From c8c934f64fd11d09b60df26c403b18ae3aa6f354 Mon Sep 17 00:00:00 2001 From: Ali Abu Rub Date: Tue, 29 Jul 2025 19:01:32 +0300 Subject: [PATCH] Create branch-protection-rules test --- .../secure-source-manager-instance/README.md | 30 ++++++++++ .../examples/branch-protection-rules.yaml | 59 +++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 tests/modules/secure_source_manager_instance/examples/branch-protection-rules.yaml diff --git a/modules/secure-source-manager-instance/README.md b/modules/secure-source-manager-instance/README.md index 46889e210..f5ca75aec 100644 --- a/modules/secure-source-manager-instance/README.md +++ b/modules/secure-source-manager-instance/README.md @@ -10,6 +10,7 @@ This module allows to create a Secure Source Manager instance and repositories i - [Public instance with CMEK](#public-instance-with-cmek) - [Private instance](#private-instance) - [IAM](#iam) + - [Branch Protection Rules](#branch-protection-rules) - [Variables](#variables) - [Outputs](#outputs) @@ -145,6 +146,35 @@ module "ssm_instance" { } # tftest modules=1 resources=4 inventory=iam-bindings-additive.yaml ``` + +### Branch Protection Rules + +```hcl +module "ssm_instance" { + source = "./fabric/modules/secure-source-manager-instance" + project_id = var.project_id + instance_id = "my-instance" + location = var.region + ca_pool = "projects/another-project/locations/${var.region}/caPools/my-ca-pool" + repositories = { + my-repository = { + branch_rules = { + rule1 = { + disabled = false + include_pattern = "main" + require_pull_request = true + minimum_approvals_count = 1 + minimum_reviews_count = 1 + require_comments_resolved = true + allow_stale_reviews = false + require_linear_history = true + } + } + } + } +} +# tftest modules=1 resources=3 inventory=branch-protection-rules.yaml +``` ## Variables diff --git a/tests/modules/secure_source_manager_instance/examples/branch-protection-rules.yaml b/tests/modules/secure_source_manager_instance/examples/branch-protection-rules.yaml new file mode 100644 index 000000000..aadbb4685 --- /dev/null +++ b/tests/modules/secure_source_manager_instance/examples/branch-protection-rules.yaml @@ -0,0 +1,59 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.ssm_instance.google_secure_source_manager_branch_rule.branch_rules["my-repository.rule1"]: + allow_stale_reviews: false + branch_rule_id: rule1 + disabled: false + include_pattern: main + location: europe-west8 + minimum_approvals_count: 1 + minimum_reviews_count: 1 + project: project-id + repository_id: my-repository + require_comments_resolved: true + require_linear_history: true + require_pull_request: true + timeouts: null + module.ssm_instance.google_secure_source_manager_instance.instance[0]: + deletion_policy: DELETE + effective_labels: + goog-terraform-provisioned: 'true' + instance_id: my-instance + kms_key: null + labels: null + location: europe-west8 + private_config: + - ca_pool: projects/another-project/locations/europe-west8/caPools/my-ca-pool + is_private: true + project: project-id + terraform_labels: + goog-terraform-provisioned: 'true' + timeouts: null + workforce_identity_federation_config: [] + module.ssm_instance.google_secure_source_manager_repository.repositories["my-repository"]: + description: null + initial_config: [] + location: europe-west8 + project: project-id + repository_id: my-repository + timeouts: null + +counts: + google_secure_source_manager_branch_rule: 1 + google_secure_source_manager_instance: 1 + google_secure_source_manager_repository: 1 + modules: 1 + resources: 3 \ No newline at end of file