forked from concourse/governance
-
Notifications
You must be signed in to change notification settings - Fork 0
/
locals.tf
95 lines (81 loc) · 2.58 KB
/
locals.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
locals {
contributors = {
for f in fileset(path.module, "contributors/*.yml") :
trimsuffix(basename(f), ".yml") => yamldecode(file(f))
}
teams = {
for f in fileset(path.module, "teams/*.yml") :
trimsuffix(basename(f), ".yml") => yamldecode(file(f))
}
repos = {
for f in fileset(path.module, "repos/*.yml") :
trimsuffix(basename(f), ".yml") => yamldecode(file(f))
}
team_mail_recipients = {
for team in local.teams :
team.name => compact([
for person in try(team.members, []) :
try(local.contributors[person].email, "")
]) if length(try(team.members, [])) > 0
}
team_memberships = flatten([
for team in local.teams : [
for person in(try(team.all_contributors, false) ? keys(local.contributors) : team.members) : {
team_name = team.name
username = try(local.contributors[person].github, "")
role = "member"
} if try(local.contributors[person].github, "") != ""
]
])
team_repos = flatten([
for team in local.teams : [
for repo in try(team.repos, []) : {
team_name = team.name
repository = repo
permission = try(team.repo_permission, "maintain")
}
]
])
repo_collaborators = flatten([
for contributor in local.contributors : [
for repo, permission in try(contributor.repos, {}) : {
repository = repo
username = contributor.github
permission = permission
}
]
])
repo_branch_protections = flatten([
for repo in local.repos : [
for protection in try(repo.branch_protection, []) : {
repository_name = repo.name
pattern = protection.pattern
allows_deletions = try(protection.allows_deletions, false)
required_checks = try(protection.required_checks, [])
strict_checks = try(protection.strict_checks, false)
required_reviews = try(protection.required_reviews, 0)
dismiss_stale_reviews = try(protection.dismiss_stale_reviews, false)
require_code_owner_reviews = try(protection.require_code_owner_reviews, false)
}
]
])
repo_issue_labels = flatten([
for repo in local.repos : [
for label in try(repo.labels, []) : {
repository_name = repo.name
name = label.name
color = label.color
}
]
])
repo_deploy_keys = flatten([
for repo in local.repos : [
for key in try(repo.deploy_keys, []) : {
repository_name = repo.name
title = key.title
key = key.public_key
read_only = !try(key.writable, false)
}
]
])
}