import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as github from "@pulumi/github"; * * const exampleRepository = new github.Repository("example", {name: "test"}); * const example = github.getUser({ * username: "example", * }); * const exampleTeam = new github.Team("example", {name: "Example Name"}); * // Protect the main branch of the foo repository. Additionally, require that * // the "ci/travis" context to be passing and only allow the engineers team merge * // to the branch. * const exampleBranchProtection = new github.BranchProtection("example", { * repositoryId: exampleRepository.nodeId, * pattern: "main", * enforceAdmins: true, * allowsDeletions: true, * requiredStatusChecks: [{ * strict: false, * contexts: ["ci/travis"], * }], * requiredPullRequestReviews: [{ * dismissStaleReviews: true, * restrictDismissals: true, * dismissalRestrictions: [ * example.then(example => example.nodeId), * exampleTeam.nodeId, * "/exampleuser", * "exampleorganization/exampleteam", * ], * }], * restrictPushes: [{ * pushAllowances: [ * example.then(example => example.nodeId), * "/exampleuser", * "exampleorganization/exampleteam", * ], * }], * forcePushBypassers: [ * example.then(example => example.nodeId), * "/exampleuser", * "exampleorganization/exampleteam", * ], * }); * const exampleTeamRepository = new github.TeamRepository("example", { * teamId: exampleTeam.id, * repository: exampleRepository.name, * permission: "pull", * }); * ``` * * ## Import * * GitHub Branch Protection can be imported using an ID made up of `repository:pattern`, e.g. * * ```sh * $ pulumi import github:index/branchProtection:BranchProtection terraform terraform:main * ``` */ export declare class BranchProtection extends pulumi.CustomResource { /** * Get an existing BranchProtection resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: BranchProtectionState, opts?: pulumi.CustomResourceOptions): BranchProtection; /** * Returns true if the given object is an instance of BranchProtection. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is BranchProtection; /** * Boolean, setting this to `true` to allow the branch to be deleted. */ readonly allowsDeletions: pulumi.Output; /** * Boolean, setting this to `true` to allow force pushes on the branch to everyone. Set it to `false` if you specify `forcePushBypassers`. */ readonly allowsForcePushes: pulumi.Output; /** * Boolean, setting this to `true` enforces status checks for repository administrators. */ readonly enforceAdmins: pulumi.Output; /** * The list of actor Names/IDs that are allowed to bypass force push restrictions. Actor names must either begin with a "/" for users or the organization name followed by a "/" for teams. If the list is not empty, `allowsForcePushes` should be set to `false`. */ readonly forcePushBypassers: pulumi.Output; /** * Boolean, Setting this to `true` will make the branch read-only and preventing any pushes to it. Defaults to `false` */ readonly lockBranch: pulumi.Output; /** * Identifies the protection rule pattern. */ readonly pattern: pulumi.Output; /** * The name or node ID of the repository associated with this branch protection rule. */ readonly repositoryId: pulumi.Output; /** * Boolean, setting this to `true` requires all conversations on code must be resolved before a pull request can be merged. */ readonly requireConversationResolution: pulumi.Output; /** * Boolean, setting this to `true` requires all commits to be signed with GPG. */ readonly requireSignedCommits: pulumi.Output; /** * Boolean, setting this to `true` enforces a linear commit Git history, which prevents anyone from pushing merge commits to a branch */ readonly requiredLinearHistory: pulumi.Output; /** * Enforce restrictions for pull request reviews. See Required Pull Request Reviews below for details. */ readonly requiredPullRequestReviews: pulumi.Output; /** * Enforce restrictions for required status checks. See Required Status Checks below for details. */ readonly requiredStatusChecks: pulumi.Output; /** * Restrict pushes to matching branches. See Restrict Pushes below for details. */ readonly restrictPushes: pulumi.Output; /** * Create a BranchProtection resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: BranchProtectionArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering BranchProtection resources. */ export interface BranchProtectionState { /** * Boolean, setting this to `true` to allow the branch to be deleted. */ allowsDeletions?: pulumi.Input; /** * Boolean, setting this to `true` to allow force pushes on the branch to everyone. Set it to `false` if you specify `forcePushBypassers`. */ allowsForcePushes?: pulumi.Input; /** * Boolean, setting this to `true` enforces status checks for repository administrators. */ enforceAdmins?: pulumi.Input; /** * The list of actor Names/IDs that are allowed to bypass force push restrictions. Actor names must either begin with a "/" for users or the organization name followed by a "/" for teams. If the list is not empty, `allowsForcePushes` should be set to `false`. */ forcePushBypassers?: pulumi.Input[]>; /** * Boolean, Setting this to `true` will make the branch read-only and preventing any pushes to it. Defaults to `false` */ lockBranch?: pulumi.Input; /** * Identifies the protection rule pattern. */ pattern?: pulumi.Input; /** * The name or node ID of the repository associated with this branch protection rule. */ repositoryId?: pulumi.Input; /** * Boolean, setting this to `true` requires all conversations on code must be resolved before a pull request can be merged. */ requireConversationResolution?: pulumi.Input; /** * Boolean, setting this to `true` requires all commits to be signed with GPG. */ requireSignedCommits?: pulumi.Input; /** * Boolean, setting this to `true` enforces a linear commit Git history, which prevents anyone from pushing merge commits to a branch */ requiredLinearHistory?: pulumi.Input; /** * Enforce restrictions for pull request reviews. See Required Pull Request Reviews below for details. */ requiredPullRequestReviews?: pulumi.Input[]>; /** * Enforce restrictions for required status checks. See Required Status Checks below for details. */ requiredStatusChecks?: pulumi.Input[]>; /** * Restrict pushes to matching branches. See Restrict Pushes below for details. */ restrictPushes?: pulumi.Input[]>; } /** * The set of arguments for constructing a BranchProtection resource. */ export interface BranchProtectionArgs { /** * Boolean, setting this to `true` to allow the branch to be deleted. */ allowsDeletions?: pulumi.Input; /** * Boolean, setting this to `true` to allow force pushes on the branch to everyone. Set it to `false` if you specify `forcePushBypassers`. */ allowsForcePushes?: pulumi.Input; /** * Boolean, setting this to `true` enforces status checks for repository administrators. */ enforceAdmins?: pulumi.Input; /** * The list of actor Names/IDs that are allowed to bypass force push restrictions. Actor names must either begin with a "/" for users or the organization name followed by a "/" for teams. If the list is not empty, `allowsForcePushes` should be set to `false`. */ forcePushBypassers?: pulumi.Input[]>; /** * Boolean, Setting this to `true` will make the branch read-only and preventing any pushes to it. Defaults to `false` */ lockBranch?: pulumi.Input; /** * Identifies the protection rule pattern. */ pattern: pulumi.Input; /** * The name or node ID of the repository associated with this branch protection rule. */ repositoryId: pulumi.Input; /** * Boolean, setting this to `true` requires all conversations on code must be resolved before a pull request can be merged. */ requireConversationResolution?: pulumi.Input; /** * Boolean, setting this to `true` requires all commits to be signed with GPG. */ requireSignedCommits?: pulumi.Input; /** * Boolean, setting this to `true` enforces a linear commit Git history, which prevents anyone from pushing merge commits to a branch */ requiredLinearHistory?: pulumi.Input; /** * Enforce restrictions for pull request reviews. See Required Pull Request Reviews below for details. */ requiredPullRequestReviews?: pulumi.Input[]>; /** * Enforce restrictions for required status checks. See Required Status Checks below for details. */ requiredStatusChecks?: pulumi.Input[]>; /** * Restrict pushes to matching branches. See Restrict Pushes below for details. */ restrictPushes?: pulumi.Input[]>; }