From 65160a459bbd431160958864620681286cec0e31 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:23:37 +0900 Subject: [PATCH 01/11] chore: fix terraform-version Use tfenv --- .terraform-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 .terraform-version diff --git a/.terraform-version b/.terraform-version new file mode 100644 index 0000000..8decb92 --- /dev/null +++ b/.terraform-version @@ -0,0 +1 @@ +1.8.5 From f862c7ac23853450341f29cc8f47b3bb5a39f792 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:26:05 +0900 Subject: [PATCH 02/11] refact: separate variable declartion --- github.tf | 10 +--------- variables.tf | 9 +++++++++ 2 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 variables.tf diff --git a/github.tf b/github.tf index 406f0f2..206cde0 100644 --- a/github.tf +++ b/github.tf @@ -6,14 +6,6 @@ terraform { } } } -variable "github_token" { - type = string - description = "GitHub token" -} -variable "discord_webhook_url" { - description = "The Discord webhook URL to send notifications" - type = string -} # Configure the GitHub Provider provider "github" { @@ -177,4 +169,4 @@ resource "github_repository_webhook" "discord_pr_webhook" { } events = ["pull_request", "pull_request_review", "pull_request_review_comment"] -} \ No newline at end of file +} diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..6edc853 --- /dev/null +++ b/variables.tf @@ -0,0 +1,9 @@ +variable "github_token" { + type = string + description = "GitHub token" +} + +variable "discord_webhook_url" { + description = "The Discord webhook URL to send notifications" + type = string +} From ced229b91bfcc4a6c0938a1064fe7cf40ef949e2 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:26:29 +0900 Subject: [PATCH 03/11] fix: declare secured variable as sensitive --- variables.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/variables.tf b/variables.tf index 6edc853..692007b 100644 --- a/variables.tf +++ b/variables.tf @@ -1,9 +1,11 @@ variable "github_token" { type = string description = "GitHub token" + sensitive = true } variable "discord_webhook_url" { description = "The Discord webhook URL to send notifications" type = string + sensitive = true } From 6c710a2ab362d5a20dea301df940c323382ed3c8 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:26:42 +0900 Subject: [PATCH 04/11] style: format code --- github.tf | 72 ++++++++++++++++++++++++++-------------------------- variables.tf | 6 ++--- 2 files changed, 39 insertions(+), 39 deletions(-) diff --git a/github.tf b/github.tf index 206cde0..92b44fe 100644 --- a/github.tf +++ b/github.tf @@ -30,32 +30,32 @@ data "local_file" "repo_permissions" { } locals { - users = jsondecode(data.local_file.users.content) - teams = jsondecode(data.local_file.teams.content) - repos = jsondecode(data.local_file.repos.content) + users = jsondecode(data.local_file.users.content) + teams = jsondecode(data.local_file.teams.content) + repos = jsondecode(data.local_file.repos.content) repo_permissions = jsondecode(data.local_file.repo_permissions.content) } - + resource "github_organization_settings" "org_settings" { - billing_email = "devkor.apply@gmail.com" - company = "DevKor" - blog = "https://devkor.club" - email = "devkor.apply@gmail.com" - location = "Seoul, Korea" - name = "DevKor" - description = "고려대학교 SW 프로덕트 학회 DevKor Github Organization" - has_organization_projects = true - has_repository_projects = true - members_can_create_repositories = false + billing_email = "devkor.apply@gmail.com" + company = "DevKor" + blog = "https://devkor.club" + email = "devkor.apply@gmail.com" + location = "Seoul, Korea" + name = "DevKor" + description = "고려대학교 SW 프로덕트 학회 DevKor Github Organization" + has_organization_projects = true + has_repository_projects = true + members_can_create_repositories = false members_can_create_private_pages = false - advanced_security_enabled_for_new_repositories = true - dependabot_alerts_enabled_for_new_repositories = true - dependabot_security_updates_enabled_for_new_repositories = true - dependency_graph_enabled_for_new_repositories = true - secret_scanning_enabled_for_new_repositories = true + advanced_security_enabled_for_new_repositories = true + dependabot_alerts_enabled_for_new_repositories = true + dependabot_security_updates_enabled_for_new_repositories = true + dependency_graph_enabled_for_new_repositories = true + secret_scanning_enabled_for_new_repositories = true secret_scanning_push_protection_enabled_for_new_repositories = true } @@ -82,24 +82,24 @@ resource "github_repository" "repo" { for_each = { for repo in local.repos : repo.name => repo } - name = each.key - description = "DevKor ${each.key} repository" - visibility = "public" - has_projects = true - has_wiki = true - has_downloads = true - has_issues = true + name = each.key + description = "DevKor ${each.key} repository" + visibility = "public" + has_projects = true + has_wiki = true + has_downloads = true + has_issues = true has_discussions = true - topics = ["devkor"] + topics = ["devkor"] license_template = "MIT" - archive_on_destroy = true + archive_on_destroy = true vulnerability_alerts = true security_and_analysis { secret_scanning { - status = "enabled" + status = "enabled" } secret_scanning_push_protection { status = "enabled" @@ -109,7 +109,7 @@ resource "github_repository" "repo" { } # team - repo permission resource "github_team_repository" "team_repos" { - for_each = { for permission in local.repo_permissions : "${permission.team}:${permission.repo}" => permission } + for_each = { for permission in local.repo_permissions : "${permission.team}:${permission.repo}" => permission } team_id = github_team.team[each.value.team].id repository = each.value.repo permission = each.value.permission @@ -123,7 +123,7 @@ resource "github_branch" "main" { branch = "main" } -resource "github_branch_default" "default"{ +resource "github_branch_default" "default" { for_each = { for repo in local.repos : repo.name => repo } repository = each.value.name @@ -132,16 +132,16 @@ resource "github_branch_default" "default"{ # main branch must have Reviews resource "github_repository_ruleset" "review_ruleset" { - name = "require_reviews" - target = "branch" + name = "require_reviews" + target = "branch" for_each = { for repo in local.repos : repo.name => repo } - repository = each.value.name + repository = each.value.name enforcement = "active" conditions { ref_name { - include = [ "~DEFAULT_BRANCH"] + include = ["~DEFAULT_BRANCH"] exclude = [] } } @@ -149,7 +149,7 @@ resource "github_repository_ruleset" "review_ruleset" { rules { pull_request { required_approving_review_count = 1 - require_last_push_approval = true + require_last_push_approval = true } } diff --git a/variables.tf b/variables.tf index 692007b..e63e26f 100644 --- a/variables.tf +++ b/variables.tf @@ -1,11 +1,11 @@ variable "github_token" { type = string description = "GitHub token" - sensitive = true + sensitive = true } variable "discord_webhook_url" { description = "The Discord webhook URL to send notifications" - type = string - sensitive = true + type = string + sensitive = true } From 45b578959838039389d1a23eb126c742e38b41ab Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:27:51 +0900 Subject: [PATCH 05/11] style: prefer main.tf --- github.tf => main.tf | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename github.tf => main.tf (100%) diff --git a/github.tf b/main.tf similarity index 100% rename from github.tf rename to main.tf From 69b5e0be02cd1d4940ece1f46ee687a675e1e798 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:33:01 +0900 Subject: [PATCH 06/11] chore: update lock --- .terraform.lock.hcl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index 0be7c85..d3f733d 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -4,6 +4,7 @@ provider "registry.terraform.io/hashicorp/local" { version = "2.5.1" hashes = [ + "h1:/GAVA/xheGQcbOZEq0qxANOg+KVLCA7Wv8qluxhTjhU=", "h1:tjcGlQAFA0kmQ4vKkIPPUC4it1UYxLbg4YvHOWRAJHA=", "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", @@ -25,6 +26,7 @@ provider "registry.terraform.io/integrations/github" { constraints = "~> 6.0" hashes = [ "h1:rY+q+OhJm90R900HvO05YNH7Tl0EOnbCLAoG+5niLX8=", + "h1:uDerb9YJo3vAO+wKw+Z064InX5aXom+nKLDry2eGf14=", "zh:172aa5141c525174f38504a0d2e69d0d16c0a0b941191b7170fe6ae4d7282e30", "zh:1a098b731fa658c808b591d030cc17cc7dfca1bf001c3c32e596f8c1bf980e9f", "zh:245d6a1c7e632d8ae4bdd2da2516610c50051e81505cf420a140aa5fa076ea90", From 3f1a152f4283f400ba5e0ded6820c2e344c6f531 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:35:20 +0900 Subject: [PATCH 07/11] refact: prefer tfvars --- main.tf | 40 ++++++++-------------------------------- repo_permissions.json | 12 ------------ repos.json | 8 -------- teams.json | 8 -------- terraform.tfvars | 40 ++++++++++++++++++++++++++++++++++++++++ users.json | 12 ------------ variables.tf | 28 ++++++++++++++++++++++++++++ 7 files changed, 76 insertions(+), 72 deletions(-) delete mode 100644 repo_permissions.json delete mode 100644 repos.json delete mode 100644 teams.json create mode 100644 terraform.tfvars delete mode 100644 users.json diff --git a/main.tf b/main.tf index 92b44fe..01b08ea 100644 --- a/main.tf +++ b/main.tf @@ -13,30 +13,6 @@ provider "github" { owner = "DevKor-github" } -data "local_file" "users" { - filename = "${path.module}/users.json" -} - -data "local_file" "teams" { - filename = "${path.module}/teams.json" -} - -data "local_file" "repos" { - filename = "${path.module}/repos.json" -} - -data "local_file" "repo_permissions" { - filename = "${path.module}/repo_permissions.json" -} - -locals { - users = jsondecode(data.local_file.users.content) - teams = jsondecode(data.local_file.teams.content) - repos = jsondecode(data.local_file.repos.content) - repo_permissions = jsondecode(data.local_file.repo_permissions.content) -} - - resource "github_organization_settings" "org_settings" { billing_email = "devkor.apply@gmail.com" @@ -62,7 +38,7 @@ resource "github_organization_settings" "org_settings" { # user 초대 resource "github_membership" "user" { - for_each = { for user in local.users : user.user => user } + for_each = { for user in var.users : user.user => user } username = each.value.user role = each.value.role @@ -70,7 +46,7 @@ resource "github_membership" "user" { # team 생성 resource "github_team" "team" { - for_each = { for team in local.teams : team.name => team } + for_each = { for team in var.teams : team.name => team } name = each.key description = "DevKor ${each.key} team" @@ -79,7 +55,7 @@ resource "github_team" "team" { # 팀별 2 repositories 생성 resource "github_repository" "repo" { - for_each = { for repo in local.repos : repo.name => repo } + for_each = { for repo in var.repos : repo.name => repo } name = each.key @@ -109,7 +85,7 @@ resource "github_repository" "repo" { } # team - repo permission resource "github_team_repository" "team_repos" { - for_each = { for permission in local.repo_permissions : "${permission.team}:${permission.repo}" => permission } + for_each = { for permission in var.repo_permissions : "${permission.team}:${permission.repo}" => permission } team_id = github_team.team[each.value.team].id repository = each.value.repo permission = each.value.permission @@ -117,14 +93,14 @@ resource "github_team_repository" "team_repos" { resource "github_branch" "main" { - for_each = { for repo in local.repos : repo.name => repo } + for_each = { for repo in var.repos : repo.name => repo } repository = each.value.name branch = "main" } resource "github_branch_default" "default" { - for_each = { for repo in local.repos : repo.name => repo } + for_each = { for repo in var.repos : repo.name => repo } repository = each.value.name branch = "main" @@ -134,7 +110,7 @@ resource "github_branch_default" "default" { resource "github_repository_ruleset" "review_ruleset" { name = "require_reviews" target = "branch" - for_each = { for repo in local.repos : repo.name => repo } + for_each = { for repo in var.repos : repo.name => repo } repository = each.value.name enforcement = "active" @@ -158,7 +134,7 @@ resource "github_repository_ruleset" "review_ruleset" { # PR -> discord webhook resource "github_repository_webhook" "discord_pr_webhook" { - for_each = { for repo in local.repos : repo.name => repo } + for_each = { for repo in var.repos : repo.name => repo } repository = each.value.name diff --git a/repo_permissions.json b/repo_permissions.json deleted file mode 100644 index 6c6a2dc..0000000 --- a/repo_permissions.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "repo": "kudog-frontend", - "team": "kudog", - "permission": "admin" - }, - { - "repo": "kudog-backend", - "team": "kudog", - "permission": "admin" - } -] diff --git a/repos.json b/repos.json deleted file mode 100644 index a5e898b..0000000 --- a/repos.json +++ /dev/null @@ -1,8 +0,0 @@ -[ - { - "name": "kudog-backend" - }, - { - "name": "kudog-frontend" - } -] diff --git a/teams.json b/teams.json deleted file mode 100644 index 75b695b..0000000 --- a/teams.json +++ /dev/null @@ -1,8 +0,0 @@ -[ - { - "name": "kudog" - }, - { - "name": "kukey" - } -] diff --git a/terraform.tfvars b/terraform.tfvars new file mode 100644 index 0000000..6f5ec0f --- /dev/null +++ b/terraform.tfvars @@ -0,0 +1,40 @@ +users = [ + { + user = "overthestream" + role = "admin" + team = "kudog" + }, + { + user = "overthestream2" + role = "admin" + team = "kudog" + }, +] +teams = [ + { + name = "kudog" + }, + { + name = "kukey" + }, +] +repos = [ + { + name = "kudog-backend" + }, + { + name = "kudog-frontend" + }, +] +repo_permissions = [ + { + repo = "kudog-frontend", + team = "kudog", + permission = "admin" + }, + { + repo = "kudog-backend", + team = "kudog", + permission = "admin" + } +] diff --git a/users.json b/users.json deleted file mode 100644 index 1a708ab..0000000 --- a/users.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "user": "overthestream", - "role": "admin", - "team": "kudog" - }, - { - "user": "overthestream2", - "role": "admin", - "team": "kudog" - } -] diff --git a/variables.tf b/variables.tf index e63e26f..0de7580 100644 --- a/variables.tf +++ b/variables.tf @@ -9,3 +9,31 @@ variable "discord_webhook_url" { type = string sensitive = true } + +variable "users" { + type = list(object({ + user = string + role = string + team = string + })) +} + +variable "teams" { + type = list(object({ + name = string + })) +} + +variable "repos" { + type = list(object({ + name = string + })) +} + +variable "repo_permissions" { + type = list(object({ + repo = string + team = string + permission = string + })) +} From e23ccd0b9cc42178b3772666e94dd74b0d8d9f9f Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 14:58:28 +0900 Subject: [PATCH 08/11] refact: extract org-wide operations --- main.tf | 31 ------------------------------- org.tf | 27 +++++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 31 deletions(-) create mode 100644 org.tf diff --git a/main.tf b/main.tf index 01b08ea..4f0fc2d 100644 --- a/main.tf +++ b/main.tf @@ -13,37 +13,6 @@ provider "github" { owner = "DevKor-github" } - -resource "github_organization_settings" "org_settings" { - billing_email = "devkor.apply@gmail.com" - company = "DevKor" - blog = "https://devkor.club" - email = "devkor.apply@gmail.com" - location = "Seoul, Korea" - name = "DevKor" - description = "고려대학교 SW 프로덕트 학회 DevKor Github Organization" - has_organization_projects = true - has_repository_projects = true - members_can_create_repositories = false - members_can_create_private_pages = false - - advanced_security_enabled_for_new_repositories = true - dependabot_alerts_enabled_for_new_repositories = true - dependabot_security_updates_enabled_for_new_repositories = true - dependency_graph_enabled_for_new_repositories = true - secret_scanning_enabled_for_new_repositories = true - secret_scanning_push_protection_enabled_for_new_repositories = true -} - - -# user 초대 -resource "github_membership" "user" { - for_each = { for user in var.users : user.user => user } - - username = each.value.user - role = each.value.role -} - # team 생성 resource "github_team" "team" { for_each = { for team in var.teams : team.name => team } diff --git a/org.tf b/org.tf new file mode 100644 index 0000000..aebd6ad --- /dev/null +++ b/org.tf @@ -0,0 +1,27 @@ +resource "github_organization_settings" "org_settings" { + billing_email = "devkor.apply@gmail.com" + company = "DevKor" + blog = "https://devkor.club" + email = "devkor.apply@gmail.com" + location = "Seoul, Korea" + name = "DevKor" + description = "고려대학교 SW 프로덕트 학회 DevKor Github Organization" + has_organization_projects = true + has_repository_projects = true + members_can_create_repositories = false + members_can_create_private_pages = false + + advanced_security_enabled_for_new_repositories = true + dependabot_alerts_enabled_for_new_repositories = true + dependabot_security_updates_enabled_for_new_repositories = true + dependency_graph_enabled_for_new_repositories = true + secret_scanning_enabled_for_new_repositories = true + secret_scanning_push_protection_enabled_for_new_repositories = true +} + +resource "github_membership" "user" { + for_each = { for user in var.users : user.user => user } + + username = each.value.user + role = each.value.role +} From c5d16bac4c0fa6df76992ad2da547fe737ca704c Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 15:01:21 +0900 Subject: [PATCH 09/11] refact: extract admin --- main.tf | 7 +++++++ org.tf | 8 ++++---- terraform.tfvars | 4 ++++ variables.tf | 4 ++++ 4 files changed, 19 insertions(+), 4 deletions(-) diff --git a/main.tf b/main.tf index 4f0fc2d..58e61c4 100644 --- a/main.tf +++ b/main.tf @@ -13,6 +13,13 @@ provider "github" { owner = "DevKor-github" } +resource "github_membership" "user" { + for_each = { for user in var.users : user.user => user } + + username = each.value.user + role = each.value.role +} + # team 생성 resource "github_team" "team" { for_each = { for team in var.teams : team.name => team } diff --git a/org.tf b/org.tf index aebd6ad..6e72733 100644 --- a/org.tf +++ b/org.tf @@ -19,9 +19,9 @@ resource "github_organization_settings" "org_settings" { secret_scanning_push_protection_enabled_for_new_repositories = true } -resource "github_membership" "user" { - for_each = { for user in var.users : user.user => user } +resource "github_membership" "admins" { + for_each = { for admin in var.admins : admin => {} } - username = each.value.user - role = each.value.role + username = each.key + role = "admin" } diff --git a/terraform.tfvars b/terraform.tfvars index 6f5ec0f..bba8f39 100644 --- a/terraform.tfvars +++ b/terraform.tfvars @@ -38,3 +38,7 @@ repo_permissions = [ permission = "admin" } ] + +admins = [ + "overthestream", +] diff --git a/variables.tf b/variables.tf index 0de7580..760e93d 100644 --- a/variables.tf +++ b/variables.tf @@ -37,3 +37,7 @@ variable "repo_permissions" { permission = string })) } + +variable "admins" { + type = list(string) +} From 6d27e4b16c4f5569fe7c0578675ba2d3f8e96ce6 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Thu, 6 Jun 2024 15:39:04 +0900 Subject: [PATCH 10/11] refact: change variable structure --- main.tf | 64 ++++++++++++++++++++++++++++++------------------ terraform.tfvars | 44 +++++++-------------------------- variables.tf | 27 +++----------------- 3 files changed, 53 insertions(+), 82 deletions(-) diff --git a/main.tf b/main.tf index 58e61c4..991ab59 100644 --- a/main.tf +++ b/main.tf @@ -13,25 +13,40 @@ provider "github" { owner = "DevKor-github" } -resource "github_membership" "user" { - for_each = { for user in var.users : user.user => user } +locals { + members = setsubtract(flatten(var.teams[*].users), var.admins) + repos = flatten(var.teams[*].repos) + repo_team_mapping = flatten( + [ + for team in var.teams : + [for repo in team.repos : { key : repo, value : team.name }] + ] + ) + repo_discord_webhook_url_mapping = flatten( + [ + for team in var.teams : + [for repo in team.repos : { key : "${team.name}_${repo}", value : { repo : repo, webhook : team.discord_webhook_url } }] + ] + ) +} + +resource "github_membership" "members" { + for_each = { for member in local.members : member => {} } - username = each.value.user - role = each.value.role + username = each.key + role = "member" } -# team 생성 -resource "github_team" "team" { - for_each = { for team in var.teams : team.name => team } +resource "github_team" "teams" { + for_each = { for team in var.teams : team.name => {} } name = each.key description = "DevKor ${each.key} team" privacy = "closed" } -# 팀별 2 repositories 생성 resource "github_repository" "repo" { - for_each = { for repo in var.repos : repo.name => repo } + for_each = { for repo in local.repos : repo => {} } name = each.key @@ -61,34 +76,35 @@ resource "github_repository" "repo" { } # team - repo permission resource "github_team_repository" "team_repos" { - for_each = { for permission in var.repo_permissions : "${permission.team}:${permission.repo}" => permission } - team_id = github_team.team[each.value.team].id - repository = each.value.repo - permission = each.value.permission + for_each = { for mapping in local.repo_team_mapping : mapping.key => mapping.value } + team_id = github_team.teams[each.value].id + repository = github_repository.repo[each.key].name + permission = "admin" } resource "github_branch" "main" { - for_each = { for repo in var.repos : repo.name => repo } + for_each = { for repo in local.repos : repo => {} } - repository = each.value.name + repository = github_repository.repo[each.key].name branch = "main" } resource "github_branch_default" "default" { - for_each = { for repo in var.repos : repo.name => repo } + for_each = { for repo in local.repos : repo => {} } - repository = each.value.name + repository = github_repository.repo[each.key].name branch = "main" } # main branch must have Reviews resource "github_repository_ruleset" "review_ruleset" { - name = "require_reviews" - target = "branch" - for_each = { for repo in var.repos : repo.name => repo } + for_each = { for repo in local.repos : repo => {} } + + name = "require_reviews" + target = "branch" - repository = each.value.name + repository = github_repository.repo[each.key].name enforcement = "active" conditions { @@ -110,12 +126,12 @@ resource "github_repository_ruleset" "review_ruleset" { # PR -> discord webhook resource "github_repository_webhook" "discord_pr_webhook" { - for_each = { for repo in var.repos : repo.name => repo } + for_each = { for mapping in local.repo_discord_webhook_url_mapping : mapping.key => mapping.value } - repository = each.value.name + repository = github_repository.repo[each.value.repo].name configuration { - url = var.discord_webhook_url + url = each.value.webhook content_type = "json" insecure_ssl = false } diff --git a/terraform.tfvars b/terraform.tfvars index bba8f39..b84d73a 100644 --- a/terraform.tfvars +++ b/terraform.tfvars @@ -1,41 +1,15 @@ -users = [ - { - user = "overthestream" - role = "admin" - team = "kudog" - }, - { - user = "overthestream2" - role = "admin" - team = "kudog" - }, -] teams = [ { name = "kudog" - }, - { - name = "kukey" - }, -] -repos = [ - { - name = "kudog-backend" - }, - { - name = "kudog-frontend" - }, -] -repo_permissions = [ - { - repo = "kudog-frontend", - team = "kudog", - permission = "admin" - }, - { - repo = "kudog-backend", - team = "kudog", - permission = "admin" + users = [ + "overthestream", + "overthestream2", + ] + repos = [ + "kudog-frontend", + "kudog-backend", + ] + discord_webhook_url = "https://example.com" } ] diff --git a/variables.tf b/variables.tf index 760e93d..5a8b114 100644 --- a/variables.tf +++ b/variables.tf @@ -10,31 +10,12 @@ variable "discord_webhook_url" { sensitive = true } -variable "users" { - type = list(object({ - user = string - role = string - team = string - })) -} - variable "teams" { type = list(object({ - name = string - })) -} - -variable "repos" { - type = list(object({ - name = string - })) -} - -variable "repo_permissions" { - type = list(object({ - repo = string - team = string - permission = string + name = string + users = list(string) + repos = list(string) + discord_webhook_url = string })) } From 14152dd29edeb5951092a6b6848553b348227d48 Mon Sep 17 00:00:00 2001 From: BeLeap Date: Sun, 9 Jun 2024 13:49:06 +0900 Subject: [PATCH 11/11] chore: remove unused variable --- variables.tf | 6 ------ 1 file changed, 6 deletions(-) diff --git a/variables.tf b/variables.tf index 5a8b114..18f0eca 100644 --- a/variables.tf +++ b/variables.tf @@ -4,12 +4,6 @@ variable "github_token" { sensitive = true } -variable "discord_webhook_url" { - description = "The Discord webhook URL to send notifications" - type = string - sensitive = true -} - variable "teams" { type = list(object({ name = string