@pulumi/github 5.17.0 → 5.18.0-alpha.1695225306

package/types/input.d.ts

@@ -157,6 +157,243 @@ export interface BranchProtectionV3Restrictions {
      */
     users?: pulumi.Input<pulumi.Input<string>[]>;
 }
+export interface OrganizationRulesetBypassActor {
+    /**
+     * (Number) The ID of the actor that can bypass a ruleset
+     */
+    actorId: pulumi.Input<number>;
+    /**
+     * The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`.
+     */
+    actorType: pulumi.Input<string>;
+    /**
+     * (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pullRequest`.
+     */
+    bypassMode?: pulumi.Input<string>;
+}
+export interface OrganizationRulesetConditions {
+    /**
+     * (Block List, Min: 1, Max: 1) (see below for nested schema)
+     */
+    refName: pulumi.Input<inputs.OrganizationRulesetConditionsRefName>;
+    /**
+     * The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass. Conflicts with `repositoryName`.
+     */
+    repositoryId?: pulumi.Input<number>;
+    /**
+     * Conflicts with `repositoryId`. (see below for nested schema)
+     *
+     * One of `repositoryId` and `repositoryName` must be set for the rule to target any repositories.
+     */
+    repositoryName?: pulumi.Input<inputs.OrganizationRulesetConditionsRepositoryName>;
+}
+export interface OrganizationRulesetConditionsRefName {
+    /**
+     * (List of String) Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
+     */
+    excludes: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (List of String) Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
+     */
+    includes: pulumi.Input<pulumi.Input<string>[]>;
+}
+export interface OrganizationRulesetConditionsRepositoryName {
+    /**
+     * (List of String) Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
+     */
+    excludes: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (List of String) Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~ALL` to include all repositories.
+     */
+    inlcudes: pulumi.Input<pulumi.Input<string>[]>;
+    protected?: pulumi.Input<boolean>;
+}
+export interface OrganizationRulesetRules {
+    /**
+     * (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with `tagNamePattern` as it only applies to rulesets with target `branch`. (see below for nested schema)
+     */
+    branchNamePattern?: pulumi.Input<inputs.OrganizationRulesetRulesBranchNamePattern>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
+     */
+    commitAuthorEmailPattern?: pulumi.Input<inputs.OrganizationRulesetRulesCommitAuthorEmailPattern>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
+     */
+    commitMessagePattern?: pulumi.Input<inputs.OrganizationRulesetRulesCommitMessagePattern>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
+     */
+    committerEmailPattern?: pulumi.Input<inputs.OrganizationRulesetRulesCommitterEmailPattern>;
+    /**
+     * (Boolean) Only allow users with bypass permission to create matching refs.
+     */
+    creation?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Only allow users with bypass permissions to delete matching refs.
+     */
+    deletion?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Prevent users with push access from force pushing to branches.
+     */
+    nonFastForward?: pulumi.Input<boolean>;
+    /**
+     * (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
+     */
+    pullRequest?: pulumi.Input<inputs.OrganizationRulesetRulesPullRequest>;
+    /**
+     * (Boolean) Prevent merge commits from being pushed to matching branches.
+     */
+    requiredLinearHistory?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Commits pushed to matching branches must have verified signatures.
+     */
+    requiredSignatures?: pulumi.Input<boolean>;
+    /**
+     * (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
+     */
+    requiredStatusChecks?: pulumi.Input<inputs.OrganizationRulesetRulesRequiredStatusChecks>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with `branchNamePattern` as it only applies to rulesets with target `tag`. (see below for nested schema)
+     */
+    tagNamePattern?: pulumi.Input<inputs.OrganizationRulesetRulesTagNamePattern>;
+    /**
+     * (Boolean) Only allow users with bypass permission to update matching refs.
+     */
+    update?: pulumi.Input<boolean>;
+}
+export interface OrganizationRulesetRulesBranchNamePattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface OrganizationRulesetRulesCommitAuthorEmailPattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface OrganizationRulesetRulesCommitMessagePattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface OrganizationRulesetRulesCommitterEmailPattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface OrganizationRulesetRulesPullRequest {
+    /**
+     * (Boolean) New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to `false`.
+     */
+    dismissStaleReviewsOnPush?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Require an approving review in pull requests that modify files that have a designated code owner. Defaults to `false`.
+     */
+    requireCodeOwnerReview?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to `false`.
+     */
+    requireLastPushApproval?: pulumi.Input<boolean>;
+    /**
+     * (Number) The number of approving reviews that are required before a pull request can be merged. Defaults to `0`.
+     */
+    requiredApprovingReviewCount?: pulumi.Input<number>;
+    /**
+     * (Boolean) All conversations on code must be resolved before a pull request can be merged. Defaults to `false`.
+     */
+    requiredReviewThreadResolution?: pulumi.Input<boolean>;
+}
+export interface OrganizationRulesetRulesRequiredStatusChecks {
+    /**
+     * (Block Set, Min: 1) Status checks that are required. Several can be defined. (see below for nested schema)
+     */
+    requiredChecks: pulumi.Input<pulumi.Input<inputs.OrganizationRulesetRulesRequiredStatusChecksRequiredCheck>[]>;
+    /**
+     * (Boolean) Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to `false`.
+     */
+    strictRequiredStatusChecksPolicy?: pulumi.Input<boolean>;
+}
+export interface OrganizationRulesetRulesRequiredStatusChecksRequiredCheck {
+    /**
+     * (String) The status check context name that must be present on the commit.
+     */
+    context: pulumi.Input<string>;
+    /**
+     * (Number) The optional integration ID that this status check must originate from.
+     */
+    integrationId?: pulumi.Input<number>;
+}
+export interface OrganizationRulesetRulesTagNamePattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
 export interface OrganizationWebhookConfiguration {
     contentType?: pulumi.Input<string>;
     insecureSsl?: pulumi.Input<boolean>;
@@ -249,6 +486,236 @@ export interface RepositoryPagesSource {
      */
     path?: pulumi.Input<string>;
 }
+export interface RepositoryRulesetBypassActor {
+    /**
+     * (Number) The ID of the actor that can bypass a ruleset
+     */
+    actorId: pulumi.Input<number>;
+    /**
+     * The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`.
+     */
+    actorType: pulumi.Input<string>;
+    /**
+     * (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pullRequest`.
+     */
+    bypassMode?: pulumi.Input<string>;
+}
+export interface RepositoryRulesetConditions {
+    /**
+     * (Block List, Min: 1, Max: 1) (see below for nested schema)
+     */
+    refName: pulumi.Input<inputs.RepositoryRulesetConditionsRefName>;
+}
+export interface RepositoryRulesetConditionsRefName {
+    /**
+     * (List of String) Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
+     */
+    excludes: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (List of String) Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
+     */
+    includes: pulumi.Input<pulumi.Input<string>[]>;
+}
+export interface RepositoryRulesetRules {
+    /**
+     * (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with `tagNamePattern` as it only applied to rulesets with target `branch`. (see below for nested schema)
+     */
+    branchNamePattern?: pulumi.Input<inputs.RepositoryRulesetRulesBranchNamePattern>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
+     */
+    commitAuthorEmailPattern?: pulumi.Input<inputs.RepositoryRulesetRulesCommitAuthorEmailPattern>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
+     */
+    commitMessagePattern?: pulumi.Input<inputs.RepositoryRulesetRulesCommitMessagePattern>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
+     */
+    committerEmailPattern?: pulumi.Input<inputs.RepositoryRulesetRulesCommitterEmailPattern>;
+    /**
+     * (Boolean) Only allow users with bypass permission to create matching refs.
+     */
+    creation?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Only allow users with bypass permissions to delete matching refs.
+     */
+    deletion?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Prevent users with push access from force pushing to branches.
+     */
+    nonFastForward?: pulumi.Input<boolean>;
+    /**
+     * (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
+     */
+    pullRequest?: pulumi.Input<inputs.RepositoryRulesetRulesPullRequest>;
+    /**
+     * (Block List, Max: 1) Choose which environments must be successfully deployed to before branches can be merged into a branch that matches this rule. (see below for nested schema)
+     */
+    requiredDeployments?: pulumi.Input<inputs.RepositoryRulesetRulesRequiredDeployments>;
+    /**
+     * (Boolean) Prevent merge commits from being pushed to matching branches.
+     */
+    requiredLinearHistory?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Commits pushed to matching branches must have verified signatures.
+     */
+    requiredSignatures?: pulumi.Input<boolean>;
+    /**
+     * (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
+     */
+    requiredStatusChecks?: pulumi.Input<inputs.RepositoryRulesetRulesRequiredStatusChecks>;
+    /**
+     * (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with `branchNamePattern` as it only applied to rulesets with target `tag`. (see below for nested schema)
+     */
+    tagNamePattern?: pulumi.Input<inputs.RepositoryRulesetRulesTagNamePattern>;
+    /**
+     * (Boolean) Only allow users with bypass permission to update matching refs.
+     */
+    update?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Branch can pull changes from its upstream repository. This is only applicable to forked repositories. Requires `update` to be set to `true`. Note: behaviour is affected by a known bug on the GitHub side which may cause issues when using this parameter.
+     */
+    updateAllowsFetchAndMerge?: pulumi.Input<boolean>;
+}
+export interface RepositoryRulesetRulesBranchNamePattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface RepositoryRulesetRulesCommitAuthorEmailPattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface RepositoryRulesetRulesCommitMessagePattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface RepositoryRulesetRulesCommitterEmailPattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
+export interface RepositoryRulesetRulesPullRequest {
+    /**
+     * (Boolean) New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to `false`.
+     */
+    dismissStaleReviewsOnPush?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Require an approving review in pull requests that modify files that have a designated code owner. Defaults to `false`.
+     */
+    requireCodeOwnerReview?: pulumi.Input<boolean>;
+    /**
+     * (Boolean) Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to `false`.
+     */
+    requireLastPushApproval?: pulumi.Input<boolean>;
+    /**
+     * (Number) The number of approving reviews that are required before a pull request can be merged. Defaults to `0`.
+     */
+    requiredApprovingReviewCount?: pulumi.Input<number>;
+    /**
+     * (Boolean) All conversations on code must be resolved before a pull request can be merged. Defaults to `false`.
+     */
+    requiredReviewThreadResolution?: pulumi.Input<boolean>;
+}
+export interface RepositoryRulesetRulesRequiredDeployments {
+    /**
+     * (List of String) The environments that must be successfully deployed to before branches can be merged.
+     */
+    requiredDeploymentEnvironments: pulumi.Input<pulumi.Input<string>[]>;
+}
+export interface RepositoryRulesetRulesRequiredStatusChecks {
+    /**
+     * (Block Set, Min: 1) Status checks that are required. Several can be defined. (see below for nested schema)
+     */
+    requiredChecks: pulumi.Input<pulumi.Input<inputs.RepositoryRulesetRulesRequiredStatusChecksRequiredCheck>[]>;
+    /**
+     * (Boolean) Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to `false`.
+     */
+    strictRequiredStatusChecksPolicy?: pulumi.Input<boolean>;
+}
+export interface RepositoryRulesetRulesRequiredStatusChecksRequiredCheck {
+    /**
+     * (String) The status check context name that must be present on the commit.
+     */
+    context: pulumi.Input<string>;
+    /**
+     * (Number) The optional integration ID that this status check must originate from.
+     */
+    integrationId?: pulumi.Input<number>;
+}
+export interface RepositoryRulesetRulesTagNamePattern {
+    /**
+     * (String) The name of the ruleset.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * (Boolean) If true, the rule will fail if the pattern matches.
+     */
+    negate?: pulumi.Input<boolean>;
+    /**
+     * (String) The operator to use for matching. Can be one of: `startsWith`, `endsWith`, `contains`, `regex`.
+     */
+    operator: pulumi.Input<string>;
+    /**
+     * (String) The pattern to match with.
+     */
+    pattern: pulumi.Input<string>;
+}
 export interface RepositorySecurityAndAnalysis {
     /**
      * The advanced security configuration for the repository. See Advanced Security Configuration below for details. If a repository's visibility is `public`, advanced security is always enabled and cannot be changed, so this setting cannot be supplied.