PyPI - pulumi-github - Versions diffs - 6.11.0a1768542226__py3-none-any.whl → 6.12.0__py3-none-any.whl - Mend

pulumi-github 6.11.0a1768542226py3-none-any.whl → 6.12.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

pulumi_github/__init__.py +37 -0
pulumi_github/_inputs.py +527 -34
pulumi_github/actions_environment_secret.py +141 -12
pulumi_github/actions_environment_variable.py +73 -39
pulumi_github/actions_organization_permissions.py +50 -3
pulumi_github/actions_organization_secret.py +164 -55
pulumi_github/actions_organization_secret_repositories.py +44 -28
pulumi_github/actions_organization_secret_repository.py +44 -28
pulumi_github/actions_organization_variable.py +44 -47
pulumi_github/actions_organization_variable_repositories.py +262 -0
pulumi_github/actions_organization_variable_repository.py +262 -0
pulumi_github/actions_organization_workflow_permissions.py +320 -0
pulumi_github/actions_repository_permissions.py +50 -3
pulumi_github/actions_secret.py +176 -41
pulumi_github/actions_variable.py +65 -33
pulumi_github/app_installation_repositories.py +6 -6
pulumi_github/app_installation_repository.py +6 -6
pulumi_github/dependabot_organization_secret.py +128 -59
pulumi_github/dependabot_organization_secret_repositories.py +44 -36
pulumi_github/dependabot_organization_secret_repository.py +262 -0
pulumi_github/dependabot_secret.py +154 -41
pulumi_github/emu_group_mapping.py +62 -6
pulumi_github/get_ip_ranges.py +3 -0
pulumi_github/get_release_asset.py +370 -0
pulumi_github/get_repository.py +17 -2
pulumi_github/get_team.py +29 -13
pulumi_github/organization_ruleset.py +11 -17
pulumi_github/outputs.py +404 -25
pulumi_github/pulumi-plugin.json +1 -1
pulumi_github/repository.py +88 -23
pulumi_github/repository_custom_property.py +2 -2
pulumi_github/repository_environment.py +11 -11
pulumi_github/repository_environment_deployment_policy.py +4 -4
pulumi_github/repository_ruleset.py +7 -7
pulumi_github/team.py +70 -21
{pulumi_github-6.11.0a1768542226.dist-info → pulumi_github-6.12.0.dist-info}/METADATA +1 -1
{pulumi_github-6.11.0a1768542226.dist-info → pulumi_github-6.12.0.dist-info}/RECORD +39 -34
{pulumi_github-6.11.0a1768542226.dist-info → pulumi_github-6.12.0.dist-info}/WHEEL +1 -1
{pulumi_github-6.11.0a1768542226.dist-info → pulumi_github-6.12.0.dist-info}/top_level.txt +0 -0

pulumi_github/actions_organization_workflow_permissions.py ADDED Viewed

@@ -0,0 +1,320 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from . import _utilities
+__all__ = ['ActionsOrganizationWorkflowPermissionsArgs', 'ActionsOrganizationWorkflowPermissions']
+@pulumi.input_type
+class ActionsOrganizationWorkflowPermissionsArgs:
+    def __init__(__self__, *,
+                 organization_slug: pulumi.Input[_builtins.str],
+                 can_approve_pull_request_reviews: Optional[pulumi.Input[_builtins.bool]] = None,
+                 default_workflow_permissions: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        The set of arguments for constructing a ActionsOrganizationWorkflowPermissions resource.
+        :param pulumi.Input[_builtins.str] organization_slug: The slug of the organization.
+        :param pulumi.Input[_builtins.bool] can_approve_pull_request_reviews: Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        :param pulumi.Input[_builtins.str] default_workflow_permissions: The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        """
+        pulumi.set(__self__, "organization_slug", organization_slug)
+        if can_approve_pull_request_reviews is not None:
+            pulumi.set(__self__, "can_approve_pull_request_reviews", can_approve_pull_request_reviews)
+        if default_workflow_permissions is not None:
+            pulumi.set(__self__, "default_workflow_permissions", default_workflow_permissions)
+    @_builtins.property
+    @pulumi.getter(name="organizationSlug")
+    def organization_slug(self) -> pulumi.Input[_builtins.str]:
+        """
+        The slug of the organization.
+        """
+        return pulumi.get(self, "organization_slug")
+    @organization_slug.setter
+    def organization_slug(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "organization_slug", value)
+    @_builtins.property
+    @pulumi.getter(name="canApprovePullRequestReviews")
+    def can_approve_pull_request_reviews(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        """
+        return pulumi.get(self, "can_approve_pull_request_reviews")
+    @can_approve_pull_request_reviews.setter
+    def can_approve_pull_request_reviews(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "can_approve_pull_request_reviews", value)
+    @_builtins.property
+    @pulumi.getter(name="defaultWorkflowPermissions")
+    def default_workflow_permissions(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        """
+        return pulumi.get(self, "default_workflow_permissions")
+    @default_workflow_permissions.setter
+    def default_workflow_permissions(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "default_workflow_permissions", value)
+@pulumi.input_type
+class _ActionsOrganizationWorkflowPermissionsState:
+    def __init__(__self__, *,
+                 can_approve_pull_request_reviews: Optional[pulumi.Input[_builtins.bool]] = None,
+                 default_workflow_permissions: Optional[pulumi.Input[_builtins.str]] = None,
+                 organization_slug: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        Input properties used for looking up and filtering ActionsOrganizationWorkflowPermissions resources.
+        :param pulumi.Input[_builtins.bool] can_approve_pull_request_reviews: Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        :param pulumi.Input[_builtins.str] default_workflow_permissions: The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        :param pulumi.Input[_builtins.str] organization_slug: The slug of the organization.
+        """
+        if can_approve_pull_request_reviews is not None:
+            pulumi.set(__self__, "can_approve_pull_request_reviews", can_approve_pull_request_reviews)
+        if default_workflow_permissions is not None:
+            pulumi.set(__self__, "default_workflow_permissions", default_workflow_permissions)
+        if organization_slug is not None:
+            pulumi.set(__self__, "organization_slug", organization_slug)
+    @_builtins.property
+    @pulumi.getter(name="canApprovePullRequestReviews")
+    def can_approve_pull_request_reviews(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        """
+        return pulumi.get(self, "can_approve_pull_request_reviews")
+    @can_approve_pull_request_reviews.setter
+    def can_approve_pull_request_reviews(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "can_approve_pull_request_reviews", value)
+    @_builtins.property
+    @pulumi.getter(name="defaultWorkflowPermissions")
+    def default_workflow_permissions(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        """
+        return pulumi.get(self, "default_workflow_permissions")
+    @default_workflow_permissions.setter
+    def default_workflow_permissions(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "default_workflow_permissions", value)
+    @_builtins.property
+    @pulumi.getter(name="organizationSlug")
+    def organization_slug(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The slug of the organization.
+        """
+        return pulumi.get(self, "organization_slug")
+    @organization_slug.setter
+    def organization_slug(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "organization_slug", value)
+@pulumi.type_token("github:index/actionsOrganizationWorkflowPermissions:ActionsOrganizationWorkflowPermissions")
+class ActionsOrganizationWorkflowPermissions(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 can_approve_pull_request_reviews: Optional[pulumi.Input[_builtins.bool]] = None,
+                 default_workflow_permissions: Optional[pulumi.Input[_builtins.str]] = None,
+                 organization_slug: Optional[pulumi.Input[_builtins.str]] = None,
+                 __props__=None):
+        """
+        This resource allows you to manage GitHub Actions workflow permissions for a GitHub Organization account. This controls the default permissions granted to the GITHUB_TOKEN when running workflows and whether GitHub Actions can approve pull request reviews.
+        You must have organization admin access to use this resource.
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_github as github
+        # Basic workflow permissions configuration
+        example = github.ActionsOrganizationWorkflowPermissions("example",
+            organization_slug="my-organization",
+            default_workflow_permissions="read",
+            can_approve_pull_request_reviews=False)
+        # Allow write permissions and PR approvals
+        permissive = github.ActionsOrganizationWorkflowPermissions("permissive",
+            organization_slug="my-organization",
+            default_workflow_permissions="write",
+            can_approve_pull_request_reviews=True)
+        ```
+        ## Notes
+        > **Note:** This resource requires a GitHub Organization account and organization admin permissions.
+        When this resource is destroyed, the workflow permissions will be reset to safe defaults:
+        * `default_workflow_permissions` = `read`
+        * `can_approve_pull_request_reviews` = `false`
+        ## Import
+        Organization Actions workflow permissions can be imported using the organization slug:
+        ```sh
+        $ pulumi import github:index/actionsOrganizationWorkflowPermissions:ActionsOrganizationWorkflowPermissions example my-organization
+        ```
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.bool] can_approve_pull_request_reviews: Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        :param pulumi.Input[_builtins.str] default_workflow_permissions: The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        :param pulumi.Input[_builtins.str] organization_slug: The slug of the organization.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: ActionsOrganizationWorkflowPermissionsArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        This resource allows you to manage GitHub Actions workflow permissions for a GitHub Organization account. This controls the default permissions granted to the GITHUB_TOKEN when running workflows and whether GitHub Actions can approve pull request reviews.
+        You must have organization admin access to use this resource.
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_github as github
+        # Basic workflow permissions configuration
+        example = github.ActionsOrganizationWorkflowPermissions("example",
+            organization_slug="my-organization",
+            default_workflow_permissions="read",
+            can_approve_pull_request_reviews=False)
+        # Allow write permissions and PR approvals
+        permissive = github.ActionsOrganizationWorkflowPermissions("permissive",
+            organization_slug="my-organization",
+            default_workflow_permissions="write",
+            can_approve_pull_request_reviews=True)
+        ```
+        ## Notes
+        > **Note:** This resource requires a GitHub Organization account and organization admin permissions.
+        When this resource is destroyed, the workflow permissions will be reset to safe defaults:
+        * `default_workflow_permissions` = `read`
+        * `can_approve_pull_request_reviews` = `false`
+        ## Import
+        Organization Actions workflow permissions can be imported using the organization slug:
+        ```sh
+        $ pulumi import github:index/actionsOrganizationWorkflowPermissions:ActionsOrganizationWorkflowPermissions example my-organization
+        ```
+        :param str resource_name: The name of the resource.
+        :param ActionsOrganizationWorkflowPermissionsArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(ActionsOrganizationWorkflowPermissionsArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 can_approve_pull_request_reviews: Optional[pulumi.Input[_builtins.bool]] = None,
+                 default_workflow_permissions: Optional[pulumi.Input[_builtins.str]] = None,
+                 organization_slug: Optional[pulumi.Input[_builtins.str]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = ActionsOrganizationWorkflowPermissionsArgs.__new__(ActionsOrganizationWorkflowPermissionsArgs)
+            __props__.__dict__["can_approve_pull_request_reviews"] = can_approve_pull_request_reviews
+            __props__.__dict__["default_workflow_permissions"] = default_workflow_permissions
+            if organization_slug is None and not opts.urn:
+                raise TypeError("Missing required property 'organization_slug'")
+            __props__.__dict__["organization_slug"] = organization_slug
+        super(ActionsOrganizationWorkflowPermissions, __self__).__init__(
+            'github:index/actionsOrganizationWorkflowPermissions:ActionsOrganizationWorkflowPermissions',
+            resource_name,
+            __props__,
+            opts)
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            can_approve_pull_request_reviews: Optional[pulumi.Input[_builtins.bool]] = None,
+            default_workflow_permissions: Optional[pulumi.Input[_builtins.str]] = None,
+            organization_slug: Optional[pulumi.Input[_builtins.str]] = None) -> 'ActionsOrganizationWorkflowPermissions':
+        """
+        Get an existing ActionsOrganizationWorkflowPermissions resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.bool] can_approve_pull_request_reviews: Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        :param pulumi.Input[_builtins.str] default_workflow_permissions: The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        :param pulumi.Input[_builtins.str] organization_slug: The slug of the organization.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+        __props__ = _ActionsOrganizationWorkflowPermissionsState.__new__(_ActionsOrganizationWorkflowPermissionsState)
+        __props__.__dict__["can_approve_pull_request_reviews"] = can_approve_pull_request_reviews
+        __props__.__dict__["default_workflow_permissions"] = default_workflow_permissions
+        __props__.__dict__["organization_slug"] = organization_slug
+        return ActionsOrganizationWorkflowPermissions(resource_name, opts=opts, __props__=__props__)
+    @_builtins.property
+    @pulumi.getter(name="canApprovePullRequestReviews")
+    def can_approve_pull_request_reviews(self) -> pulumi.Output[Optional[_builtins.bool]]:
+        """
+        Whether GitHub Actions can approve pull request reviews. Defaults to `false`.
+        """
+        return pulumi.get(self, "can_approve_pull_request_reviews")
+    @_builtins.property
+    @pulumi.getter(name="defaultWorkflowPermissions")
+    def default_workflow_permissions(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The default workflow permissions granted to the GITHUB_TOKEN when running workflows. Can be `read` or `write`. Defaults to `read`.
+        """
+        return pulumi.get(self, "default_workflow_permissions")
+    @_builtins.property
+    @pulumi.getter(name="organizationSlug")
+    def organization_slug(self) -> pulumi.Output[_builtins.str]:
+        """
+        The slug of the organization.
+        """
+        return pulumi.get(self, "organization_slug")

pulumi_github/actions_repository_permissions.py CHANGED Viewed

@@ -24,13 +24,15 @@ class ActionsRepositoryPermissionsArgs:
                  repository: pulumi.Input[_builtins.str],
                  allowed_actions: Optional[pulumi.Input[_builtins.str]] = None,
                  allowed_actions_config: Optional[pulumi.Input['ActionsRepositoryPermissionsAllowedActionsConfigArgs']] = None,
-                 enabled: Optional[pulumi.Input[_builtins.bool]] = None):
+                 enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 sha_pinning_required: Optional[pulumi.Input[_builtins.bool]] = None):
         """
         The set of arguments for constructing a ActionsRepositoryPermissions resource.
         :param pulumi.Input[_builtins.str] repository: The GitHub repository
         :param pulumi.Input[_builtins.str] allowed_actions: The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
         :param pulumi.Input['ActionsRepositoryPermissionsAllowedActionsConfigArgs'] allowed_actions_config: Sets the actions that are allowed in an repository. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
         :param pulumi.Input[_builtins.bool] enabled: Should GitHub actions be enabled on this repository?
+        :param pulumi.Input[_builtins.bool] sha_pinning_required: Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
         """
         pulumi.set(__self__, "repository", repository)
         if allowed_actions is not None:
@@ -39,6 +41,8 @@ class ActionsRepositoryPermissionsArgs:
             pulumi.set(__self__, "allowed_actions_config", allowed_actions_config)
         if enabled is not None:
             pulumi.set(__self__, "enabled", enabled)
+        if sha_pinning_required is not None:
+            pulumi.set(__self__, "sha_pinning_required", sha_pinning_required)
     @_builtins.property
     @pulumi.getter
@@ -88,6 +92,18 @@ class ActionsRepositoryPermissionsArgs:
     def enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "enabled", value)
+    @_builtins.property
+    @pulumi.getter(name="shaPinningRequired")
+    def sha_pinning_required(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
+        """
+        return pulumi.get(self, "sha_pinning_required")
+    @sha_pinning_required.setter
+    def sha_pinning_required(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "sha_pinning_required", value)
 @pulumi.input_type
 class _ActionsRepositoryPermissionsState:
@@ -95,13 +111,15 @@ class _ActionsRepositoryPermissionsState:
                  allowed_actions: Optional[pulumi.Input[_builtins.str]] = None,
                  allowed_actions_config: Optional[pulumi.Input['ActionsRepositoryPermissionsAllowedActionsConfigArgs']] = None,
                  enabled: Optional[pulumi.Input[_builtins.bool]] = None,
-                 repository: Optional[pulumi.Input[_builtins.str]] = None):
+                 repository: Optional[pulumi.Input[_builtins.str]] = None,
+                 sha_pinning_required: Optional[pulumi.Input[_builtins.bool]] = None):
         """
         Input properties used for looking up and filtering ActionsRepositoryPermissions resources.
         :param pulumi.Input[_builtins.str] allowed_actions: The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
         :param pulumi.Input['ActionsRepositoryPermissionsAllowedActionsConfigArgs'] allowed_actions_config: Sets the actions that are allowed in an repository. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
         :param pulumi.Input[_builtins.bool] enabled: Should GitHub actions be enabled on this repository?
         :param pulumi.Input[_builtins.str] repository: The GitHub repository
+        :param pulumi.Input[_builtins.bool] sha_pinning_required: Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
         """
         if allowed_actions is not None:
             pulumi.set(__self__, "allowed_actions", allowed_actions)
@@ -111,6 +129,8 @@ class _ActionsRepositoryPermissionsState:
             pulumi.set(__self__, "enabled", enabled)
         if repository is not None:
             pulumi.set(__self__, "repository", repository)
+        if sha_pinning_required is not None:
+            pulumi.set(__self__, "sha_pinning_required", sha_pinning_required)
     @_builtins.property
     @pulumi.getter(name="allowedActions")
@@ -160,6 +180,18 @@ class _ActionsRepositoryPermissionsState:
     def repository(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "repository", value)
+    @_builtins.property
+    @pulumi.getter(name="shaPinningRequired")
+    def sha_pinning_required(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
+        """
+        return pulumi.get(self, "sha_pinning_required")
+    @sha_pinning_required.setter
+    def sha_pinning_required(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "sha_pinning_required", value)
 @pulumi.type_token("github:index/actionsRepositoryPermissions:ActionsRepositoryPermissions")
 class ActionsRepositoryPermissions(pulumi.CustomResource):
@@ -171,6 +203,7 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
                  allowed_actions_config: Optional[pulumi.Input[Union['ActionsRepositoryPermissionsAllowedActionsConfigArgs', 'ActionsRepositoryPermissionsAllowedActionsConfigArgsDict']]] = None,
                  enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  repository: Optional[pulumi.Input[_builtins.str]] = None,
+                 sha_pinning_required: Optional[pulumi.Input[_builtins.bool]] = None,
                  __props__=None):
         """
         This resource allows you to enable and manage GitHub Actions permissions for a given repository.
@@ -210,6 +243,7 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
         :param pulumi.Input[Union['ActionsRepositoryPermissionsAllowedActionsConfigArgs', 'ActionsRepositoryPermissionsAllowedActionsConfigArgsDict']] allowed_actions_config: Sets the actions that are allowed in an repository. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
         :param pulumi.Input[_builtins.bool] enabled: Should GitHub actions be enabled on this repository?
         :param pulumi.Input[_builtins.str] repository: The GitHub repository
+        :param pulumi.Input[_builtins.bool] sha_pinning_required: Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
         """
         ...
     @overload
@@ -268,6 +302,7 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
                  allowed_actions_config: Optional[pulumi.Input[Union['ActionsRepositoryPermissionsAllowedActionsConfigArgs', 'ActionsRepositoryPermissionsAllowedActionsConfigArgsDict']]] = None,
                  enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  repository: Optional[pulumi.Input[_builtins.str]] = None,
+                 sha_pinning_required: Optional[pulumi.Input[_builtins.bool]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -283,6 +318,7 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
             if repository is None and not opts.urn:
                 raise TypeError("Missing required property 'repository'")
             __props__.__dict__["repository"] = repository
+            __props__.__dict__["sha_pinning_required"] = sha_pinning_required
         super(ActionsRepositoryPermissions, __self__).__init__(
             'github:index/actionsRepositoryPermissions:ActionsRepositoryPermissions',
             resource_name,
@@ -296,7 +332,8 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
             allowed_actions: Optional[pulumi.Input[_builtins.str]] = None,
             allowed_actions_config: Optional[pulumi.Input[Union['ActionsRepositoryPermissionsAllowedActionsConfigArgs', 'ActionsRepositoryPermissionsAllowedActionsConfigArgsDict']]] = None,
             enabled: Optional[pulumi.Input[_builtins.bool]] = None,
-            repository: Optional[pulumi.Input[_builtins.str]] = None) -> 'ActionsRepositoryPermissions':
+            repository: Optional[pulumi.Input[_builtins.str]] = None,
+            sha_pinning_required: Optional[pulumi.Input[_builtins.bool]] = None) -> 'ActionsRepositoryPermissions':
         """
         Get an existing ActionsRepositoryPermissions resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -308,6 +345,7 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
         :param pulumi.Input[Union['ActionsRepositoryPermissionsAllowedActionsConfigArgs', 'ActionsRepositoryPermissionsAllowedActionsConfigArgsDict']] allowed_actions_config: Sets the actions that are allowed in an repository. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
         :param pulumi.Input[_builtins.bool] enabled: Should GitHub actions be enabled on this repository?
         :param pulumi.Input[_builtins.str] repository: The GitHub repository
+        :param pulumi.Input[_builtins.bool] sha_pinning_required: Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -317,6 +355,7 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
         __props__.__dict__["allowed_actions_config"] = allowed_actions_config
         __props__.__dict__["enabled"] = enabled
         __props__.__dict__["repository"] = repository
+        __props__.__dict__["sha_pinning_required"] = sha_pinning_required
         return ActionsRepositoryPermissions(resource_name, opts=opts, __props__=__props__)
     @_builtins.property
@@ -351,3 +390,11 @@ class ActionsRepositoryPermissions(pulumi.CustomResource):
         """
         return pulumi.get(self, "repository")
+    @_builtins.property
+    @pulumi.getter(name="shaPinningRequired")
+    def sha_pinning_required(self) -> pulumi.Output[_builtins.bool]:
+        """
+        Whether pinning to a specific SHA is required for all actions and reusable workflows in a repository.
+        """
+        return pulumi.get(self, "sha_pinning_required")

pulumi-github 6.11.0a1768542226__py3-none-any.whl → 6.12.0__py3-none-any.whl

pulumi-github 6.11.0a1768542226py3-none-any.whl → 6.12.0py3-none-any.whl