-
-
Notifications
You must be signed in to change notification settings - Fork 689
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Standardise GitHub repo settings #1798
Comments
We could also use Pulumi, which has the advantage of using a regular programming language for the declarations instead of HCL. https://www.pulumi.com/registry/packages/github/ I'll have a tinker with both. |
I've played with Pulumi today, and managed to get it to configure team access to a couple of repos. Proof of concept code is here: https://github.com/cucumber/github-settings |
The first task I tried to take on with this was to give us declarative management of team-repo permissions. It seems that this just isn't possible at the moment. However, it should still be possible to use either Pulumi or Terraform to set up and manage the branch protection rules we need established for repos where we have release automation. I'll try that next. |
Perhaps this could be a better solution than Terraform: |
Sigh. Doesn't seem to support branch protection rules properly: repository-settings/app#227 |
@mattwynne any updates here? |
I haven't found any technology that can do it. I found https://github.com/repository-settings/app but last time I looked it had a bunch of usability problems (e.g. https://github.com/repository-settings/app#security-implications) and wasn't under active development. It looks like things may have picked up again, so it could still be an option. |
This could be worth a look: https://github.com/openedx/repo-tools/tree/master/edx_repo_tools/repo_checks |
Hi @mattwynne Did you consider Terraform CDK? It allows to describe resources in any programming language as well, and has rich support of GitHub, e.g. branch protection. |
It looks like they've fixed access management since I last looked at it so yeah that could be worth another look. |
As we break apart the monorepo (#1724) and implement release automation (#1688), it becomes increasingly difficult to manage the various branch protection rule and environment settings in each repo.
@mpkorstanje has suggested using Terraform to manage this config. Here's a blog post with some examples: https://www.mineiros.io/blog/how-to-manage-your-github-organization-with-terraform
The text was updated successfully, but these errors were encountered: