Skip to content
This repository was archived by the owner on Apr 9, 2025. It is now read-only.

chore: update pre-commit flow#78

Closed
peter-svensson wants to merge 1 commit intomainfrom
update-precommit
Closed

chore: update pre-commit flow#78
peter-svensson wants to merge 1 commit intomainfrom
update-precommit

Conversation

@peter-svensson
Copy link
Copy Markdown
Member

@peter-svensson peter-svensson commented Apr 9, 2025

No description provided.

@peter-svensson peter-svensson requested a review from argoyle as a code owner April 9, 2025 12:50
@peter-svensson
Copy link
Copy Markdown
Member Author

peter-svensson commented Apr 9, 2025

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Validation Output 

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan 

terraform
module.terraform-aws-elasticache-redis.github_repository.repo: Refreshing state... [id=terraform-aws-elasticache-redis]
module.terraform-aws-k8s-addons-external-secrets-operator.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-external-secrets-operator]
module.template.github_repository.repo: Refreshing state... [id=tf-template]
module.terraform-aws-aurora-mysql.github_repository.repo: Refreshing state... [id=terraform-aws-aurora-mysql]
module.terraform-aws-dns-validated-certificate.github_repository.repo: Refreshing state... [id=terraform-aws-dns-validated-certificate]
module.terraform-cloudamqp-rabbitmq.github_repository.repo: Refreshing state... [id=terraform-cloudamqp-rabbitmq]
module.terraform-aws-k8s.github_repository.repo: Refreshing state... [id=terraform-aws-k8s]
module.terraform-aws-k8s-addons-argocd.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-argocd]
module.terraform-aws-k8s-addons-github-runners.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-github-runners]
module.terraform-aws-rds-instance-mysql.github_repository.repo: Refreshing state... [id=terraform-aws-rds-instance-mysql]
module.terraform-aws-k8s-addons-cluster-autoscaler.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-cluster-autoscaler]
module.terraform-aws-aurora-postgresql.github_repository.repo: Refreshing state... [id=terraform-aws-aurora-postgresql]
module.terraform-aws-k8s-addons-external-dns.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-external-dns]
module.terraform-aws-k8s-addons-grafana-agent-operator.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-grafana-agent-operator]
module.terraform-aws-kops-state-store.github_repository.repo: Refreshing state... [id=terraform-aws-kops-state-store]
module.terraform-aws-k8s-network.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-network]
module.terraform-aws-rds-instance-postgresql.github_repository.repo: Refreshing state... [id=terraform-aws-rds-instance-postgresql]
module.terraform-aws-k8s-argocd-cluster-secret.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-argocd-cluster-secret]
module.terraform-aws-k8s-addons-fluentbit.github_repository.repo: Refreshing state... [id=terraform-aws-k8s-addons-fluentbit]
module.template.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOIPw-ls4ByDD8]
module.template.github_repository_file.examples: Refreshing state... [id=tf-template/examples/.gitkeep]
module.template.github_repository_file.files[".gitignore"]: Refreshing state... [id=tf-template/.gitignore]
module.template.github_repository_file.files["CODEOWNERS"]: Refreshing state... [id=tf-template/CODEOWNERS]
module.template.github_repository_file.files["Makefile"]: Refreshing state... [id=tf-template/Makefile]
module.template.github_repository_file.github[".github/workflows/terrascan.yaml"]: Refreshing state... [id=tf-template/.github/workflows/terrascan.yaml]
module.template.github_repository_file.github[".github/workflows/build.yml"]: Refreshing state... [id=tf-template/.github/workflows/build.yml]
module.template.github_repository_file.github[".github/workflows/conventional-labels.yaml"]: Refreshing state... [id=tf-template/.github/workflows/conventional-labels.yaml]
module.template.github_repository_file.github[".github/commitlint.config.js"]: Refreshing state... [id=tf-template/.github/commitlint.config.js]
module.template.github_repository_file.github[".github/workflows/commitlint.yaml"]: Refreshing state... [id=tf-template/.github/workflows/commitlint.yaml]
module.template.github_repository_file.github[".github/dependabot.yml"]: Refreshing state... [id=tf-template/.github/dependabot.yml]
module.template.github_repository_file.github[".github/release.yml"]: Refreshing state... [id=tf-template/.github/release.yml]
module.terraform-aws-elasticache-redis.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGN1cCc4Byctu]
module.terraform-aws-k8s-addons-external-secrets-operator.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGng-n84Bycu4]
module.terraform-aws-aurora-mysql.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGMveJs4Byb9g]
module.terraform-aws-dns-validated-certificate.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGNsNLM4Byb86]
module.terraform-aws-k8s.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGDcMAs4BycuE]
module.terraform-aws-k8s-addons-github-runners.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGN7J-s4Bycvo]
module.terraform-cloudamqp-rabbitmq.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGkwzzs4Byc2F]
module.terraform-aws-k8s-addons-argocd.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGN5IuM4Bycts]
module.terraform-aws-rds-instance-mysql.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGOzCK84Bycx-]
module.terraform-aws-k8s-addons-cluster-autoscaler.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOIBlhgc4BycvB]
module.terraform-aws-aurora-postgresql.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGMvXJc4Byb8x]
module.terraform-aws-k8s-addons-external-dns.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGXoYjM4Bycu_]
module.terraform-aws-k8s-addons-grafana-agent-operator.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOHIT5w84BycwF]
module.terraform-aws-kops-state-store.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGMvdvs4Bycx5]
module.terraform-aws-k8s-network.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGEz1n84Bycx1]
module.terraform-aws-rds-instance-postgresql.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGOzETs4Bycx_]
module.terraform-aws-k8s-argocd-cluster-secret.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGmRzyc4Bycx3]
module.terraform-aws-k8s-addons-fluentbit.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOGfsb-s4Bycvj]
module.example.github_repository.repo: Refreshing state... [id=example]
module.example.github_branch_protection.repo: Refreshing state... [id=BPR_kwDOIPxQ984ByDG5]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:

  # module.template.github_repository.repo has been deleted
  - resource "github_repository" "repo" {
        id                          = "tf-template"
      - name                        = "tf-template" -> null
      - node_id                     = "R_kgDOIPw-lg" -> null
        # (34 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.

─────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place

Terraform will perform the following actions:

  # module.example.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOIPxQ9w"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.example.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ archived                    = true -> false
      + description                 = "some text"
      - has_discussions             = true -> null
        id                          = "example"
        name                        = "example"
      ~ vulnerability_alerts        = false -> true
      + web_commit_signoff_required = false
        # (32 unchanged attributes hidden)

        # (2 unchanged blocks hidden)
    }

  # module.template.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = (known after apply)
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "commitlint",
            ]
          + strict   = false
        }
    }

  # module.template.github_repository.repo will be created
  + resource "github_repository" "repo" {
      + allow_auto_merge            = true
      + allow_merge_commit          = true
      + allow_rebase_merge          = false
      + allow_squash_merge          = true
      + archived                    = false
      + auto_init                   = true
      + default_branch              = (known after apply)
      + delete_branch_on_merge      = true
      + description                 = "Template repository for Terraform modules"
      + etag                        = (known after apply)
      + full_name                   = (known after apply)
      + git_clone_url               = (known after apply)
      + has_issues                  = true
      + html_url                    = (known after apply)
      + http_clone_url              = (known after apply)
      + id                          = (known after apply)
      + is_template                 = true
      + license_template            = "mit"
      + merge_commit_message        = "PR_TITLE"
      + merge_commit_title          = "MERGE_MESSAGE"
      + name                        = "tf-template"
      + node_id                     = (known after apply)
      + primary_language            = (known after apply)
      + private                     = (known after apply)
      + repo_id                     = (known after apply)
      + squash_merge_commit_message = "COMMIT_MESSAGES"
      + squash_merge_commit_title   = "COMMIT_OR_PR_TITLE"
      + ssh_clone_url               = (known after apply)
      + svn_url                     = (known after apply)
      + topics                      = (known after apply)
      + visibility                  = "public"
      + vulnerability_alerts        = true
      + web_commit_signoff_required = false

      + security_and_analysis {
          + secret_scanning {
              + status = "disabled"
            }
          + secret_scanning_push_protection {
              + status = "disabled"
            }
        }
    }

  # module.template.github_repository_file.examples will be created
  + resource "github_repository_file" "examples" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update examples"
      + commit_sha                   = (known after apply)
      + file                         = "examples/.gitkeep"
      + id                           = (known after apply)
      + overwrite_on_create          = false
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
        # (1 unchanged attribute hidden)
    }

  # module.template.github_repository_file.files[".gitignore"] will be created
  + resource "github_repository_file" "files" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .gitignore"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            # Local .terraform directories
            **/.terraform/*
            
            # .tfstate files
            #*.tfstate
            *.tfstate.*
            
            # Crash log files
            crash.log
            *.tfvars
            
            
            examples/**/.terraform.lock.hcl
            .idea
        EOT
      + file                         = ".gitignore"
      + id                           = (known after apply)
      + overwrite_on_create          = false
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.files["CODEOWNERS"] will be created
  + resource "github_repository_file" "files" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update CODEOWNERS"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            * @argoyle @peter-svensson
        EOT
      + file                         = "CODEOWNERS"
      + id                           = (known after apply)
      + overwrite_on_create          = false
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.files["Makefile"] will be created
  + resource "github_repository_file" "files" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update Makefile"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            #!/usr/bin/make -f
            
            SHELL = /bin/bash
            EXAMPLES = $(shell find ./examples/* -maxdepth 1 -type d -not -path '*/\.*')
            
            .PHONY: examples
            examples: $(addprefix example/,$(EXAMPLES))
            
            .PHONY: example/%
            example/%:
            	@echo "Processing example: $(notdir $*)"
            	@terraform -chdir=$* init
            	@terraform -chdir=$* validate
            	@terraform -chdir=$* plan
        EOT
      + file                         = "Makefile"
      + id                           = (known after apply)
      + overwrite_on_create          = false
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/commitlint.config.mjs"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/commitlint.config.mjs"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            export default {
              extends: ['@commitlint/config-conventional'],
              /*
               * Any rules defined here will override rules from @commitlint/config-conventional
               */
              rules: {
                'body-max-line-length': [2, 'always', 200],
              },
            };
        EOT
      + file                         = ".github/commitlint.config.mjs"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/dependabot.yml"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/dependabot.yml"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            version: 2
            updates:
              - package-ecosystem: terraform
                directory: "/"
                schedule:
                  interval: "daily"
                open-pull-requests-limit: 10
            
              - package-ecosystem: terraform
                directory: "/examples"
                schedule:
                  interval: "daily"
                open-pull-requests-limit: 10
            
              - package-ecosystem: "github-actions"
                directory: "/"
                schedule:
                  interval: "daily"
                open-pull-requests-limit: 10
        EOT
      + file                         = ".github/dependabot.yml"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/release.yml"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/release.yml"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            changelog:
              exclude:
                labels:
                  - ignore-for-release
              categories:
                - title: Breaking Changes
                  labels:
                    - breaking
                - title: Enhancements
                    - enhancement
                - title: Bugfixes
                  labels:
                    - bug
                - title: Other Changes
                  exclude:
                    author:
                    - dependabot
                  labels:
                    - "*"
                - title: Dependency changes
                  labels:
                    - dependencies
        EOT
      + file                         = ".github/release.yml"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/workflows/build.yml"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/workflows/build.yml"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            name: Build
            
            on: [ push, workflow_dispatch ]
            
            jobs:
              examples:
                runs-on: ubuntu-latest
                strategy:
                  fail-fast: false
                  matrix:
                    os: [ ubuntu-latest ]
                    tf-version: [ 1.1.9, 1.2.9, 1.3.2 ]
                steps:
                  - name: Install terraform v${{ matrix.tf-version }}
                    run: |
                      curl -LO https://releases.hashicorp.com/terraform/${{ matrix.tf-version }}/terraform_${{ matrix.tf-version }}_linux_amd64.zip
                      unzip terraform_${{ matrix.tf-version }}_linux_amd64.zip
                      sudo mv terraform /usr/local/bin
                      rm *
                  - name: Checkout code
                    uses: actions/checkout@v4
                  - name: Validate examples terraform v${{ matrix.tf-version }}
                    run: make examples
              build:
                needs: [examples]
                runs-on: ubuntu-latest
                steps:
                  - run: echo "OK"
        EOT
      + file                         = ".github/workflows/build.yml"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/workflows/commitlint.yaml"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/workflows/commitlint.yaml"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            name: Lint Commit Messages
            
            on: [pull_request]
            
            jobs:
              commitlint:
                runs-on: ubuntu-latest
                steps:
                  - uses: actions/checkout@v4
                    with:
                      fetch-depth: 0
                  - uses: wagoid/commitlint-github-action@v6
                    with:
                      configFile: "./.github/commitlint.config.mjs"
        EOT
      + file                         = ".github/workflows/commitlint.yaml"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/workflows/conventional-labels.yaml"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/workflows/conventional-labels.yaml"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            on:
              pull_request_target:
                types: [ opened, edited ]
            name: conventional-release-labels
            jobs:
              label:
                runs-on: ubuntu-latest
                steps:
                  - uses: bcoe/conventional-release-labels@v1
                    with:
                      type_labels: '{"feat": "feature", "fix": "bug", "breaking": "breaking"}'
                      ignored_types: '[]'
        EOT
      + file                         = ".github/workflows/conventional-labels.yaml"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.template.github_repository_file.github[".github/workflows/terrascan.yaml"] will be created
  + resource "github_repository_file" "github" {
      + autocreate_branch_source_sha = (known after apply)
      + branch                       = "main"
      + commit_author                = "CI"
      + commit_email                 = "ci@opzkit.io"
      + commit_message               = "chore: update .github/workflows/terrascan.yaml"
      + commit_sha                   = (known after apply)
      + content                      = <<-EOT
            name: Terrascan
            on: [ pull_request ]
            # https://github.com/marketplace/actions/terrascan-iac-scanner
            jobs:
              terrascan:
                runs-on: ubuntu-latest
                name: terrascan
                steps:
                  - name: Checkout repository
                    uses: actions/checkout@v4
                  - name: Run Terrascan
                    id: terrascan
                    uses: tenable/terrascan-action@main
                    with:
                      iac_type: 'terraform'
                      iac_version: 'v14'
                      policy_type: 'aws'
                      only_warn: true
                      sarif_upload: true
                      non_recursive: true
                      #iac_dir:
                      #policy_path:
                      #skip_rules:
                      #config_path:
                      #webhook_url:
                      #webhook_token:
                  - name: Upload SARIF file
                    uses: github/codeql-action/upload-sarif@v3
                    with:
                      sarif_file: terrascan.sarif
        EOT
      + file                         = ".github/workflows/terrascan.yaml"
      + id                           = (known after apply)
      + overwrite_on_create          = true
      + ref                          = (known after apply)
      + repository                   = "tf-template"
      + sha                          = (known after apply)
    }

  # module.terraform-aws-aurora-mysql.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGMveJg"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-aurora-mysql.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-aurora-mysql"
        name                        = "terraform-aws-aurora-mysql"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-aurora-postgresql.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGMvXJQ"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-aurora-postgresql.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-aurora-postgresql"
        name                        = "terraform-aws-aurora-postgresql"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-dns-validated-certificate.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGNsNLA"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-dns-validated-certificate.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-dns-validated-certificate"
        name                        = "terraform-aws-dns-validated-certificate"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-elasticache-redis.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGN1cCQ"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-elasticache-redis.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-elasticache-redis"
        name                        = "terraform-aws-elasticache-redis"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "MDEwOlJlcG9zaXRvcnk0MDYyNjA3Mzg="
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      + description                 = "Module for creating Kubernetes clusters using kOps"
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s"
        name                        = "terraform-aws-k8s"
      ~ web_commit_signoff_required = true -> false
        # (31 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-argocd.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGN5IuA"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-argocd.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-argocd"
        name                        = "terraform-aws-k8s-addons-argocd"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-cluster-autoscaler.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOIBlhgQ"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-cluster-autoscaler.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-cluster-autoscaler"
        name                        = "terraform-aws-k8s-addons-cluster-autoscaler"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-external-dns.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGXoYjA"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-external-dns.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-external-dns"
        name                        = "terraform-aws-k8s-addons-external-dns"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-external-secrets-operator.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGng-nw"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-external-secrets-operator.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-external-secrets-operator"
        name                        = "terraform-aws-k8s-addons-external-secrets-operator"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-fluentbit.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGfsb-g"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-fluentbit.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-fluentbit"
        name                        = "terraform-aws-k8s-addons-fluentbit"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-github-runners.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGN7J-g"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-github-runners.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-github-runners"
        name                        = "terraform-aws-k8s-addons-github-runners"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-addons-grafana-agent-operator.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOHIT5ww"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-addons-grafana-agent-operator.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ archived                    = true -> false
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-addons-grafana-agent-operator"
        name                        = "terraform-aws-k8s-addons-grafana-agent-operator"
      ~ vulnerability_alerts        = false -> true
      + web_commit_signoff_required = false
        # (33 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-argocd-cluster-secret.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGmRzyQ"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-argocd-cluster-secret.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-argocd-cluster-secret"
        name                        = "terraform-aws-k8s-argocd-cluster-secret"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-k8s-network.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "MDEwOlJlcG9zaXRvcnk0MDc2OTY3OTk="
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-k8s-network.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-k8s-network"
        name                        = "terraform-aws-k8s-network"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-kops-state-store.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGMvdvg"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-kops-state-store.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-kops-state-store"
        name                        = "terraform-aws-kops-state-store"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-rds-instance-mysql.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGOzCKw"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-rds-instance-mysql.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-rds-instance-mysql"
        name                        = "terraform-aws-rds-instance-mysql"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-aws-rds-instance-postgresql.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGOzETg"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-aws-rds-instance-postgresql.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-aws-rds-instance-postgresql"
        name                        = "terraform-aws-rds-instance-postgresql"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.terraform-cloudamqp-rabbitmq.github_branch_protection.repo will be created
  + resource "github_branch_protection" "repo" {
      + allows_deletions                = false
      + allows_force_pushes             = true
      + enforce_admins                  = false
      + id                              = (known after apply)
      + lock_branch                     = false
      + pattern                         = "main"
      + repository_id                   = "R_kgDOGkwzzg"
      + require_conversation_resolution = false
      + require_signed_commits          = true
      + required_linear_history         = false

      + required_pull_request_reviews {
          + dismiss_stale_reviews           = true
          + require_code_owner_reviews      = true
          + require_last_push_approval      = false
          + required_approving_review_count = 1
        }

      + required_status_checks {
          + contexts = [
              + "build",
              + "commitlint",
              + "terrascan",
            ]
          + strict   = false
        }
    }

  # module.terraform-cloudamqp-rabbitmq.github_repository.repo will be updated in-place
  ~ resource "github_repository" "repo" {
      ~ allow_merge_commit          = false -> true
      ~ allow_rebase_merge          = true -> false
      - allow_update_branch         = true -> null
      - has_discussions             = true -> null
        id                          = "terraform-cloudamqp-rabbitmq"
        name                        = "terraform-cloudamqp-rabbitmq"
      ~ web_commit_signoff_required = true -> false
        # (32 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

Plan: 32 to add, 19 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pusher: @peter-svensson, Action: pull_request, Working Directory: ``, Workflow: Terraform

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@argoyle argoyle argoyle approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@peter-svensson @argoyle