Merge pull request #2 from dsodk/fix-org-projects-and-org-webhooks

fix-org-projects-and-org-webhooks
opencepk · Sep 26, 2022 · a46194e · a46194e
2 parents ad1f7ee + 4ac4567
commit a46194e
Show file tree

Hide file tree

Showing 9 changed files with 77 additions and 104 deletions.
diff --git a/README.md b/README.md
@@ -48,22 +48,16 @@ No modules.
 | <a name="input_blog_url"></a> [blog\_url](#input\_blog\_url) | The blog URL (https://example.com) for the GitHub Organization. (Optional) | `string` | `""` | no |
 | <a name="input_company"></a> [company](#input\_company) | The company name for the GitHub Organization. (Optional) | `string` | `""` | no |
 | <a name="input_create_github_organization"></a> [create\_github\_organization](#input\_create\_github\_organization) | Whether to create the GitHub Organization. | `bool` | `true` | no |
-| <a name="input_create_github_organization_project"></a> [create\_github\_organization\_project](#input\_create\_github\_organization\_project) | Whether to create projects in the GitHub Organization. | `bool` | `false` | no |
-| <a name="input_create_github_organization_webhook"></a> [create\_github\_organization\_webhook](#input\_create\_github\_organization\_webhook) | Whether to create webhooks in the GitHub Organization. | `bool` | `false` | no |
+| <a name="input_create_github_organization_project"></a> [create\_github\_organization\_project](#input\_create\_github\_organization\_project) | Whether to create Projects in the GitHub Organization. | `bool` | `false` | no |
+| <a name="input_create_github_organization_webhook"></a> [create\_github\_organization\_webhook](#input\_create\_github\_organization\_webhook) | Whether to create Webhooks in the GitHub Organization. | `bool` | `false` | no |
 | <a name="input_default_repository_permission"></a> [default\_repository\_permission](#input\_default\_repository\_permission) | The default permission [read\|write\|admin\|none] for GitHub Organization members to create new repositories . (Optional) | `string` | `"read"` | no |
 | <a name="input_dependabot_alerts_enabled_for_new_repositories"></a> [dependabot\_alerts\_enabled\_for\_new\_repositories](#input\_dependabot\_alerts\_enabled\_for\_new\_repositories) | Whether or not dependabot alerts are enabled for new repositories. (Optional) | `bool` | `false` | no |
 | <a name="input_dependabot_security_updates_enabled_for_new_repositories"></a> [dependabot\_security\_updates\_enabled\_for\_new\_repositories](#input\_dependabot\_security\_updates\_enabled\_for\_new\_repositories) | Whether or not dependabot security updates are enabled for new repositories. (Optional) | `bool` | `false` | no |
 | <a name="input_dependency_graph_enabled_for_new_repositories"></a> [dependency\_graph\_enabled\_for\_new\_repositories](#input\_dependency\_graph\_enabled\_for\_new\_repositories) | Whether or not dependency graph is enabled for new repositories. (Optional) | `bool` | `false` | no |
 | <a name="input_description"></a> [description](#input\_description) | The description for the GitHub Organization. (Optional) | `string` | `""` | no |
 | <a name="input_email"></a> [email](#input\_email) | The email address (example@example.com) for the GitHub Organization. (Optional) | `string` | `""` | no |
-| <a name="input_github_organization_project_body"></a> [github\_organization\_project\_body](#input\_github\_organization\_project\_body) | The body of the project. (Optional) | `string` | `""` | no |
-| <a name="input_github_organization_project_name"></a> [github\_organization\_project\_name](#input\_github\_organization\_project\_name) | The name of the project. (Required) | `string` | `""` | no |
-| <a name="input_github_organization_webhook_active"></a> [github\_organization\_webhook\_active](#input\_github\_organization\_webhook\_active) | Indicate of the webhook should receive events. (Optional) | `bool` | `true` | no |
-| <a name="input_github_organization_webhook_config_content_type"></a> [github\_organization\_webhook\_config\_content\_type](#input\_github\_organization\_webhook\_config\_content\_type) | The content type of the webhook. [form\|json] | `string` | `"form"` | no |
-| <a name="input_github_organization_webhook_config_insecure_ssl"></a> [github\_organization\_webhook\_config\_insecure\_ssl](#input\_github\_organization\_webhook\_config\_insecure\_ssl) | Whether to allow insecure\_ssl. | `bool` | `false` | no |
-| <a name="input_github_organization_webhook_config_secret"></a> [github\_organization\_webhook\_config\_secret](#input\_github\_organization\_webhook\_config\_secret) | Secret for the Webhook | `string` | `""` | no |
-| <a name="input_github_organization_webhook_config_url"></a> [github\_organization\_webhook\_config\_url](#input\_github\_organization\_webhook\_config\_url) | The URL of the webhook | `string` | `""` | no |
-| <a name="input_github_organization_webhook_events"></a> [github\_organization\_webhook\_events](#input\_github\_organization\_webhook\_events) | A list of events which should trigger the webhook. (Optional)<br>For list of valid events, visit https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#issues | `list(any)` | `[]` | no |
+| <a name="input_github_organization_projects"></a> [github\_organization\_projects](#input\_github\_organization\_projects) | Map of GitHub Organization Projects to create. (Optional) | `map(any)` | `{}` | no |
+| <a name="input_github_organization_webhooks"></a> [github\_organization\_webhooks](#input\_github\_organization\_webhooks) | Map of GitHub Organization Webhooks to create. (Optional)<br>For list of valid events, visit https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#issues | `map(any)` | `{}` | no |
 | <a name="input_has_organization_projects"></a> [has\_organization\_projects](#input\_has\_organization\_projects) | Whether or not organization projects are enabled for the GitHub Organization. (Optional) | `bool` | `true` | no |
 | <a name="input_has_repository_projects"></a> [has\_repository\_projects](#input\_has\_repository\_projects) | Whether or not repository projects are enabled for the GitHub Organization. (Optional) | `bool` | `true` | no |
 | <a name="input_location"></a> [location](#input\_location) | The location for the GitHub Organization. (Optional) | `string` | `""` | no |
@@ -85,9 +79,9 @@ No modules.
 
 | Name | Description |
 |------|-------------|
-| <a name="output_github_organization_project_url"></a> [github\_organization\_project\_url](#output\_github\_organization\_project\_url) | The URL of the project |
-| <a name="output_github_organization_settings_id"></a> [github\_organization\_settings\_id](#output\_github\_organization\_settings\_id) | The ID of the organization settings |
-| <a name="output_github_organization_webhook_url"></a> [github\_organization\_webhook\_url](#output\_github\_organization\_webhook\_url) | The URL of the webhook |
+| <a name="output_organization_project_url"></a> [organization\_project\_url](#output\_organization\_project\_url) | The URL of the project |
+| <a name="output_organization_settings_id"></a> [organization\_settings\_id](#output\_organization\_settings\_id) | The ID of the organization settings |
+| <a name="output_organization_webhook_url"></a> [organization\_webhook\_url](#output\_organization\_webhook\_url) | The URL of the webhook |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ## Authors

diff --git a/examples/README.md → examples/github_organizations/README.md b/examples/README.md → examples/github_organizations/README.md
@@ -34,7 +34,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_github_organization_settings"></a> [github\_organization\_settings](#module\_github\_organization\_settings) | ../ | n/a |
+| <a name="module_github_organizations"></a> [github\_organizations](#module\_github\_organizations) | ../.. | n/a |
 
 ## Resources
 
@@ -45,8 +45,8 @@ No resources.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_billing_email"></a> [billing\_email](#input\_billing\_email) | The billing email address for the GitHub Organization. (Required) | `string` | n/a | yes |
-| <a name="input_owner"></a> [owner](#input\_owner) | Target GitHub organization or individual user account to manage. (Required) | `string` | n/a | yes |
-| <a name="input_token"></a> [token](#input\_token) | GitHub API Auth using OAuth or Personal Access Token. (Required) | `string` | n/a | yes |
+| <a name="input_github_owner"></a> [github\_owner](#input\_github\_owner) | Target GitHub organization or individual user account to manage. (Required) | `string` | n/a | yes |
+| <a name="input_github_token"></a> [github\_token](#input\_github\_token) | GitHub API Auth using OAuth or Personal Access Token. (Required) | `string` | n/a | yes |
 
 ## Outputs
 

diff --git a/examples/deploy.tf → examples/github_organizations/deploy.tf b/examples/deploy.tf → examples/github_organizations/deploy.tf
@@ -1,28 +1,28 @@
 provider "github" {
 
-  owner = var.owner
-  token = var.token
-
-  #token    = var.github_token    # GITHUB_TOKEN    - GitHub API Auth using OAuth or Personal Access Token
+  token = var.github_token # GITHUB_TOKEN    - GitHub API Auth using OAuth or Personal Access Token
   #base_url = var.github_base_url # GITHUB_BASE_URL - Target GitHub base API endpoint. Required for GitHub Enterprise
-  #owner    = var.github_owner    # GITHUB_OWNER    - Target GitHub organization or individual user account to manage
+  owner = var.github_owner # GITHUB_OWNER    - Target GitHub organization or individual user account to manage
 
   #write_delay_ms = try(var.github_write_delay_ms, 1000) # Milliseconds to sleep between write ops for GitHub API Rate Limit
   #read_delay_ms  = try(var.github_read_delay_ms, 0)     # Milliseconds to sleep between read ops for GitHub API Rate Limit
 }
 
+locals {
+  billing_email = var.billing_email
+}
 ##################################################
 # GitHub Organization
 ##################################################
 
-module "github_organization_settings" {
-  source = "../"
+module "github_organizations" {
+  source = "../.."
 
-  billing_email = var.billing_email
+  billing_email = local.billing_email
   company       = "dsodk"
   email         = "terraform.module.test@dsodk.io"
-  location      = "Global"
   name          = "dsodk-test-github-org-module"
+  location      = "Global"
   description   = "Test organization used by example in dsodk-code-module-terraform-github-organization"
 
   default_repository_permission = "read"

diff --git a/examples/outputs.tf → examples/github_organizations/outputs.tf b/examples/outputs.tf → examples/github_organizations/outputs.tf
diff --git a/examples/variables.tf → examples/github_organizations/variables.tf b/examples/variables.tf → examples/github_organizations/variables.tf
@@ -2,15 +2,15 @@
 # GitHub Provider Config
 ##################################################
 
-variable "owner" {
-  description = "Target GitHub organization or individual user account to manage. (Required)"
+variable "github_token" {
+  description = "GitHub API Auth using OAuth or Personal Access Token. (Required)"
   type        = string
+  sensitive   = true
 }
 
-variable "token" {
-  description = "GitHub API Auth using OAuth or Personal Access Token. (Required)"
+variable "github_owner" {
+  description = "Target GitHub organization or individual user account to manage. (Required)"
   type        = string
-  sensitive   = true
 }
 
 ##################################################

diff --git a/examples/versions.tf → examples/github_organizations/versions.tf b/examples/versions.tf → examples/github_organizations/versions.tf
diff --git a/main.tf b/main.tf
@@ -40,27 +40,29 @@ resource "github_organization_settings" "this" {
 ##################################################
 
 resource "github_organization_project" "this" {
-  count = var.create_github_organization && var.create_github_organization_project ? 1 : 0
+  #count = var.create_github_organization && var.create_github_organization_project ? 1 : 0
+  for_each = var.create_github_organization_project ? var.github_organization_projects : {}
 
-  name = var.github_organization_project_name
-  body = var.github_organization_project_body
+  name = each.key
+  body = try(each.value.body, null)
 }
 
 ##################################################
 # GitHub Organization Webhook
 ##################################################
 
 resource "github_organization_webhook" "this" {
-  count = var.create_github_organization && var.create_github_organization_webhook ? 1 : 0
+  #count = var.create_github_organization && var.create_github_organization_webhook ? 1 : 0
+  for_each = var.create_github_organization_webhook ? var.github_organization_webhooks : {}
 
-  events = var.github_organization_webhook_events
+  events = each.value.events
 
   configuration {
-    url          = var.github_organization_webhook_config_url
-    content_type = var.github_organization_webhook_config_content_type
-    insecure_ssl = var.github_organization_webhook_config_insecure_ssl
-    secret       = var.github_organization_webhook_config_secret
+    url          = each.value.configuration.url
+    content_type = each.value.configuration.content_type
+    insecure_ssl = try(each.value.configuration.insecure_ssl, false)
+    secret       = try(each.value.configuration.secret, null)
   }
 
-  active = var.github_organization_webhook_active
+  active = try(each.value.active, true)
 }
diff --git a/outputs.tf b/outputs.tf
@@ -2,7 +2,7 @@
 # GitHub Organization
 ##################################################
 
-output "github_organization_settings_id" {
+output "organization_settings_id" {
   description = "The ID of the organization settings"
   value       = try(github_organization_settings.this[0].id, "")
 }
@@ -11,16 +11,16 @@ output "github_organization_settings_id" {
 # GitHub Organization Project
 ##################################################
 
-output "github_organization_project_url" {
+output "organization_project_url" {
   description = "The URL of the project"
-  value       = try(github_organization_project.this[0].url, "")
+  value       = try(github_organization_project.this, "")
 }
 
 ##################################################
 # GitHub Organization Webhook
 ##################################################
 
-output "github_organization_webhook_url" {
+output "organization_webhook_url" {
   description = "The URL of the webhook"
-  value       = try(github_organization_webhook.this[0].url, "")
+  value       = try(github_organization_webhook.this, "")
 }
diff --git a/variables.tf b/variables.tf
@@ -168,81 +168,58 @@ variable "secret_scanning_push_protection_enabled_for_new_repositories" {
 ##################################################
 
 variable "create_github_organization_project" {
-  description = "Whether to create projects in the GitHub Organization."
+  description = "Whether to create Projects in the GitHub Organization."
   type        = bool
   default     = false
 }
 
-variable "github_organization_project_name" {
-  description = "The name of the project. (Required)"
-  type        = string
-  default     = ""
-}
+variable "github_organization_projects" {
+  description = "Map of GitHub Organization Projects to create. (Optional)"
+  type        = map(any)
+  default     = {}
 
-variable "github_organization_project_body" {
-  description = "The body of the project. (Optional)"
-  type        = string
-  default     = ""
+  # type = object({
+  #   name = object({
+  #     body = optional(string)
+  #   })
+  # })
+
+  # github_organization_projects = {
+  #   my_org_project_name = {
+  #     body = "My Project Body"
+  #   },
+  #   my_org_project_name_2 = {
+  #     body = "My Project Body 2"
+  #   },
+  # }
 }
 
 ##################################################
 # GitHub Organization Webhook
 ##################################################
 
 variable "create_github_organization_webhook" {
-  description = "Whether to create webhooks in the GitHub Organization."
+  description = "Whether to create Webhooks in the GitHub Organization."
   type        = bool
   default     = false
 }
 
-#variable "github_organization_webhook_config" {
-#  description = "Map containing the config for this webhook. (Required)"
-#  type        = map(string)
-#  default     = {}
-#  #type = object({
-#  #  url = (string),
-#  #  content_type = (string, form),  # [form|json]
-#  #  insecure_ssl = (bool, false)
-#  #  secret       = optional(string)
-#  #})
-#}
-
-variable "github_organization_webhook_config_url" {
-  description = "The URL of the webhook"
-  type        = string
-  default     = ""
-}
-
-variable "github_organization_webhook_config_content_type" {
-  description = "The content type of the webhook. [form|json]"
-  type        = string
-  default     = "form"
-}
-
-variable "github_organization_webhook_config_insecure_ssl" {
-  description = "Whether to allow insecure_ssl."
-  type        = bool
-  default     = false
-}
-
-variable "github_organization_webhook_config_secret" {
-  description = "Secret for the Webhook"
-  type        = string
-  default     = ""
-  sensitive   = true
-}
-
-variable "github_organization_webhook_active" {
-  description = "Indicate of the webhook should receive events. (Optional)"
-  type        = bool
-  default     = true
-}
-
-variable "github_organization_webhook_events" {
+variable "github_organization_webhooks" {
   description = <<-EOT
-A list of events which should trigger the webhook. (Optional)
-For list of valid events, visit https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#issues
+    Map of GitHub Organization Webhooks to create. (Optional)
+    For list of valid events, visit https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#issues
 EOT
-  type        = list(any)
-  default     = []
+  type        = map(any)
+  default     = {}
+
+  # type = object({
+  #   events = (list[any])
+  #   configuration = object({
+  #     url = (string)
+  #     content_type = (string, form) # The content type of the webhook. [form|json]
+  #     insecure_ssl = optional(bool, false)
+  #     secret       = optional(string)
+  #   })
+  #   active = optional(bool, true)
+  # })
 }