github.ActionsRepositoryPermissions

Explore with Pulumi AI

This resource allows you to enable and manage GitHub Actions permissions for a given repository. You must have admin access to an repository to use this resource.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Github = Pulumi.Github;

return await Deployment.RunAsync(() => 
{
    var example = new Github.Repository("example");

    var test = new Github.ActionsRepositoryPermissions("test", new()
    {
        AllowedActions = "selected",
        AllowedActionsConfig = new Github.Inputs.ActionsRepositoryPermissionsAllowedActionsConfigArgs
        {
            GithubOwnedAllowed = true,
            PatternsAlloweds = new[]
            {
                "actions/cache@*",
                "actions/checkout@*",
            },
            VerifiedAllowed = true,
        },
        Repository = example.Name,
    });

});
package main

import (
	"github.com/pulumi/pulumi-github/sdk/v5/go/github"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := github.NewRepository(ctx, "example", nil)
		if err != nil {
			return err
		}
		_, err = github.NewActionsRepositoryPermissions(ctx, "test", &github.ActionsRepositoryPermissionsArgs{
			AllowedActions: pulumi.String("selected"),
			AllowedActionsConfig: &github.ActionsRepositoryPermissionsAllowedActionsConfigArgs{
				GithubOwnedAllowed: pulumi.Bool(true),
				PatternsAlloweds: pulumi.StringArray{
					pulumi.String("actions/cache@*"),
					pulumi.String("actions/checkout@*"),
				},
				VerifiedAllowed: pulumi.Bool(true),
			},
			Repository: example.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.github.Repository;
import com.pulumi.github.ActionsRepositoryPermissions;
import com.pulumi.github.ActionsRepositoryPermissionsArgs;
import com.pulumi.github.inputs.ActionsRepositoryPermissionsAllowedActionsConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new Repository("example");

        var test = new ActionsRepositoryPermissions("test", ActionsRepositoryPermissionsArgs.builder()        
            .allowedActions("selected")
            .allowedActionsConfig(ActionsRepositoryPermissionsAllowedActionsConfigArgs.builder()
                .githubOwnedAllowed(true)
                .patternsAlloweds(                
                    "actions/cache@*",
                    "actions/checkout@*")
                .verifiedAllowed(true)
                .build())
            .repository(example.name())
            .build());

    }
}
import pulumi
import pulumi_github as github

example = github.Repository("example")
test = github.ActionsRepositoryPermissions("test",
    allowed_actions="selected",
    allowed_actions_config=github.ActionsRepositoryPermissionsAllowedActionsConfigArgs(
        github_owned_allowed=True,
        patterns_alloweds=[
            "actions/cache@*",
            "actions/checkout@*",
        ],
        verified_allowed=True,
    ),
    repository=example.name)
import * as pulumi from "@pulumi/pulumi";
import * as github from "@pulumi/github";

const example = new github.Repository("example", {});
const test = new github.ActionsRepositoryPermissions("test", {
    allowedActions: "selected",
    allowedActionsConfig: {
        githubOwnedAllowed: true,
        patternsAlloweds: [
            "actions/cache@*",
            "actions/checkout@*",
        ],
        verifiedAllowed: true,
    },
    repository: example.name,
});
resources:
  example:
    type: github:Repository
  test:
    type: github:ActionsRepositoryPermissions
    properties:
      allowedActions: selected
      allowedActionsConfig:
        githubOwnedAllowed: true
        patternsAlloweds:
          - actions/cache@*
          - actions/checkout@*
        verifiedAllowed: true
      repository: ${example.name}

Create ActionsRepositoryPermissions Resource

new ActionsRepositoryPermissions(name: string, args: ActionsRepositoryPermissionsArgs, opts?: CustomResourceOptions);
@overload
def ActionsRepositoryPermissions(resource_name: str,
                                 opts: Optional[ResourceOptions] = None,
                                 allowed_actions: Optional[str] = None,
                                 allowed_actions_config: Optional[ActionsRepositoryPermissionsAllowedActionsConfigArgs] = None,
                                 enabled: Optional[bool] = None,
                                 repository: Optional[str] = None)
@overload
def ActionsRepositoryPermissions(resource_name: str,
                                 args: ActionsRepositoryPermissionsArgs,
                                 opts: Optional[ResourceOptions] = None)
func NewActionsRepositoryPermissions(ctx *Context, name string, args ActionsRepositoryPermissionsArgs, opts ...ResourceOption) (*ActionsRepositoryPermissions, error)
public ActionsRepositoryPermissions(string name, ActionsRepositoryPermissionsArgs args, CustomResourceOptions? opts = null)
public ActionsRepositoryPermissions(String name, ActionsRepositoryPermissionsArgs args)
public ActionsRepositoryPermissions(String name, ActionsRepositoryPermissionsArgs args, CustomResourceOptions options)
type: github:ActionsRepositoryPermissions
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ActionsRepositoryPermissionsArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ActionsRepositoryPermissionsArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ActionsRepositoryPermissionsArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ActionsRepositoryPermissionsArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ActionsRepositoryPermissionsArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ActionsRepositoryPermissions Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ActionsRepositoryPermissions resource accepts the following input properties:

Repository string

The GitHub repository

AllowedActions string

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

AllowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

Enabled bool

Should GitHub actions be enabled on this repository?

Repository string

The GitHub repository

AllowedActions string

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

AllowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

Enabled bool

Should GitHub actions be enabled on this repository?

repository String

The GitHub repository

allowedActions String

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled Boolean

Should GitHub actions be enabled on this repository?

repository string

The GitHub repository

allowedActions string

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled boolean

Should GitHub actions be enabled on this repository?

repository str

The GitHub repository

allowed_actions str

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowed_actions_config ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled bool

Should GitHub actions be enabled on this repository?

repository String

The GitHub repository

allowedActions String

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowedActionsConfig Property Map

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled Boolean

Should GitHub actions be enabled on this repository?

Outputs

All input properties are implicitly available as output properties. Additionally, the ActionsRepositoryPermissions resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing ActionsRepositoryPermissions Resource

Get an existing ActionsRepositoryPermissions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ActionsRepositoryPermissionsState, opts?: CustomResourceOptions): ActionsRepositoryPermissions
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allowed_actions: Optional[str] = None,
        allowed_actions_config: Optional[ActionsRepositoryPermissionsAllowedActionsConfigArgs] = None,
        enabled: Optional[bool] = None,
        repository: Optional[str] = None) -> ActionsRepositoryPermissions
func GetActionsRepositoryPermissions(ctx *Context, name string, id IDInput, state *ActionsRepositoryPermissionsState, opts ...ResourceOption) (*ActionsRepositoryPermissions, error)
public static ActionsRepositoryPermissions Get(string name, Input<string> id, ActionsRepositoryPermissionsState? state, CustomResourceOptions? opts = null)
public static ActionsRepositoryPermissions get(String name, Output<String> id, ActionsRepositoryPermissionsState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AllowedActions string

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

AllowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

Enabled bool

Should GitHub actions be enabled on this repository?

Repository string

The GitHub repository

AllowedActions string

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

AllowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

Enabled bool

Should GitHub actions be enabled on this repository?

Repository string

The GitHub repository

allowedActions String

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled Boolean

Should GitHub actions be enabled on this repository?

repository String

The GitHub repository

allowedActions string

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowedActionsConfig ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled boolean

Should GitHub actions be enabled on this repository?

repository string

The GitHub repository

allowed_actions str

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowed_actions_config ActionsRepositoryPermissionsAllowedActionsConfigArgs

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled bool

Should GitHub actions be enabled on this repository?

repository str

The GitHub repository

allowedActions String

The permissions policy that controls the actions that are allowed to run. Can be one of: all, local_only, or selected.

allowedActionsConfig Property Map

Sets the actions that are allowed in an repository. Only available when allowed_actions = selected. See Allowed Actions Config below for details.

enabled Boolean

Should GitHub actions be enabled on this repository?

repository String

The GitHub repository

Supporting Types

ActionsRepositoryPermissionsAllowedActionsConfig

GithubOwnedAllowed bool

Whether GitHub-owned actions are allowed in the repository.

PatternsAlloweds List<string>

Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."

VerifiedAllowed bool

Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.

GithubOwnedAllowed bool

Whether GitHub-owned actions are allowed in the repository.

PatternsAlloweds []string

Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."

VerifiedAllowed bool

Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.

githubOwnedAllowed Boolean

Whether GitHub-owned actions are allowed in the repository.

patternsAlloweds List<String>

Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."

verifiedAllowed Boolean

Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.

githubOwnedAllowed boolean

Whether GitHub-owned actions are allowed in the repository.

patternsAlloweds string[]

Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."

verifiedAllowed boolean

Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.

github_owned_allowed bool

Whether GitHub-owned actions are allowed in the repository.

patterns_alloweds Sequence[str]

Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."

verified_allowed bool

Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.

githubOwnedAllowed Boolean

Whether GitHub-owned actions are allowed in the repository.

patternsAlloweds List<String>

Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."

verifiedAllowed Boolean

Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.

Import

This resource can be imported using the name of the GitHub repository

 $ pulumi import github:index/actionsRepositoryPermissions:ActionsRepositoryPermissions test my-repository

Package Details

Repository
GitHub pulumi/pulumi-github
License
Apache-2.0
Notes

This Pulumi package is based on the github Terraform Provider.