feat(refs): Add possibility to link optional ref_type (#41)

* feat(refs): Add possibility link another ref_type instead of only branch

* tests: Add new refs to docs and complete tests for pre-commit

Author: joli-sys

README.md

@@ -24,10 +24,18 @@ module "gitlab_oidc" {
 
   attach_read_only_policy = true
   gitlab_organisation     = "saidsef"
-  gitlab_repositories     = [{
-    name = "terraform-aws-gitlab-oidc",
-    branches = ["main", "pr-*", "*pull*", "*"]
-  }]
+  gitlab_repositories     = [
+  {
+      name     = "terraform-aws-gitlab-oidc",
+      refs     = ["main", "pr-*", "*pull*", "*"]
+      ref_type = "branch"
+    },
+    {
+      name     = "terraform-aws-gitlab-oidc",
+      refs     = ["*"]
+      ref_type = "tag"
+    }
+]
   tags                    = var.tags
 }
 ```

TERRAFORM.md

@@ -3,15 +3,15 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4 |
-| <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 4 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4, < 6 |
+| <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 4, < 6 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.47.0 |
-| <a name="provider_tls"></a> [tls](#provider\_tls) | 4.0.4 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.61.0 |
+| <a name="provider_tls"></a> [tls](#provider\_tls) | 4.0.5 |
 
 ## Modules
 
@@ -41,7 +41,7 @@ No modules.
 | <a name="input_enabled"></a> [enabled](#input\_enabled) | Enable creation of resources | `bool` | `true` | no |
 | <a name="input_force_detach_policies"></a> [force\_detach\_policies](#input\_force\_detach\_policies) | Force detachment of policies attached to the IAM role | `string` | `false` | no |
 | <a name="input_gitlab_organisation"></a> [gitlab\_organisation](#input\_gitlab\_organisation) | GitLab organisation name | `string` | n/a | yes |
-| <a name="input_gitlab_repositories"></a> [gitlab\_repositories](#input\_gitlab\_repositories) | List of GitLab repository name(s) and branche names or patterns | <pre>list(object({<br>    name     = string<br>    branches = list(string)<br>  }))</pre> | <pre>[<br>  {<br>    "branches": null,<br>    "name": null<br>  }<br>]</pre> | no |
+| <a name="input_gitlab_repositories"></a> [gitlab\_repositories](#input\_gitlab\_repositories) | List of GitLab repository name(s) and refs names or patterns | <pre>list(object({<br>    name     = string<br>    refs     = list(string)<br>    ref_type = string<br>  }))</pre> | <pre>[<br>  {<br>    "name": "",<br>    "ref_type": "",<br>    "refs": []<br>  }<br>]</pre> | no |
 | <a name="input_iam_role_name"></a> [iam\_role\_name](#input\_iam\_role\_name) | Name of the IAM role | `string` | `"gitlab-runner"` | no |
 | <a name="input_iam_role_path"></a> [iam\_role\_path](#input\_iam\_role\_path) | Path to the IAM role | `string` | `"/"` | no |
 | <a name="input_iam_role_permissions_boundary"></a> [iam\_role\_permissions\_boundary](#input\_iam\_role\_permissions\_boundary) | ARN of the permissions boundary to be used by the IAM role | `string` | `""` | no |
@@ -54,7 +54,7 @@ No modules.
 
 | Name | Description |
 |------|-------------|
-| <a name="output_repositories"></a> [repositories](#output\_repositories) | List of GitLab repositories and branches |
+| <a name="output_repositories"></a> [repositories](#output\_repositories) | List of GitLab repositories and refs |
 | <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | AWS IAM role ARN |
 | <a name="output_role_id"></a> [role\_id](#output\_role\_id) | AWS IAM role ID |
 | <a name="output_thumbprint"></a> [thumbprint](#output\_thumbprint) | GitLab certificates thumbprints |

current.tf

@@ -1,11 +1,12 @@
 data "aws_partition" "current" {}
 
 locals {
-  repositories_branches = flatten([
+  repositories_refs = flatten([
     for repo in var.gitlab_repositories : [
-      for branch in repo.branches : {
-        branch = branch
-        name   = repo.name
+      for ref in repo.refs : {
+        ref      = ref
+        name     = repo.name
+        ref_type = repo.ref_type
       }
     ]
   ])
@@ -18,7 +19,7 @@ data "aws_iam_policy_document" "assume_role" {
 
     condition {
       test     = "ForAnyValue:StringLike"
-      values   = [for repo in local.repositories_branches : format("project_path:%s/%s:ref_type:branch:ref:%s", var.gitlab_organisation, repo.name, repo.branch)]
+      values   = [for repo in local.repositories_refs : format("project_path:%s/%s:ref_type:%s:ref:%s", var.gitlab_organisation, repo.name, repo.ref_type, repo.ref)]
       variable = format("%s:sub", var.url)
     }
 

examples/complete/terraform.tfvars

@@ -5,8 +5,10 @@ enabled                 = true
 force_detach_policies   = false
 gitlab_organisation     = "saidsef"
 gitlab_repositories = [
-  { name     = "terraform-aws-gitlab-oidc",
-    branches = ["main", "pr-*", "*pull*", "*"]
+  {
+    name     = "example-repo"
+    refs     = ["main", "develop"] # Example list of refs
+    ref_type = "branch"            # Example ref_type
   }
 ]
 iam_role_name                 = "gitlab-runner"

examples/complete/variables.tf

@@ -43,13 +43,18 @@ variable "gitlab_organisation" {
 variable "gitlab_repositories" {
   type = list(object({
     name     = string
-    branches = list(string)
+    refs     = list(string)
+    ref_type = string
   }))
-  default = [{
-    branches = null
-    name     = null
-  }]
-  description = "List of GitLab repository name(s) and branche names or patterns"
+  default = [
+    {
+      name     = ""
+      refs     = []
+      ref_type = ""
+    }
+  ]
+
+  description = "List of GitLab repository name(s) and refs names or patterns"
 }
 
 variable "iam_role_name" {

outputs.tf

@@ -11,9 +11,9 @@ output "role_arn" {
 }
 
 output "repositories" {
-  value       = local.repositories_branches
+  value       = local.repositories_refs
   sensitive   = false
-  description = "List of GitLab repositories and branches"
+  description = "List of GitLab repositories and refs"
 }
 
 output "thumbprint" {

variables.tf

@@ -36,13 +36,17 @@ variable "gitlab_organisation" {
 variable "gitlab_repositories" {
   type = list(object({
     name     = string
-    branches = list(string)
+    refs     = list(string)
+    ref_type = string
   }))
-  default = [{
-    branches = null
-    name     = null
-  }]
-  description = "List of GitLab repository name(s) and branche names or patterns"
+  default = [
+    {
+      name     = ""
+      refs     = []
+      ref_type = ""
+    }
+  ]
+  description = "List of GitLab repository name(s) and refs names or patterns"
 }
 
 variable "iam_role_name" {

versions.tf

@@ -11,5 +11,5 @@ terraform {
     }
   }
 
-  required_version = "~> 1"
+  required_version = ">= 1.0.0"
 }