diff --git a/README.md b/README.md
index e0b0605..8cbd554 100644
--- a/README.md
+++ b/README.md
@@ -390,7 +390,7 @@ The following configurations are not supported for import:
| [owner](#input\_owner) | Owner of the repository | `string` | n/a | yes |
| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| [region](#input\_region) | AWS Region | `string` | n/a | yes |
-| [repository](#input\_repository) | Repository configuration | object({
name = string
description = optional(string, null)
visibility = optional(string, "public")
homepage_url = optional(string, null)
archived = optional(bool, false)
has_issues = optional(bool, false)
has_projects = optional(bool, false)
has_discussions = optional(bool, false)
has_wiki = optional(bool, false)
has_downloads = optional(bool, false)
is_template = optional(bool, false)
allow_auto_merge = optional(bool, false)
allow_squash_merge = optional(bool, true)
squash_merge_commit_title = optional(string, "PR_TITLE")
squash_merge_commit_message = optional(string, "PR_BODY")
allow_merge_commit = optional(bool, true)
merge_commit_title = optional(string, "PR_TITLE")
merge_commit_message = optional(string, "PR_BODY")
allow_rebase_merge = optional(bool, true)
delete_branch_on_merge = optional(bool, false)
default_branch = optional(string, "main")
web_commit_signoff_required = optional(bool, false)
topics = optional(list(string), [])
license_template = optional(string, null)
gitignore_template = optional(string, null)
auto_init = optional(bool, false)
ignore_vulnerability_alerts_during_read = optional(bool, false)
enable_vulnerability_alerts = optional(bool, true)
allow_update_branch = optional(bool, false)
security_and_analysis = optional(object({
advanced_security = bool
secret_scanning = bool
secret_scanning_push_protection = bool
}), null)
archive_on_destroy = optional(bool, false)
}) | n/a | yes |
+| [repository](#input\_repository) | Repository configuration | object({
name = string
description = optional(string, null)
visibility = optional(string, "public")
homepage_url = optional(string, null)
archived = optional(bool, false)
has_issues = optional(bool, false)
has_projects = optional(bool, false)
has_discussions = optional(bool, false)
has_wiki = optional(bool, false)
is_template = optional(bool, false)
allow_auto_merge = optional(bool, false)
allow_squash_merge = optional(bool, true)
squash_merge_commit_title = optional(string, "PR_TITLE")
squash_merge_commit_message = optional(string, "PR_BODY")
allow_merge_commit = optional(bool, true)
merge_commit_title = optional(string, "PR_TITLE")
merge_commit_message = optional(string, "PR_BODY")
allow_rebase_merge = optional(bool, true)
delete_branch_on_merge = optional(bool, false)
web_commit_signoff_required = optional(bool, false)
topics = optional(list(string), [])
license_template = optional(string, null)
gitignore_template = optional(string, null)
auto_init = optional(bool, false)
enable_vulnerability_alerts = optional(bool, true)
allow_update_branch = optional(bool, false)
security_and_analysis = optional(object({
advanced_security = bool
secret_scanning = bool
secret_scanning_push_protection = bool
}), null)
archive_on_destroy = optional(bool, false)
}) | n/a | yes |
| [rulesets](#input\_rulesets) | A map of rulesets to configure for the repository | map(object({
name = string
# disabled, active
enforcement = string
# branch, tag
target = string
bypass_actors = optional(list(object({
# always, pull_request
bypass_mode = string
actor_id = optional(string, null)
# RepositoryRole, Team, Integration, OrganizationAdmin
actor_type = string
})), [])
conditions = object({
ref_name = object({
# Supports ~DEFAULT_BRANCH or ~ALL
include = optional(list(string), [])
exclude = optional(list(string), [])
})
})
rules = object({
branch_name_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
commit_author_email_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
creation = optional(bool, false),
deletion = optional(bool, false),
non_fast_forward = optional(bool, false),
required_pull_request_reviews = optional(object({
dismiss_stale_reviews = bool
required_approving_review_count = number
}), null),
commit_message_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
committer_email_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
merge_queue = optional(object({
check_response_timeout_minutes = optional(number, 60)
# ALLGREEN, HEADGREEN
grouping_strategy = string
max_entries_to_build = optional(number, 5)
max_entries_to_merge = optional(number, 5)
# MERGE, SQUASH, REBASE
merge_method = optional(string, "MERGE")
min_entries_to_merge = optional(number, 1)
min_entries_to_merge_wait_minutes = optional(number, 5)
}), null),
pull_request = optional(object({
dismiss_stale_reviews_on_push = optional(bool, false)
require_code_owner_review = optional(bool, false)
require_last_push_approval = optional(bool, false)
required_approving_review_count = optional(number, 0)
required_review_thread_resolution = optional(bool, false)
}), null),
required_deployments = optional(object({
required_deployment_environments = optional(list(string), [])
}), null),
required_status_checks = optional(object({
required_check = list(object({
context = string
integration_id = optional(number, null)
}))
strict_required_status_checks_policy = optional(bool, false)
do_not_enforce_on_create = optional(bool, false)
}), null),
copilot_code_review = optional(object({
review_on_push = optional(bool, false)
review_draft_pull_requests = optional(bool, false)
}), null),
tag_name_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
# Unsupported due to drift.
# https://github.com/integrations/terraform-provider-github/pull/2701
# required_code_scanning = optional(object({
# required_code_scanning_tool = list(object({
# // none, errors, errors_and_warnings, all
# alerts_threshold = string
# // none, critical, high_or_higher, medium_or_higher, all
# security_alerts_threshold = string
# tool = string
# }))
# }), null),
}),
})) | `{}` | no |
| [secrets](#input\_secrets) | Secrets for the repository (if prefixed with nacl: it should be encrypted value using the GitHub public key in Base64 format. Read more: https://docs.github.com/en/actions/security-for-github-actions/encrypted-secrets) | `map(string)` | `{}` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
diff --git a/README.yaml b/README.yaml
index 3500d9f..897107b 100644
--- a/README.yaml
+++ b/README.yaml
@@ -50,7 +50,6 @@ usage: |-
description: "A basic repository with standard settings"
homepage_url: "https://github.com/my-organization/my-basic-repo"
visibility: "private"
- default_branch: "main"
topics:
- terraform
- github
@@ -98,7 +97,6 @@ usage: |-
topics:
- terraform
- github
- default_branch: "main"
visibility: "private"
# Common features
diff --git a/examples/stacks/catalog/github/repo/defaults.yaml b/examples/stacks/catalog/github/repo/defaults.yaml
index d607ca1..eee26a4 100644
--- a/examples/stacks/catalog/github/repo/defaults.yaml
+++ b/examples/stacks/catalog/github/repo/defaults.yaml
@@ -17,7 +17,6 @@ components:
topics:
- terraform
- github
- default_branch: "main"
visibility: "private"
auto_init: true
@@ -31,7 +30,6 @@ components:
has_discussions: false
has_projects: false
has_wiki: false
- has_downloads: false
allow_merge_commit: true
allow_squash_merge: true
@@ -46,7 +44,6 @@ components:
web_commit_signoff_required: true
delete_branch_on_merge: true
- ignore_vulnerability_alerts_during_read: true
allow_update_branch: true
security_and_analysis:
diff --git a/src/README.md b/src/README.md
index d8f3047..1dc7d9c 100644
--- a/src/README.md
+++ b/src/README.md
@@ -339,7 +339,7 @@ The following configurations are not supported for import:
| [owner](#input\_owner) | Owner of the repository | `string` | n/a | yes |
| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| [region](#input\_region) | AWS Region | `string` | n/a | yes |
-| [repository](#input\_repository) | Repository configuration | object({
name = string
description = optional(string, null)
visibility = optional(string, "public")
homepage_url = optional(string, null)
archived = optional(bool, false)
has_issues = optional(bool, false)
has_projects = optional(bool, false)
has_discussions = optional(bool, false)
has_wiki = optional(bool, false)
has_downloads = optional(bool, false)
is_template = optional(bool, false)
allow_auto_merge = optional(bool, false)
allow_squash_merge = optional(bool, true)
squash_merge_commit_title = optional(string, "PR_TITLE")
squash_merge_commit_message = optional(string, "PR_BODY")
allow_merge_commit = optional(bool, true)
merge_commit_title = optional(string, "PR_TITLE")
merge_commit_message = optional(string, "PR_BODY")
allow_rebase_merge = optional(bool, true)
delete_branch_on_merge = optional(bool, false)
default_branch = optional(string, "main")
web_commit_signoff_required = optional(bool, false)
topics = optional(list(string), [])
license_template = optional(string, null)
gitignore_template = optional(string, null)
auto_init = optional(bool, false)
ignore_vulnerability_alerts_during_read = optional(bool, false)
enable_vulnerability_alerts = optional(bool, true)
allow_update_branch = optional(bool, false)
security_and_analysis = optional(object({
advanced_security = bool
secret_scanning = bool
secret_scanning_push_protection = bool
}), null)
archive_on_destroy = optional(bool, false)
}) | n/a | yes |
+| [repository](#input\_repository) | Repository configuration | object({
name = string
description = optional(string, null)
visibility = optional(string, "public")
homepage_url = optional(string, null)
archived = optional(bool, false)
has_issues = optional(bool, false)
has_projects = optional(bool, false)
has_discussions = optional(bool, false)
has_wiki = optional(bool, false)
is_template = optional(bool, false)
allow_auto_merge = optional(bool, false)
allow_squash_merge = optional(bool, true)
squash_merge_commit_title = optional(string, "PR_TITLE")
squash_merge_commit_message = optional(string, "PR_BODY")
allow_merge_commit = optional(bool, true)
merge_commit_title = optional(string, "PR_TITLE")
merge_commit_message = optional(string, "PR_BODY")
allow_rebase_merge = optional(bool, true)
delete_branch_on_merge = optional(bool, false)
web_commit_signoff_required = optional(bool, false)
topics = optional(list(string), [])
license_template = optional(string, null)
gitignore_template = optional(string, null)
auto_init = optional(bool, false)
enable_vulnerability_alerts = optional(bool, true)
allow_update_branch = optional(bool, false)
security_and_analysis = optional(object({
advanced_security = bool
secret_scanning = bool
secret_scanning_push_protection = bool
}), null)
archive_on_destroy = optional(bool, false)
}) | n/a | yes |
| [rulesets](#input\_rulesets) | A map of rulesets to configure for the repository | map(object({
name = string
# disabled, active
enforcement = string
# branch, tag
target = string
bypass_actors = optional(list(object({
# always, pull_request
bypass_mode = string
actor_id = optional(string, null)
# RepositoryRole, Team, Integration, OrganizationAdmin
actor_type = string
})), [])
conditions = object({
ref_name = object({
# Supports ~DEFAULT_BRANCH or ~ALL
include = optional(list(string), [])
exclude = optional(list(string), [])
})
})
rules = object({
branch_name_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
commit_author_email_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
creation = optional(bool, false),
deletion = optional(bool, false),
non_fast_forward = optional(bool, false),
required_pull_request_reviews = optional(object({
dismiss_stale_reviews = bool
required_approving_review_count = number
}), null),
commit_message_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
committer_email_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
merge_queue = optional(object({
check_response_timeout_minutes = optional(number, 60)
# ALLGREEN, HEADGREEN
grouping_strategy = string
max_entries_to_build = optional(number, 5)
max_entries_to_merge = optional(number, 5)
# MERGE, SQUASH, REBASE
merge_method = optional(string, "MERGE")
min_entries_to_merge = optional(number, 1)
min_entries_to_merge_wait_minutes = optional(number, 5)
}), null),
pull_request = optional(object({
dismiss_stale_reviews_on_push = optional(bool, false)
require_code_owner_review = optional(bool, false)
require_last_push_approval = optional(bool, false)
required_approving_review_count = optional(number, 0)
required_review_thread_resolution = optional(bool, false)
}), null),
required_deployments = optional(object({
required_deployment_environments = optional(list(string), [])
}), null),
required_status_checks = optional(object({
required_check = list(object({
context = string
integration_id = optional(number, null)
}))
strict_required_status_checks_policy = optional(bool, false)
do_not_enforce_on_create = optional(bool, false)
}), null),
copilot_code_review = optional(object({
review_on_push = optional(bool, false)
review_draft_pull_requests = optional(bool, false)
}), null),
tag_name_pattern = optional(object({
# starts_with, ends_with, contains, regex
operator = string
pattern = string
name = optional(string, null)
negate = optional(bool, false)
}), null),
# Unsupported due to drift.
# https://github.com/integrations/terraform-provider-github/pull/2701
# required_code_scanning = optional(object({
# required_code_scanning_tool = list(object({
# // none, errors, errors_and_warnings, all
# alerts_threshold = string
# // none, critical, high_or_higher, medium_or_higher, all
# security_alerts_threshold = string
# tool = string
# }))
# }), null),
}),
})) | `{}` | no |
| [secrets](#input\_secrets) | Secrets for the repository (if prefixed with nacl: it should be encrypted value using the GitHub public key in Base64 format. Read more: https://docs.github.com/en/actions/security-for-github-actions/encrypted-secrets) | `map(string)` | `{}` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
diff --git a/src/main.tf b/src/main.tf
index 1c4ec8d..50e2257 100644
--- a/src/main.tf
+++ b/src/main.tf
@@ -49,7 +49,6 @@ module "repository" {
web_commit_signoff_required = var.repository.web_commit_signoff_required
- default_branch = var.repository.default_branch
enable_vulnerability_alerts = var.repository.enable_vulnerability_alerts
security_and_analysis = var.repository.security_and_analysis
diff --git a/src/variables.tf b/src/variables.tf
index eec31da..8669156 100644
--- a/src/variables.tf
+++ b/src/variables.tf
@@ -31,7 +31,6 @@ variable "repository" {
merge_commit_message = optional(string, "PR_BODY")
allow_rebase_merge = optional(bool, true)
delete_branch_on_merge = optional(bool, false)
- default_branch = optional(string, "main")
web_commit_signoff_required = optional(bool, false)
topics = optional(list(string), [])
license_template = optional(string, null)
diff --git a/test/component_test.go b/test/component_test.go
index bc45263..17771b9 100644
--- a/test/component_test.go
+++ b/test/component_test.go
@@ -45,8 +45,6 @@ func (s *ComponentSuite) TestBasic() {
"description": "Terraform acceptance tests for component",
"homepage_url": "http://example.com/",
"topics": []any{"terraform", "github", "test"},
- "default_branch": "main",
-
"is_template": true,
"auto_init": true,
@@ -74,8 +72,7 @@ func (s *ComponentSuite) TestBasic() {
"web_commit_signoff_required": true,
"delete_branch_on_merge": true,
- "ignore_vulnerability_alerts_during_read": true,
- "allow_update_branch": true,
+ "allow_update_branch": true,
"security_and_analysis": map[string]any{
"advanced_security": false,
@@ -161,7 +158,6 @@ func (s *ComponentSuite) TestBasic() {
assert.Equal(s.T(), true, repo.GetHasProjects())
assert.Equal(s.T(), true, repo.GetHasDiscussions())
assert.Equal(s.T(), true, repo.GetHasWiki())
- assert.Equal(s.T(), false, repo.GetHasDownloads())
assert.Equal(s.T(), true, repo.GetIsTemplate())
assert.Equal(s.T(), true, repo.GetAllowSquashMerge())
assert.Equal(s.T(), "COMMIT_OR_PR_TITLE", repo.GetSquashMergeCommitTitle())
@@ -172,7 +168,6 @@ func (s *ComponentSuite) TestBasic() {
assert.Equal(s.T(), true, repo.GetAllowRebaseMerge())
assert.Equal(s.T(), true, repo.GetWebCommitSignoffRequired())
assert.Equal(s.T(), true, repo.GetDeleteBranchOnMerge())
- assert.Equal(s.T(), "main", repo.GetDefaultBranch())
assert.Equal(s.T(), true, repo.GetAllowUpdateBranch())
vars, _, err := client.Actions.ListRepoVariables(context.Background(), owner, repoName, nil)
diff --git a/test/fixtures/stacks/catalog/usecase/basic.yaml b/test/fixtures/stacks/catalog/usecase/basic.yaml
index 83f2bb9..c27df27 100644
--- a/test/fixtures/stacks/catalog/usecase/basic.yaml
+++ b/test/fixtures/stacks/catalog/usecase/basic.yaml
@@ -15,8 +15,6 @@ components:
- terraform
- github
- test
- default_branch: "main"
-
is_template: true
auto_init: true
@@ -30,7 +28,6 @@ components:
has_discussions: true
has_projects: true
has_wiki: true
- has_downloads: true
allow_merge_commit: true
allow_squash_merge: true
@@ -45,7 +42,6 @@ components:
web_commit_signoff_required: true
delete_branch_on_merge: true
- ignore_vulnerability_alerts_during_read: true
allow_update_branch: true
security_and_analysis:
diff --git a/test/fixtures/stacks/catalog/usecase/import.yaml b/test/fixtures/stacks/catalog/usecase/import.yaml
index 22fcd53..e0d01c4 100644
--- a/test/fixtures/stacks/catalog/usecase/import.yaml
+++ b/test/fixtures/stacks/catalog/usecase/import.yaml
@@ -15,8 +15,6 @@ components:
- terraform
- github
- test
- default_branch: "main"
-
is_template: true
autolink_references:
diff --git a/test/fixtures/stacks/catalog/usecase/template.yaml b/test/fixtures/stacks/catalog/usecase/template.yaml
index 1a669b8..116fe99 100644
--- a/test/fixtures/stacks/catalog/usecase/template.yaml
+++ b/test/fixtures/stacks/catalog/usecase/template.yaml
@@ -20,4 +20,3 @@ components:
- terraform
- github
- test
- default_branch: "main"