- Remove woodpecker_repository module and provider (repos managed outside TF)
- Add removed block with destroy=false to drop state without destroying
- Add module.team to branch_protection depends_on to prevent race condition
- Add lifecycle ignore_changes for team permission (provider bug: API returns
"none" but rejects it on write)
- Add forgebot team with unkinben and benvin members
- Enable branch protection on main for forgebot and forgebot-skills
- Team-based approval and merge whitelists
- Register both repos with Woodpecker CI
- CI status checks: pre-commit, test, build (forgebot); validate (skills)
- forgebot: branch protection on main with pre-commit, test, build CI checks
- forgebot-skills: branch protection on main with validate CI check
- Both repos enabled for Woodpecker CI
Manage Gitea resources via Terraform/Terragrunt with YAML-driven config.
Resources managed:
- Organisation (unkin)
- 28 repositories with settings
- 6 teams with members
- 13 branch protection rules
- 9 Woodpecker CI repo activations
- Deploy key module (ready, no keys yet)
Config structure: config/<service>/<org>/<type>/<object>.yaml
Consul backend for state, Vault for auth tokens.