Allow for single organization

modules/enterprise-organization/README.md

@@ -0,0 +1,40 @@
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
+| <a name="requirement_github"></a> [github](#requirement\_github) | ~> 6.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_github"></a> [github](#provider\_github) | ~> 6.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [github_enterprise_organization.organization](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/enterprise_organization) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_admin_logins"></a> [admin\_logins](#input\_admin\_logins) | List of organization owner usernames. | `list(string)` | n/a | yes |
+| <a name="input_billing_email"></a> [billing\_email](#input\_billing\_email) | The email to use for the organizations billing. | `string` | n/a | yes |
+| <a name="input_description"></a> [description](#input\_description) | The description of the organization. | `string` | `""` | no |
+| <a name="input_display_name"></a> [display\_name](#input\_display\_name) | The display name of the organization. If set to an empty string then `name` will be used instead | `string` | `""` | no |
+| <a name="input_enterprise_id"></a> [enterprise\_id](#input\_enterprise\_id) | The id of the enterprise account to create the organization under. | `string` | n/a | yes |
+| <a name="input_name"></a> [name](#input\_name) | The name of the organization to create. | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_id"></a> [id](#output\_id) | n/a |
+| <a name="output_name"></a> [name](#output\_name) | n/a |

modules/enterprise-organization/organization.tf

@@ -0,0 +1,9 @@
+resource "github_enterprise_organization" "organization" {
+  enterprise_id = var.enterprise_id
+  name          = var.name
+  display_name  = length(var.display_name) > 0 ? var.display_name : var.name
+  description   = var.description
+  billing_email = var.billing_email
+  admin_logins  = var.admin_logins
+}
+

modules/enterprise-organization/outputs.tf

@@ -0,0 +1,7 @@
+output "id" {
+  value = github_enterprise_organization.organization.id
+}
+
+output "name" {
+  value = github_enterprise_organization.organization.name
+}

modules/enterprise-organization/variables.tf

@@ -0,0 +1,31 @@
+variable "enterprise_id" {
+  type        = string
+  description = "The id of the enterprise account to create the organization under."
+}
+
+variable "name" {
+  type        = string
+  description = "The name of the organization to create."
+}
+
+variable "display_name" {
+  type        = string
+  description = "The display name of the organization. If set to an empty string then `name` will be used instead"
+  default     = ""
+}
+
+variable "description" {
+  type        = string
+  description = "The description of the organization."
+  default     = ""
+}
+
+variable "billing_email" {
+  type        = string
+  description = "The email to use for the organizations billing."
+}
+
+variable "admin_logins" {
+  type        = list(string)
+  description = "List of organization owner usernames."
+}

modules/enterprise-organization/versions.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.3"
+  required_providers {
+    github = {
+      source  = "integrations/github"
+      version = "~> 6.0"
+    }
+  }
+}

modules/foundations-github-organization/README.md → modules/github-foundations/README.md

@@ -3,57 +3,53 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_github"></a> [github](#requirement\_github) | 5.44.0 |
+| <a name="requirement_github"></a> [github](#requirement\_github) | ~> 6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_github"></a> [github](#provider\_github) | 5.44.0 |
-| <a name="provider_github.enterprise_scoped"></a> [github.enterprise\_scoped](#provider\_github.enterprise\_scoped) | 5.44.0 |
-| <a name="provider_github.foundation_org_scoped"></a> [github.foundation\_org\_scoped](#provider\_github.foundation\_org\_scoped) | 5.44.0 |
+| <a name="provider_github"></a> [github](#provider\_github) | ~> 6.0 |
 | <a name="provider_local"></a> [local](#provider\_local) | n/a |
 
 ## Modules
 
-No modules.
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_base_ruleset"></a> [base\_ruleset](#module\_base\_ruleset) | ../ruleset | n/a |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [github_actions_organization_secret.workload_identity_provider](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/actions_organization_secret) | resource |
-| [github_actions_organization_variable.tf_state_bucket_location](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/actions_organization_variable) | resource |
-| [github_actions_organization_variable.tf_state_bucket_name](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/actions_organization_variable) | resource |
-| [github_actions_organization_variable.tf_state_bucket_project_id](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/actions_organization_variable) | resource |
-| [github_actions_secret.organization_workload_identity_sa](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/actions_secret) | resource |
-| [github_actions_variable.gcp_secret_manager_project_id](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/actions_variable) | resource |
-| [github_branch_protection.protect_bootstrap_main](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/branch_protection) | resource |
-| [github_branch_protection.protect_organization_main](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/branch_protection) | resource |
-| [github_enterprise_organization.github-foundations](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/enterprise_organization) | resource |
-| [github_issue_labels.drift_labels](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/issue_labels) | resource |
-| [github_repository.bootstrap_repo](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/repository) | resource |
-| [github_repository.organizations_repo](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/repository) | resource |
-| [github_repository_collaborators.bootstrap_repo_collaborators](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/repository_collaborators) | resource |
-| [github_repository_collaborators.organization_repo_collaborators](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/repository_collaborators) | resource |
-| [github_repository_file.main_readme](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/repository_file) | resource |
-| [github_team.foundation_devs](https://registry.terraform.io/providers/hashicorp/github/5.44.0/docs/resources/team) | resource |
+| [github_actions_organization_secret.workload_identity_provider](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_organization_secret) | resource |
+| [github_actions_organization_variable.tf_state_bucket_location](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_organization_variable) | resource |
+| [github_actions_organization_variable.tf_state_bucket_name](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_organization_variable) | resource |
+| [github_actions_organization_variable.tf_state_bucket_project_id](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_organization_variable) | resource |
+| [github_actions_secret.organization_workload_identity_sa](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_secret) | resource |
+| [github_actions_variable.gcp_secret_manager_project_id](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_variable) | resource |
+| [github_issue_labels.drift_labels](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/issue_labels) | resource |
+| [github_repository.bootstrap_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource |
+| [github_repository.organizations_repo](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) | resource |
+| [github_repository_collaborators.bootstrap_repo_collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborators) | resource |
+| [github_repository_collaborators.organization_repo_collaborators](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_collaborators) | resource |
+| [github_repository_file.main_readme](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) | resource |
+| [github_team.foundation_devs](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team) | resource |
 | [local_file.main_readme](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_admin_logins"></a> [admin\_logins](#input\_admin\_logins) | List of organization owner usernames. | `list(string)` | n/a | yes |
-| <a name="input_billing_email"></a> [billing\_email](#input\_billing\_email) | The email to use for the organizations billing. | `string` | n/a | yes |
+| <a name="input_bootstrap_repository_name"></a> [bootstrap\_repository\_name](#input\_bootstrap\_repository\_name) | The name of the bootstrap repository. | `string` | `"bootstrap"` | no |
 | <a name="input_bootstrap_workload_identity_sa"></a> [bootstrap\_workload\_identity\_sa](#input\_bootstrap\_workload\_identity\_sa) | The service account to use for the bootstrap repository oidc. | `string` | n/a | yes |
 | <a name="input_bucket_location"></a> [bucket\_location](#input\_bucket\_location) | The location of the tf state bucket. | `string` | n/a | yes |
 | <a name="input_bucket_name"></a> [bucket\_name](#input\_bucket\_name) | The name of the tf state bucket. | `string` | n/a | yes |
-| <a name="input_enterprise_id"></a> [enterprise\_id](#input\_enterprise\_id) | The id of the enterprise account to create the organization under. | `string` | n/a | yes |
+| <a name="input_foundation_devs_team_name"></a> [foundation\_devs\_team\_name](#input\_foundation\_devs\_team\_name) | The name of the foundation developers team. | `string` | `"foundation-devs"` | no |
 | <a name="input_gcp_project_id"></a> [gcp\_project\_id](#input\_gcp\_project\_id) | The id of the gcp project where secret manager was setup. | `string` | n/a | yes |
 | <a name="input_gcp_tf_state_bucket_project_id"></a> [gcp\_tf\_state\_bucket\_project\_id](#input\_gcp\_tf\_state\_bucket\_project\_id) | The id of the gcp project where the tf state bucket was setup. | `string` | n/a | yes |
-| <a name="input_github_foundations_organization_name"></a> [github\_foundations\_organization\_name](#input\_github\_foundations\_organization\_name) | The name of the organization to create. | `string` | n/a | yes |
 | <a name="input_organization_workload_identity_sa"></a> [organization\_workload\_identity\_sa](#input\_organization\_workload\_identity\_sa) | The service account to use for the organization repository oidc. | `string` | n/a | yes |
+| <a name="input_organizations_repository_name"></a> [organizations\_repository\_name](#input\_organizations\_repository\_name) | The name of the organizations repository. | `string` | `"organizations"` | no |
 | <a name="input_readme_path"></a> [readme\_path](#input\_readme\_path) | Local Path to the README file in your current codebase. Pushed to the github foundation repository. | `string` | `""` | no |
 | <a name="input_workload_identity_provider_name"></a> [workload\_identity\_provider\_name](#input\_workload\_identity\_provider\_name) | The name of the workload identity provider to use for the oidc of the github foundation repositories. | `string` | n/a | yes |
 

modules/foundations-github-organization/action-variables.tf → modules/github-foundations/action-variables.tf

@@ -1,22 +1,16 @@
 resource "github_actions_secret" "organization_workload_identity_sa" {
-  provider = github.foundation_org_scoped
-
   repository      = github_repository.organizations_repo.name
   secret_name     = "GCP_SERVICE_ACCOUNT"
   plaintext_value = var.organization_workload_identity_sa
 }
 
 resource "github_actions_variable" "gcp_secret_manager_project_id" {
-  provider = github.foundation_org_scoped
-
   repository    = github_repository.organizations_repo.name
   variable_name = "GCP_SECRET_MANAGER_PROJECT"
   value         = var.gcp_project_id
 }
 
 resource "github_actions_organization_secret" "workload_identity_provider" {
-  provider = github.foundation_org_scoped
-
   secret_name     = "WORKLOAD_IDENTITY_PROVIDER"
   plaintext_value = var.workload_identity_provider_name
   visibility      = "selected"
@@ -27,8 +21,6 @@ resource "github_actions_organization_secret" "workload_identity_provider" {
 }
 
 resource "github_actions_organization_variable" "tf_state_bucket_project_id" {
-  provider = github.foundation_org_scoped
-
   variable_name = "TF_STATE_BUCKET_PROJECT_ID"
   value         = var.gcp_tf_state_bucket_project_id
   visibility    = "selected"
@@ -39,8 +31,6 @@ resource "github_actions_organization_variable" "tf_state_bucket_project_id" {
 }
 
 resource "github_actions_organization_variable" "tf_state_bucket_name" {
-  provider = github.foundation_org_scoped
-
   variable_name = "TF_STATE_BUCKET_NAME"
   value         = var.bucket_name
   visibility    = "selected"
@@ -51,8 +41,6 @@ resource "github_actions_organization_variable" "tf_state_bucket_name" {
 }
 
 resource "github_actions_organization_variable" "tf_state_bucket_location" {
-  provider = github.foundation_org_scoped
-
   variable_name = "TF_STATE_BUCKET_LOCATION"
   value         = var.bucket_location
   visibility    = "selected"

modules/foundations-github-organization/repo_readme.tf → modules/github-foundations/repo_readme.tf

@@ -1,12 +1,13 @@
 data "local_file" "main_readme" {
+  count    = var.readme_path != "" ? 1 : 0
   filename = var.readme_path
 }
 
 resource "github_repository_file" "main_readme" {
   # Only create this when the readme filename is not empty
   count      = var.readme_path != "" ? 1 : 0
+  depends_on = [github_repository.organizations_repo]
   repository = github_repository.organizations_repo.name
   file       = "README.md"
-  content    = data.local_file.main_readme.content
-  depends_on = [github_repository.organizations_repo]
+  content    = data.local_file.main_readme[0].content
 }