Add additional options from provider update (patch)

Author: lukiffer

modules/branch-protection/main.tf

@@ -18,11 +18,17 @@ terraform {
 # ---------------------------------------------------------------------------------------------------------------------
 
 resource "github_branch_protection" "branch_protection_rule" {
-  repository_id          = var.repository_id
-  pattern                = var.pattern
-  enforce_admins         = var.enforce_admins
-  require_signed_commits = var.require_signed_commits
-  push_restrictions      = var.push_restrictions
+  repository_id                   = var.repository_id
+  pattern                         = var.pattern
+  enforce_admins                  = var.enforce_admins
+  require_signed_commits          = var.require_signed_commits
+  push_restrictions               = var.push_restrictions
+  allows_deletions                = var.allows_deletions
+  blocks_creations                = var.blocks_creations
+  allows_force_pushes             = var.allows_force_pushes
+  lock_branch                     = var.lock_branch
+  required_linear_history         = var.require_linear_history
+  require_conversation_resolution = var.require_conversation_resolution
 
   required_status_checks {
     strict   = var.strict
@@ -34,5 +40,7 @@ resource "github_branch_protection" "branch_protection_rule" {
     require_code_owner_reviews      = var.require_code_owner_reviews
     dismissal_restrictions          = var.review_dismissal_restrictions
     required_approving_review_count = var.required_approving_review_count
+    pull_request_bypassers          = var.pull_request_bypassers
+    require_last_push_approval      = var.require_last_push_approval
   }
 }

modules/branch-protection/variables.tf

@@ -52,12 +52,49 @@ variable "require_signed_commits" {
   default     = true
 }
 
+variable "require_linear_history" {
+  description = "Setting this to `true` enforces a linear commit Git history, which prevents anyone from pushing merge commits to a branch."
+  type        = bool
+  default     = false
+}
+
+variable "require_conversation_resolution" {
+  description = "Setting this to `true` requires all conversations on code must be resolved before a pull request can be merged."
+  type        = bool
+  default     = true
+}
+
 variable "push_restrictions" {
   description = "A list of actor IDs that are explicitly permitted to push to the branch. Admins have this capability if `enforce_admins` is false."
   type        = set(string)
   default     = []
 }
 
+variable "allows_deletions" {
+  description = "Setting this to `true` allows the branch to be deleted."
+  type        = bool
+  default     = false
+}
+
+variable "blocks_creations" {
+  description = "Setting this to `true` will prevent creation of the branch."
+  type        = bool
+  default     = false
+}
+
+variable "allows_force_pushes" {
+  description = "Setting this to `true` allows the branch to accept for pushes."
+  type        = bool
+  default     = true
+}
+
+variable "lock_branch" {
+  description = "Setting this to `true` will make the branch read-only and prevent any pushes to it."
+  type        = bool
+  default     = false
+}
+
+
 variable "review_dismissal_restrictions" {
   description = "The list of actor IDs with dismissal access."
   type        = set(string)
@@ -69,3 +106,15 @@ variable "required_approving_review_count" {
   type        = number
   default     = 1
 }
+
+variable "pull_request_bypassers" {
+  description = "A list of actor names or IDs that are allowed to bypass pull request requirements. Actor names must either begin with a `/` for users or the organization name followed by a `/` for teams."
+  type        = set(string)
+  default     = []
+}
+
+variable "require_last_push_approval" {
+  description = "Require that the most recent push must be approved by someone other than the last pusher. Defaults to `false`."
+  type        = bool
+  default     = false
+}