From 70c7422e0fcd8d55881edd2c8912704a8a098126 Mon Sep 17 00:00:00 2001 From: NWarila <33955773+NWarila@users.noreply.github.com> Date: Mon, 25 May 2026 15:13:43 +0000 Subject: [PATCH 1/3] chore: bump Terraform 1.15.1 -> 1.15.4 Aligns the org framework's required_version constraint with the runner consumer's bumped terraform_version (1.15.4) so consumers that init this framework with 1.15.4 no longer fail the version constraint. Co-Authored-By: Claude Opus 4.7 (1M context) --- docs/how-to/develop-this-module.md | 2 +- terraform/versions.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/how-to/develop-this-module.md b/docs/how-to/develop-this-module.md index 1f9954d..f4613c1 100644 --- a/docs/how-to/develop-this-module.md +++ b/docs/how-to/develop-this-module.md @@ -4,7 +4,7 @@ Install the same pinned tools used by CI: -- Terraform 1.15.1 +- Terraform 1.15.4 - TFLint 0.59.1 - terraform-docs 0.20.0 - OPA 1.10.0 diff --git a/terraform/versions.tf b/terraform/versions.tf index bbcd5d6..17921e2 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -1,6 +1,6 @@ terraform { # Pin Terraform exactly per org ADR 0005. - required_version = "= 1.15.1" + required_version = "= 1.15.4" required_providers { github = { From 9c6b705afe857fdb009c802d95fa1819c8a50629 Mon Sep 17 00:00:00 2001 From: NWarila <33955773+NWarila@users.noreply.github.com> Date: Mon, 25 May 2026 15:18:44 +0000 Subject: [PATCH 2/3] ci: bump terraform-test.yml terraform_version to 1.15.4 The previous commit only bumped versions.tf required_version. CI workflow still installs 1.15.1 which fails the version constraint at terraform init. This commit aligns the CI Terraform install with the framework's exact pin. Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/terraform-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform-test.yml b/.github/workflows/terraform-test.yml index 19c9e1e..36ed705 100644 --- a/.github/workflows/terraform-test.yml +++ b/.github/workflows/terraform-test.yml @@ -28,7 +28,7 @@ jobs: - name: Setup Terraform uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3 with: - terraform_version: "1.15.1" + terraform_version: "1.15.4" terraform_wrapper: false - name: Terraform Format Check From 212031b8911d56252cf91fff8dd1740e8e575de4 Mon Sep 17 00:00:00 2001 From: NWarila <33955773+NWarila@users.noreply.github.com> Date: Mon, 25 May 2026 15:24:09 +0000 Subject: [PATCH 3/3] docs: regenerate terraform-docs reference for table formatting CI uses terraform-docs v0.23.0 which writes table separators with spaces (| ---- | ---- |) while the committed file was generated by an older version (|------|------|). The docs-diff gate fails because of this version-formatting mismatch. Regenerate with v0.23.0. Co-Authored-By: Claude Opus 4.7 (1M context) --- docs/reference/terraform.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/reference/terraform.md b/docs/reference/terraform.md index a846cdd..807ac90 100644 --- a/docs/reference/terraform.md +++ b/docs/reference/terraform.md @@ -7,7 +7,7 @@ This file is overwritten by `terraform-docs` on every PR via the ## Resources | Name | Type | -|------|------| +| ---- | ---- | | [github_actions_environment_secret.env_secret](https://registry.terraform.io/providers/integrations/github/6.10.2/docs/resources/actions_environment_secret) | resource | | [github_actions_environment_variable.env_var](https://registry.terraform.io/providers/integrations/github/6.10.2/docs/resources/actions_environment_variable) | resource | | [github_actions_repository_permissions.actions](https://registry.terraform.io/providers/integrations/github/6.10.2/docs/resources/actions_repository_permissions) | resource | @@ -25,7 +25,7 @@ This file is overwritten by `terraform-docs` on every PR via the ## Inputs | Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| +| ---- | ----------- | ---- | ------- | :------: | | github\_app\_auth | GitHub App authentication config. Required when github\_auth\_mode = 'app'. Must be null when github\_auth\_mode = 'token'. pem\_file accepts PEM contents as a string. | 
object({
    id              = string
    installation_id = string
    pem_file        = string
  })
| `null` | no | | github\_auth\_mode | Provider authentication mode. Must be either 'app' (GitHub App installation, preferred) or 'token' (classic or fine-grained PAT, break-glass only). | `string` | `"token"` | no | | github\_is\_organization | Whether the github\_owner is an organization (true) or personal account (false). Controls org-only features and CODEOWNERS synthesis behavior. | `bool` | `false` | no | @@ -43,7 +43,7 @@ This file is overwritten by `terraform-docs` on every PR via the ## Outputs | Name | Description | -|------|-------------| +| ---- | ----------- | | all\_repositories | Computed repository map. Non-sensitive so terraform test assertions can inspect normalized values. | | branch\_rulesets | Computed branch rulesets map. Non-sensitive so terraform test assertions can inspect ruleset counts and values. | | locals\_debug | All computed locals for debugging. Marked sensitive to prevent exposure in CI/CD logs. |