feat: initial terraform-git project
Manage Gitea resources via Terraform/Terragrunt with YAML-driven config. Resources managed: - Organisation (unkin) - 28 repositories with settings - 6 teams with members - 13 branch protection rules - 9 Woodpecker CI repo activations - Deploy key module (ready, no keys yet) Config structure: config/<service>/<org>/<type>/<object>.yaml Consul backend for state, Vault for auth tokens.
This commit is contained in:
@@ -0,0 +1,93 @@
|
||||
variable "organisation" {
|
||||
description = "Map of organisations to create"
|
||||
type = map(object({
|
||||
name = string
|
||||
description = optional(string, "")
|
||||
full_name = optional(string)
|
||||
visibility = optional(string, "public")
|
||||
website = optional(string, "")
|
||||
location = optional(string, "")
|
||||
repo_admin_change_team_access = optional(bool, false)
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "repository" {
|
||||
description = "Map of repositories to create"
|
||||
type = map(object({
|
||||
name = string
|
||||
organisation = string
|
||||
description = optional(string)
|
||||
private = optional(bool)
|
||||
default_branch = optional(string)
|
||||
has_issues = optional(bool)
|
||||
has_wiki = optional(bool)
|
||||
has_pull_requests = optional(bool)
|
||||
has_projects = optional(bool)
|
||||
allow_merge_commits = optional(bool)
|
||||
allow_rebase = optional(bool)
|
||||
allow_rebase_explicit = optional(bool)
|
||||
allow_squash_merge = optional(bool)
|
||||
archived = optional(bool)
|
||||
repo_template = optional(bool)
|
||||
website = optional(string)
|
||||
autodetect_manual_merge = optional(bool)
|
||||
woodpecker = optional(bool, false)
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "branch_protection" {
|
||||
description = "Map of branch protection rules to create"
|
||||
type = map(object({
|
||||
repository = string
|
||||
organisation = string
|
||||
rule_name = string
|
||||
enable_push = optional(bool, false)
|
||||
push_whitelist_users = optional(list(string), [])
|
||||
push_whitelist_teams = optional(list(string), [])
|
||||
push_whitelist_deploy_keys = optional(bool, false)
|
||||
merge_whitelist_users = optional(list(string), [])
|
||||
merge_whitelist_teams = optional(list(string), [])
|
||||
required_approvals = optional(number, 0)
|
||||
approval_whitelist_users = optional(list(string), [])
|
||||
approval_whitelist_teams = optional(list(string), [])
|
||||
status_check_contexts = optional(list(string), [])
|
||||
block_on_rejected_reviews = optional(bool, false)
|
||||
block_on_official_review_requests = optional(bool, false)
|
||||
block_on_outdated_branch = optional(bool, false)
|
||||
dismiss_stale_approvals = optional(bool, false)
|
||||
require_signed_commits = optional(bool, false)
|
||||
protected_file_patterns = optional(string, "")
|
||||
unprotected_file_patterns = optional(string, "")
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "deploy_key" {
|
||||
description = "Map of deploy keys to create"
|
||||
type = map(object({
|
||||
repository = string
|
||||
organisation = string
|
||||
gitea_url = string
|
||||
title = string
|
||||
key = string
|
||||
read_only = optional(bool, true)
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "team" {
|
||||
description = "Map of teams to create"
|
||||
type = map(object({
|
||||
name = string
|
||||
organisation = string
|
||||
description = optional(string, "")
|
||||
permission = optional(string, "read")
|
||||
include_all_repositories = optional(bool, false)
|
||||
can_create_repos = optional(bool, false)
|
||||
repositories = optional(list(string), [])
|
||||
members = optional(list(string), [])
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
Reference in New Issue
Block a user