diff --git a/terraform/locals.tf b/terraform/locals.tf index c996ad5..7823d22 100644 --- a/terraform/locals.tf +++ b/terraform/locals.tf @@ -4,7 +4,7 @@ locals { advanced_security = false config = yamldecode(file("${path.module}/../github/${local.organization}.yml")) state = jsondecode(file("${path.module}/${local.organization}.tfstate.json")) - resources = { + sources = { "config" = { "github_membership" = { "this" = { @@ -154,4 +154,127 @@ locals { } }.managed } + resources = { + "github_membership" = { + for item in [ + for member, config in local.sources.config.github_membership.this : { + source = "config" + index = member + } + ] : item.index => local.sources[item.source].github_membership.this[item.index] + } + "github_repository" = { + for item in [ + for repository, config in local.sources.config.github_repository.this : + try(config.archived, false) ? { + source = "state" + index = repository + } : { + source = "config" + index = repository + } + ] : item.index => local.sources[item.source].github_repository.this[item.index] + } + "github_repository_collaborator" = { + for item in flatten([ + for repository, config in local.sources.config.github_repository.this : flatten([ + try(config.archived, false) ? [ + for member, config in try(local.sources.state.github_repository_collaborator.this, {}) : { + source = "state" + index = member + } if lower(config.repository) == repository + ] : [ + for member, config in local.sources.config.github_repository_collaborator.this : { + source = "config" + index = member + } if lower(config.repository) == repository + ] + ]) + ]) : item.index => local.sources[item.source].github_repository_collaborator.this[item.index] + } + "github_branch_protection" = { + for item in flatten([ + for repository, config in local.sources.config.github_repository.this : flatten([ + try(config.archived, false) ? [ + for branch_protection, config in try(local.sources.state.github_branch_protection.this, {}) : { + source = "state" + index = branch_protection + } if split(":", branch_protection)[0] == repository + ] : [ + for branch_protection, config in local.sources.config.github_branch_protection.this : { + source = "config" + index = branch_protection + } if lower(config.repository) == repository + ] + ]) + ]) : item.index => local.sources[item.source].github_branch_protection.this[item.index] + } + "github_team" = { + for item in [ + for team, config in local.sources.config.github_team.this : { + source = "config" + index = team + } + ] : item.index => local.sources[item.source].github_team.this[item.index] + } + "github_team_repository" = { + for item in flatten([ + for repository, config in local.sources.config.github_repository.this : flatten([ + try(config.archived, false) ? [ + for team, config in try(local.sources.state.github_team_repository.this, {}) : { + source = "state" + index = team + } if lower(config.repository) == repository + ] : [ + for team, config in local.sources.config.github_team_repository.this : { + source = "config" + index = team + } if lower(config.repository) == repository + ] + ]) + ]) : item.index => local.sources[item.source].github_team_repository.this[item.index] + } + "github_team_membership" = { + for item in [ + for member, config in local.sources.config.github_team_membership.this : { + source = "config" + index = member + } + ] : item.index => local.sources[item.source].github_team_membership.this[item.index] + } + "github_repository_file" = { + for item in flatten([ + for repository, config in local.sources.config.github_repository.this : flatten([ + try(config.archived, false) ? [ + for file, config in try(local.sources.state.github_repository_file.this, {}) : { + source = "state" + index = file + } if lower(config.repository) == repository + ] : [ + for file, config in local.sources.config.github_repository_file.this : { + source = try(local.sources.state.github_repository_file.this[file].content, "") == try(config.content, "") ? "state" : "config" + index = file + } if lower(config.repository) == repository + ] + ]) + ]) : item.index => local.sources[item.source].github_repository_file.this[item.index] + } + "github_issue_label" = { + for item in flatten([ + for repository, config in local.sources.config.github_repository.this : flatten([ + try(config.archived, false) ? [ + for label, config in try(local.sources.state.github_issue_label.this, {}) : { + source = "state" + index = label + } if lower(config.repository) == repository + ] : [ + for label, config in local.sources.config.github_issue_label.this : { + source = "config" + index = label + } if lower(config.repository) == repository + ] + ]) + ]) : item.index => local.sources[item.source].github_issue_label.this[item.index] + } + } } diff --git a/terraform/resources.tf b/terraform/resources.tf index d2f4d6c..ae1da7d 100644 --- a/terraform/resources.tf +++ b/terraform/resources.tf @@ -1,12 +1,5 @@ resource "github_membership" "this" { - for_each = { - for item in [ - for member, config in local.resources.config.github_membership.this : { - source = "config" - index = member - } - ] : item.index => local.resources[item.source].github_membership.this[item.index] - } + for_each = local.resources.github_membership username = each.value.username role = each.value.role @@ -18,18 +11,7 @@ resource "github_membership" "this" { } resource "github_repository" "this" { - for_each = { - for item in [ - for repository, config in local.resources.config.github_repository.this : - try(config.archived, false) ? { - source = "state" - index = repository - } : { - source = "config" - index = repository - } - ] : item.index => local.resources[item.source].github_repository.this[item.index] - } + for_each = local.resources.github_repository name = each.value.name allow_auto_merge = try(each.value.allow_auto_merge, null) @@ -114,23 +96,7 @@ resource "github_repository" "this" { } resource "github_repository_collaborator" "this" { - for_each = { - for item in flatten([ - for repository, config in local.resources.config.github_repository.this : flatten([ - try(config.archived, false) ? [ - for member, config in try(local.resources.state.github_repository_collaborator.this, {}) : { - source = "state" - index = member - } if lower(config.repository) == repository - ] : [ - for member, config in local.resources.config.github_repository_collaborator.this : { - source = "config" - index = member - } if lower(config.repository) == repository - ] - ]) - ]) : item.index => local.resources[item.source].github_repository_collaborator.this[item.index] - } + for_each = local.resources.github_repository_collaborator depends_on = [github_repository.this] @@ -144,23 +110,7 @@ resource "github_repository_collaborator" "this" { } resource "github_branch_protection" "this" { - for_each = { - for item in flatten([ - for repository, config in local.resources.config.github_repository.this : flatten([ - try(config.archived, false) ? [ - for branch_protection, config in try(local.resources.state.github_branch_protection.this, {}) : { - source = "state" - index = branch_protection - } if split(":", branch_protection)[0] == repository - ] : [ - for branch_protection, config in local.resources.config.github_branch_protection.this : { - source = "config" - index = branch_protection - } if lower(config.repository) == repository - ] - ]) - ]) : item.index => local.resources[item.source].github_branch_protection.this[item.index] - } + for_each = local.resources.github_branch_protection pattern = each.value.pattern @@ -197,14 +147,7 @@ resource "github_branch_protection" "this" { } resource "github_team" "this" { - for_each = { - for item in [ - for team, config in local.resources.config.github_team.this : { - source = "config" - index = team - } - ] : item.index => local.resources[item.source].github_team.this[item.index] - } + for_each = local.resources.github_team name = each.value.name @@ -219,23 +162,7 @@ resource "github_team" "this" { } resource "github_team_repository" "this" { - for_each = { - for item in flatten([ - for repository, config in local.resources.config.github_repository.this : flatten([ - try(config.archived, false) ? [ - for team, config in try(local.resources.state.github_team_repository.this, {}) : { - source = "state" - index = team - } if lower(config.repository) == repository - ] : [ - for team, config in local.resources.config.github_team_repository.this : { - source = "config" - index = team - } if lower(config.repository) == repository - ] - ]) - ]) : item.index => local.resources[item.source].github_team_repository.this[item.index] - } + for_each = local.resources.github_team_repository depends_on = [github_repository.this] @@ -250,14 +177,7 @@ resource "github_team_repository" "this" { } resource "github_team_membership" "this" { - for_each = { - for item in [ - for member, config in local.resources.config.github_team_membership.this : { - source = "config" - index = member - } - ] : item.index => local.resources[item.source].github_team_membership.this[item.index] - } + for_each = local.resources.github_team_membership username = each.value.username role = each.value.role @@ -270,23 +190,7 @@ resource "github_team_membership" "this" { } resource "github_repository_file" "this" { - for_each = { - for item in flatten([ - for repository, config in local.resources.config.github_repository.this : flatten([ - try(config.archived, false) ? [ - for file, config in try(local.resources.state.github_repository_file.this, {}) : { - source = "state" - index = file - } if lower(config.repository) == repository - ] : [ - for file, config in local.resources.config.github_repository_file.this : { - source = try(local.resources.state.github_repository_file.this[file].content, "") == try(config.content, "") ? "state" : "config" - index = file - } if lower(config.repository) == repository - ] - ]) - ]) : item.index => local.resources[item.source].github_repository_file.this[item.index] - } + for_each = local.resources.github_repository_file repository = each.value.repository file = each.value.file @@ -306,23 +210,7 @@ resource "github_repository_file" "this" { } resource "github_issue_label" "this" { - for_each = { - for item in flatten([ - for repository, config in local.resources.config.github_repository.this : flatten([ - try(config.archived, false) ? [ - for label, config in try(local.resources.state.github_issue_label.this, {}) : { - source = "state" - index = label - } if lower(config.repository) == repository - ] : [ - for label, config in local.resources.config.github_issue_label.this : { - source = "config" - index = label - } if lower(config.repository) == repository - ] - ]) - ]) : item.index => local.resources[item.source].github_issue_label.this[item.index] - } + for_each = local.resources.github_issue_label depends_on = [github_repository.this]