Skip to content

Commit 865b2bb

Browse files
mtweemanmtweeman
authored
fix: add custom repository roles support (#23)
1 parent f959024 commit 865b2bb

2 files changed

Lines changed: 21 additions & 3 deletions

File tree

main.tf

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -395,12 +395,20 @@ resource "github_team_repository" "default" {
395395
}
396396

397397
locals {
398-
organization_roles_map = {
398+
organization_repository_roles_enabled = module.this.enabled && var.organization_repository_roles_enabled
399+
base_repository_roles_map = {
399400
"maintain" = "2"
400401
"write" = "4"
401402
"admin" = "5"
402403
}
403-
404+
custom_repository_roles_map = local.organization_repository_roles_enabled ? {
405+
for role in data.github_organization_repository_roles.ruleset_rules_repository_roles[0].roles :
406+
role.name => role.role_id
407+
} : {}
408+
repository_roles_map = merge(
409+
local.base_repository_roles_map,
410+
local.custom_repository_roles_map,
411+
)
404412
ruleset_rules_teams = flatten([
405413
for e, c in local.rulesets :
406414
c.bypass_actors != null ? compact([for b in c.bypass_actors : b.actor_type == "Team" ? b.actor_id : null]) : []
@@ -413,6 +421,10 @@ locals {
413421
}
414422
}
415423

424+
data "github_organization_repository_roles" "ruleset_rules_repository_roles" {
425+
count = local.organization_repository_roles_enabled ? 1 : 0
426+
}
427+
416428
data "github_team" "ruleset_rules_teams" {
417429
for_each = toset(local.ruleset_rules_teams)
418430

@@ -452,7 +464,7 @@ resource "github_repository_ruleset" "default" {
452464
content {
453465
bypass_mode = bypass_actors.value.bypass_mode
454466
actor_id = (bypass_actors.value.actor_type == "OrganizationAdmin" ? "0" :
455-
bypass_actors.value.actor_type == "RepositoryRole" ? local.organization_roles_map[bypass_actors.value.actor_id] :
467+
bypass_actors.value.actor_type == "RepositoryRole" ? local.repository_roles_map[bypass_actors.value.actor_id] :
456468
bypass_actors.value.actor_type == "Team" ? data.github_team.ruleset_rules_teams[bypass_actors.value.actor_id].id :
457469
bypass_actors.value.actor_id)
458470
actor_type = bypass_actors.value.actor_type

variables.tf

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -421,6 +421,12 @@ variable "users" {
421421
nullable = false
422422
}
423423

424+
variable "organization_repository_roles_enabled" {
425+
description = "Whether to use organization repository roles."
426+
type = bool
427+
default = false
428+
}
429+
424430
variable "rulesets" {
425431
description = "A map of rulesets to configure for the repository"
426432
type = map(object({

0 commit comments

Comments
 (0)