From edbf539b179ddc14c008facdecc7a5a2923e5b71 Mon Sep 17 00:00:00 2001 From: David Sibley Date: Fri, 6 Dec 2024 13:32:56 +0000 Subject: [PATCH 1/2] added optional configuration to keep squash merges tidy and ensure quality commit details --- terraform/github/modules/repository/main.tf | 40 ++++++++-------- .../github/modules/repository/variables.tf | 48 ++++++++++++------- terraform/github/repositories.tf | 2 + 3 files changed, 53 insertions(+), 37 deletions(-) diff --git a/terraform/github/modules/repository/main.tf b/terraform/github/modules/repository/main.tf index c3815daf1..029f09296 100644 --- a/terraform/github/modules/repository/main.tf +++ b/terraform/github/modules/repository/main.tf @@ -6,25 +6,27 @@ locals { # Repository basics resource "github_repository" "default" { - name = var.name - description = join(" • ", [var.description, "This repository is defined and managed in Terraform"]) - allow_merge_commit = true - allow_squash_merge = true - allow_rebase_merge = true - allow_update_branch = true - archived = false - archive_on_destroy = true - auto_init = false - delete_branch_on_merge = true - has_issues = true - has_projects = true - has_wiki = var.type == "core" ? true : false - has_downloads = true - homepage_url = var.homepage_url - is_template = var.type == "template" ? true : false - topics = concat(local.topics, var.topics) - visibility = var.visibility - vulnerability_alerts = true + name = var.name + description = join(" • ", [var.description, "This repository is defined and managed in Terraform"]) + allow_merge_commit = true + allow_squash_merge = true + allow_rebase_merge = true + allow_update_branch = true + archived = false + archive_on_destroy = true + auto_init = false + delete_branch_on_merge = true + has_issues = true + has_projects = true + has_wiki = var.type == "core" ? true : false + has_downloads = true + homepage_url = var.homepage_url + is_template = var.type == "template" ? true : false + squash_merge_commit_title = var.squash_merge_commit_message == true ? "PR_TITLE" : null + squash_merge_commit_message = var.squash_merge_commit_title == true ? "COMMIT_MESSAGES" : null + topics = concat(local.topics, var.topics) + visibility = var.visibility + vulnerability_alerts = true security_and_analysis { dynamic "advanced_security" { diff --git a/terraform/github/modules/repository/variables.tf b/terraform/github/modules/repository/variables.tf index b6f71abb6..125eacdf0 100644 --- a/terraform/github/modules/repository/variables.tf +++ b/terraform/github/modules/repository/variables.tf @@ -8,18 +8,48 @@ variable "description" { description = "Repository description" } +variable "dismissal_restrictions" { + type = list(string) + description = "The list of actor Names/IDs with dismissal access e.g. 'exampleorganization/exampleteam' or '/exampleuser'" + default = [] +} + variable "homepage_url" { type = string description = "Repository homepage URL" default = "" } +variable "required_checks" { + type = list(string) + description = "List of required checks" + default = [] +} + +variable "restrict_dismissals" { + type = bool + description = "Restrict pull request review dismissals" + default = false +} + variable "secrets" { type = map(any) description = "key:value map for GitHub actions secrets" default = {} } +variable "squash_merge_commit_message" { + type = bool + description = "Should squash merge commit message be set to MERGE_MESSAGE?" + default = false +} + +variable "squash_merge_commit_title" { + type = bool + description = "Should squash merge commit title be set to PR_TITLE?" + default = false +} + variable "topics" { type = list(string) description = "Repository topics, in addition to 'modernisation-platform', 'terraform-module', 'civil-service'" @@ -36,21 +66,3 @@ variable "visibility" { description = "Visibility type: `public`, `internal`, `private`" default = "public" } - -variable "required_checks" { - type = list(string) - description = "List of required checks" - default = [] -} - -variable "restrict_dismissals" { - type = bool - description = "Restrict pull request review dismissals" - default = false -} - -variable "dismissal_restrictions" { - type = list(string) - description = "The list of actor Names/IDs with dismissal access e.g. 'exampleorganization/exampleteam' or '/exampleuser'" - default = [] -} diff --git a/terraform/github/repositories.tf b/terraform/github/repositories.tf index ce2fe75f4..c77929aad 100644 --- a/terraform/github/repositories.tf +++ b/terraform/github/repositories.tf @@ -10,6 +10,8 @@ module "core" { "aws", "documentation" ] + squash_merge_commit_message = true + squash_merge_commit_title = true secrets = { # Terraform GitHub token for the CI/CD user TERRAFORM_GITHUB_TOKEN = data.aws_secretsmanager_secret_version.github_ci_user_token.secret_string From 17087ee45069e036f6d3dfce0f883d3e32744036 Mon Sep 17 00:00:00 2001 From: David Sibley Date: Fri, 6 Dec 2024 13:37:25 +0000 Subject: [PATCH 2/2] switched behaviour of squash messages and titles to true by default --- terraform/github/modules/repository/variables.tf | 4 ++-- terraform/github/repositories.tf | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/terraform/github/modules/repository/variables.tf b/terraform/github/modules/repository/variables.tf index 125eacdf0..c61795ba5 100644 --- a/terraform/github/modules/repository/variables.tf +++ b/terraform/github/modules/repository/variables.tf @@ -41,13 +41,13 @@ variable "secrets" { variable "squash_merge_commit_message" { type = bool description = "Should squash merge commit message be set to MERGE_MESSAGE?" - default = false + default = true } variable "squash_merge_commit_title" { type = bool description = "Should squash merge commit title be set to PR_TITLE?" - default = false + default = true } variable "topics" { diff --git a/terraform/github/repositories.tf b/terraform/github/repositories.tf index c77929aad..f7792fa75 100644 --- a/terraform/github/repositories.tf +++ b/terraform/github/repositories.tf @@ -10,8 +10,6 @@ module "core" { "aws", "documentation" ] - squash_merge_commit_message = true - squash_merge_commit_title = true secrets = { # Terraform GitHub token for the CI/CD user TERRAFORM_GITHUB_TOKEN = data.aws_secretsmanager_secret_version.github_ci_user_token.secret_string @@ -52,10 +50,12 @@ module "terraform-module-cross-account-access" { } module "terraform-module-environments" { - source = "./modules/repository" - name = "modernisation-platform-terraform-environments" - type = "module" - description = "Module for creating organizational units and accounts within AWS Organizations from JSON files" + source = "./modules/repository" + name = "modernisation-platform-terraform-environments" + type = "module" + description = "Module for creating organizational units and accounts within AWS Organizations from JSON files" + squash_merge_commit_message = false + squash_merge_commit_title = false topics = [ "organizational-units", "aws"