From ede39e93a40426a0069746b21874d45125ff9e01 Mon Sep 17 00:00:00 2001
From: Ben Zarboni <ben.zarboni@focisolutions.com>
Date: Fri, 19 Apr 2024 16:45:22 -0400
Subject: [PATCH 1/4] fix: don't use rulesets for non-enterprise accounts

---
 modules/github-foundations/rulesets.tf  |  3 ++-
 modules/github-foundations/variables.tf | 11 +++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/modules/github-foundations/rulesets.tf b/modules/github-foundations/rulesets.tf
index 22fbadf..2651289 100644
--- a/modules/github-foundations/rulesets.tf
+++ b/modules/github-foundations/rulesets.tf
@@ -1,5 +1,6 @@
 module "base_ruleset" {
   source = "../ruleset"
+  count  = var.account_type == "Enterprise" ? 1 : 0
 
   name         = "Foundation Repositories Base Ruleset"
   enforcement  = "active"
@@ -16,4 +17,4 @@ module "base_ruleset" {
 
   ref_name_inclusions        = ["~DEFAULT_BRANCH"]
   repository_name_inclusions = [github_repository.bootstrap_repo.name, github_repository.organizations_repo.name]
-}
\ No newline at end of file
+}
diff --git a/modules/github-foundations/variables.tf b/modules/github-foundations/variables.tf
index b471c6d..4cdaf73 100644
--- a/modules/github-foundations/variables.tf
+++ b/modules/github-foundations/variables.tf
@@ -55,3 +55,14 @@ variable "oidc_configuration" {
     error_message = "At least one oidc_configuration must be set."
   }
 }
+
+variable "account_type" {
+  type        = string
+  description = "The type of GitHub account being used. Should be one of either `Personal`, `Organization`, or `Enterprise`."
+  default     = "Organization"
+
+  validation {
+    condition     = contains(["Personal", "Organization", "Enterprise"], var.account_type)
+    error_message = "The account type must be either `Personal`, `Organization`, or `Enterprise`."
+  }
+}

From 87ec3daf3ecefbcfc4c526bdb2a7990647fe3519 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Fri, 19 Apr 2024 20:48:33 +0000
Subject: [PATCH 2/4] terraform-docs: automated action

---
 modules/github-foundations/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/github-foundations/README.md b/modules/github-foundations/README.md
index c5ed838..978fb8e 100644
--- a/modules/github-foundations/README.md
+++ b/modules/github-foundations/README.md
@@ -46,6 +46,7 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_account_type"></a> [account\_type](#input\_account\_type) | The type of GitHub account being used. Should be one of either `Personal`, `Organization`, or `Enterprise`. | `string` | `"Organization"` | no |
 | <a name="input_bootstrap_repository_name"></a> [bootstrap\_repository\_name](#input\_bootstrap\_repository\_name) | The name of the bootstrap repository. | `string` | `"bootstrap"` | no |
 | <a name="input_foundation_devs_team_name"></a> [foundation\_devs\_team\_name](#input\_foundation\_devs\_team\_name) | The name of the foundation developers team. | `string` | `"foundation-devs"` | no |
 | <a name="input_oidc_configuration"></a> [oidc\_configuration](#input\_oidc\_configuration) | n/a | <pre>object({<br>    gcp = optional(object({<br>      workload_identity_provider_name_secret_name = optional(string)<br>      workload_identity_provider_name             = string<br><br>      organization_workload_identity_sa_secret_name = optional(string)<br>      organization_workload_identity_sa             = string<br><br>      gcp_secret_manager_project_id_variable_name = optional(string)<br>      gcp_secret_manager_project_id               = string<br><br>      gcp_tf_state_bucket_project_id_variable_name = optional(string)<br>      gcp_tf_state_bucket_project_id               = string<br><br>      bucket_name_variable_name = optional(string)<br>      bucket_name               = string<br><br>      bucket_location_variable_name = optional(string)<br>      bucket_location               = string<br>    }))<br>    custom = optional(object({<br>      organization_secrets   = map(string)<br>      organization_variables = map(string)<br>      repository_secrets     = map(map(string))<br>      repository_variables   = map(map(string))<br>    }))<br>  })</pre> | n/a | yes |

From 1b0f11c389d67fde944e7a1893cb462cae6f1aca Mon Sep 17 00:00:00 2001
From: Ben Zarboni <ben.zarboni@focisolutions.com>
Date: Fri, 19 Apr 2024 16:50:58 -0400
Subject: [PATCH 3/4] fix: don't use rulesets for non-enterprise accounts

---
 modules/github-foundations/variables.tf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/modules/github-foundations/variables.tf b/modules/github-foundations/variables.tf
index 4cdaf73..fe9583e 100644
--- a/modules/github-foundations/variables.tf
+++ b/modules/github-foundations/variables.tf
@@ -59,7 +59,6 @@ variable "oidc_configuration" {
 variable "account_type" {
   type        = string
   description = "The type of GitHub account being used. Should be one of either `Personal`, `Organization`, or `Enterprise`."
-  default     = "Organization"
 
   validation {
     condition     = contains(["Personal", "Organization", "Enterprise"], var.account_type)

From 01f25fa568740c81d11db93c661d0444c463d144 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Fri, 19 Apr 2024 20:51:29 +0000
Subject: [PATCH 4/4] terraform-docs: automated action

---
 modules/github-foundations/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/github-foundations/README.md b/modules/github-foundations/README.md
index 978fb8e..c5c70c7 100644
--- a/modules/github-foundations/README.md
+++ b/modules/github-foundations/README.md
@@ -46,7 +46,7 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_account_type"></a> [account\_type](#input\_account\_type) | The type of GitHub account being used. Should be one of either `Personal`, `Organization`, or `Enterprise`. | `string` | `"Organization"` | no |
+| <a name="input_account_type"></a> [account\_type](#input\_account\_type) | The type of GitHub account being used. Should be one of either `Personal`, `Organization`, or `Enterprise`. | `string` | n/a | yes |
 | <a name="input_bootstrap_repository_name"></a> [bootstrap\_repository\_name](#input\_bootstrap\_repository\_name) | The name of the bootstrap repository. | `string` | `"bootstrap"` | no |
 | <a name="input_foundation_devs_team_name"></a> [foundation\_devs\_team\_name](#input\_foundation\_devs\_team\_name) | The name of the foundation developers team. | `string` | `"foundation-devs"` | no |
 | <a name="input_oidc_configuration"></a> [oidc\_configuration](#input\_oidc\_configuration) | n/a | <pre>object({<br>    gcp = optional(object({<br>      workload_identity_provider_name_secret_name = optional(string)<br>      workload_identity_provider_name             = string<br><br>      organization_workload_identity_sa_secret_name = optional(string)<br>      organization_workload_identity_sa             = string<br><br>      gcp_secret_manager_project_id_variable_name = optional(string)<br>      gcp_secret_manager_project_id               = string<br><br>      gcp_tf_state_bucket_project_id_variable_name = optional(string)<br>      gcp_tf_state_bucket_project_id               = string<br><br>      bucket_name_variable_name = optional(string)<br>      bucket_name               = string<br><br>      bucket_location_variable_name = optional(string)<br>      bucket_location               = string<br>    }))<br>    custom = optional(object({<br>      organization_secrets   = map(string)<br>      organization_variables = map(string)<br>      repository_secrets     = map(map(string))<br>      repository_variables   = map(map(string))<br>    }))<br>  })</pre> | n/a | yes |