Viewing docs for GitHub v6.13.1
published on Wednesday, Apr 29, 2026 by Pulumi
published on Wednesday, Apr 29, 2026 by Pulumi
Viewing docs for GitHub v6.13.1
published on Wednesday, Apr 29, 2026 by Pulumi
published on Wednesday, Apr 29, 2026 by Pulumi
Creates a GitHub organization ruleset.
This resource allows you to create and manage rulesets on the organization level. When applied, a new ruleset will be created. When destroyed, that ruleset will be removed.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as github from "@pulumi/github";
const example = new github.OrganizationRuleset("example", {
name: "example",
target: "branch",
enforcement: "active",
conditions: {
refName: {
includes: ["~ALL"],
excludes: [],
},
},
bypassActors: [{
actorId: 13473,
actorType: "Integration",
bypassMode: "always",
}],
rules: {
creation: true,
update: true,
deletion: true,
requiredLinearHistory: true,
requiredSignatures: true,
branchNamePattern: {
name: "example",
negate: false,
operator: "starts_with",
pattern: "ex",
},
requiredWorkflows: {
doNotEnforceOnCreate: true,
requiredWorkflows: [{
repositoryId: 1234,
path: ".github/workflows/ci.yml",
ref: "main",
}],
},
requiredCodeScanning: {
requiredCodeScanningTools: [{
alertsThreshold: "errors",
securityAlertsThreshold: "high_or_higher",
tool: "CodeQL",
}],
},
},
});
// Example with push ruleset
// Note: Push targets must NOT have ref_name in conditions, only repository_name or repository_id
const examplePush = new github.OrganizationRuleset("example_push", {
name: "example_push",
target: "push",
enforcement: "active",
conditions: {
repositoryName: {
includes: ["~ALL"],
excludes: [],
},
},
rules: {
filePathRestriction: {
restrictedFilePaths: [
".github/workflows/*",
"*.env",
],
},
maxFileSize: {
maxFileSize: 100,
},
maxFilePathLength: {
maxFilePathLength: 255,
},
fileExtensionRestriction: {
restrictedFileExtensions: [
"*.exe",
"*.dll",
"*.so",
],
},
},
});
// Example with repository_property targeting
const exampleProperty = new github.OrganizationRuleset("example_property", {
name: "example_property",
target: "branch",
enforcement: "active",
conditions: {
refName: {
includes: ["~ALL"],
excludes: [],
},
repositoryProperty: {
includes: [
{
name: "environment",
propertyValues: [
"production",
"staging",
],
source: "custom",
},
{
name: "team",
propertyValues: ["backend"],
source: "custom",
},
],
excludes: [{
name: "archived",
propertyValues: ["true"],
source: "system",
}],
},
},
rules: {
requiredSignatures: true,
pullRequest: {},
},
});
import pulumi
import pulumi_github as github
example = github.OrganizationRuleset("example",
name="example",
target="branch",
enforcement="active",
conditions={
"ref_name": {
"includes": ["~ALL"],
"excludes": [],
},
},
bypass_actors=[{
"actor_id": 13473,
"actor_type": "Integration",
"bypass_mode": "always",
}],
rules={
"creation": True,
"update": True,
"deletion": True,
"required_linear_history": True,
"required_signatures": True,
"branch_name_pattern": {
"name": "example",
"negate": False,
"operator": "starts_with",
"pattern": "ex",
},
"required_workflows": {
"do_not_enforce_on_create": True,
"required_workflows": [{
"repository_id": 1234,
"path": ".github/workflows/ci.yml",
"ref": "main",
}],
},
"required_code_scanning": {
"required_code_scanning_tools": [{
"alerts_threshold": "errors",
"security_alerts_threshold": "high_or_higher",
"tool": "CodeQL",
}],
},
})
# Example with push ruleset
# Note: Push targets must NOT have ref_name in conditions, only repository_name or repository_id
example_push = github.OrganizationRuleset("example_push",
name="example_push",
target="push",
enforcement="active",
conditions={
"repository_name": {
"includes": ["~ALL"],
"excludes": [],
},
},
rules={
"file_path_restriction": {
"restricted_file_paths": [
".github/workflows/*",
"*.env",
],
},
"max_file_size": {
"max_file_size": 100,
},
"max_file_path_length": {
"max_file_path_length": 255,
},
"file_extension_restriction": {
"restricted_file_extensions": [
"*.exe",
"*.dll",
"*.so",
],
},
})
# Example with repository_property targeting
example_property = github.OrganizationRuleset("example_property",
name="example_property",
target="branch",
enforcement="active",
conditions={
"ref_name": {
"includes": ["~ALL"],
"excludes": [],
},
"repository_property": {
"includes": [
{
"name": "environment",
"property_values": [
"production",
"staging",
],
"source": "custom",
},
{
"name": "team",
"property_values": ["backend"],
"source": "custom",
},
],
"excludes": [{
"name": "archived",
"property_values": ["true"],
"source": "system",
}],
},
},
rules={
"required_signatures": True,
"pull_request": {},
})
package main
import (
"github.com/pulumi/pulumi-github/sdk/v6/go/github"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := github.NewOrganizationRuleset(ctx, "example", &github.OrganizationRulesetArgs{
Name: pulumi.String("example"),
Target: pulumi.String("branch"),
Enforcement: pulumi.String("active"),
Conditions: &github.OrganizationRulesetConditionsArgs{
RefName: &github.OrganizationRulesetConditionsRefNameArgs{
Includes: pulumi.StringArray{
pulumi.String("~ALL"),
},
Excludes: pulumi.StringArray{},
},
},
BypassActors: github.OrganizationRulesetBypassActorArray{
&github.OrganizationRulesetBypassActorArgs{
ActorId: pulumi.Int(13473),
ActorType: pulumi.String("Integration"),
BypassMode: pulumi.String("always"),
},
},
Rules: &github.OrganizationRulesetRulesArgs{
Creation: pulumi.Bool(true),
Update: pulumi.Bool(true),
Deletion: pulumi.Bool(true),
RequiredLinearHistory: pulumi.Bool(true),
RequiredSignatures: pulumi.Bool(true),
BranchNamePattern: &github.OrganizationRulesetRulesBranchNamePatternArgs{
Name: pulumi.String("example"),
Negate: pulumi.Bool(false),
Operator: pulumi.String("starts_with"),
Pattern: pulumi.String("ex"),
},
RequiredWorkflows: &github.OrganizationRulesetRulesRequiredWorkflowsArgs{
DoNotEnforceOnCreate: pulumi.Bool(true),
RequiredWorkflows: github.OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArray{
&github.OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs{
RepositoryId: pulumi.Int(1234),
Path: pulumi.String(".github/workflows/ci.yml"),
Ref: pulumi.String("main"),
},
},
},
RequiredCodeScanning: &github.OrganizationRulesetRulesRequiredCodeScanningArgs{
RequiredCodeScanningTools: github.OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArray{
&github.OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs{
AlertsThreshold: pulumi.String("errors"),
SecurityAlertsThreshold: pulumi.String("high_or_higher"),
Tool: pulumi.String("CodeQL"),
},
},
},
},
})
if err != nil {
return err
}
// Example with push ruleset
// Note: Push targets must NOT have ref_name in conditions, only repository_name or repository_id
_, err = github.NewOrganizationRuleset(ctx, "example_push", &github.OrganizationRulesetArgs{
Name: pulumi.String("example_push"),
Target: pulumi.String("push"),
Enforcement: pulumi.String("active"),
Conditions: &github.OrganizationRulesetConditionsArgs{
RepositoryName: &github.OrganizationRulesetConditionsRepositoryNameArgs{
Includes: pulumi.StringArray{
pulumi.String("~ALL"),
},
Excludes: pulumi.StringArray{},
},
},
Rules: &github.OrganizationRulesetRulesArgs{
FilePathRestriction: &github.OrganizationRulesetRulesFilePathRestrictionArgs{
RestrictedFilePaths: pulumi.StringArray{
pulumi.String(".github/workflows/*"),
pulumi.String("*.env"),
},
},
MaxFileSize: &github.OrganizationRulesetRulesMaxFileSizeArgs{
MaxFileSize: pulumi.Int(100),
},
MaxFilePathLength: &github.OrganizationRulesetRulesMaxFilePathLengthArgs{
MaxFilePathLength: pulumi.Int(255),
},
FileExtensionRestriction: &github.OrganizationRulesetRulesFileExtensionRestrictionArgs{
RestrictedFileExtensions: pulumi.StringArray{
pulumi.String("*.exe"),
pulumi.String("*.dll"),
pulumi.String("*.so"),
},
},
},
})
if err != nil {
return err
}
// Example with repository_property targeting
_, err = github.NewOrganizationRuleset(ctx, "example_property", &github.OrganizationRulesetArgs{
Name: pulumi.String("example_property"),
Target: pulumi.String("branch"),
Enforcement: pulumi.String("active"),
Conditions: &github.OrganizationRulesetConditionsArgs{
RefName: &github.OrganizationRulesetConditionsRefNameArgs{
Includes: pulumi.StringArray{
pulumi.String("~ALL"),
},
Excludes: pulumi.StringArray{},
},
RepositoryProperty: &github.OrganizationRulesetConditionsRepositoryPropertyArgs{
Includes: github.OrganizationRulesetConditionsRepositoryPropertyIncludeArray{
&github.OrganizationRulesetConditionsRepositoryPropertyIncludeArgs{
Name: pulumi.String("environment"),
PropertyValues: pulumi.StringArray{
pulumi.String("production"),
pulumi.String("staging"),
},
Source: pulumi.String("custom"),
},
&github.OrganizationRulesetConditionsRepositoryPropertyIncludeArgs{
Name: pulumi.String("team"),
PropertyValues: pulumi.StringArray{
pulumi.String("backend"),
},
Source: pulumi.String("custom"),
},
},
Excludes: github.OrganizationRulesetConditionsRepositoryPropertyExcludeArray{
&github.OrganizationRulesetConditionsRepositoryPropertyExcludeArgs{
Name: pulumi.String("archived"),
PropertyValues: pulumi.StringArray{
pulumi.String("true"),
},
Source: pulumi.String("system"),
},
},
},
},
Rules: &github.OrganizationRulesetRulesArgs{
RequiredSignatures: pulumi.Bool(true),
PullRequest: &github.OrganizationRulesetRulesPullRequestArgs{},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Github = Pulumi.Github;
return await Deployment.RunAsync(() =>
{
var example = new Github.Index.OrganizationRuleset("example", new()
{
Name = "example",
Target = "branch",
Enforcement = "active",
Conditions = new Github.Inputs.OrganizationRulesetConditionsArgs
{
RefName = new Github.Inputs.OrganizationRulesetConditionsRefNameArgs
{
Includes = new[]
{
"~ALL",
},
Excludes = new() { },
},
},
BypassActors = new[]
{
new Github.Inputs.OrganizationRulesetBypassActorArgs
{
ActorId = 13473,
ActorType = "Integration",
BypassMode = "always",
},
},
Rules = new Github.Inputs.OrganizationRulesetRulesArgs
{
Creation = true,
Update = true,
Deletion = true,
RequiredLinearHistory = true,
RequiredSignatures = true,
BranchNamePattern = new Github.Inputs.OrganizationRulesetRulesBranchNamePatternArgs
{
Name = "example",
Negate = false,
Operator = "starts_with",
Pattern = "ex",
},
RequiredWorkflows = new Github.Inputs.OrganizationRulesetRulesRequiredWorkflowsArgs
{
DoNotEnforceOnCreate = true,
RequiredWorkflows = new[]
{
new Github.Inputs.OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs
{
RepositoryId = 1234,
Path = ".github/workflows/ci.yml",
Ref = "main",
},
},
},
RequiredCodeScanning = new Github.Inputs.OrganizationRulesetRulesRequiredCodeScanningArgs
{
RequiredCodeScanningTools = new[]
{
new Github.Inputs.OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs
{
AlertsThreshold = "errors",
SecurityAlertsThreshold = "high_or_higher",
Tool = "CodeQL",
},
},
},
},
});
// Example with push ruleset
// Note: Push targets must NOT have ref_name in conditions, only repository_name or repository_id
var examplePush = new Github.Index.OrganizationRuleset("example_push", new()
{
Name = "example_push",
Target = "push",
Enforcement = "active",
Conditions = new Github.Inputs.OrganizationRulesetConditionsArgs
{
RepositoryName = new Github.Inputs.OrganizationRulesetConditionsRepositoryNameArgs
{
Includes = new[]
{
"~ALL",
},
Excludes = new() { },
},
},
Rules = new Github.Inputs.OrganizationRulesetRulesArgs
{
FilePathRestriction = new Github.Inputs.OrganizationRulesetRulesFilePathRestrictionArgs
{
RestrictedFilePaths = new[]
{
".github/workflows/*",
"*.env",
},
},
MaxFileSize = new Github.Inputs.OrganizationRulesetRulesMaxFileSizeArgs
{
MaxFileSize = 100,
},
MaxFilePathLength = new Github.Inputs.OrganizationRulesetRulesMaxFilePathLengthArgs
{
MaxFilePathLength = 255,
},
FileExtensionRestriction = new Github.Inputs.OrganizationRulesetRulesFileExtensionRestrictionArgs
{
RestrictedFileExtensions = new[]
{
"*.exe",
"*.dll",
"*.so",
},
},
},
});
// Example with repository_property targeting
var exampleProperty = new Github.Index.OrganizationRuleset("example_property", new()
{
Name = "example_property",
Target = "branch",
Enforcement = "active",
Conditions = new Github.Inputs.OrganizationRulesetConditionsArgs
{
RefName = new Github.Inputs.OrganizationRulesetConditionsRefNameArgs
{
Includes = new[]
{
"~ALL",
},
Excludes = new() { },
},
RepositoryProperty = new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyArgs
{
Includes = new[]
{
new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyIncludeArgs
{
Name = "environment",
PropertyValues = new[]
{
"production",
"staging",
},
Source = "custom",
},
new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyIncludeArgs
{
Name = "team",
PropertyValues = new[]
{
"backend",
},
Source = "custom",
},
},
Excludes = new[]
{
new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyExcludeArgs
{
Name = "archived",
PropertyValues = new[]
{
"true",
},
Source = "system",
},
},
},
},
Rules = new Github.Inputs.OrganizationRulesetRulesArgs
{
RequiredSignatures = true,
PullRequest = null,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.github.OrganizationRuleset;
import com.pulumi.github.OrganizationRulesetArgs;
import com.pulumi.github.inputs.OrganizationRulesetConditionsArgs;
import com.pulumi.github.inputs.OrganizationRulesetConditionsRefNameArgs;
import com.pulumi.github.inputs.OrganizationRulesetBypassActorArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesBranchNamePatternArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesRequiredWorkflowsArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesRequiredCodeScanningArgs;
import com.pulumi.github.inputs.OrganizationRulesetConditionsRepositoryNameArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesFilePathRestrictionArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesMaxFileSizeArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesMaxFilePathLengthArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesFileExtensionRestrictionArgs;
import com.pulumi.github.inputs.OrganizationRulesetConditionsRepositoryPropertyArgs;
import com.pulumi.github.inputs.OrganizationRulesetRulesPullRequestArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new OrganizationRuleset("example", OrganizationRulesetArgs.builder()
.name("example")
.target("branch")
.enforcement("active")
.conditions(OrganizationRulesetConditionsArgs.builder()
.refName(OrganizationRulesetConditionsRefNameArgs.builder()
.includes("~ALL")
.excludes()
.build())
.build())
.bypassActors(OrganizationRulesetBypassActorArgs.builder()
.actorId(13473)
.actorType("Integration")
.bypassMode("always")
.build())
.rules(OrganizationRulesetRulesArgs.builder()
.creation(true)
.update(true)
.deletion(true)
.requiredLinearHistory(true)
.requiredSignatures(true)
.branchNamePattern(OrganizationRulesetRulesBranchNamePatternArgs.builder()
.name("example")
.negate(false)
.operator("starts_with")
.pattern("ex")
.build())
.requiredWorkflows(OrganizationRulesetRulesRequiredWorkflowsArgs.builder()
.doNotEnforceOnCreate(true)
.requiredWorkflows(OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs.builder()
.repositoryId(1234)
.path(".github/workflows/ci.yml")
.ref("main")
.build())
.build())
.requiredCodeScanning(OrganizationRulesetRulesRequiredCodeScanningArgs.builder()
.requiredCodeScanningTools(OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs.builder()
.alertsThreshold("errors")
.securityAlertsThreshold("high_or_higher")
.tool("CodeQL")
.build())
.build())
.build())
.build());
// Example with push ruleset
// Note: Push targets must NOT have ref_name in conditions, only repository_name or repository_id
var examplePush = new OrganizationRuleset("examplePush", OrganizationRulesetArgs.builder()
.name("example_push")
.target("push")
.enforcement("active")
.conditions(OrganizationRulesetConditionsArgs.builder()
.repositoryName(OrganizationRulesetConditionsRepositoryNameArgs.builder()
.includes("~ALL")
.excludes()
.build())
.build())
.rules(OrganizationRulesetRulesArgs.builder()
.filePathRestriction(OrganizationRulesetRulesFilePathRestrictionArgs.builder()
.restrictedFilePaths(
".github/workflows/*",
"*.env")
.build())
.maxFileSize(OrganizationRulesetRulesMaxFileSizeArgs.builder()
.maxFileSize(100)
.build())
.maxFilePathLength(OrganizationRulesetRulesMaxFilePathLengthArgs.builder()
.maxFilePathLength(255)
.build())
.fileExtensionRestriction(OrganizationRulesetRulesFileExtensionRestrictionArgs.builder()
.restrictedFileExtensions(
"*.exe",
"*.dll",
"*.so")
.build())
.build())
.build());
// Example with repository_property targeting
var exampleProperty = new OrganizationRuleset("exampleProperty", OrganizationRulesetArgs.builder()
.name("example_property")
.target("branch")
.enforcement("active")
.conditions(OrganizationRulesetConditionsArgs.builder()
.refName(OrganizationRulesetConditionsRefNameArgs.builder()
.includes("~ALL")
.excludes()
.build())
.repositoryProperty(OrganizationRulesetConditionsRepositoryPropertyArgs.builder()
.includes(
OrganizationRulesetConditionsRepositoryPropertyIncludeArgs.builder()
.name("environment")
.propertyValues(
"production",
"staging")
.source("custom")
.build(),
OrganizationRulesetConditionsRepositoryPropertyIncludeArgs.builder()
.name("team")
.propertyValues("backend")
.source("custom")
.build())
.excludes(OrganizationRulesetConditionsRepositoryPropertyExcludeArgs.builder()
.name("archived")
.propertyValues("true")
.source("system")
.build())
.build())
.build())
.rules(OrganizationRulesetRulesArgs.builder()
.requiredSignatures(true)
.pullRequest(OrganizationRulesetRulesPullRequestArgs.builder()
.build())
.build())
.build());
}
}
resources:
example:
type: github:OrganizationRuleset
properties:
name: example
target: branch
enforcement: active
conditions:
refName:
includes:
- ~ALL
excludes: []
bypassActors:
- actorId: 13473
actorType: Integration
bypassMode: always
rules:
creation: true
update: true
deletion: true
requiredLinearHistory: true
requiredSignatures: true
branchNamePattern:
name: example
negate: false
operator: starts_with
pattern: ex
requiredWorkflows:
doNotEnforceOnCreate: true
requiredWorkflows:
- repositoryId: 1234
path: .github/workflows/ci.yml
ref: main
requiredCodeScanning:
requiredCodeScanningTools:
- alertsThreshold: errors
securityAlertsThreshold: high_or_higher
tool: CodeQL
# Example with push ruleset
# Note: Push targets must NOT have ref_name in conditions, only repository_name or repository_id
examplePush:
type: github:OrganizationRuleset
name: example_push
properties:
name: example_push
target: push
enforcement: active
conditions:
repositoryName:
includes:
- ~ALL
excludes: []
rules:
filePathRestriction:
restrictedFilePaths:
- .github/workflows/*
- '*.env'
maxFileSize:
maxFileSize: 100
maxFilePathLength:
maxFilePathLength: 255
fileExtensionRestriction:
restrictedFileExtensions:
- '*.exe'
- '*.dll'
- '*.so'
# Example with repository_property targeting
exampleProperty:
type: github:OrganizationRuleset
name: example_property
properties:
name: example_property
target: branch
enforcement: active
conditions:
refName:
includes:
- ~ALL
excludes: []
repositoryProperty:
includes:
- name: environment
propertyValues:
- production
- staging
source: custom
- name: team
propertyValues:
- backend
source: custom
excludes:
- name: archived
propertyValues:
- 'true'
source: system
rules:
requiredSignatures: true
pullRequest: {}
Example coming soon!
Create OrganizationRuleset Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new OrganizationRuleset(name: string, args: OrganizationRulesetArgs, opts?: CustomResourceOptions);@overload
def OrganizationRuleset(resource_name: str,
args: OrganizationRulesetArgs,
opts: Optional[ResourceOptions] = None)
@overload
def OrganizationRuleset(resource_name: str,
opts: Optional[ResourceOptions] = None,
enforcement: Optional[str] = None,
rules: Optional[OrganizationRulesetRulesArgs] = None,
target: Optional[str] = None,
bypass_actors: Optional[Sequence[OrganizationRulesetBypassActorArgs]] = None,
conditions: Optional[OrganizationRulesetConditionsArgs] = None,
name: Optional[str] = None)func NewOrganizationRuleset(ctx *Context, name string, args OrganizationRulesetArgs, opts ...ResourceOption) (*OrganizationRuleset, error)public OrganizationRuleset(string name, OrganizationRulesetArgs args, CustomResourceOptions? opts = null)
public OrganizationRuleset(String name, OrganizationRulesetArgs args)
public OrganizationRuleset(String name, OrganizationRulesetArgs args, CustomResourceOptions options)
type: github:OrganizationRuleset
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "github_organizationruleset" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args OrganizationRulesetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OrganizationRulesetArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OrganizationRulesetArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OrganizationRulesetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OrganizationRulesetArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var organizationRulesetResource = new Github.OrganizationRuleset("organizationRulesetResource", new()
{
Enforcement = "string",
Rules = new Github.Inputs.OrganizationRulesetRulesArgs
{
BranchNamePattern = new Github.Inputs.OrganizationRulesetRulesBranchNamePatternArgs
{
Operator = "string",
Pattern = "string",
Name = "string",
Negate = false,
},
CommitAuthorEmailPattern = new Github.Inputs.OrganizationRulesetRulesCommitAuthorEmailPatternArgs
{
Operator = "string",
Pattern = "string",
Name = "string",
Negate = false,
},
CommitMessagePattern = new Github.Inputs.OrganizationRulesetRulesCommitMessagePatternArgs
{
Operator = "string",
Pattern = "string",
Name = "string",
Negate = false,
},
CommitterEmailPattern = new Github.Inputs.OrganizationRulesetRulesCommitterEmailPatternArgs
{
Operator = "string",
Pattern = "string",
Name = "string",
Negate = false,
},
CopilotCodeReview = new Github.Inputs.OrganizationRulesetRulesCopilotCodeReviewArgs
{
ReviewDraftPullRequests = false,
ReviewOnPush = false,
},
Creation = false,
Deletion = false,
FileExtensionRestriction = new Github.Inputs.OrganizationRulesetRulesFileExtensionRestrictionArgs
{
RestrictedFileExtensions = new[]
{
"string",
},
},
FilePathRestriction = new Github.Inputs.OrganizationRulesetRulesFilePathRestrictionArgs
{
RestrictedFilePaths = new[]
{
"string",
},
},
MaxFilePathLength = new Github.Inputs.OrganizationRulesetRulesMaxFilePathLengthArgs
{
MaxFilePathLength = 0,
},
MaxFileSize = new Github.Inputs.OrganizationRulesetRulesMaxFileSizeArgs
{
MaxFileSize = 0,
},
NonFastForward = false,
PullRequest = new Github.Inputs.OrganizationRulesetRulesPullRequestArgs
{
AllowedMergeMethods = new[]
{
"string",
},
DismissStaleReviewsOnPush = false,
RequireCodeOwnerReview = false,
RequireLastPushApproval = false,
RequiredApprovingReviewCount = 0,
RequiredReviewThreadResolution = false,
RequiredReviewers = new[]
{
new Github.Inputs.OrganizationRulesetRulesPullRequestRequiredReviewerArgs
{
FilePatterns = new[]
{
"string",
},
MinimumApprovals = 0,
Reviewer = new Github.Inputs.OrganizationRulesetRulesPullRequestRequiredReviewerReviewerArgs
{
Id = 0,
Type = "string",
},
},
},
},
RequiredCodeScanning = new Github.Inputs.OrganizationRulesetRulesRequiredCodeScanningArgs
{
RequiredCodeScanningTools = new[]
{
new Github.Inputs.OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs
{
AlertsThreshold = "string",
SecurityAlertsThreshold = "string",
Tool = "string",
},
},
},
RequiredLinearHistory = false,
RequiredSignatures = false,
RequiredStatusChecks = new Github.Inputs.OrganizationRulesetRulesRequiredStatusChecksArgs
{
RequiredChecks = new[]
{
new Github.Inputs.OrganizationRulesetRulesRequiredStatusChecksRequiredCheckArgs
{
Context = "string",
IntegrationId = 0,
},
},
DoNotEnforceOnCreate = false,
StrictRequiredStatusChecksPolicy = false,
},
RequiredWorkflows = new Github.Inputs.OrganizationRulesetRulesRequiredWorkflowsArgs
{
RequiredWorkflows = new[]
{
new Github.Inputs.OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs
{
Path = "string",
RepositoryId = 0,
Ref = "string",
},
},
DoNotEnforceOnCreate = false,
},
TagNamePattern = new Github.Inputs.OrganizationRulesetRulesTagNamePatternArgs
{
Operator = "string",
Pattern = "string",
Name = "string",
Negate = false,
},
Update = false,
},
Target = "string",
BypassActors = new[]
{
new Github.Inputs.OrganizationRulesetBypassActorArgs
{
ActorType = "string",
BypassMode = "string",
ActorId = 0,
},
},
Conditions = new Github.Inputs.OrganizationRulesetConditionsArgs
{
RefName = new Github.Inputs.OrganizationRulesetConditionsRefNameArgs
{
Excludes = new[]
{
"string",
},
Includes = new[]
{
"string",
},
},
RepositoryIds = new[]
{
0,
},
RepositoryName = new Github.Inputs.OrganizationRulesetConditionsRepositoryNameArgs
{
Excludes = new[]
{
"string",
},
Includes = new[]
{
"string",
},
Protected = false,
},
RepositoryProperty = new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyArgs
{
Excludes = new[]
{
new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyExcludeArgs
{
Name = "string",
PropertyValues = new[]
{
"string",
},
Source = "string",
},
},
Includes = new[]
{
new Github.Inputs.OrganizationRulesetConditionsRepositoryPropertyIncludeArgs
{
Name = "string",
PropertyValues = new[]
{
"string",
},
Source = "string",
},
},
},
},
Name = "string",
});
example, err := github.NewOrganizationRuleset(ctx, "organizationRulesetResource", &github.OrganizationRulesetArgs{
Enforcement: pulumi.String("string"),
Rules: &github.OrganizationRulesetRulesArgs{
BranchNamePattern: &github.OrganizationRulesetRulesBranchNamePatternArgs{
Operator: pulumi.String("string"),
Pattern: pulumi.String("string"),
Name: pulumi.String("string"),
Negate: pulumi.Bool(false),
},
CommitAuthorEmailPattern: &github.OrganizationRulesetRulesCommitAuthorEmailPatternArgs{
Operator: pulumi.String("string"),
Pattern: pulumi.String("string"),
Name: pulumi.String("string"),
Negate: pulumi.Bool(false),
},
CommitMessagePattern: &github.OrganizationRulesetRulesCommitMessagePatternArgs{
Operator: pulumi.String("string"),
Pattern: pulumi.String("string"),
Name: pulumi.String("string"),
Negate: pulumi.Bool(false),
},
CommitterEmailPattern: &github.OrganizationRulesetRulesCommitterEmailPatternArgs{
Operator: pulumi.String("string"),
Pattern: pulumi.String("string"),
Name: pulumi.String("string"),
Negate: pulumi.Bool(false),
},
CopilotCodeReview: &github.OrganizationRulesetRulesCopilotCodeReviewArgs{
ReviewDraftPullRequests: pulumi.Bool(false),
ReviewOnPush: pulumi.Bool(false),
},
Creation: pulumi.Bool(false),
Deletion: pulumi.Bool(false),
FileExtensionRestriction: &github.OrganizationRulesetRulesFileExtensionRestrictionArgs{
RestrictedFileExtensions: pulumi.StringArray{
pulumi.String("string"),
},
},
FilePathRestriction: &github.OrganizationRulesetRulesFilePathRestrictionArgs{
RestrictedFilePaths: pulumi.StringArray{
pulumi.String("string"),
},
},
MaxFilePathLength: &github.OrganizationRulesetRulesMaxFilePathLengthArgs{
MaxFilePathLength: pulumi.Int(0),
},
MaxFileSize: &github.OrganizationRulesetRulesMaxFileSizeArgs{
MaxFileSize: pulumi.Int(0),
},
NonFastForward: pulumi.Bool(false),
PullRequest: &github.OrganizationRulesetRulesPullRequestArgs{
AllowedMergeMethods: pulumi.StringArray{
pulumi.String("string"),
},
DismissStaleReviewsOnPush: pulumi.Bool(false),
RequireCodeOwnerReview: pulumi.Bool(false),
RequireLastPushApproval: pulumi.Bool(false),
RequiredApprovingReviewCount: pulumi.Int(0),
RequiredReviewThreadResolution: pulumi.Bool(false),
RequiredReviewers: github.OrganizationRulesetRulesPullRequestRequiredReviewerArray{
&github.OrganizationRulesetRulesPullRequestRequiredReviewerArgs{
FilePatterns: pulumi.StringArray{
pulumi.String("string"),
},
MinimumApprovals: pulumi.Int(0),
Reviewer: &github.OrganizationRulesetRulesPullRequestRequiredReviewerReviewerArgs{
Id: pulumi.Int(0),
Type: pulumi.String("string"),
},
},
},
},
RequiredCodeScanning: &github.OrganizationRulesetRulesRequiredCodeScanningArgs{
RequiredCodeScanningTools: github.OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArray{
&github.OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs{
AlertsThreshold: pulumi.String("string"),
SecurityAlertsThreshold: pulumi.String("string"),
Tool: pulumi.String("string"),
},
},
},
RequiredLinearHistory: pulumi.Bool(false),
RequiredSignatures: pulumi.Bool(false),
RequiredStatusChecks: &github.OrganizationRulesetRulesRequiredStatusChecksArgs{
RequiredChecks: github.OrganizationRulesetRulesRequiredStatusChecksRequiredCheckArray{
&github.OrganizationRulesetRulesRequiredStatusChecksRequiredCheckArgs{
Context: pulumi.String("string"),
IntegrationId: pulumi.Int(0),
},
},
DoNotEnforceOnCreate: pulumi.Bool(false),
StrictRequiredStatusChecksPolicy: pulumi.Bool(false),
},
RequiredWorkflows: &github.OrganizationRulesetRulesRequiredWorkflowsArgs{
RequiredWorkflows: github.OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArray{
&github.OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs{
Path: pulumi.String("string"),
RepositoryId: pulumi.Int(0),
Ref: pulumi.String("string"),
},
},
DoNotEnforceOnCreate: pulumi.Bool(false),
},
TagNamePattern: &github.OrganizationRulesetRulesTagNamePatternArgs{
Operator: pulumi.String("string"),
Pattern: pulumi.String("string"),
Name: pulumi.String("string"),
Negate: pulumi.Bool(false),
},
Update: pulumi.Bool(false),
},
Target: pulumi.String("string"),
BypassActors: github.OrganizationRulesetBypassActorArray{
&github.OrganizationRulesetBypassActorArgs{
ActorType: pulumi.String("string"),
BypassMode: pulumi.String("string"),
ActorId: pulumi.Int(0),
},
},
Conditions: &github.OrganizationRulesetConditionsArgs{
RefName: &github.OrganizationRulesetConditionsRefNameArgs{
Excludes: pulumi.StringArray{
pulumi.String("string"),
},
Includes: pulumi.StringArray{
pulumi.String("string"),
},
},
RepositoryIds: pulumi.IntArray{
pulumi.Int(0),
},
RepositoryName: &github.OrganizationRulesetConditionsRepositoryNameArgs{
Excludes: pulumi.StringArray{
pulumi.String("string"),
},
Includes: pulumi.StringArray{
pulumi.String("string"),
},
Protected: pulumi.Bool(false),
},
RepositoryProperty: &github.OrganizationRulesetConditionsRepositoryPropertyArgs{
Excludes: github.OrganizationRulesetConditionsRepositoryPropertyExcludeArray{
&github.OrganizationRulesetConditionsRepositoryPropertyExcludeArgs{
Name: pulumi.String("string"),
PropertyValues: pulumi.StringArray{
pulumi.String("string"),
},
Source: pulumi.String("string"),
},
},
Includes: github.OrganizationRulesetConditionsRepositoryPropertyIncludeArray{
&github.OrganizationRulesetConditionsRepositoryPropertyIncludeArgs{
Name: pulumi.String("string"),
PropertyValues: pulumi.StringArray{
pulumi.String("string"),
},
Source: pulumi.String("string"),
},
},
},
},
Name: pulumi.String("string"),
})
resource "github_organizationruleset" "organizationRulesetResource" {
enforcement = "string"
rules = {
branch_name_pattern = {
operator = "string"
pattern = "string"
name = "string"
negate = false
}
commit_author_email_pattern = {
operator = "string"
pattern = "string"
name = "string"
negate = false
}
commit_message_pattern = {
operator = "string"
pattern = "string"
name = "string"
negate = false
}
committer_email_pattern = {
operator = "string"
pattern = "string"
name = "string"
negate = false
}
copilot_code_review = {
review_draft_pull_requests = false
review_on_push = false
}
creation = false
deletion = false
file_extension_restriction = {
restricted_file_extensions = ["string"]
}
file_path_restriction = {
restricted_file_paths = ["string"]
}
max_file_path_length = {
max_file_path_length = 0
}
max_file_size = {
max_file_size = 0
}
non_fast_forward = false
pull_request = {
allowed_merge_methods = ["string"]
dismiss_stale_reviews_on_push = false
require_code_owner_review = false
require_last_push_approval = false
required_approving_review_count = 0
required_review_thread_resolution = false
required_reviewers = [{
"filePatterns" = ["string"]
"minimumApprovals" = 0
"reviewer" = {
"id" = 0
"type" = "string"
}
}]
}
required_code_scanning = {
required_code_scanning_tools = [{
"alertsThreshold" = "string"
"securityAlertsThreshold" = "string"
"tool" = "string"
}]
}
required_linear_history = false
required_signatures = false
required_status_checks = {
required_checks = [{
"context" = "string"
"integrationId" = 0
}]
do_not_enforce_on_create = false
strict_required_status_checks_policy = false
}
required_workflows = {
required_workflows = [{
"path" = "string"
"repositoryId" = 0
"ref" = "string"
}]
do_not_enforce_on_create = false
}
tag_name_pattern = {
operator = "string"
pattern = "string"
name = "string"
negate = false
}
update = false
}
target = "string"
bypass_actors {
actor_type = "string"
bypass_mode = "string"
actor_id = 0
}
conditions = {
ref_name = {
excludes = ["string"]
includes = ["string"]
}
repository_ids = [0]
repository_name = {
excludes = ["string"]
includes = ["string"]
protected = false
}
repository_property = {
excludes = [{
"name" = "string"
"propertyValues" = ["string"]
"source" = "string"
}]
includes = [{
"name" = "string"
"propertyValues" = ["string"]
"source" = "string"
}]
}
}
name = "string"
}
var organizationRulesetResource = new OrganizationRuleset("organizationRulesetResource", OrganizationRulesetArgs.builder()
.enforcement("string")
.rules(OrganizationRulesetRulesArgs.builder()
.branchNamePattern(OrganizationRulesetRulesBranchNamePatternArgs.builder()
.operator("string")
.pattern("string")
.name("string")
.negate(false)
.build())
.commitAuthorEmailPattern(OrganizationRulesetRulesCommitAuthorEmailPatternArgs.builder()
.operator("string")
.pattern("string")
.name("string")
.negate(false)
.build())
.commitMessagePattern(OrganizationRulesetRulesCommitMessagePatternArgs.builder()
.operator("string")
.pattern("string")
.name("string")
.negate(false)
.build())
.committerEmailPattern(OrganizationRulesetRulesCommitterEmailPatternArgs.builder()
.operator("string")
.pattern("string")
.name("string")
.negate(false)
.build())
.copilotCodeReview(OrganizationRulesetRulesCopilotCodeReviewArgs.builder()
.reviewDraftPullRequests(false)
.reviewOnPush(false)
.build())
.creation(false)
.deletion(false)
.fileExtensionRestriction(OrganizationRulesetRulesFileExtensionRestrictionArgs.builder()
.restrictedFileExtensions("string")
.build())
.filePathRestriction(OrganizationRulesetRulesFilePathRestrictionArgs.builder()
.restrictedFilePaths("string")
.build())
.maxFilePathLength(OrganizationRulesetRulesMaxFilePathLengthArgs.builder()
.maxFilePathLength(0)
.build())
.maxFileSize(OrganizationRulesetRulesMaxFileSizeArgs.builder()
.maxFileSize(0)
.build())
.nonFastForward(false)
.pullRequest(OrganizationRulesetRulesPullRequestArgs.builder()
.allowedMergeMethods("string")
.dismissStaleReviewsOnPush(false)
.requireCodeOwnerReview(false)
.requireLastPushApproval(false)
.requiredApprovingReviewCount(0)
.requiredReviewThreadResolution(false)
.requiredReviewers(OrganizationRulesetRulesPullRequestRequiredReviewerArgs.builder()
.filePatterns("string")
.minimumApprovals(0)
.reviewer(OrganizationRulesetRulesPullRequestRequiredReviewerReviewerArgs.builder()
.id(0)
.type("string")
.build())
.build())
.build())
.requiredCodeScanning(OrganizationRulesetRulesRequiredCodeScanningArgs.builder()
.requiredCodeScanningTools(OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs.builder()
.alertsThreshold("string")
.securityAlertsThreshold("string")
.tool("string")
.build())
.build())
.requiredLinearHistory(false)
.requiredSignatures(false)
.requiredStatusChecks(OrganizationRulesetRulesRequiredStatusChecksArgs.builder()
.requiredChecks(OrganizationRulesetRulesRequiredStatusChecksRequiredCheckArgs.builder()
.context("string")
.integrationId(0)
.build())
.doNotEnforceOnCreate(false)
.strictRequiredStatusChecksPolicy(false)
.build())
.requiredWorkflows(OrganizationRulesetRulesRequiredWorkflowsArgs.builder()
.requiredWorkflows(OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs.builder()
.path("string")
.repositoryId(0)
.ref("string")
.build())
.doNotEnforceOnCreate(false)
.build())
.tagNamePattern(OrganizationRulesetRulesTagNamePatternArgs.builder()
.operator("string")
.pattern("string")
.name("string")
.negate(false)
.build())
.update(false)
.build())
.target("string")
.bypassActors(OrganizationRulesetBypassActorArgs.builder()
.actorType("string")
.bypassMode("string")
.actorId(0)
.build())
.conditions(OrganizationRulesetConditionsArgs.builder()
.refName(OrganizationRulesetConditionsRefNameArgs.builder()
.excludes("string")
.includes("string")
.build())
.repositoryIds(0)
.repositoryName(OrganizationRulesetConditionsRepositoryNameArgs.builder()
.excludes("string")
.includes("string")
.protected_(false)
.build())
.repositoryProperty(OrganizationRulesetConditionsRepositoryPropertyArgs.builder()
.excludes(OrganizationRulesetConditionsRepositoryPropertyExcludeArgs.builder()
.name("string")
.propertyValues("string")
.source("string")
.build())
.includes(OrganizationRulesetConditionsRepositoryPropertyIncludeArgs.builder()
.name("string")
.propertyValues("string")
.source("string")
.build())
.build())
.build())
.name("string")
.build());
organization_ruleset_resource = github.OrganizationRuleset("organizationRulesetResource",
enforcement="string",
rules={
"branch_name_pattern": {
"operator": "string",
"pattern": "string",
"name": "string",
"negate": False,
},
"commit_author_email_pattern": {
"operator": "string",
"pattern": "string",
"name": "string",
"negate": False,
},
"commit_message_pattern": {
"operator": "string",
"pattern": "string",
"name": "string",
"negate": False,
},
"committer_email_pattern": {
"operator": "string",
"pattern": "string",
"name": "string",
"negate": False,
},
"copilot_code_review": {
"review_draft_pull_requests": False,
"review_on_push": False,
},
"creation": False,
"deletion": False,
"file_extension_restriction": {
"restricted_file_extensions": ["string"],
},
"file_path_restriction": {
"restricted_file_paths": ["string"],
},
"max_file_path_length": {
"max_file_path_length": 0,
},
"max_file_size": {
"max_file_size": 0,
},
"non_fast_forward": False,
"pull_request": {
"allowed_merge_methods": ["string"],
"dismiss_stale_reviews_on_push": False,
"require_code_owner_review": False,
"require_last_push_approval": False,
"required_approving_review_count": 0,
"required_review_thread_resolution": False,
"required_reviewers": [{
"file_patterns": ["string"],
"minimum_approvals": 0,
"reviewer": {
"id": 0,
"type": "string",
},
}],
},
"required_code_scanning": {
"required_code_scanning_tools": [{
"alerts_threshold": "string",
"security_alerts_threshold": "string",
"tool": "string",
}],
},
"required_linear_history": False,
"required_signatures": False,
"required_status_checks": {
"required_checks": [{
"context": "string",
"integration_id": 0,
}],
"do_not_enforce_on_create": False,
"strict_required_status_checks_policy": False,
},
"required_workflows": {
"required_workflows": [{
"path": "string",
"repository_id": 0,
"ref": "string",
}],
"do_not_enforce_on_create": False,
},
"tag_name_pattern": {
"operator": "string",
"pattern": "string",
"name": "string",
"negate": False,
},
"update": False,
},
target="string",
bypass_actors=[{
"actor_type": "string",
"bypass_mode": "string",
"actor_id": 0,
}],
conditions={
"ref_name": {
"excludes": ["string"],
"includes": ["string"],
},
"repository_ids": [0],
"repository_name": {
"excludes": ["string"],
"includes": ["string"],
"protected": False,
},
"repository_property": {
"excludes": [{
"name": "string",
"property_values": ["string"],
"source": "string",
}],
"includes": [{
"name": "string",
"property_values": ["string"],
"source": "string",
}],
},
},
name="string")
const organizationRulesetResource = new github.OrganizationRuleset("organizationRulesetResource", {
enforcement: "string",
rules: {
branchNamePattern: {
operator: "string",
pattern: "string",
name: "string",
negate: false,
},
commitAuthorEmailPattern: {
operator: "string",
pattern: "string",
name: "string",
negate: false,
},
commitMessagePattern: {
operator: "string",
pattern: "string",
name: "string",
negate: false,
},
committerEmailPattern: {
operator: "string",
pattern: "string",
name: "string",
negate: false,
},
copilotCodeReview: {
reviewDraftPullRequests: false,
reviewOnPush: false,
},
creation: false,
deletion: false,
fileExtensionRestriction: {
restrictedFileExtensions: ["string"],
},
filePathRestriction: {
restrictedFilePaths: ["string"],
},
maxFilePathLength: {
maxFilePathLength: 0,
},
maxFileSize: {
maxFileSize: 0,
},
nonFastForward: false,
pullRequest: {
allowedMergeMethods: ["string"],
dismissStaleReviewsOnPush: false,
requireCodeOwnerReview: false,
requireLastPushApproval: false,
requiredApprovingReviewCount: 0,
requiredReviewThreadResolution: false,
requiredReviewers: [{
filePatterns: ["string"],
minimumApprovals: 0,
reviewer: {
id: 0,
type: "string",
},
}],
},
requiredCodeScanning: {
requiredCodeScanningTools: [{
alertsThreshold: "string",
securityAlertsThreshold: "string",
tool: "string",
}],
},
requiredLinearHistory: false,
requiredSignatures: false,
requiredStatusChecks: {
requiredChecks: [{
context: "string",
integrationId: 0,
}],
doNotEnforceOnCreate: false,
strictRequiredStatusChecksPolicy: false,
},
requiredWorkflows: {
requiredWorkflows: [{
path: "string",
repositoryId: 0,
ref: "string",
}],
doNotEnforceOnCreate: false,
},
tagNamePattern: {
operator: "string",
pattern: "string",
name: "string",
negate: false,
},
update: false,
},
target: "string",
bypassActors: [{
actorType: "string",
bypassMode: "string",
actorId: 0,
}],
conditions: {
refName: {
excludes: ["string"],
includes: ["string"],
},
repositoryIds: [0],
repositoryName: {
excludes: ["string"],
includes: ["string"],
"protected": false,
},
repositoryProperty: {
excludes: [{
name: "string",
propertyValues: ["string"],
source: "string",
}],
includes: [{
name: "string",
propertyValues: ["string"],
source: "string",
}],
},
},
name: "string",
});
type: github:OrganizationRuleset
properties:
bypassActors:
- actorId: 0
actorType: string
bypassMode: string
conditions:
refName:
excludes:
- string
includes:
- string
repositoryIds:
- 0
repositoryName:
excludes:
- string
includes:
- string
protected: false
repositoryProperty:
excludes:
- name: string
propertyValues:
- string
source: string
includes:
- name: string
propertyValues:
- string
source: string
enforcement: string
name: string
rules:
branchNamePattern:
name: string
negate: false
operator: string
pattern: string
commitAuthorEmailPattern:
name: string
negate: false
operator: string
pattern: string
commitMessagePattern:
name: string
negate: false
operator: string
pattern: string
committerEmailPattern:
name: string
negate: false
operator: string
pattern: string
copilotCodeReview:
reviewDraftPullRequests: false
reviewOnPush: false
creation: false
deletion: false
fileExtensionRestriction:
restrictedFileExtensions:
- string
filePathRestriction:
restrictedFilePaths:
- string
maxFilePathLength:
maxFilePathLength: 0
maxFileSize:
maxFileSize: 0
nonFastForward: false
pullRequest:
allowedMergeMethods:
- string
dismissStaleReviewsOnPush: false
requireCodeOwnerReview: false
requireLastPushApproval: false
requiredApprovingReviewCount: 0
requiredReviewThreadResolution: false
requiredReviewers:
- filePatterns:
- string
minimumApprovals: 0
reviewer:
id: 0
type: string
requiredCodeScanning:
requiredCodeScanningTools:
- alertsThreshold: string
securityAlertsThreshold: string
tool: string
requiredLinearHistory: false
requiredSignatures: false
requiredStatusChecks:
doNotEnforceOnCreate: false
requiredChecks:
- context: string
integrationId: 0
strictRequiredStatusChecksPolicy: false
requiredWorkflows:
doNotEnforceOnCreate: false
requiredWorkflows:
- path: string
ref: string
repositoryId: 0
tagNamePattern:
name: string
negate: false
operator: string
pattern: string
update: false
target: string
OrganizationRuleset Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The OrganizationRuleset resource accepts the following input properties:
- Enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - Rules
Organization
Ruleset Rules - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- Target string
- (String) Possible values are
branch,tagandpush. - Bypass
Actors List<OrganizationRuleset Bypass Actor> - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- Conditions
Organization
Ruleset Conditions - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - Name string
- (String) The name of the ruleset.
- Enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - Rules
Organization
Ruleset Rules Args - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- Target string
- (String) Possible values are
branch,tagandpush. - Bypass
Actors []OrganizationRuleset Bypass Actor Args - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- Conditions
Organization
Ruleset Conditions Args - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - Name string
- (String) The name of the ruleset.
- enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - rules object
- (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- target string
- (String) Possible values are
branch,tagandpush. - bypass_
actors list(object) - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions object
- (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - name string
- (String) The name of the ruleset.
- enforcement String
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - rules
Organization
Ruleset Rules - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- target String
- (String) Possible values are
branch,tagandpush. - bypass
Actors List<OrganizationRuleset Bypass Actor> - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions
Organization
Ruleset Conditions - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - name String
- (String) The name of the ruleset.
- enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - rules
Organization
Ruleset Rules - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- target string
- (String) Possible values are
branch,tagandpush. - bypass
Actors OrganizationRuleset Bypass Actor[] - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions
Organization
Ruleset Conditions - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - name string
- (String) The name of the ruleset.
- enforcement str
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - rules
Organization
Ruleset Rules Args - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- target str
- (String) Possible values are
branch,tagandpush. - bypass_
actors Sequence[OrganizationRuleset Bypass Actor Args] - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions
Organization
Ruleset Conditions Args - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - name str
- (String) The name of the ruleset.
- enforcement String
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - rules Property Map
- (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- target String
- (String) Possible values are
branch,tagandpush. - bypass
Actors List<Property Map> - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions Property Map
- (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - name String
- (String) The name of the ruleset.
Outputs
All input properties are implicitly available as output properties. Additionally, the OrganizationRuleset resource produces the following output properties:
- etag string
- (String)
- id string
- The provider-assigned unique ID for this managed resource.
- node_
id string - (String) GraphQL global node id for use with v4 API.
- ruleset_
id number - (Number) GitHub ID for the ruleset.
- etag str
- (String)
- id str
- The provider-assigned unique ID for this managed resource.
- node_
id str - (String) GraphQL global node id for use with v4 API.
- ruleset_
id int - (Number) GitHub ID for the ruleset.
Look up Existing OrganizationRuleset Resource
Get an existing OrganizationRuleset resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OrganizationRulesetState, opts?: CustomResourceOptions): OrganizationRuleset@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bypass_actors: Optional[Sequence[OrganizationRulesetBypassActorArgs]] = None,
conditions: Optional[OrganizationRulesetConditionsArgs] = None,
enforcement: Optional[str] = None,
etag: Optional[str] = None,
name: Optional[str] = None,
node_id: Optional[str] = None,
rules: Optional[OrganizationRulesetRulesArgs] = None,
ruleset_id: Optional[int] = None,
target: Optional[str] = None) -> OrganizationRulesetfunc GetOrganizationRuleset(ctx *Context, name string, id IDInput, state *OrganizationRulesetState, opts ...ResourceOption) (*OrganizationRuleset, error)public static OrganizationRuleset Get(string name, Input<string> id, OrganizationRulesetState? state, CustomResourceOptions? opts = null)public static OrganizationRuleset get(String name, Output<String> id, OrganizationRulesetState state, CustomResourceOptions options)resources: _: type: github:OrganizationRuleset get: id: ${id}import {
to = github_organizationruleset.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bypass
Actors List<OrganizationRuleset Bypass Actor> - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- Conditions
Organization
Ruleset Conditions - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - Enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - Etag string
- (String)
- Name string
- (String) The name of the ruleset.
- Node
Id string - (String) GraphQL global node id for use with v4 API.
- Rules
Organization
Ruleset Rules - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- Ruleset
Id int - (Number) GitHub ID for the ruleset.
- Target string
- (String) Possible values are
branch,tagandpush.
- Bypass
Actors []OrganizationRuleset Bypass Actor Args - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- Conditions
Organization
Ruleset Conditions Args - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - Enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - Etag string
- (String)
- Name string
- (String) The name of the ruleset.
- Node
Id string - (String) GraphQL global node id for use with v4 API.
- Rules
Organization
Ruleset Rules Args - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- Ruleset
Id int - (Number) GitHub ID for the ruleset.
- Target string
- (String) Possible values are
branch,tagandpush.
- bypass_
actors list(object) - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions object
- (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - etag string
- (String)
- name string
- (String) The name of the ruleset.
- node_
id string - (String) GraphQL global node id for use with v4 API.
- rules object
- (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- ruleset_
id number - (Number) GitHub ID for the ruleset.
- target string
- (String) Possible values are
branch,tagandpush.
- bypass
Actors List<OrganizationRuleset Bypass Actor> - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions
Organization
Ruleset Conditions - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - enforcement String
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - etag String
- (String)
- name String
- (String) The name of the ruleset.
- node
Id String - (String) GraphQL global node id for use with v4 API.
- rules
Organization
Ruleset Rules - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- ruleset
Id Integer - (Number) GitHub ID for the ruleset.
- target String
- (String) Possible values are
branch,tagandpush.
- bypass
Actors OrganizationRuleset Bypass Actor[] - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions
Organization
Ruleset Conditions - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - enforcement string
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - etag string
- (String)
- name string
- (String) The name of the ruleset.
- node
Id string - (String) GraphQL global node id for use with v4 API.
- rules
Organization
Ruleset Rules - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- ruleset
Id number - (Number) GitHub ID for the ruleset.
- target string
- (String) Possible values are
branch,tagandpush.
- bypass_
actors Sequence[OrganizationRuleset Bypass Actor Args] - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions
Organization
Ruleset Conditions Args - (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - enforcement str
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - etag str
- (String)
- name str
- (String) The name of the ruleset.
- node_
id str - (String) GraphQL global node id for use with v4 API.
- rules
Organization
Ruleset Rules Args - (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- ruleset_
id int - (Number) GitHub ID for the ruleset.
- target str
- (String) Possible values are
branch,tagandpush.
- bypass
Actors List<Property Map> - (Block List) The actors that can bypass the rules in this ruleset. (see below for nested schema)
- conditions Property Map
- (Block List, Max: 1) Parameters for an organization ruleset condition. For
branchandtagtargets,refNameis required alongside one ofrepositoryNameorrepositoryId. Forpushtargets,refNamemust NOT be set - onlyrepositoryNameorrepositoryIdshould be used. (see below for nested schema) - enforcement String
- (String) Possible values for Enforcement are
disabled,active,evaluate. Note:evaluateis currently only supported for owners of typeorganization. - etag String
- (String)
- name String
- (String) The name of the ruleset.
- node
Id String - (String) GraphQL global node id for use with v4 API.
- rules Property Map
- (Block List, Min: 1, Max: 1) Rules within the ruleset. (see below for nested schema)
- ruleset
Id Number - (Number) GitHub ID for the ruleset.
- target String
- (String) Possible values are
branch,tagandpush.
Supporting Types
OrganizationRulesetBypassActor, OrganizationRulesetBypassActorArgs
- Actor
Type string - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - Bypass
Mode string (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- Actor
Id int - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
- Actor
Type string - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - Bypass
Mode string (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- Actor
Id int - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
- actor_
type string - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - bypass_
mode string (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- actor_
id number - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
- actor
Type String - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - bypass
Mode String (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- actor
Id Integer - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
- actor
Type string - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - bypass
Mode string (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- actor
Id number - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
- actor_
type str - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - bypass_
mode str (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- actor_
id int - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
- actor
Type String - The type of actor that can bypass a ruleset. Can be one of:
RepositoryRole,Team,Integration,OrganizationAdmin. - bypass
Mode String (String) When the specified actor can bypass the ruleset. pullRequest means that an actor can only bypass rules on pull requests. Can be one of:
always,pullRequest,exempt.~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
OrganizationAdmin>1RepositoryRole(This is the actor type, the following are the base repository roles and their associated IDs.)
- actor
Id Number - (Number) The ID of the actor that can bypass a ruleset. Some actor types such as
DeployKeydo not have an ID.
OrganizationRulesetConditions, OrganizationRulesetConditionsArgs
- Ref
Name OrganizationRuleset Conditions Ref Name - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - Repository
Ids List<int> - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- Repository
Name OrganizationRuleset Conditions Repository Name - Targets repositories that match the specified name patterns. (see below for nested schema)
- Repository
Property OrganizationRuleset Conditions Repository Property Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
- Ref
Name OrganizationRuleset Conditions Ref Name - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - Repository
Ids []int - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- Repository
Name OrganizationRuleset Conditions Repository Name - Targets repositories that match the specified name patterns. (see below for nested schema)
- Repository
Property OrganizationRuleset Conditions Repository Property Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
- ref_
name object - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - repository_
ids list(number) - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- repository_
name object - Targets repositories that match the specified name patterns. (see below for nested schema)
- repository_
property object Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
- ref
Name OrganizationRuleset Conditions Ref Name - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - repository
Ids List<Integer> - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- repository
Name OrganizationRuleset Conditions Repository Name - Targets repositories that match the specified name patterns. (see below for nested schema)
- repository
Property OrganizationRuleset Conditions Repository Property Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
- ref
Name OrganizationRuleset Conditions Ref Name - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - repository
Ids number[] - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- repository
Name OrganizationRuleset Conditions Repository Name - Targets repositories that match the specified name patterns. (see below for nested schema)
- repository
Property OrganizationRuleset Conditions Repository Property Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
- ref_
name OrganizationRuleset Conditions Ref Name - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - repository_
ids Sequence[int] - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- repository_
name OrganizationRuleset Conditions Repository Name - Targets repositories that match the specified name patterns. (see below for nested schema)
- repository_
property OrganizationRuleset Conditions Repository Property Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
- ref
Name Property Map - (Block List, Max: 1) Required for
branchandtagtargets. Must NOT be set forpushtargets. (see below for nested schema) - repository
Ids List<Number> - The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.
- repository
Name Property Map - Targets repositories that match the specified name patterns. (see below for nested schema)
- repository
Property Property Map Targets repositories by custom or system properties. (see below for nested schema)
Exactly one of
repositoryId,repositoryName, orrepositoryPropertymust be set for the rule to target repositories.Note: For
pushtargets, do not includerefNamein conditions. Push rulesets operate on file content, not on refs.
OrganizationRulesetConditionsRefName, OrganizationRulesetConditionsRefNameArgs
- Excludes List<string>
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- Includes List<string>
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
- Excludes []string
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- Includes []string
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
- excludes list(string)
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes list(string)
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
- excludes List<String>
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes List<String>
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
- excludes string[]
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes string[]
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
- excludes Sequence[str]
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes Sequence[str]
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
- excludes List<String>
- Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes List<String>
- Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~DEFAULT_BRANCHto include the default branch or~ALLto include all branches.
OrganizationRulesetConditionsRepositoryName, OrganizationRulesetConditionsRepositoryNameArgs
- Excludes List<string>
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- Includes List<string>
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - Protected bool
- Whether renaming of target repositories is prevented.
- Excludes []string
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- Includes []string
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - Protected bool
- Whether renaming of target repositories is prevented.
- excludes list(string)
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes list(string)
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - protected bool
- Whether renaming of target repositories is prevented.
- excludes List<String>
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes List<String>
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - protected_ Boolean
- Whether renaming of target repositories is prevented.
- excludes string[]
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes string[]
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - protected boolean
- Whether renaming of target repositories is prevented.
- excludes Sequence[str]
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes Sequence[str]
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - protected bool
- Whether renaming of target repositories is prevented.
- excludes List<String>
- Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
- includes List<String>
- Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts
~ALLto include all repositories. - protected Boolean
- Whether renaming of target repositories is prevented.
OrganizationRulesetConditionsRepositoryProperty, OrganizationRulesetConditionsRepositoryPropertyArgs
- Excludes
List<Organization
Ruleset Conditions Repository Property Exclude> - The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- Includes
List<Organization
Ruleset Conditions Repository Property Include> - The repository properties and values to include. All of these properties must match for the condition to pass.
- Excludes
[]Organization
Ruleset Conditions Repository Property Exclude - The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- Includes
[]Organization
Ruleset Conditions Repository Property Include - The repository properties and values to include. All of these properties must match for the condition to pass.
- excludes list(object)
- The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- includes list(object)
- The repository properties and values to include. All of these properties must match for the condition to pass.
- excludes
List<Organization
Ruleset Conditions Repository Property Exclude> - The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- includes
List<Organization
Ruleset Conditions Repository Property Include> - The repository properties and values to include. All of these properties must match for the condition to pass.
- excludes
Organization
Ruleset Conditions Repository Property Exclude[] - The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- includes
Organization
Ruleset Conditions Repository Property Include[] - The repository properties and values to include. All of these properties must match for the condition to pass.
- excludes
Sequence[Organization
Ruleset Conditions Repository Property Exclude] - The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- includes
Sequence[Organization
Ruleset Conditions Repository Property Include] - The repository properties and values to include. All of these properties must match for the condition to pass.
- excludes List<Property Map>
- The repository properties and values to exclude. The ruleset will not apply if any of these properties match.
- includes List<Property Map>
- The repository properties and values to include. All of these properties must match for the condition to pass.
OrganizationRulesetConditionsRepositoryPropertyExclude, OrganizationRulesetConditionsRepositoryPropertyExcludeArgs
- Name string
- (String) The name of the ruleset.
- Property
Values List<string> - The values to match for the repository property.
- Source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- Name string
- (String) The name of the ruleset.
- Property
Values []string - The values to match for the repository property.
- Source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name string
- (String) The name of the ruleset.
- property_
values list(string) - The values to match for the repository property.
- source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name String
- (String) The name of the ruleset.
- property
Values List<String> - The values to match for the repository property.
- source String
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name string
- (String) The name of the ruleset.
- property
Values string[] - The values to match for the repository property.
- source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name str
- (String) The name of the ruleset.
- property_
values Sequence[str] - The values to match for the repository property.
- source str
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name String
- (String) The name of the ruleset.
- property
Values List<String> - The values to match for the repository property.
- source String
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
OrganizationRulesetConditionsRepositoryPropertyInclude, OrganizationRulesetConditionsRepositoryPropertyIncludeArgs
- Name string
- (String) The name of the ruleset.
- Property
Values List<string> - The values to match for the repository property.
- Source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- Name string
- (String) The name of the ruleset.
- Property
Values []string - The values to match for the repository property.
- Source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name string
- (String) The name of the ruleset.
- property_
values list(string) - The values to match for the repository property.
- source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name String
- (String) The name of the ruleset.
- property
Values List<String> - The values to match for the repository property.
- source String
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name string
- (String) The name of the ruleset.
- property
Values string[] - The values to match for the repository property.
- source string
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name str
- (String) The name of the ruleset.
- property_
values Sequence[str] - The values to match for the repository property.
- source str
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
- name String
- (String) The name of the ruleset.
- property
Values List<String> - The values to match for the repository property.
- source String
- The source of the repository property. Defaults to 'custom' if not specified. Can be one of: custom, system
OrganizationRulesetRules, OrganizationRulesetRulesArgs
- Branch
Name OrganizationPattern Ruleset Rules Branch Name Pattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) -
Organization
Ruleset Rules Commit Author Email Pattern - (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- Commit
Message OrganizationPattern Ruleset Rules Commit Message Pattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- Committer
Email OrganizationPattern Ruleset Rules Committer Email Pattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- Copilot
Code OrganizationReview Ruleset Rules Copilot Code Review - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- Creation bool
- (Boolean) Only allow users with bypass permission to create matching refs.
- Deletion bool
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- File
Extension OrganizationRestriction Ruleset Rules File Extension Restriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - File
Path OrganizationRestriction Ruleset Rules File Path Restriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - Max
File OrganizationPath Length Ruleset Rules Max File Path Length - (Integer) The maximum number of characters allowed in file paths.
- Max
File OrganizationSize Ruleset Rules Max File Size - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- Non
Fast boolForward - (Boolean) Prevent users with push access from force pushing to branches.
- Pull
Request OrganizationRuleset Rules Pull Request - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- Required
Code OrganizationScanning Ruleset Rules Required Code Scanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- Required
Linear boolHistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- Required
Signatures bool - (Boolean) Commits pushed to matching branches must have verified signatures.
- Required
Status OrganizationChecks Ruleset Rules Required Status Checks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- Required
Workflows OrganizationRuleset Rules Required Workflows - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- Tag
Name OrganizationPattern Ruleset Rules Tag Name Pattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - Update bool
- (Boolean) Only allow users with bypass permission to update matching refs.
- Branch
Name OrganizationPattern Ruleset Rules Branch Name Pattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) -
Organization
Ruleset Rules Commit Author Email Pattern - (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- Commit
Message OrganizationPattern Ruleset Rules Commit Message Pattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- Committer
Email OrganizationPattern Ruleset Rules Committer Email Pattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- Copilot
Code OrganizationReview Ruleset Rules Copilot Code Review - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- Creation bool
- (Boolean) Only allow users with bypass permission to create matching refs.
- Deletion bool
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- File
Extension OrganizationRestriction Ruleset Rules File Extension Restriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - File
Path OrganizationRestriction Ruleset Rules File Path Restriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - Max
File OrganizationPath Length Ruleset Rules Max File Path Length - (Integer) The maximum number of characters allowed in file paths.
- Max
File OrganizationSize Ruleset Rules Max File Size - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- Non
Fast boolForward - (Boolean) Prevent users with push access from force pushing to branches.
- Pull
Request OrganizationRuleset Rules Pull Request - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- Required
Code OrganizationScanning Ruleset Rules Required Code Scanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- Required
Linear boolHistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- Required
Signatures bool - (Boolean) Commits pushed to matching branches must have verified signatures.
- Required
Status OrganizationChecks Ruleset Rules Required Status Checks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- Required
Workflows OrganizationRuleset Rules Required Workflows - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- Tag
Name OrganizationPattern Ruleset Rules Tag Name Pattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - Update bool
- (Boolean) Only allow users with bypass permission to update matching refs.
- branch_
name_ objectpattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) - object
- (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- commit_
message_ objectpattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- committer_
email_ objectpattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- copilot_
code_ objectreview - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- creation bool
- (Boolean) Only allow users with bypass permission to create matching refs.
- deletion bool
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- file_
extension_ objectrestriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - file_
path_ objectrestriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - max_
file_ objectpath_ length - (Integer) The maximum number of characters allowed in file paths.
- max_
file_ objectsize - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- non_
fast_ boolforward - (Boolean) Prevent users with push access from force pushing to branches.
- pull_
request object - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- required_
code_ objectscanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- required_
linear_ boolhistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- required_
signatures bool - (Boolean) Commits pushed to matching branches must have verified signatures.
- required_
status_ objectchecks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- required_
workflows object - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- tag_
name_ objectpattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - update bool
- (Boolean) Only allow users with bypass permission to update matching refs.
- branch
Name OrganizationPattern Ruleset Rules Branch Name Pattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) -
Organization
Ruleset Rules Commit Author Email Pattern - (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- commit
Message OrganizationPattern Ruleset Rules Commit Message Pattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- committer
Email OrganizationPattern Ruleset Rules Committer Email Pattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- copilot
Code OrganizationReview Ruleset Rules Copilot Code Review - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- creation Boolean
- (Boolean) Only allow users with bypass permission to create matching refs.
- deletion Boolean
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- file
Extension OrganizationRestriction Ruleset Rules File Extension Restriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - file
Path OrganizationRestriction Ruleset Rules File Path Restriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - max
File OrganizationPath Length Ruleset Rules Max File Path Length - (Integer) The maximum number of characters allowed in file paths.
- max
File OrganizationSize Ruleset Rules Max File Size - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- non
Fast BooleanForward - (Boolean) Prevent users with push access from force pushing to branches.
- pull
Request OrganizationRuleset Rules Pull Request - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- required
Code OrganizationScanning Ruleset Rules Required Code Scanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- required
Linear BooleanHistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- required
Signatures Boolean - (Boolean) Commits pushed to matching branches must have verified signatures.
- required
Status OrganizationChecks Ruleset Rules Required Status Checks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- required
Workflows OrganizationRuleset Rules Required Workflows - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- tag
Name OrganizationPattern Ruleset Rules Tag Name Pattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - update Boolean
- (Boolean) Only allow users with bypass permission to update matching refs.
- branch
Name OrganizationPattern Ruleset Rules Branch Name Pattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) -
Organization
Ruleset Rules Commit Author Email Pattern - (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- commit
Message OrganizationPattern Ruleset Rules Commit Message Pattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- committer
Email OrganizationPattern Ruleset Rules Committer Email Pattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- copilot
Code OrganizationReview Ruleset Rules Copilot Code Review - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- creation boolean
- (Boolean) Only allow users with bypass permission to create matching refs.
- deletion boolean
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- file
Extension OrganizationRestriction Ruleset Rules File Extension Restriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - file
Path OrganizationRestriction Ruleset Rules File Path Restriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - max
File OrganizationPath Length Ruleset Rules Max File Path Length - (Integer) The maximum number of characters allowed in file paths.
- max
File OrganizationSize Ruleset Rules Max File Size - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- non
Fast booleanForward - (Boolean) Prevent users with push access from force pushing to branches.
- pull
Request OrganizationRuleset Rules Pull Request - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- required
Code OrganizationScanning Ruleset Rules Required Code Scanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- required
Linear booleanHistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- required
Signatures boolean - (Boolean) Commits pushed to matching branches must have verified signatures.
- required
Status OrganizationChecks Ruleset Rules Required Status Checks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- required
Workflows OrganizationRuleset Rules Required Workflows - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- tag
Name OrganizationPattern Ruleset Rules Tag Name Pattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - update boolean
- (Boolean) Only allow users with bypass permission to update matching refs.
- branch_
name_ Organizationpattern Ruleset Rules Branch Name Pattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) -
Organization
Ruleset Rules Commit Author Email Pattern - (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- commit_
message_ Organizationpattern Ruleset Rules Commit Message Pattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- committer_
email_ Organizationpattern Ruleset Rules Committer Email Pattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- copilot_
code_ Organizationreview Ruleset Rules Copilot Code Review - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- creation bool
- (Boolean) Only allow users with bypass permission to create matching refs.
- deletion bool
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- file_
extension_ Organizationrestriction Ruleset Rules File Extension Restriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - file_
path_ Organizationrestriction Ruleset Rules File Path Restriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - max_
file_ Organizationpath_ length Ruleset Rules Max File Path Length - (Integer) The maximum number of characters allowed in file paths.
- max_
file_ Organizationsize Ruleset Rules Max File Size - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- non_
fast_ boolforward - (Boolean) Prevent users with push access from force pushing to branches.
- pull_
request OrganizationRuleset Rules Pull Request - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- required_
code_ Organizationscanning Ruleset Rules Required Code Scanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- required_
linear_ boolhistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- required_
signatures bool - (Boolean) Commits pushed to matching branches must have verified signatures.
- required_
status_ Organizationchecks Ruleset Rules Required Status Checks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- required_
workflows OrganizationRuleset Rules Required Workflows - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- tag_
name_ Organizationpattern Ruleset Rules Tag Name Pattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - update bool
- (Boolean) Only allow users with bypass permission to update matching refs.
- branch
Name Property MapPattern - (Block List, Max: 1) Parameters to be used for the branchNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
tagNamePatternas it only applies to rulesets with targetbranch. (see below for nested schema) - Property Map
- (Block List, Max: 1) Parameters to be used for the commitAuthorEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- commit
Message Property MapPattern - (Block List, Max: 1) Parameters to be used for the commitMessagePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- committer
Email Property MapPattern - (Block List, Max: 1) Parameters to be used for the committerEmailPattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. (see below for nested schema)
- copilot
Code Property MapReview - (Block List, Max: 1) Automatically request Copilot code review for new pull requests if the author has access to Copilot code review and their premium requests quota has not reached the limit. (see below for nested schema)
- creation Boolean
- (Boolean) Only allow users with bypass permission to create matching refs.
- deletion Boolean
- (Boolean) Only allow users with bypass permissions to delete matching refs.
- file
Extension Property MapRestriction - (Block List, Max: 1) Prevent commits that include files with specified file extensions from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - file
Path Property MapRestriction - (Block List, Max: 1) Prevent commits that include changes to specified file paths from being pushed to the commit graph. This rule only applies to rulesets with target
push. (see below for nested schema) - max
File Property MapPath Length - (Integer) The maximum number of characters allowed in file paths.
- max
File Property MapSize - (Integer) The maximum allowed size, in megabytes (MB), of a file. Valid range is 1-100 MB.
- non
Fast BooleanForward - (Boolean) Prevent users with push access from force pushing to branches.
- pull
Request Property Map - (Block List, Max: 1) Require all commits be made to a non-target branch and submitted via a pull request before they can be merged. (see below for nested schema)
- required
Code Property MapScanning - (Block List, Max: 1) Define which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated. Multiple code scanning tools can be specified. (see below for nested schema)
- required
Linear BooleanHistory - (Boolean) Prevent merge commits from being pushed to matching branches.
- required
Signatures Boolean - (Boolean) Commits pushed to matching branches must have verified signatures.
- required
Status Property MapChecks - (Block List, Max: 1) Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed. (see below for nested schema)
- required
Workflows Property Map - (Block List, Max: 1) Define which Actions workflows must pass before changes can be merged into a branch matching the rule. Multiple workflows can be specified. (see below for nested schema)
- tag
Name Property MapPattern - (Block List, Max: 1) Parameters to be used for the tagNamePattern rule. This rule only applies to repositories within an enterprise, it cannot be applied to repositories owned by individuals or regular organizations. Conflicts with
branchNamePatternas it only applies to rulesets with targettag. (see below for nested schema) - update Boolean
- (Boolean) Only allow users with bypass permission to update matching refs.
OrganizationRulesetRulesBranchNamePattern, OrganizationRulesetRulesBranchNamePatternArgs
OrganizationRulesetRulesCommitAuthorEmailPattern, OrganizationRulesetRulesCommitAuthorEmailPatternArgs
OrganizationRulesetRulesCommitMessagePattern, OrganizationRulesetRulesCommitMessagePatternArgs
OrganizationRulesetRulesCommitterEmailPattern, OrganizationRulesetRulesCommitterEmailPatternArgs
OrganizationRulesetRulesCopilotCodeReview, OrganizationRulesetRulesCopilotCodeReviewArgs
- Review
Draft boolPull Requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - Review
On boolPush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
- Review
Draft boolPull Requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - Review
On boolPush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
- review_
draft_ boolpull_ requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - review_
on_ boolpush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
- review
Draft BooleanPull Requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - review
On BooleanPush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
- review
Draft booleanPull Requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - review
On booleanPush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
- review_
draft_ boolpull_ requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - review_
on_ boolpush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
- review
Draft BooleanPull Requests - Copilot automatically reviews draft pull requests before they are marked as ready for review. Defaults to
false. - review
On BooleanPush - Copilot automatically reviews each new push to the pull request. Defaults to
false.
OrganizationRulesetRulesFileExtensionRestriction, OrganizationRulesetRulesFileExtensionRestrictionArgs
- Restricted
File List<string>Extensions - The file extensions that are restricted from being pushed to the commit graph.
- Restricted
File []stringExtensions - The file extensions that are restricted from being pushed to the commit graph.
- restricted_
file_ list(string)extensions - The file extensions that are restricted from being pushed to the commit graph.
- restricted
File List<String>Extensions - The file extensions that are restricted from being pushed to the commit graph.
- restricted
File string[]Extensions - The file extensions that are restricted from being pushed to the commit graph.
- restricted_
file_ Sequence[str]extensions - The file extensions that are restricted from being pushed to the commit graph.
- restricted
File List<String>Extensions - The file extensions that are restricted from being pushed to the commit graph.
OrganizationRulesetRulesFilePathRestriction, OrganizationRulesetRulesFilePathRestrictionArgs
- Restricted
File List<string>Paths - The file paths that are restricted from being pushed to the commit graph.
- Restricted
File []stringPaths - The file paths that are restricted from being pushed to the commit graph.
- restricted_
file_ list(string)paths - The file paths that are restricted from being pushed to the commit graph.
- restricted
File List<String>Paths - The file paths that are restricted from being pushed to the commit graph.
- restricted
File string[]Paths - The file paths that are restricted from being pushed to the commit graph.
- restricted_
file_ Sequence[str]paths - The file paths that are restricted from being pushed to the commit graph.
- restricted
File List<String>Paths - The file paths that are restricted from being pushed to the commit graph.
OrganizationRulesetRulesMaxFilePathLength, OrganizationRulesetRulesMaxFilePathLengthArgs
- Max
File intPath Length - The maximum allowed length of a file path.
- Max
File intPath Length - The maximum allowed length of a file path.
- max_
file_ numberpath_ length - The maximum allowed length of a file path.
- max
File IntegerPath Length - The maximum allowed length of a file path.
- max
File numberPath Length - The maximum allowed length of a file path.
- max_
file_ intpath_ length - The maximum allowed length of a file path.
- max
File NumberPath Length - The maximum allowed length of a file path.
OrganizationRulesetRulesMaxFileSize, OrganizationRulesetRulesMaxFileSizeArgs
- Max
File intSize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
- Max
File intSize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
- max_
file_ numbersize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
- max
File IntegerSize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
- max
File numberSize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
- max_
file_ intsize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
- max
File NumberSize - The maximum allowed size of a file in megabytes (MB). Valid range is 1-100 MB.
OrganizationRulesetRulesPullRequest, OrganizationRulesetRulesPullRequestArgs
- Allowed
Merge List<string>Methods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - Dismiss
Stale boolReviews On Push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - Require
Code boolOwner Review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - Require
Last boolPush Approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - Required
Approving intReview Count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - Required
Review boolThread Resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - Required
Reviewers List<OrganizationRuleset Rules Pull Request Required Reviewer> - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
- Allowed
Merge []stringMethods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - Dismiss
Stale boolReviews On Push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - Require
Code boolOwner Review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - Require
Last boolPush Approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - Required
Approving intReview Count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - Required
Review boolThread Resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - Required
Reviewers []OrganizationRuleset Rules Pull Request Required Reviewer - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
- allowed_
merge_ list(string)methods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - dismiss_
stale_ boolreviews_ on_ push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - require_
code_ boolowner_ review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - require_
last_ boolpush_ approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - required_
approving_ numberreview_ count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - required_
review_ boolthread_ resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - required_
reviewers list(object) - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
- allowed
Merge List<String>Methods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - dismiss
Stale BooleanReviews On Push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - require
Code BooleanOwner Review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - require
Last BooleanPush Approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - required
Approving IntegerReview Count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - required
Review BooleanThread Resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - required
Reviewers List<OrganizationRuleset Rules Pull Request Required Reviewer> - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
- allowed
Merge string[]Methods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - dismiss
Stale booleanReviews On Push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - require
Code booleanOwner Review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - require
Last booleanPush Approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - required
Approving numberReview Count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - required
Review booleanThread Resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - required
Reviewers OrganizationRuleset Rules Pull Request Required Reviewer[] - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
- allowed_
merge_ Sequence[str]methods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - dismiss_
stale_ boolreviews_ on_ push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - require_
code_ boolowner_ review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - require_
last_ boolpush_ approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - required_
approving_ intreview_ count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - required_
review_ boolthread_ resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - required_
reviewers Sequence[OrganizationRuleset Rules Pull Request Required Reviewer] - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
- allowed
Merge List<String>Methods - Array of allowed merge methods. Allowed values include
merge,squash, andrebase. At least one option must be enabled. - dismiss
Stale BooleanReviews On Push - New, reviewable commits pushed will dismiss previous pull request review approvals. Defaults to
false. - require
Code BooleanOwner Review - Require an approving review in pull requests that modify files that have a designated code owner. Defaults to
false. - require
Last BooleanPush Approval - Whether the most recent reviewable push must be approved by someone other than the person who pushed it. Defaults to
false. - required
Approving NumberReview Count - The number of approving reviews that are required before a pull request can be merged. Defaults to
0. - required
Review BooleanThread Resolution - All conversations on code must be resolved before a pull request can be merged. Defaults to
false. - required
Reviewers List<Property Map> - Require specific reviewers to approve pull requests targeting matching branches. Note: This feature is in beta and subject to change.
OrganizationRulesetRulesPullRequestRequiredReviewer, OrganizationRulesetRulesPullRequestRequiredReviewerArgs
- File
Patterns List<string> - File patterns (fnmatch syntax) that this reviewer must approve.
- Minimum
Approvals int - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- Reviewer
Organization
Ruleset Rules Pull Request Required Reviewer Reviewer - The reviewer that must review matching files.
- File
Patterns []string - File patterns (fnmatch syntax) that this reviewer must approve.
- Minimum
Approvals int - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- Reviewer
Organization
Ruleset Rules Pull Request Required Reviewer Reviewer - The reviewer that must review matching files.
- file_
patterns list(string) - File patterns (fnmatch syntax) that this reviewer must approve.
- minimum_
approvals number - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- reviewer object
- The reviewer that must review matching files.
- file
Patterns List<String> - File patterns (fnmatch syntax) that this reviewer must approve.
- minimum
Approvals Integer - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- reviewer
Organization
Ruleset Rules Pull Request Required Reviewer Reviewer - The reviewer that must review matching files.
- file
Patterns string[] - File patterns (fnmatch syntax) that this reviewer must approve.
- minimum
Approvals number - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- reviewer
Organization
Ruleset Rules Pull Request Required Reviewer Reviewer - The reviewer that must review matching files.
- file_
patterns Sequence[str] - File patterns (fnmatch syntax) that this reviewer must approve.
- minimum_
approvals int - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- reviewer
Organization
Ruleset Rules Pull Request Required Reviewer Reviewer - The reviewer that must review matching files.
- file
Patterns List<String> - File patterns (fnmatch syntax) that this reviewer must approve.
- minimum
Approvals Number - Minimum number of approvals required from this reviewer. Set to 0 to make approval optional.
- reviewer Property Map
- The reviewer that must review matching files.
OrganizationRulesetRulesPullRequestRequiredReviewerReviewer, OrganizationRulesetRulesPullRequestRequiredReviewerReviewerArgs
OrganizationRulesetRulesRequiredCodeScanning, OrganizationRulesetRulesRequiredCodeScanningArgs
- Required
Code List<OrganizationScanning Tools Ruleset Rules Required Code Scanning Required Code Scanning Tool> - Tools that must provide code scanning results for this rule to pass.
- Required
Code []OrganizationScanning Tools Ruleset Rules Required Code Scanning Required Code Scanning Tool - Tools that must provide code scanning results for this rule to pass.
- required_
code_ list(object)scanning_ tools - Tools that must provide code scanning results for this rule to pass.
- required
Code List<OrganizationScanning Tools Ruleset Rules Required Code Scanning Required Code Scanning Tool> - Tools that must provide code scanning results for this rule to pass.
- required
Code OrganizationScanning Tools Ruleset Rules Required Code Scanning Required Code Scanning Tool[] - Tools that must provide code scanning results for this rule to pass.
- required_
code_ Sequence[Organizationscanning_ tools Ruleset Rules Required Code Scanning Required Code Scanning Tool] - Tools that must provide code scanning results for this rule to pass.
- required
Code List<Property Map>Scanning Tools - Tools that must provide code scanning results for this rule to pass.
OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningTool, OrganizationRulesetRulesRequiredCodeScanningRequiredCodeScanningToolArgs
- Alerts
Threshold string - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - Security
Alerts stringThreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - Tool string
- The name of a code scanning tool.
- Alerts
Threshold string - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - Security
Alerts stringThreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - Tool string
- The name of a code scanning tool.
- alerts_
threshold string - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - security_
alerts_ stringthreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - tool string
- The name of a code scanning tool.
- alerts
Threshold String - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - security
Alerts StringThreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - tool String
- The name of a code scanning tool.
- alerts
Threshold string - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - security
Alerts stringThreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - tool string
- The name of a code scanning tool.
- alerts_
threshold str - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - security_
alerts_ strthreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - tool str
- The name of a code scanning tool.
- alerts
Threshold String - The severity level at which code scanning results that raise alerts block a reference update. Can be one of:
none,errors,errorsAndWarnings,all. - security
Alerts StringThreshold - The severity level at which code scanning results that raise security alerts block a reference update. Can be one of:
none,critical,highOrHigher,mediumOrHigher,all. - tool String
- The name of a code scanning tool.
OrganizationRulesetRulesRequiredStatusChecks, OrganizationRulesetRulesRequiredStatusChecksArgs
- Required
Checks List<OrganizationRuleset Rules Required Status Checks Required Check> - Status checks that are required. Several can be defined.
- Do
Not boolEnforce On Create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - Strict
Required boolStatus Checks Policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
- Required
Checks []OrganizationRuleset Rules Required Status Checks Required Check - Status checks that are required. Several can be defined.
- Do
Not boolEnforce On Create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - Strict
Required boolStatus Checks Policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
- required_
checks list(object) - Status checks that are required. Several can be defined.
- do_
not_ boolenforce_ on_ create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - strict_
required_ boolstatus_ checks_ policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
- required
Checks List<OrganizationRuleset Rules Required Status Checks Required Check> - Status checks that are required. Several can be defined.
- do
Not BooleanEnforce On Create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - strict
Required BooleanStatus Checks Policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
- required
Checks OrganizationRuleset Rules Required Status Checks Required Check[] - Status checks that are required. Several can be defined.
- do
Not booleanEnforce On Create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - strict
Required booleanStatus Checks Policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
- required_
checks Sequence[OrganizationRuleset Rules Required Status Checks Required Check] - Status checks that are required. Several can be defined.
- do_
not_ boolenforce_ on_ create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - strict_
required_ boolstatus_ checks_ policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
- required
Checks List<Property Map> - Status checks that are required. Several can be defined.
- do
Not BooleanEnforce On Create - (Boolean) Allow repositories and branches to be created if a check would otherwise prohibit it. Defaults to
false. - strict
Required BooleanStatus Checks Policy - Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled. Defaults to
false.
OrganizationRulesetRulesRequiredStatusChecksRequiredCheck, OrganizationRulesetRulesRequiredStatusChecksRequiredCheckArgs
- Context string
- The status check context name that must be present on the commit.
- Integration
Id int - The optional integration ID that this status check must originate from.
- Context string
- The status check context name that must be present on the commit.
- Integration
Id int - The optional integration ID that this status check must originate from.
- context string
- The status check context name that must be present on the commit.
- integration_
id number - The optional integration ID that this status check must originate from.
- context String
- The status check context name that must be present on the commit.
- integration
Id Integer - The optional integration ID that this status check must originate from.
- context string
- The status check context name that must be present on the commit.
- integration
Id number - The optional integration ID that this status check must originate from.
- context str
- The status check context name that must be present on the commit.
- integration_
id int - The optional integration ID that this status check must originate from.
- context String
- The status check context name that must be present on the commit.
- integration
Id Number - The optional integration ID that this status check must originate from.
OrganizationRulesetRulesRequiredWorkflows, OrganizationRulesetRulesRequiredWorkflowsArgs
- Required
Workflows List<OrganizationRuleset Rules Required Workflows Required Workflow> - Actions workflows that are required. Several can be defined.
- Do
Not boolEnforce On Create - Allow repositories and branches to be created if a check would otherwise prohibit it.
- Required
Workflows []OrganizationRuleset Rules Required Workflows Required Workflow - Actions workflows that are required. Several can be defined.
- Do
Not boolEnforce On Create - Allow repositories and branches to be created if a check would otherwise prohibit it.
- required_
workflows list(object) - Actions workflows that are required. Several can be defined.
- do_
not_ boolenforce_ on_ create - Allow repositories and branches to be created if a check would otherwise prohibit it.
- required
Workflows List<OrganizationRuleset Rules Required Workflows Required Workflow> - Actions workflows that are required. Several can be defined.
- do
Not BooleanEnforce On Create - Allow repositories and branches to be created if a check would otherwise prohibit it.
- required
Workflows OrganizationRuleset Rules Required Workflows Required Workflow[] - Actions workflows that are required. Several can be defined.
- do
Not booleanEnforce On Create - Allow repositories and branches to be created if a check would otherwise prohibit it.
- required_
workflows Sequence[OrganizationRuleset Rules Required Workflows Required Workflow] - Actions workflows that are required. Several can be defined.
- do_
not_ boolenforce_ on_ create - Allow repositories and branches to be created if a check would otherwise prohibit it.
- required
Workflows List<Property Map> - Actions workflows that are required. Several can be defined.
- do
Not BooleanEnforce On Create - Allow repositories and branches to be created if a check would otherwise prohibit it.
OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflow, OrganizationRulesetRulesRequiredWorkflowsRequiredWorkflowArgs
- Path string
- The path to the workflow YAML definition file.
- Repository
Id int - The repository in which the workflow is defined.
- Ref string
- The ref (branch or tag) of the workflow file to use.
- Path string
- The path to the workflow YAML definition file.
- Repository
Id int - The repository in which the workflow is defined.
- Ref string
- The ref (branch or tag) of the workflow file to use.
- path string
- The path to the workflow YAML definition file.
- repository_
id number - The repository in which the workflow is defined.
- ref string
- The ref (branch or tag) of the workflow file to use.
- path String
- The path to the workflow YAML definition file.
- repository
Id Integer - The repository in which the workflow is defined.
- ref String
- The ref (branch or tag) of the workflow file to use.
- path string
- The path to the workflow YAML definition file.
- repository
Id number - The repository in which the workflow is defined.
- ref string
- The ref (branch or tag) of the workflow file to use.
- path str
- The path to the workflow YAML definition file.
- repository_
id int - The repository in which the workflow is defined.
- ref str
- The ref (branch or tag) of the workflow file to use.
- path String
- The path to the workflow YAML definition file.
- repository
Id Number - The repository in which the workflow is defined.
- ref String
- The ref (branch or tag) of the workflow file to use.
OrganizationRulesetRulesTagNamePattern, OrganizationRulesetRulesTagNamePatternArgs
Import
GitHub Organization Rulesets can be imported using the GitHub ruleset ID e.g.
$ terraform import github_organization_ruleset.example 12345
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- GitHub pulumi/pulumi-github
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
githubTerraform Provider.
Viewing docs for GitHub v6.13.1
published on Wednesday, Apr 29, 2026 by Pulumi
published on Wednesday, Apr 29, 2026 by Pulumi
