Merge branch 'main' into code_formatter_2024_11_26_04_48

ministryofjustice · Nov 26, 2024 · e287916 · e287916
2 parents c89798c + 1eb1241
commit e287916
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 4 deletions.
diff --git a/terraform/github/locals.tf b/terraform/github/locals.tf
@@ -3,6 +3,12 @@
 data "http" "environments_file" {
   url = "https://raw.githubusercontent.com/ministryofjustice/modernisation-platform/main/environments/${local.testing_application_name}.json"
 }
+
+# Fetch all teams in the organization
+data "github_organization_teams" "all_teams" {
+  summary_only = true
+}
+
 locals {
   testing_application_name = "testing"
 
@@ -45,7 +51,7 @@ locals {
     "connormaglynn",
     "richgreen-moj",   # Richard Green
     "khatraf",         # Khatra Farah
-    "sukeshreddyg",    # Sukesh Reddy Gade 
+    "sukeshreddyg",    # Sukesh Reddy Gade
     "mikereiddigital", # Mike Reid
     "Kudzai-moj"       # Kudzai Mtoko
   ]
@@ -71,14 +77,19 @@ locals {
     }, jsondecode(file("../../environments/${file}")))
   ]
 
-  application_sso_group_names = concat(
+  all_team_slugs = [
+    for team in data.github_organization_teams.all_teams.teams : team.slug
+  ]
+
+  application_github_group_names = concat( # intentional rename: this is only applicable to Github teams
     ["all-org-members"],
     distinct(flatten([
       for application in local.environments_json : [
         for environment in application.environments : [
           for access in environment.access :
           access.sso_group_name
-          if application.account-type == "member" && !contains(["modernisation-platform", "modernisation-platform-engineers"], access.sso_group_name)
+          if application.account-type == "member" && !contains(["modernisation-platform", "modernisation-platform-engineers"], access.sso_group_name) &&
+          contains(local.all_team_slugs, access.sso_group_name) # Filter out invalid Github teams (ex. azure-aws-sso-*)
         ]
       ]
     ]))

diff --git a/terraform/github/teams.tf b/terraform/github/teams.tf
@@ -74,6 +74,6 @@ module "long-term-storage" {
 module "contributor-access" {
   for_each          = toset(local.modernisation_platform_repositories)
   source            = "./modules/contributor"
-  application_teams = local.application_sso_group_names
+  application_teams = local.application_github_group_names # Run only on valid Github teams
   repository_id     = each.key
 }