-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmendix.tf
124 lines (107 loc) · 2.74 KB
/
mendix.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
resource "github_repository" "mendix" {
name = "mendix"
description = "NL Design System Mendix demo project"
allow_merge_commit = false
allow_rebase_merge = true
allow_squash_merge = true
allow_auto_merge = true
delete_branch_on_merge = true
has_issues = true
has_downloads = false
has_projects = false
has_wiki = false
vulnerability_alerts = true
homepage_url = "https://nl-design-system.github.io/mendix/"
squash_merge_commit_title = "PR_TITLE"
squash_merge_commit_message = "PR_BODY"
topics = ["nl-design-system"]
security_and_analysis {
secret_scanning {
status = "enabled"
}
secret_scanning_push_protection {
status = "enabled"
}
}
pages {
build_type = "workflow"
# A `source` block is only needed when `build_type` is set to `"legacy"`, but because GitHub keeps it around invisibly, we must add it here to prevent churn
source {
branch = "main"
path = "/"
}
}
lifecycle {
prevent_destroy = true
}
}
resource "github_repository_ruleset" "mendix-main" {
name = "main"
repository = github_repository.mendix.name
target = "branch"
enforcement = "active"
conditions {
ref_name {
include = ["refs/heads/main"]
exclude = []
}
}
rules {
pull_request {
dismiss_stale_reviews_on_push = true
required_approving_review_count = 1
required_review_thread_resolution = true
}
required_linear_history = true
required_status_checks {
required_check {
context = "build"
}
required_check {
context = "install"
}
required_check {
context = "lint"
}
required_check {
context = "test"
}
}
}
bypass_actors {
actor_id = github_team.kernteam-ci.id
actor_type = "Team"
bypass_mode = "always"
}
}
resource "github_repository_collaborators" "mendix" {
repository = github_repository.mendix.name
team {
permission = "admin"
team_id = github_team.kernteam-admin.id
}
team {
permission = "maintain"
team_id = github_team.kernteam-maintainer.id
}
team {
permission = "push"
team_id = github_team.kernteam-committer.id
}
team {
permission = "triage"
team_id = github_team.kernteam-triage.id
}
team {
permission = "triage"
team_id = github_team.kernteam-dependabot.id
}
team {
permission = "push"
team_id = github_team.gemeente-rotterdam-committer.id
}
team {
permission = "push"
team_id = github_team.frameless.id
}
}