GitLab

Pulumi Official
Package maintained by Pulumi
v4.7.1 published on Thursday, Jun 30, 2022 by Pulumi

BranchProtection

The gitlab.BranchProtection resource allows to manage the lifecycle of a protected branch of a repository.

The allowed_to_push, allowed_to_merge, allowed_to_unprotect, unprotect_access_level and code_owner_approval_required attributes require a GitLab Enterprise instance.

Upstream API: GitLab REST API docs

Example Usage

Coming soon!

Coming soon!

package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var branchProtect = new BranchProtection("branchProtect", BranchProtectionArgs.builder()        
            .project("12345")
            .branch("BranchProtected")
            .pushAccessLevel("developer")
            .mergeAccessLevel("developer")
            .unprotectAccessLevel("developer")
            .allowForcePush(true)
            .codeOwnerApprovalRequired(true)
            .allowedToPushes(            
                BranchProtectionAllowedToPushArgs.builder()
                    .userId(5)
                    .build(),
                BranchProtectionAllowedToPushArgs.builder()
                    .userId(521)
                    .build())
            .allowedToMerges(            
                BranchProtectionAllowedToMergeArgs.builder()
                    .userId(15)
                    .build(),
                BranchProtectionAllowedToMergeArgs.builder()
                    .userId(37)
                    .build())
            .allowedToUnprotects(            
                BranchProtectionAllowedToUnprotectArgs.builder()
                    .userId(15)
                    .build(),
                BranchProtectionAllowedToUnprotectArgs.builder()
                    .groupId(42)
                    .build())
            .build());

        var main = new BranchProtection("main", BranchProtectionArgs.builder()        
            .project("12345")
            .branch("main")
            .pushAccessLevel("maintainer")
            .mergeAccessLevel("maintainer")
            .unprotectAccessLevel("maintainer")
            .dynamic(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
            .build());

    }
}

Coming soon!

Coming soon!

resources:
  branchProtect:
    type: gitlab:BranchProtection
    properties:
      project: 12345
      branch: BranchProtected
      pushAccessLevel: developer
      mergeAccessLevel: developer
      unprotectAccessLevel: developer
      allowForcePush: true
      codeOwnerApprovalRequired: true
      allowedToPushes:
        - userId: 5
        - userId: 521
      allowedToMerges:
        - userId: 15
        - userId: 37
      allowedToUnprotects:
        - userId: 15
        - groupId: 42
  main:
    type: gitlab:BranchProtection
    properties:
      project: 12345
      branch: main
      pushAccessLevel: maintainer
      mergeAccessLevel: maintainer
      unprotectAccessLevel: maintainer
      dynamic:
        - forEach:
            - 50
            - 55
            - 60
          content:
            - userId: ${allowed_to_push.value}

Create a BranchProtection Resource

new BranchProtection(name: string, args: BranchProtectionArgs, opts?: CustomResourceOptions);
@overload
def BranchProtection(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     allow_force_push: Optional[bool] = None,
                     allowed_to_merges: Optional[Sequence[BranchProtectionAllowedToMergeArgs]] = None,
                     allowed_to_pushes: Optional[Sequence[BranchProtectionAllowedToPushArgs]] = None,
                     allowed_to_unprotects: Optional[Sequence[BranchProtectionAllowedToUnprotectArgs]] = None,
                     branch: Optional[str] = None,
                     code_owner_approval_required: Optional[bool] = None,
                     merge_access_level: Optional[str] = None,
                     project: Optional[str] = None,
                     push_access_level: Optional[str] = None,
                     unprotect_access_level: Optional[str] = None)
@overload
def BranchProtection(resource_name: str,
                     args: BranchProtectionArgs,
                     opts: Optional[ResourceOptions] = None)
func NewBranchProtection(ctx *Context, name string, args BranchProtectionArgs, opts ...ResourceOption) (*BranchProtection, error)
public BranchProtection(string name, BranchProtectionArgs args, CustomResourceOptions? opts = null)
public BranchProtection(String name, BranchProtectionArgs args)
public BranchProtection(String name, BranchProtectionArgs args, CustomResourceOptions options)
type: gitlab:BranchProtection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args BranchProtectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args BranchProtectionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args BranchProtectionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args BranchProtectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args BranchProtectionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

BranchProtection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The BranchProtection resource accepts the following input properties:

Branch string

Name of the branch.

Project string

The id of the project.

AllowForcePush bool

Can be set to true to allow users with push access to force push.

AllowedToMerges List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToMergeArgs>

Defines permissions for action.

AllowedToPushes List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToPushArgs>

Defines permissions for action.

AllowedToUnprotects List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToUnprotectArgs>

Defines permissions for action.

CodeOwnerApprovalRequired bool

Can be set to true to require code owner approval before merging.

MergeAccessLevel string

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

PushAccessLevel string

Access levels allowed to push. Valid values are: no one, developer, maintainer.

UnprotectAccessLevel string

Access levels allowed to unprotect. Valid values are: developer, maintainer.

Branch string

Name of the branch.

Project string

The id of the project.

AllowForcePush bool

Can be set to true to allow users with push access to force push.

AllowedToMerges []BranchProtectionAllowedToMergeArgs

Defines permissions for action.

AllowedToPushes []BranchProtectionAllowedToPushArgs

Defines permissions for action.

AllowedToUnprotects []BranchProtectionAllowedToUnprotectArgs

Defines permissions for action.

CodeOwnerApprovalRequired bool

Can be set to true to require code owner approval before merging.

MergeAccessLevel string

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

PushAccessLevel string

Access levels allowed to push. Valid values are: no one, developer, maintainer.

UnprotectAccessLevel string

Access levels allowed to unprotect. Valid values are: developer, maintainer.

branch String

Name of the branch.

project String

The id of the project.

allowForcePush Boolean

Can be set to true to allow users with push access to force push.

allowedToMerges List<BranchProtectionAllowedToMergeArgs>

Defines permissions for action.

allowedToPushes List<BranchProtectionAllowedToPushArgs>

Defines permissions for action.

allowedToUnprotects List<BranchProtectionAllowedToUnprotectArgs>

Defines permissions for action.

codeOwnerApprovalRequired Boolean

Can be set to true to require code owner approval before merging.

mergeAccessLevel String

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

pushAccessLevel String

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotectAccessLevel String

Access levels allowed to unprotect. Valid values are: developer, maintainer.

branch string

Name of the branch.

project string

The id of the project.

allowForcePush boolean

Can be set to true to allow users with push access to force push.

allowedToMerges BranchProtectionAllowedToMergeArgs[]

Defines permissions for action.

allowedToPushes BranchProtectionAllowedToPushArgs[]

Defines permissions for action.

allowedToUnprotects BranchProtectionAllowedToUnprotectArgs[]

Defines permissions for action.

codeOwnerApprovalRequired boolean

Can be set to true to require code owner approval before merging.

mergeAccessLevel string

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

pushAccessLevel string

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotectAccessLevel string

Access levels allowed to unprotect. Valid values are: developer, maintainer.

branch str

Name of the branch.

project str

The id of the project.

allow_force_push bool

Can be set to true to allow users with push access to force push.

allowed_to_merges Sequence[BranchProtectionAllowedToMergeArgs]

Defines permissions for action.

allowed_to_pushes Sequence[BranchProtectionAllowedToPushArgs]

Defines permissions for action.

allowed_to_unprotects Sequence[BranchProtectionAllowedToUnprotectArgs]

Defines permissions for action.

code_owner_approval_required bool

Can be set to true to require code owner approval before merging.

merge_access_level str

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

push_access_level str

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotect_access_level str

Access levels allowed to unprotect. Valid values are: developer, maintainer.

branch String

Name of the branch.

project String

The id of the project.

allowForcePush Boolean

Can be set to true to allow users with push access to force push.

allowedToMerges List<Property Map>

Defines permissions for action.

allowedToPushes List<Property Map>

Defines permissions for action.

allowedToUnprotects List<Property Map>

Defines permissions for action.

codeOwnerApprovalRequired Boolean

Can be set to true to require code owner approval before merging.

mergeAccessLevel String

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

pushAccessLevel String

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotectAccessLevel String

Access levels allowed to unprotect. Valid values are: developer, maintainer.

Outputs

All input properties are implicitly available as output properties. Additionally, the BranchProtection resource produces the following output properties:

BranchProtectionId int

The ID of the branch protection (not the branch name).

Id string

The provider-assigned unique ID for this managed resource.

BranchProtectionId int

The ID of the branch protection (not the branch name).

Id string

The provider-assigned unique ID for this managed resource.

branchProtectionId Integer

The ID of the branch protection (not the branch name).

id String

The provider-assigned unique ID for this managed resource.

branchProtectionId number

The ID of the branch protection (not the branch name).

id string

The provider-assigned unique ID for this managed resource.

branch_protection_id int

The ID of the branch protection (not the branch name).

id str

The provider-assigned unique ID for this managed resource.

branchProtectionId Number

The ID of the branch protection (not the branch name).

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing BranchProtection Resource

Get an existing BranchProtection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BranchProtectionState, opts?: CustomResourceOptions): BranchProtection
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allow_force_push: Optional[bool] = None,
        allowed_to_merges: Optional[Sequence[BranchProtectionAllowedToMergeArgs]] = None,
        allowed_to_pushes: Optional[Sequence[BranchProtectionAllowedToPushArgs]] = None,
        allowed_to_unprotects: Optional[Sequence[BranchProtectionAllowedToUnprotectArgs]] = None,
        branch: Optional[str] = None,
        branch_protection_id: Optional[int] = None,
        code_owner_approval_required: Optional[bool] = None,
        merge_access_level: Optional[str] = None,
        project: Optional[str] = None,
        push_access_level: Optional[str] = None,
        unprotect_access_level: Optional[str] = None) -> BranchProtection
func GetBranchProtection(ctx *Context, name string, id IDInput, state *BranchProtectionState, opts ...ResourceOption) (*BranchProtection, error)
public static BranchProtection Get(string name, Input<string> id, BranchProtectionState? state, CustomResourceOptions? opts = null)
public static BranchProtection get(String name, Output<String> id, BranchProtectionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AllowForcePush bool

Can be set to true to allow users with push access to force push.

AllowedToMerges List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToMergeArgs>

Defines permissions for action.

AllowedToPushes List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToPushArgs>

Defines permissions for action.

AllowedToUnprotects List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToUnprotectArgs>

Defines permissions for action.

Branch string

Name of the branch.

BranchProtectionId int

The ID of the branch protection (not the branch name).

CodeOwnerApprovalRequired bool

Can be set to true to require code owner approval before merging.

MergeAccessLevel string

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

Project string

The id of the project.

PushAccessLevel string

Access levels allowed to push. Valid values are: no one, developer, maintainer.

UnprotectAccessLevel string

Access levels allowed to unprotect. Valid values are: developer, maintainer.

AllowForcePush bool

Can be set to true to allow users with push access to force push.

AllowedToMerges []BranchProtectionAllowedToMergeArgs

Defines permissions for action.

AllowedToPushes []BranchProtectionAllowedToPushArgs

Defines permissions for action.

AllowedToUnprotects []BranchProtectionAllowedToUnprotectArgs

Defines permissions for action.

Branch string

Name of the branch.

BranchProtectionId int

The ID of the branch protection (not the branch name).

CodeOwnerApprovalRequired bool

Can be set to true to require code owner approval before merging.

MergeAccessLevel string

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

Project string

The id of the project.

PushAccessLevel string

Access levels allowed to push. Valid values are: no one, developer, maintainer.

UnprotectAccessLevel string

Access levels allowed to unprotect. Valid values are: developer, maintainer.

allowForcePush Boolean

Can be set to true to allow users with push access to force push.

allowedToMerges List<BranchProtectionAllowedToMergeArgs>

Defines permissions for action.

allowedToPushes List<BranchProtectionAllowedToPushArgs>

Defines permissions for action.

allowedToUnprotects List<BranchProtectionAllowedToUnprotectArgs>

Defines permissions for action.

branch String

Name of the branch.

branchProtectionId Integer

The ID of the branch protection (not the branch name).

codeOwnerApprovalRequired Boolean

Can be set to true to require code owner approval before merging.

mergeAccessLevel String

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

project String

The id of the project.

pushAccessLevel String

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotectAccessLevel String

Access levels allowed to unprotect. Valid values are: developer, maintainer.

allowForcePush boolean

Can be set to true to allow users with push access to force push.

allowedToMerges BranchProtectionAllowedToMergeArgs[]

Defines permissions for action.

allowedToPushes BranchProtectionAllowedToPushArgs[]

Defines permissions for action.

allowedToUnprotects BranchProtectionAllowedToUnprotectArgs[]

Defines permissions for action.

branch string

Name of the branch.

branchProtectionId number

The ID of the branch protection (not the branch name).

codeOwnerApprovalRequired boolean

Can be set to true to require code owner approval before merging.

mergeAccessLevel string

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

project string

The id of the project.

pushAccessLevel string

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotectAccessLevel string

Access levels allowed to unprotect. Valid values are: developer, maintainer.

allow_force_push bool

Can be set to true to allow users with push access to force push.

allowed_to_merges Sequence[BranchProtectionAllowedToMergeArgs]

Defines permissions for action.

allowed_to_pushes Sequence[BranchProtectionAllowedToPushArgs]

Defines permissions for action.

allowed_to_unprotects Sequence[BranchProtectionAllowedToUnprotectArgs]

Defines permissions for action.

branch str

Name of the branch.

branch_protection_id int

The ID of the branch protection (not the branch name).

code_owner_approval_required bool

Can be set to true to require code owner approval before merging.

merge_access_level str

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

project str

The id of the project.

push_access_level str

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotect_access_level str

Access levels allowed to unprotect. Valid values are: developer, maintainer.

allowForcePush Boolean

Can be set to true to allow users with push access to force push.

allowedToMerges List<Property Map>

Defines permissions for action.

allowedToPushes List<Property Map>

Defines permissions for action.

allowedToUnprotects List<Property Map>

Defines permissions for action.

branch String

Name of the branch.

branchProtectionId Number

The ID of the branch protection (not the branch name).

codeOwnerApprovalRequired Boolean

Can be set to true to require code owner approval before merging.

mergeAccessLevel String

Access levels allowed to merge. Valid values are: no one, developer, maintainer.

project String

The id of the project.

pushAccessLevel String

Access levels allowed to push. Valid values are: no one, developer, maintainer.

unprotectAccessLevel String

Access levels allowed to unprotect. Valid values are: developer, maintainer.

Supporting Types

BranchProtectionAllowedToMerge

BranchProtectionAllowedToPush

BranchProtectionAllowedToUnprotect

Import

Gitlab protected branches can be imported with a key composed of <project_id>:<branch>, e.g.

 $ pulumi import gitlab:index/branchProtection:BranchProtection BranchProtect "12345:main"

Package Details

Repository
https://github.com/pulumi/pulumi-gitlab
License
Apache-2.0
Notes

This Pulumi package is based on the gitlab Terraform Provider.