diff --git a/.tflint.hcl b/.tflint.hcl
new file mode 100644
index 0000000..a7e3d5d
--- /dev/null
+++ b/.tflint.hcl
@@ -0,0 +1,7 @@
+rule "terraform_unused_declarations" {
+ enabled = false
+}
+
+rule "terraform_required_providers" {
+ enabled = false
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 46065d1..9595a91 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
+### Added
+
+- Add support for `allow_update_branch`.
+
+### Changed
+
+- BREAKING CHANGE: Bump minimum supported version of the GitHub provider to `v5.16`
+ as it contains a [critical fix](https://github.com/integrations/terraform-provider-github/pull/1415) for branch protections.
+- BREAKING CHANGE: Rename `required_status_checks.contexts` to `required_status_checks.checks` as contexts is
+ depcrecated in v3 branch protections
+
## [0.18.0]
### Added
diff --git a/README.md b/README.md
index eed6135..3f71fbd 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
[](https://github.com/mineiros-io/terraform-github-repository/actions)
[](https://github.com/mineiros-io/terraform-github-repository/releases)
[](https://github.com/hashicorp/terraform/releases)
-[](https://github.com/terraform-providers/terraform-provider-github/releases)
+[](https://github.com/terraform-providers/terraform-provider-github/releases)
[](https://join.slack.com/t/mineiros-community/shared_invite/zt-ehidestg-aLGoIENLVs6tvwJ11w9WGg)
# terraform-github-repository
@@ -543,7 +543,7 @@ This is due to some terraform limitation and we will update the module once terr
Default is `false`.
- - [**`contexts`**](#attr-branch_protections_v3-required_status_checks-contexts): *(Optional `list(string)`)*
+ - [**`checks`**](#attr-branch_protections_v3-required_status_checks-checks): *(Optional `list(string)`)*
The list of status checks to require in order to merge into this branch. If default is `[]` no status checks are required.
@@ -649,6 +649,12 @@ This is due to some terraform limitation and we will update the module once terr
Default is `false`.
+ - [**`allow_update_branch`**](#attr-branch_protections_v4-allow_update_branch): *(Optional `bool`)*
+
+ Set to `true` to always suggest updating pull request branches.
+
+ Default is `false`.
+
- [**`blocks_creations`**](#attr-branch_protections_v4-blocks_creations): *(Optional `bool`)*
Setting this to `true` will block creating the branch.
@@ -743,7 +749,7 @@ This is due to some terraform limitation and we will update the module once terr
Default is `false`.
- - [**`contexts`**](#attr-branch_protections_v4-required_status_checks-contexts): *(Optional `list(string)`)*
+ - [**`checks`**](#attr-branch_protections_v4-required_status_checks-checks): *(Optional `list(string)`)*
The list of status checks to require in order to merge into this branch. If default is `[]` no status checks are required.
@@ -1078,7 +1084,7 @@ Run `make help` to see details on each available target.
This module is licensed under the Apache License Version 2.0, January 2004.
Please see [LICENSE] for full details.
-Copyright © 2020-2022 [Mineiros GmbH][homepage]
+Copyright © 2020-2023 [Mineiros GmbH][homepage]
@@ -1097,7 +1103,7 @@ Copyright © 2020-2022 [Mineiros GmbH][homepage]
[badge-license]: https://img.shields.io/badge/license-Apache%202.0-brightgreen.svg
[badge-terraform]: https://img.shields.io/badge/terraform-1.x-623CE4.svg?logo=terraform
[badge-slack]: https://img.shields.io/badge/slack-@mineiros--community-f32752.svg?logo=slack
-[badge-tf-gh]: https://img.shields.io/badge/GH-4.10+-F8991D.svg?logo=terraform
+[badge-tf-gh]: https://img.shields.io/badge/GH-5.16+-F8991D.svg?logo=terraform
[releases-github-provider]: https://github.com/terraform-providers/terraform-provider-github/releases
[build-status]: https://github.com/mineiros-io/terraform-github-repository/actions
[releases-github]: https://github.com/mineiros-io/terraform-github-repository/releases
diff --git a/README.tfdoc.hcl b/README.tfdoc.hcl
index 1f75765..2865d2b 100644
--- a/README.tfdoc.hcl
+++ b/README.tfdoc.hcl
@@ -21,7 +21,7 @@ header {
}
badge "tf-gh" {
- image = "https://img.shields.io/badge/GH-4.10+-F8991D.svg?logo=terraform"
+ image = "https://img.shields.io/badge/GH-5.16+-F8991D.svg?logo=terraform"
url = "https://github.com/terraform-providers/terraform-provider-github/releases"
text = "Github Provider Version"
}
@@ -701,7 +701,7 @@ section {
END
}
- attribute "contexts" {
+ attribute "checks" {
type = list(string)
default = []
description = <<-END
@@ -837,6 +837,14 @@ section {
END
}
+ attribute "allow_update_branch" {
+ type = bool
+ default = false
+ description = <<-END
+ Set to `true` to always suggest updating pull request branches.
+ END
+ }
+
attribute "blocks_creations" {
type = bool
default = false
@@ -959,7 +967,7 @@ section {
END
}
- attribute "contexts" {
+ attribute "checks" {
type = list(string)
default = []
description = <<-END
@@ -1442,7 +1450,7 @@ section {
This module is licensed under the Apache License Version 2.0, January 2004.
Please see [LICENSE] for full details.
- Copyright © 2020-2022 [Mineiros GmbH][homepage]
+ Copyright © 2020-2023 [Mineiros GmbH][homepage]
END
}
}
@@ -1491,7 +1499,7 @@ references {
value = "https://img.shields.io/badge/slack-@mineiros--community-f32752.svg?logo=slack"
}
ref "badge-tf-gh" {
- value = "https://img.shields.io/badge/GH-4.10+-F8991D.svg?logo=terraform"
+ value = "https://img.shields.io/badge/GH-5.16+-F8991D.svg?logo=terraform"
}
ref "releases-github-provider" {
value = "https://github.com/terraform-providers/terraform-provider-github/releases"
diff --git a/examples/public-repository/README.md b/examples/public-repository/README.md
index 6014f5a..da95991 100644
--- a/examples/public-repository/README.md
+++ b/examples/public-repository/README.md
@@ -111,7 +111,7 @@ Run `terraform destroy` to destroy all resources again.
[main.tf]: https://github.com/mineiros-io/terraform-github-repository/blob/main/examples/public-respository/main.tf
[homepage]: https://mineiros.io/?ref=terraform-github-repository
[badge-license]: https://img.shields.io/badge/license-Apache%202.0-brightgreen.svg
-[badge-terraform]: https://img.shields.io/badge/terraform-1.x%20|0.15%20|0.14%20|%200.13%20|%200.12.20+-623CE4.svg?logo=terraform
+[badge-terraform]: https://img.shields.io/badge/terraform-1.x-623CE4.svg?logo=terraform
[badge-slack]: https://img.shields.io/badge/slack-@mineiros--community-f32752.svg?logo=slack
[releases-terraform]: https://github.com/hashicorp/terraform/releases
[apache20]: https://opensource.org/licenses/Apache-2.0
diff --git a/examples/public-repository/main.tf b/examples/public-repository/main.tf
index e48dec7..453c6f1 100644
--- a/examples/public-repository/main.tf
+++ b/examples/public-repository/main.tf
@@ -29,6 +29,7 @@ module "repository" {
gitignore_template = "Terraform"
license_template = "mit"
topics = ["terraform", "unit-test"]
+ allow_update_branch = true
admin_team_ids = [
module.team.team.id
diff --git a/main.tf b/main.tf
index 587e1bb..5608107 100644
--- a/main.tf
+++ b/main.tf
@@ -56,8 +56,8 @@ locals {
for b in local.branch_protections_v3 :
length(keys(b.required_status_checks)) > 0 ? [
merge({
- strict = null
- contexts = []
+ strict = null
+ checks = []
}, b.required_status_checks)] : []
]
@@ -108,6 +108,7 @@ resource "github_repository" "repository" {
license_template = local.license_template
archived = var.archived
topics = local.topics
+ allow_update_branch = var.allow_update_branch
archive_on_destroy = var.archive_on_destroy
vulnerability_alerts = local.vulnerability_alerts
@@ -259,8 +260,8 @@ resource "github_branch_protection_v3" "branch_protection" {
for_each = local.required_status_checks[count.index]
content {
- strict = required_status_checks.value.strict
- contexts = required_status_checks.value.contexts
+ strict = required_status_checks.value.strict
+ checks = required_status_checks.value.checks
}
}
diff --git a/test/unit-complete/main.tf b/test/unit-complete/main.tf
index f307097..aefdae4 100644
--- a/test/unit-complete/main.tf
+++ b/test/unit-complete/main.tf
@@ -40,6 +40,7 @@ module "repository" {
allow_rebase_merge = var.allow_rebase_merge
allow_squash_merge = var.allow_squash_merge
allow_auto_merge = var.allow_auto_merge
+ allow_update_branch = true
delete_branch_on_merge = var.delete_branch_on_merge
is_template = var.is_template
has_downloads = var.has_downloads
@@ -118,8 +119,8 @@ module "repository" {
require_signed_commits = true
required_status_checks = {
- strict = true
- contexts = ["ci/travis"]
+ strict = true
+ checks = ["ci/travis"]
}
required_pull_request_reviews = {
diff --git a/test/unit-complete/provider.tf b/test/unit-complete/provider.tf
index e80c4cc..f329a30 100644
--- a/test/unit-complete/provider.tf
+++ b/test/unit-complete/provider.tf
@@ -6,8 +6,6 @@ terraform {
required_providers {
github = {
source = "integrations/github"
- # mask providers with broken branch protection v3 imlementation
- version = "~> 5.0, !=5.3.0, !=5.4.0, !=5.5.0, !=5.6.0, !=5.7.0"
}
tls = {
source = "hashicorp/tls"
diff --git a/variables.tf b/variables.tf
index 7599034..ef304a3 100644
--- a/variables.tf
+++ b/variables.tf
@@ -96,6 +96,12 @@ variable "allow_auto_merge" {
default = null
}
+variable "allow_update_branch" {
+ description = "(Optional) Set to true to always suggest updating pull request branches."
+ type = bool
+ default = false
+}
+
variable "delete_branch_on_merge" {
description = "(Optional) Whether or not to delete the merged branch after merging a pull request. (Default: false)"
type = bool
@@ -278,8 +284,8 @@ variable "branch_protections_v3" {
# enforce_admins = bool
# require_signed_commits = bool
# required_status_checks = object({
- # strict = bool
- # contexts = list(string)
+ # strict = bool
+ # checks = list(string)
# })
# required_pull_request_reviews = object({
# dismiss_stale_reviews = bool
@@ -305,7 +311,7 @@ variable "branch_protections_v3" {
#
# required_status_checks = {
# strict = false
- # contexts = ["ci/travis"]
+ # checks = ["ci/travis"]
# }
#
# required_pull_request_reviews = {
diff --git a/versions.tf b/versions.tf
index 01e52ac..6e23a00 100644
--- a/versions.tf
+++ b/versions.tf
@@ -5,11 +5,10 @@
terraform {
required_version = "~> 1.0"
- # branch_protections_v3 are broken in >= 5.3
required_providers {
github = {
source = "integrations/github"
- version = ">= 4.20, < 6.0"
+ version = ">= 5.16, < 6.0"
}
}
}