - version = "5.16.0" - } - } - -} - -resource "github_repository" "repository" { - name = var.repo - description = var.description - visibility = var.visibility - allow_rebase_merge = var.rebase_merge - allow_squash_merge = true - squash_merge_commit_message = var.squash_merge_commit_message - squash_merge_commit_title = var.squash_merge_commit_title - allow_merge_commit = var.merge_commit - allow_auto_merge = true - delete_branch_on_merge = var.delete_branch_on_merge - vulnerability_alerts = var.vulnerability_alerts - allow_update_branch = true - has_downloads = true - has_issues = true - has_wiki = var.wiki - has_projects = true - topics = var.topics -} - -resource "github_branch" "default" { - repository = github_repository.repository.name - branch = var.default_branch -} - -resource "github_branch" "release_branches" { - for_each = { for i, b in var.release_branches : - b.branch => b } - repository = github_repository.repository.name - branch = each.value.branch - source_branch = each.value.source_branch -} - -resource "github_branch_default" "default" { - repository = github_repository.repository.name - branch = github_branch.default.branch -} - - -resource "github_branch_protection" "automerge" { - for_each = { for i, b in var.release_branches : - b.branch => b } - - repository_id = github_repository.repository.node_id - pattern = each.value.branch - - #checks for automerge - require_signed_commits = false - require_conversation_resolution = each.value.convos - required_linear_history = false - enforce_admins = false - allows_deletions = false - allows_force_pushes = false - - required_status_checks { - strict = true - contexts = each.value.required_tests - } - - required_pull_request_reviews { - require_code_owner_reviews = false - required_approving_review_count = each.value.reviewers - - } -} diff --git a/repo-policy/modules/github-repos/variables.tf b/repo-policy/modules/github-repos/variables.tf deleted file mode 100644 index c7e304a79..000000000 --- a/repo-policy/modules/github-repos/variables.tf +++ /dev/null @@ -1,78 +0,0 @@ -variable "repo" { - type = string - description = "Repository name" -} - -variable "description" { - type = string - description = "Repository description" -} - -variable "visibility" { - type = string - description = "Repository visibility , private or public" - default = "public" -} - -variable "wiki" { - type = bool - description = "Repository has wiki enabled or not" - default = true -} - -variable "topics" { - type = list(string) - description = "Github topics" -} - -variable "default_branch" { - type = string - description = "Repository default branch name" -} - -variable "merge_commit" { - type = bool - description = "Set to false to disable merge commits on the repository" - default = false -} - -variable "rebase_merge" { - type = bool - description = "Set to false to disable rebase merges on the repository" - default = false -} - -variable "delete_branch_on_merge" { - type = bool - description = "Automatically delete head branch after a pull request is merged" - default = true -} - -variable "vulnerability_alerts" { - type = bool - description = "Set to true to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.)" - default = true -} - -variable "squash_merge_commit_message" { - type = string - description = "Can be PR_BODY, COMMIT_MESSAGES, or BLANK for a default squash merge commit message." - default = "COMMIT_MESSAGES" -} - -variable "squash_merge_commit_title" { - type = string - description = "Can be PR_TITLE or COMMIT_OR_PR_TITLE for a default squash merge commit title." - default = "COMMIT_OR_PR_TITLE" -} - -variable "release_branches" { - type = list(object({ - branch = string # Name of the branch - source_branch = optional(string) # Source of the branch, needed when creating it - reviewers = number # Min number of reviews needed - required_tests = list(string) # Workflows that need to pass before merging - convos = bool # Should conversations be resolved before merging - })) - description = "List of branches managed by terraform" -}