From 8a4fe5bec392b48fa180c50bfda2cde26a7395f4 Mon Sep 17 00:00:00 2001
From: "alexander.miehe" <alexander.miehe@flaconi.de>
Date: Wed, 14 Feb 2024 13:03:15 +0100
Subject: [PATCH 1/2] PLT-816 - Add support to set pull request by passers

---
 main.tf      | 1 +
 variables.tf | 1 +
 2 files changed, 2 insertions(+)

diff --git a/main.tf b/main.tf
index b633625..d8d144c 100644
--- a/main.tf
+++ b/main.tf
@@ -167,6 +167,7 @@ resource "github_branch_protection" "this" {
       dismissal_restrictions          = reviews.value["dismissal_restrictions"]
       require_code_owner_reviews      = reviews.value["require_code_owner_reviews"]
       required_approving_review_count = reviews.value["required_approving_review_count"]
+      pull_request_bypassers          = reviews.value["pull_request_bypassers"]
     }
   }
 }
diff --git a/variables.tf b/variables.tf
index 49afd2a..c23f86b 100644
--- a/variables.tf
+++ b/variables.tf
@@ -264,6 +264,7 @@ variable "default_branch_protection" {
       dismiss_stale_reviews           = optional(bool, true)
       restrict_dismissals             = optional(bool, false)
       dismissal_restrictions          = optional(list(string), [])
+      pull_request_bypassers          = optional(list(string), [])
       require_code_owner_reviews      = optional(bool, true)
       required_approving_review_count = optional(number, 1)
     }), {})

From d3d8d9a2f0a152ae024b6e1dbe7418e7fd4a5a93 Mon Sep 17 00:00:00 2001
From: "alexander.miehe" <alexander.miehe@flaconi.de>
Date: Wed, 14 Feb 2024 14:31:01 +0100
Subject: [PATCH 2/2] PLT-816 - Add support to set pull request by passers

* docs
---
 README.md    | 4 ++--
 variables.tf | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index d74ad6f..4767b23 100644
--- a/README.md
+++ b/README.md
@@ -180,10 +180,10 @@ module "example_repo" {
 | <a name="input_attributes"></a> [attributes](#input\_attributes) | Additional attributes (e.g. `policy` or `role`) | `list(string)` | `[]` | no |
 | <a name="input_auto_init"></a> [auto\_init](#input\_auto\_init) | Meaningful only during create; set  to `true` to produce an initial commit in the repository. | `bool` | `true` | no |
 | <a name="input_bot_secrets"></a> [bot\_secrets](#input\_bot\_secrets) | Repository dependabot secrets. | <pre>map(object({<br>    encrypted_value = optional(string)<br>    plaintext_value = optional(string)<br>  }))</pre> | `{}` | no |
-| <a name="input_branch_protection"></a> [branch\_protection](#input\_branch\_protection) | Branch protection settings. Use to set protection rules for branches different to default branch. | <pre>map(object({<br>    enforce_admins                  = optional(bool, true)<br>    allows_deletions                = optional(bool, false)<br>    allows_force_pushes             = optional(bool, false)<br>    require_signed_commits          = optional(bool, true)<br>    required_linear_history         = optional(bool, false)<br>    require_conversation_resolution = optional(bool, false)<br>    push_restrictions               = optional(list(string), [])<br>    required_status_enabled         = optional(bool, true)<br>    required_status_checks = optional(object({<br>      strict   = optional(bool, true)<br>      contexts = optional(list(string), [])<br>    }), {})<br>    required_pull_request_enabled = optional(bool, true)<br>    required_pull_request_reviews = optional(object({<br>      dismiss_stale_reviews           = optional(bool, true)<br>      restrict_dismissals             = optional(bool, false)<br>      dismissal_restrictions          = optional(list(string), [])<br>      require_code_owner_reviews      = optional(bool, true)<br>      required_approving_review_count = optional(number, 1)<br>    }), {})<br>  }))</pre> | `{}` | no |
+| <a name="input_branch_protection"></a> [branch\_protection](#input\_branch\_protection) | Branch protection settings. Use to set protection rules for branches different to default branch. | <pre>map(object({<br>    enforce_admins                  = optional(bool, true)<br>    allows_deletions                = optional(bool, false)<br>    allows_force_pushes             = optional(bool, false)<br>    require_signed_commits          = optional(bool, true)<br>    required_linear_history         = optional(bool, false)<br>    require_conversation_resolution = optional(bool, false)<br>    push_restrictions               = optional(list(string), [])<br>    required_status_enabled         = optional(bool, true)<br>    required_status_checks = optional(object({<br>      strict   = optional(bool, true)<br>      contexts = optional(list(string), [])<br>    }), {})<br>    required_pull_request_enabled = optional(bool, true)<br>    required_pull_request_reviews = optional(object({<br>      dismiss_stale_reviews           = optional(bool, true)<br>      restrict_dismissals             = optional(bool, false)<br>      dismissal_restrictions          = optional(list(string), [])<br>      pull_request_bypassers          = optional(list(string), [])<br>      require_code_owner_reviews      = optional(bool, true)<br>      required_approving_review_count = optional(number, 1)<br>    }), {})<br>  }))</pre> | `{}` | no |
 | <a name="input_collaborators"></a> [collaborators](#input\_collaborators) | Map of users with permissions. | `map(string)` | `{}` | no |
 | <a name="input_default_branch"></a> [default\_branch](#input\_default\_branch) | The repository's default branch. The branch should exist prio to apply. | `string` | `"main"` | no |
-| <a name="input_default_branch_protection"></a> [default\_branch\_protection](#input\_default\_branch\_protection) | Default branch protection settings. | <pre>object({<br>    enforce_admins                  = optional(bool, true)<br>    allows_deletions                = optional(bool, false)<br>    allows_force_pushes             = optional(bool, false)<br>    require_signed_commits          = optional(bool, true)<br>    required_linear_history         = optional(bool, false)<br>    require_conversation_resolution = optional(bool, false)<br>    push_restrictions               = optional(list(string), [])<br>    required_status_enabled         = optional(bool, true)<br>    required_status_checks = optional(object({<br>      strict   = optional(bool, true)<br>      contexts = optional(list(string), [])<br>    }), {})<br>    required_pull_request_enabled = optional(bool, true)<br>    required_pull_request_reviews = optional(object({<br>      dismiss_stale_reviews           = optional(bool, true)<br>      restrict_dismissals             = optional(bool, false)<br>      dismissal_restrictions          = optional(list(string), [])<br>      require_code_owner_reviews      = optional(bool, true)<br>      required_approving_review_count = optional(number, 1)<br>    }), {})<br>  })</pre> | `{}` | no |
+| <a name="input_default_branch_protection"></a> [default\_branch\_protection](#input\_default\_branch\_protection) | Default branch protection settings. | <pre>object({<br>    enforce_admins                  = optional(bool, true)<br>    allows_deletions                = optional(bool, false)<br>    allows_force_pushes             = optional(bool, false)<br>    require_signed_commits          = optional(bool, true)<br>    required_linear_history         = optional(bool, false)<br>    require_conversation_resolution = optional(bool, false)<br>    push_restrictions               = optional(list(string), [])<br>    required_status_enabled         = optional(bool, true)<br>    required_status_checks = optional(object({<br>      strict   = optional(bool, true)<br>      contexts = optional(list(string), [])<br>    }), {})<br>    required_pull_request_enabled = optional(bool, true)<br>    required_pull_request_reviews = optional(object({<br>      dismiss_stale_reviews           = optional(bool, true)<br>      restrict_dismissals             = optional(bool, false)<br>      dismissal_restrictions          = optional(list(string), [])<br>      pull_request_bypassers          = optional(list(string), [])<br>      require_code_owner_reviews      = optional(bool, true)<br>      required_approving_review_count = optional(number, 1)<br>    }), {})<br>  })</pre> | `{}` | no |
 | <a name="input_default_branch_protection_enabled"></a> [default\_branch\_protection\_enabled](#input\_default\_branch\_protection\_enabled) | Set to `false` if you want to disable branch protection for default branch | `bool` | `true` | no |
 | <a name="input_delete_branch_on_merge"></a> [delete\_branch\_on\_merge](#input\_delete\_branch\_on\_merge) | Automatically delete head branch after a pull request is merged. | `bool` | `true` | no |
 | <a name="input_delimiter"></a> [delimiter](#input\_delimiter) | Delimiter to be used between `name`, `namespace`, `tenant`, etc. | `string` | `"-"` | no |
diff --git a/variables.tf b/variables.tf
index c23f86b..ded4a21 100644
--- a/variables.tf
+++ b/variables.tf
@@ -292,6 +292,7 @@ variable "branch_protection" {
       dismiss_stale_reviews           = optional(bool, true)
       restrict_dismissals             = optional(bool, false)
       dismissal_restrictions          = optional(list(string), [])
+      pull_request_bypassers          = optional(list(string), [])
       require_code_owner_reviews      = optional(bool, true)
       required_approving_review_count = optional(number, 1)
     }), {})