c87b3ac471
Manage Gitea resources via Terraform/Terragrunt with YAML-driven config. Resources managed: - Organisation (unkin) - 28 repositories with settings - 6 teams with members - 13 branch protection rules - 9 Woodpecker CI repo activations - Deploy key module (ready, no keys yet) Config structure: config/<service>/<org>/<type>/<object>.yaml Consul backend for state, Vault for auth tokens.
94 lines
3.5 KiB
Terraform
94 lines
3.5 KiB
Terraform
variable "organisation" {
|
|
description = "Map of organisations to create"
|
|
type = map(object({
|
|
name = string
|
|
description = optional(string, "")
|
|
full_name = optional(string)
|
|
visibility = optional(string, "public")
|
|
website = optional(string, "")
|
|
location = optional(string, "")
|
|
repo_admin_change_team_access = optional(bool, false)
|
|
}))
|
|
default = {}
|
|
}
|
|
|
|
variable "repository" {
|
|
description = "Map of repositories to create"
|
|
type = map(object({
|
|
name = string
|
|
organisation = string
|
|
description = optional(string)
|
|
private = optional(bool)
|
|
default_branch = optional(string)
|
|
has_issues = optional(bool)
|
|
has_wiki = optional(bool)
|
|
has_pull_requests = optional(bool)
|
|
has_projects = optional(bool)
|
|
allow_merge_commits = optional(bool)
|
|
allow_rebase = optional(bool)
|
|
allow_rebase_explicit = optional(bool)
|
|
allow_squash_merge = optional(bool)
|
|
archived = optional(bool)
|
|
repo_template = optional(bool)
|
|
website = optional(string)
|
|
autodetect_manual_merge = optional(bool)
|
|
woodpecker = optional(bool, false)
|
|
}))
|
|
default = {}
|
|
}
|
|
|
|
variable "branch_protection" {
|
|
description = "Map of branch protection rules to create"
|
|
type = map(object({
|
|
repository = string
|
|
organisation = string
|
|
rule_name = string
|
|
enable_push = optional(bool, false)
|
|
push_whitelist_users = optional(list(string), [])
|
|
push_whitelist_teams = optional(list(string), [])
|
|
push_whitelist_deploy_keys = optional(bool, false)
|
|
merge_whitelist_users = optional(list(string), [])
|
|
merge_whitelist_teams = optional(list(string), [])
|
|
required_approvals = optional(number, 0)
|
|
approval_whitelist_users = optional(list(string), [])
|
|
approval_whitelist_teams = optional(list(string), [])
|
|
status_check_contexts = optional(list(string), [])
|
|
block_on_rejected_reviews = optional(bool, false)
|
|
block_on_official_review_requests = optional(bool, false)
|
|
block_on_outdated_branch = optional(bool, false)
|
|
dismiss_stale_approvals = optional(bool, false)
|
|
require_signed_commits = optional(bool, false)
|
|
protected_file_patterns = optional(string, "")
|
|
unprotected_file_patterns = optional(string, "")
|
|
}))
|
|
default = {}
|
|
}
|
|
|
|
variable "deploy_key" {
|
|
description = "Map of deploy keys to create"
|
|
type = map(object({
|
|
repository = string
|
|
organisation = string
|
|
gitea_url = string
|
|
title = string
|
|
key = string
|
|
read_only = optional(bool, true)
|
|
}))
|
|
default = {}
|
|
}
|
|
|
|
variable "team" {
|
|
description = "Map of teams to create"
|
|
type = map(object({
|
|
name = string
|
|
organisation = string
|
|
description = optional(string, "")
|
|
permission = optional(string, "read")
|
|
include_all_repositories = optional(bool, false)
|
|
can_create_repos = optional(bool, false)
|
|
repositories = optional(list(string), [])
|
|
members = optional(list(string), [])
|
|
}))
|
|
default = {}
|
|
}
|