Merge pull request #1 from dsodk/feat-initial-version

feat-initial-version-module-built

Author: andreouellet

.gitignore

@@ -5,6 +5,9 @@
 *.tfstate
 *.tfstate.*
 
+# terraform lock file
+examples/.terraform.lock.hcl
+
 # Crash log files
 crash.log
 

README.md

@@ -1,13 +1,16 @@
-# DevSecOps Dev Kit - Template terraform module
+# DSODK - Terraform Module for GitHub Organizations
 
-Template of terraform module
+Terraform module for creating and managing GitHub Organizations
 
 ## Features
 
 ## Usage
 
 ## (Resource) Best Practices
 
+* https://registry.terraform.io/providers/integrations/github
+* https://github.com/integrations/terraform-provider-github
+
 ## Examples
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -16,13 +19,13 @@ Template of terraform module
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
+| <a name="requirement_github"></a> [github](#requirement\_github) | 5.3.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_null"></a> [null](#provider\_null) | >= 3.0 |
+| <a name="provider_github"></a> [github](#provider\_github) | 5.3.0 |
 
 ## Modules
 
@@ -32,24 +35,59 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [null_resource.template_null_resource](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [github_organization_project.this](https://registry.terraform.io/providers/integrations/github/5.3.0/docs/resources/organization_project) | resource |
+| [github_organization_settings.this](https://registry.terraform.io/providers/integrations/github/5.3.0/docs/resources/organization_settings) | resource |
+| [github_organization_webhook.this](https://registry.terraform.io/providers/integrations/github/5.3.0/docs/resources/organization_webhook) | resource |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources. | `map(string)` | `{}` | no |
-| <a name="input_template_variable_boolean"></a> [template\_variable\_boolean](#input\_template\_variable\_boolean) | Template variable of type boolean | `bool` | `true` | no |
-| <a name="input_template_variable_map"></a> [template\_variable\_map](#input\_template\_variable\_map) | Template variable of type map | `map(string)` | `{}` | no |
-| <a name="input_template_variable_number"></a> [template\_variable\_number](#input\_template\_variable\_number) | Template variable of type number | `number` | `123` | no |
-| <a name="input_template_variable_string"></a> [template\_variable\_string](#input\_template\_variable\_string) | Template variable of type boolean | `string` | `""` | no |
-| <a name="input_triggers"></a> [triggers](#input\_triggers) | A map of arbitrary strings that, when changed, will force the null resource to be replaced, re-running any associated provisioners | `map(string)` | `{}` | no |
+| <a name="input_advanced_security_enabled_for_new_repositories"></a> [advanced\_security\_enabled\_for\_new\_repositories](#input\_advanced\_security\_enabled\_for\_new\_repositories) | Whether or not advanced security is enabled for new repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_billing_email"></a> [billing\_email](#input\_billing\_email) | The billing email address for the GitHub Organization. (Required) | `string` | n/a | yes |
+| <a name="input_blog_url"></a> [blog\_url](#input\_blog\_url) | The blog URL (https://example.com) for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_company"></a> [company](#input\_company) | The company name for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_create_github_organization"></a> [create\_github\_organization](#input\_create\_github\_organization) | Whether to create the GitHub Organization. | `bool` | `true` | no |
+| <a name="input_create_github_organization_project"></a> [create\_github\_organization\_project](#input\_create\_github\_organization\_project) | Whether to create projects in the GitHub Organization. | `bool` | `false` | no |
+| <a name="input_create_github_organization_webhook"></a> [create\_github\_organization\_webhook](#input\_create\_github\_organization\_webhook) | Whether to create webhooks in the GitHub Organization. | `bool` | `false` | no |
+| <a name="input_default_repository_permission"></a> [default\_repository\_permission](#input\_default\_repository\_permission) | The default permission [read\|write\|admin\|none] for GitHub Organization members to create new repositories . (Optional) | `string` | `"read"` | no |
+| <a name="input_dependabot_alerts_enabled_for_new_repositories"></a> [dependabot\_alerts\_enabled\_for\_new\_repositories](#input\_dependabot\_alerts\_enabled\_for\_new\_repositories) | Whether or not dependabot alerts are enabled for new repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_dependabot_security_updates_enabled_for_new_repositories"></a> [dependabot\_security\_updates\_enabled\_for\_new\_repositories](#input\_dependabot\_security\_updates\_enabled\_for\_new\_repositories) | Whether or not dependabot security updates are enabled for new repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_dependency_graph_enabled_for_new_repositories"></a> [dependency\_graph\_enabled\_for\_new\_repositories](#input\_dependency\_graph\_enabled\_for\_new\_repositories) | Whether or not dependency graph is enabled for new repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_description"></a> [description](#input\_description) | The description for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_email"></a> [email](#input\_email) | The email address (example@example.com) for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_github_organization_project_body"></a> [github\_organization\_project\_body](#input\_github\_organization\_project\_body) | The body of the project. (Optional) | `string` | `""` | no |
+| <a name="input_github_organization_project_name"></a> [github\_organization\_project\_name](#input\_github\_organization\_project\_name) | The name of the project. (Required) | `string` | `""` | no |
+| <a name="input_github_organization_webhook_active"></a> [github\_organization\_webhook\_active](#input\_github\_organization\_webhook\_active) | Indicate of the webhook should receive events. (Optional) | `bool` | `true` | no |
+| <a name="input_github_organization_webhook_config_content_type"></a> [github\_organization\_webhook\_config\_content\_type](#input\_github\_organization\_webhook\_config\_content\_type) | The content type of the webhook. [form\|json] | `string` | `"form"` | no |
+| <a name="input_github_organization_webhook_config_insecure_ssl"></a> [github\_organization\_webhook\_config\_insecure\_ssl](#input\_github\_organization\_webhook\_config\_insecure\_ssl) | Whether to allow insecure\_ssl. | `bool` | `false` | no |
+| <a name="input_github_organization_webhook_config_secret"></a> [github\_organization\_webhook\_config\_secret](#input\_github\_organization\_webhook\_config\_secret) | Secret for the Webhook | `string` | `""` | no |
+| <a name="input_github_organization_webhook_config_url"></a> [github\_organization\_webhook\_config\_url](#input\_github\_organization\_webhook\_config\_url) | The URL of the webhook | `string` | `""` | no |
+| <a name="input_github_organization_webhook_events"></a> [github\_organization\_webhook\_events](#input\_github\_organization\_webhook\_events) | A list of events which should trigger the webhook. (Optional)<br>For list of valid events, visit https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#issues | `list(any)` | `[]` | no |
+| <a name="input_has_organization_projects"></a> [has\_organization\_projects](#input\_has\_organization\_projects) | Whether or not organization projects are enabled for the GitHub Organization. (Optional) | `bool` | `true` | no |
+| <a name="input_has_repository_projects"></a> [has\_repository\_projects](#input\_has\_repository\_projects) | Whether or not repository projects are enabled for the GitHub Organization. (Optional) | `bool` | `true` | no |
+| <a name="input_location"></a> [location](#input\_location) | The location for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_members_can_create_internal_repositories"></a> [members\_can\_create\_internal\_repositories](#input\_members\_can\_create\_internal\_repositories) | Whether or not organization members can create new internal repositories. For Enterprise Organizations only. (Optional) | `bool` | `false` | no |
+| <a name="input_members_can_create_pages"></a> [members\_can\_create\_pages](#input\_members\_can\_create\_pages) | Whether or not organization members can create new pages. (Optional) | `bool` | `true` | no |
+| <a name="input_members_can_create_private_pages"></a> [members\_can\_create\_private\_pages](#input\_members\_can\_create\_private\_pages) | Whether or not organization members can create new private pages. (Optional) | `bool` | `true` | no |
+| <a name="input_members_can_create_private_repositories"></a> [members\_can\_create\_private\_repositories](#input\_members\_can\_create\_private\_repositories) | Whether or not organization members can create new private repositories. (Optional) | `bool` | `true` | no |
+| <a name="input_members_can_create_public_pages"></a> [members\_can\_create\_public\_pages](#input\_members\_can\_create\_public\_pages) | Whether or not organization members can create new public pages. (Optional) | `bool` | `true` | no |
+| <a name="input_members_can_create_public_repositories"></a> [members\_can\_create\_public\_repositories](#input\_members\_can\_create\_public\_repositories) | Whether or not organization members can create new public repositories. (Optional) | `bool` | `true` | no |
+| <a name="input_members_can_create_repositories"></a> [members\_can\_create\_repositories](#input\_members\_can\_create\_repositories) | Whether or not organization members can create new repositories. (Optional) | `bool` | `true` | no |
+| <a name="input_members_can_fork_private_repositories"></a> [members\_can\_fork\_private\_repositories](#input\_members\_can\_fork\_private\_repositories) | Whether or not organization members can fork private repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_name"></a> [name](#input\_name) | The name for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_secret_scanning_enabled_for_new_repositories"></a> [secret\_scanning\_enabled\_for\_new\_repositories](#input\_secret\_scanning\_enabled\_for\_new\_repositories) | Whether or not secret scanning is enabled for new repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_secret_scanning_push_protection_enabled_for_new_repositories"></a> [secret\_scanning\_push\_protection\_enabled\_for\_new\_repositories](#input\_secret\_scanning\_push\_protection\_enabled\_for\_new\_repositories) | Whether or not secret scanning push protection is enabled for new repositories. (Optional) | `bool` | `false` | no |
+| <a name="input_twitter_username"></a> [twitter\_username](#input\_twitter\_username) | The Twitter username for the GitHub Organization. (Optional) | `string` | `""` | no |
+| <a name="input_web_commit_signoff_required"></a> [web\_commit\_signoff\_required](#input\_web\_commit\_signoff\_required) | Whether or not commit signatures are required for commits to the organization. (Optional) | `bool` | `false` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_template_null_resource_id"></a> [template\_null\_resource\_id](#output\_template\_null\_resource\_id) | The ID of the null resource |
+| <a name="output_github_organization_project_url"></a> [github\_organization\_project\_url](#output\_github\_organization\_project\_url) | The URL of the project |
+| <a name="output_github_organization_settings_id"></a> [github\_organization\_settings\_id](#output\_github\_organization\_settings\_id) | The ID of the organization settings |
+| <a name="output_github_organization_webhook_url"></a> [github\_organization\_webhook\_url](#output\_github\_organization\_webhook\_url) | The URL of the webhook |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ## Authors

examples/README.md

@@ -24,7 +24,7 @@ After testing with this example is completed, run ```$ terraform destroy```
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
+| <a name="requirement_github"></a> [github](#requirement\_github) | 5.3.0 |
 
 ## Providers
 
@@ -34,19 +34,21 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_template_null_resource"></a> [template\_null\_resource](#module\_template\_null\_resource) | ../ | n/a |
+| <a name="module_github_organization_settings"></a> [github\_organization\_settings](#module\_github\_organization\_settings) | ../ | n/a |
 
 ## Resources
 
 No resources.
 
 ## Inputs
 
-No inputs.
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_billing_email"></a> [billing\_email](#input\_billing\_email) | The billing email address for the GitHub Organization. (Required) | `string` | n/a | yes |
+| <a name="input_owner"></a> [owner](#input\_owner) | Target GitHub organization or individual user account to manage. (Required) | `string` | n/a | yes |
+| <a name="input_token"></a> [token](#input\_token) | GitHub API Auth using OAuth or Personal Access Token. (Required) | `string` | n/a | yes |
 
 ## Outputs
 
-| Name | Description |
-|------|-------------|
-| <a name="output_template_null_resource_id"></a> [template\_null\_resource\_id](#output\_template\_null\_resource\_id) | The ID of the null resource |
+No outputs.
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/deploy.tf

@@ -1,19 +1,41 @@
-provider "null" {
-}
+provider "github" {
+
+  owner = var.owner
+  token = var.token
 
-#provider "aws" {
-#  region = "ca-central-1"
-#}
+  #token    = var.github_token    # GITHUB_TOKEN    - GitHub API Auth using OAuth or Personal Access Token
+  #base_url = var.github_base_url # GITHUB_BASE_URL - Target GitHub base API endpoint. Required for GitHub Enterprise
+  #owner    = var.github_owner    # GITHUB_OWNER    - Target GitHub organization or individual user account to manage
+
+  #write_delay_ms = try(var.github_write_delay_ms, 1000) # Milliseconds to sleep between write ops for GitHub API Rate Limit
+  #read_delay_ms  = try(var.github_read_delay_ms, 0)     # Milliseconds to sleep between read ops for GitHub API Rate Limit
+}
 
 ##################################################
-# Null Resource Module
+# GitHub Organization
 ##################################################
 
-module "template_null_resource" {
+module "github_organization_settings" {
   source = "../"
 
-  triggers = {
-    name    = "dsodk-template-code-terraform-module"
-    trigger = "Change this text to trigger the module to replace null resources with new ones"
-  }
+  billing_email = var.billing_email
+  company       = "dsodk"
+  email         = "terraform.module.test@dsodk.io"
+  location      = "Global"
+  name          = "dsodk-test-github-org-module"
+  description   = "Test organization used by example in dsodk-code-module-terraform-github-organization"
+
+  default_repository_permission = "read"
+
+  members_can_create_repositories         = false
+  members_can_create_public_repositories  = false
+  members_can_create_private_repositories = false
+
+  members_can_create_pages              = false
+  members_can_create_public_pages       = false
+  members_can_create_private_pages      = false
+  members_can_fork_private_repositories = false
+
+  secret_scanning_enabled_for_new_repositories                 = true
+  secret_scanning_push_protection_enabled_for_new_repositories = true
 }

examples/outputs.tf

@@ -1,4 +0,0 @@
-output "template_null_resource_id" {
-  description = "The ID of the null resource"
-  value       = module.template_null_resource.template_null_resource_id
-}

examples/variables.tf

@@ -0,0 +1,24 @@
+##################################################
+# GitHub Provider Config
+##################################################
+
+variable "owner" {
+  description = "Target GitHub organization or individual user account to manage. (Required)"
+  type        = string
+}
+
+variable "token" {
+  description = "GitHub API Auth using OAuth or Personal Access Token. (Required)"
+  type        = string
+  sensitive   = true
+}
+
+##################################################
+# GitHub Organization
+##################################################
+
+variable "billing_email" {
+  description = "The billing email address for the GitHub Organization. (Required)"
+  type        = string
+  sensitive   = true
+}

examples/versions.tf

@@ -2,13 +2,9 @@ terraform {
   required_version = ">= 1.0"
 
   required_providers {
-    #    aws = {
-    #      source  = "hashicorp/aws"
-    #      version = ">= 4.0"
-    #    },
-    null = {
-      source  = "hashicorp/null"
-      version = ">= 3.0"
+    github = {
+      source  = "integrations/github"
+      version = "5.3.0"
     }
   }
 }