-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvcs_defaults.tf
137 lines (127 loc) · 5.8 KB
/
vcs_defaults.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# ---------------------------------------------------------------------------------------------------------------------
# Main variables
# ---------------------------------------------------------------------------------------------------------------------
locals {
vcs_organization_name = var.vcs_organization_name != null && var.vcs_organization_name != "" ? var.vcs_organization_name : local.organization_name
vcs_configuration = { for provider in keys(local.vcs_configuration_defaults) :
provider => merge(
local.vcs_configuration_simple[provider],
local.vcs_configuration_complex[provider]
)
}
vcs_provider_configuration = local.vcs_provider_configuration_templates
}
# ---------------------------------------------------------------------------------------------------------------------
# Defaults
# ---------------------------------------------------------------------------------------------------------------------
locals {
vcs_provider_configuration_defaults_base = {
known_hosts = "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="
ssh_format = "ssh://[email protected]/${local.vcs_organization_name}/%s.git"
http_format = "https://github.com/${local.vcs_organization_name}/%s"
workflow_dir = ".github/workflows"
repo_templates = {
globalconfig = null
globalops = "Olivr/ostack-global-ops"
apps = "Olivr/ostack-ns-apps"
infra = "Olivr/ostack-ns-infra"
ops = "Olivr/ostack-ns-ops"
}
}
vcs_configuration_defaults_base = {
create = true
branch_default_name = "main"
branch_delete_on_merge = true
branch_protection = true
branch_protection_enforce_admins = true
branch_review_count = 0
branch_status_checks = ["Passed all CI tests"]
deploy_keys = {}
files = {}
files_strict = {}
repo_allow_merge_commit = false
repo_allow_rebase_merge = true
repo_allow_squash_merge = true
repo_archive_on_destroy = true
repo_auto_init = true
repo_enable_issues = true
repo_enable_projects = true
repo_enable_wikis = true
repo_homepage_url = null
repo_is_template = false
repo_issue_labels = {}
repo_private = true
repo_template = null
repo_vulnerability_alerts = true
sensitive_inputs = {}
tags = setunion(var.tags, [local.organization_name])
team_configuration = {
admin = []
maintain = []
read = []
write = []
}
repo_secrets = {
vcs_write_token = "sensitive::vcs_write_token"
}
file_templates = {
codeowners_header = <<-EOT
##
# ${local.i18n.file_template_header_1}
# ${local.i18n.file_template_header_2}
##
EOT
codeowners_footer = ""
}
}
vcs_configuration_defaults = {
github = merge(local.vcs_configuration_defaults_base, {
sensitive_inputs = {
vcs_write_token = try(sensitive(var.vcs_write_token.github), null)
}
})
}
vcs_provider_configuration_defaults = {
github = local.vcs_provider_configuration_defaults_base
}
}
# ---------------------------------------------------------------------------------------------------------------------
# Computations
# ---------------------------------------------------------------------------------------------------------------------
locals {
# Defaults for simple types
vcs_configuration_simple = { for provider, default_settings in local.vcs_configuration_defaults :
provider => { for setting, default_value in default_settings :
setting => try(var.vcs_configuration_base[provider][setting], null) != null ? var.vcs_configuration_base[provider][setting] : default_value
if !contains(["file_templates"], setting)
}
}
# Defaults for complex types
vcs_configuration_complex = { for provider, default_settings in local.vcs_configuration_defaults :
provider => {
file_templates = merge(default_settings.file_templates, try(var.vcs_configuration_base[provider].file_templates, null))
}
}
# Defaults for templates
vcs_provider_configuration_templates = { for provider, default_settings in local.vcs_provider_configuration_defaults :
provider => merge(default_settings, {
repo_templates = merge(
{ for id, template in default_settings.repo_templates :
id => try(var.vcs_configuration_base[provider].repo_templates[id], null) == null ? template : (
var.vcs_configuration_base[provider].repo_templates[id] == "" ? null : var.vcs_configuration_base[provider].repo_templates[id]
)
},
# if dev_mode is used, force templates
{ for id, template in local.dev :
replace(id, "/^template_/", "") => can(regex("^\\.", template)) ? null : template if can(regex("^template_", id))
}
)
})
}
# If local templates are used (in dev mode), prepare the files
vcs_templates_files = { for id, template in local.dev :
replace(id, "/^template_/", "") => { for file_path in fileset("${path.module}/${template}", "**") :
file_path => file("${path.module}/${template}/${file_path}")
} if can(regex("^template_", id)) && can(regex("^\\.", template))
}
}