Skip to content

Releases: cloudposse-terraform-components/aws-github-repository

v1.2.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 21 Apr 11:05
22ba453
feat: add organization repository roles flag @mtweeman (#48) ## what

Adding organization repository roles flag to the variables as a follow-up of this change: cloudposse/terraform-github-repository#23.

why

Organization repository roles support was added to the terraform-github-repository module recently. Component should handle it, too.

Summary by CodeRabbit

  • New Features

    • Added a configuration option to enable organization-level repository roles; disabled by default to preserve existing behavior.
  • Chores

    • Internal alignment and formatting of module inputs for consistency — no changes to runtime behavior or exported interfaces.

v1.1.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 21 Apr 09:38
ebb8858
Add regex_replace_chars to main.tf @goruha (#43) ## what * Allow repo name to contain dots

why

  • Normalized null-label ID doesn't allow IDs including dot character. Effectively, it tries to change repository name like .github -> github.

references

Summary by CodeRabbit

  • Configuration Updates
    • Repository configuration now includes a new character-pattern parameter to improve validation and handling of allowed/removed characters in repository names and related identifiers, reducing invalid-name errors and improving consistency across tooling and displays.

v1.0.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 18 Apr 10:19
f1fa24f
[codex] support copilot code review rulesets @mtb-xt (#46) ## Summary

This updates the component to consume cloudposse/repository/github v1.6.0, which already includes copilot_code_review support in repository rulesets.

What changed

  • bump the underlying module from 1.1.0 to 1.6.0
  • add copilot_code_review to the component rulesets input schema so Atmos stacks can pass the setting through
  • stop passing the deprecated has_downloads and ignore_vulnerability_alerts_during_read arguments, which are no longer accepted by the newer module
  • refresh the generated README snippets to reflect the new ruleset option

Validation

  • tofu init
  • tofu validate

Validated from src/ with a sibling account-map checkout present, matching the component's expected local module layout.

Summary by CodeRabbit

  • New Features

    • Added GitHub Copilot code review configuration with options to enable reviews on push and for draft pull requests.
  • Documentation

    • Updated schema documentation to reflect new Copilot code review settings.

🤖 Automatic Updates

Bump github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs from 1.45.12 to 1.65.0 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#36) Bumps [github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs](https://github.com/aws/aws-sdk-go-v2) from 1.45.12 to 1.65.0.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.
build(deps): bump github.com/jackc/pgx/v5 from 5.7.2 to 5.9.0 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#45) Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.7.2 to 5.9.0.
Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.9.0 (March 21, 2026)

This release includes a number of new features such as SCRAM-SHA-256-PLUS support, OAuth authentication support, and PostgreSQL protocol 3.2 support.

It significantly reduces the amount of network traffic when using prepared statements (which are used automatically by default) by avoiding unnecessary Describe Portal messages. This also reduces local memory usage.

It also includes multiple fixes for potential DoS due to panic or OOM if connected to a malicious server that sends deliberately malformed messages.

  • Require Go 1.25+
  • Add SCRAM-SHA-256-PLUS support (Adam Brightwell)
  • Add OAuth authentication support for PostgreSQL 18 (David Schneider)
  • Add PostgreSQL protocol 3.2 support (Dirkjan Bussink)
  • Add tsvector type support (Adam Brightwell)
  • Skip Describe Portal for cached prepared statements reducing network round trips
  • Make LoadTypes query easier to support on "postgres-like" servers (Jelte Fennema-Nio)
  • Default empty user to current OS user matching libpq behavior (ShivangSrivastava)
  • Optimize LRU statement cache with custom linked list and node pooling (Mathias Bogaert)
  • Optimize date scanning by replacing regex with manual parsing (Mathias Bogaert)
  • Optimize pgio append/set functions with direct byte shifts (Mathias Bogaert)
  • Make RowsAffected faster (Abhishek Chanda)
  • Fix: Pipeline.Close panic when server sends multiple FATAL errors (Varun Chawla)
  • Fix: ContextWatcher goroutine leak (Hank Donnay)
  • Fix: stdlib discard connections with open transactions in ResetSession (Jeremy Schneider)
  • Fix: pipelineBatchResults.Exec silently swallowing lastRows error
  • Fix: ColumnTypeLength using BPCharArrayOID instead of BPCharOID
  • Fix: TSVector text encoding returning nil for valid empty tsvector
  • Fix: wrong error messages for Int2 and Int4 underflow
  • Fix: Numeric nil Int pointer dereference with Valid: true
  • Fix: reversed strings.ContainsAny arguments in Numeric.ScanScientific
  • Fix: message length parsing on 32-bit platforms
  • Fix: FunctionCallResponse.Decode mishandling of signed result size
  • Fix: returning wrong error in configTLS when DecryptPEMBlock fails (Maxim Motyshen)
  • Fix: misleading ParseConfig error when default_query_exec_mode is invalid (Skarm)
  • Fix: missed Unwatch in Pipeline error paths
  • Clarify too many failed acquire attempts error message
  • Better error wrapping with context and SQL statement (Aneesh Makala)
  • Enable govet and ineffassign linters (Federico Guerinoni)
  • Guard against various malformed binary messages (arrays, hstore, multirange, protocol messages)
  • Fix various godoc comments (ferhat elmas)
  • Fix typos in comments (Oleksandr Redko)

5.8.0 (December 26, 2025)

  • Require Go 1.24+
  • Remove golang.org/x/crypto dependency
  • Add OptionShouldPing to control ResetSession ping behavior (ilyam8)
  • Fix: Avoid overflow when MaxConns is set to MaxInt32

... (truncated)

Commits
  • b4d8e62 Release v5.9.0
  • c227cd4 Bump minimum Go version from 1.24 to 1.25
  • f492c14 Use reflect.TypeFor instead of reflect.TypeOf for static types
  • ad8fb08 Use sync.WaitGroup.Go to simplify goroutine spawning
  • 3033773 Remove go1.26 build tag from synctest test
  • 83ffb3c Validate multirange element count against source length before allocating
  • 82...
Read more

v0.4.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 14 Apr 20:20
ed122dc
fix: add missing field for ruleset @mtweeman (#41) ## what

Adding missing update rulesets field.

why

update field is available in the child module (terraform-github-repository), but not passed from root module.

Summary by CodeRabbit

Release Notes

  • New Features
    • Ruleset configuration now supports an optional update setting for rules, providing additional configuration flexibility. This new field defaults to false.

v0.3.1

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 14 Apr 20:07
739db69
feat!: remove rulesets etag output @mtweeman (#40) ## what

Removing drifting rulesets etags from outputs.

why

Rulesets etags cause drifting output. It was outlined in corresponding Terraform module, too. See references.

references

cloudposse/terraform-github-repository#19

Summary by CodeRabbit

  • Chores
    • Removed rulesets_etags from exported outputs. Other rulesets-related outputs including rulesets_node_ids and rulesets_rules_ids remain available.

🚀 Enhancements

Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#30) Bumps [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) from 1.1.0 to 1.1.1.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🤖 Automatic Updates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.47.0 @[renovate[bot]](https://github.com/apps/renovate) (#34) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.46.00.47.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.47.0

Compare Source

What's Changed

Breaking Changes
  • Update AWS provider/module and generated content by @​github-actions[bot] in #​1067
    • Removed the following rules
      • aws_config_organization_custom_rule_invalid_input_parameters
      • aws_config_organization_managed_rule_invalid_input_parameters
Enhancements
Chores

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.46.0...v0.47.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#33) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/repository/github to v1.1.0 @[renovate[bot]](https://github.com/apps/renovate) (#29) This PR contains the following updates:
Package Type Update Change
cloudposse/repository/github (source) module minor 1.0.01.1.0

Release Notes

cloudposse/terraform-github-repository (cloudposse/repository/github)

v1.1.0

Compare Source

deprecate: mark has_downloads variable as deprecated @​johncblandii (#​17)

what

  • Deprecate has_downloads variable with backward-compatible warning instead of breaking removal
  • Add check block to emit deprecation warning when users set has_downloads = true
  • Remove has_downloads attribute from github_repository resource
  • Bump minimum Terraform version to >= 1.5 (required for check blocks)

why

  • The has_downloads attribute is officially deprecated in the GitHub Terraform provider (v6.10.2) a...
Read more

v0.3.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 29 Jan 22:31
7d3d07c

🚀 Enhancements

Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.14 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#18) Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.14.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#28) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/repository/github to v1 @[renovate[bot]](https://github.com/apps/renovate) (#27) This PR contains the following updates:
Package Type Update Change
cloudposse/repository/github (source) module major 0.2.11.0.0

Release Notes

cloudposse/terraform-github-repository (cloudposse/repository/github)

v1.0.0

Compare Source

Add repository fork, GitHub Pages, and push ruleset support @​johncblandii (#​16)

what

  • Add fork configuration to enable creating forked repositories
  • Add GitHub Pages configuration with build type, CNAME, and source options
  • Enable required_code_scanning ruleset rules (drift issue resolved)
  • Add push ruleset target with file restrictions and size limits
  • Add new ruleset rule types: required_linear_history, required_signatures, update, and update_allows_fetch_and_merge

why

These additions extend the module's capabilities to support more GitHub repository features and provide better control over repository rulesets, enabling enforcement of push-based rules and providing a more complete security analysis configuration.

references

  • GitHub Terraform Provider: terraform-provider-github v6.9.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#26) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.45.0 @[renovate[bot]](https://github.com/apps/renovate) (#25) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.44.0 -> 0.45.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.45.0

Compare Source

What's Changed

Breaking Changes
Enhancements
Bug Fixes
Chores
Read more

v0.2.3

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 21 Aug 22:19
4ae8066

🤖 Automatic Updates

chore(deps): update terraform cloudposse/repository/github to v0.2.1 @[renovate[bot]](https://github.com/apps/renovate) (#17) This PR contains the following updates:
Package Type Update Change
cloudposse/repository/github (source) module patch 0.2.0 -> 0.2.1

Release Notes

cloudposse/terraform-github-repository (cloudposse/repository/github)

v0.2.1

Compare Source

🚀 Enhancements

Fix Teams Order of Operations @​milldr (#​13)

what

  • Add dependency on repository collaborators resource

why

  • The teams must be created for the repositories before creating environment protections rules that require reviewers (teams)

references

│ Error: PUT https://api.github.com/repos/acme/my-bar-app/environments/prod: 422 Failed to create or update the environment protection rule. Required reviewers must have at least one reviewer to set prevent_self_review. []
│
│   with module.repository.github_repository_environment.default["prod"],
│   on .terraform/modules/repository/main.tf line 158, in resource "github_repository_environment" "default":
│  158: resource "github_repository_environment" "default" {
│
╵
```

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#16) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.2.2

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 20 Aug 20:06
88205d8
Advanced Stack Examples @milldr (#12) ## what - Expanded stack usage to include advanced stack usage

why

  • Demonstrate how to use imports and the catalog to maintain DRY config

references

  • .

Summary by CodeRabbit

  • Documentation
    • Major README and README.yaml overhaul with basic/advanced usage, Atmos inheritance, environment-specific secrets/variables, and import mode guidance.
  • New Features
    • Added extensive example catalogs: GitHub Apps (Argo CD, Release Drafter), defaults (repo, environment, ruleset), and branch protection ruleset.
    • Added organization examples for template repositories and multi-repo creation via inheritance.
  • Tests
    • Formatting-only updates to component tests and YAML fixtures; no behavioral changes.
  • Chores
    • Updated ignore rules: start tracking GitHub configuration directory; ignore .atmos/cache.yaml.

🚀 Enhancements

Missing Deployment Branch Policy Inputs @milldr (#13) ## what - Add reviewers and deployment branch policy to environments

why

  • Missing from the local var passed to the module

references

.

Summary by CodeRabbit

  • New Features
    • Added support to define reviewers per environment, enabling approval workflows before deployments proceed.
    • Introduced per-environment deployment branch policies to restrict deployments to designated branches.
    • These options enhance governance and provide finer control over who can approve changes and where they can be deployed.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#15) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.2.1

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 15 Aug 21:06
5ccd54f
Fix SSM and ASM URI @goruha (#11) ## what * Replace `ssm:` with `ssm://` * Replace `sm:` with `asm://`

why

  • Have standard uri notation

Summary by CodeRabbit

  • Refactor
    • Standardized external reference format to URI style: asm:// for AWS Secrets Manager and ssm:/// for AWS Systems Manager Parameter Store. Replaces legacy sm: and ssm: formats across variables/secrets and environment configs.
  • Documentation
    • Updated READMEs and examples to use asm:// and ssm:/// formats; existing guidance otherwise unchanged.
  • Tests
    • Updated test data to the new URI-style secret and parameter references.

🤖 Automatic Updates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.42.0 @[renovate[bot]](https://github.com/apps/renovate) (#10) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.41.0 -> 0.42.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.42.0

Compare Source

What's Changed

Breaking Changes
Chores

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.41.0...v0.42.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

v0.2.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 01 Aug 14:28
2f0c6cc
feat: Enforcement type, tflint, Vars case @milldr (#8) ## what - added evaluate enforcement type [enforcement](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_ruleset#enforcement-1) - (Required) (String) Possible values for Enforcement are disabled, active, evaluate. Note: evaluate is currently only supported for owners of type organization. - fix tflint warnings - dont change casing of github variables

why

  • evaluate is supported as an enforcement type for type organization
  • fix tflint, Warning: [Fixable] Single line comments should begin with # (terraform_comment_syntax)
  • we should respect the casing of variables. Some are intentionally upper case

references

Summary by CodeRabbit

  • Documentation

    • Updated documentation to reflect the new version of the GitHub repository module and improved comment formatting for clarity and consistency.
  • Chores

    • Updated the ignore list to exclude the account-map directory from version control.
  • Refactor

    • Improved comment styles across configuration files for consistency.
  • New Features

    • Expanded allowed values for the ruleset enforcement option to include "evaluate".

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#9) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.41.0 @[renovate[bot]](https://github.com/apps/renovate) (#6) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.40.0 -> 0.41.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.41.0

Compare Source

What's Changed

Breaking Changes
Enhancements
Chores

New Contributors

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.40.0...v0.41.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing:...

Read more