From 7dbd48534b4a6c03a28095306aed14180eb539c8 Mon Sep 17 00:00:00 2001
From: vedantthapa <thapavedant@gmail.com>
Date: Fri, 3 Oct 2025 17:13:21 -0300
Subject: [PATCH 1/6] fix: add repository argument

---
 modules/ruleset/repository_ruleset.tf         | 1 +
 modules/ruleset/repository_ruleset.tftest.hcl | 1 +
 modules/ruleset/variables.tf                  | 5 +++++
 3 files changed, 7 insertions(+)

diff --git a/modules/ruleset/repository_ruleset.tf b/modules/ruleset/repository_ruleset.tf
index 7bfcd59..df2b436 100644
--- a/modules/ruleset/repository_ruleset.tf
+++ b/modules/ruleset/repository_ruleset.tf
@@ -1,5 +1,6 @@
 resource "github_repository_ruleset" "ruleset" {
   count       = var.ruleset_type == "repository" ? 1 : 0
+  repository  = var.repository
   name        = var.name
   target      = var.target
   enforcement = var.enforcement
diff --git a/modules/ruleset/repository_ruleset.tftest.hcl b/modules/ruleset/repository_ruleset.tftest.hcl
index 836566e..ac454bf 100644
--- a/modules/ruleset/repository_ruleset.tftest.hcl
+++ b/modules/ruleset/repository_ruleset.tftest.hcl
@@ -5,6 +5,7 @@ variables {
 
   name         = "ruleset_name"
   ruleset_type = "repository"
+  repository   = "repository_name"
   target       = "tag"
   enforcement  = "disabled"
 
diff --git a/modules/ruleset/variables.tf b/modules/ruleset/variables.tf
index e0c9369..8aa2eeb 100644
--- a/modules/ruleset/variables.tf
+++ b/modules/ruleset/variables.tf
@@ -3,6 +3,11 @@ variable "name" {
   description = "The name of the ruleset."
 }
 
+variable "repository" {
+  type        = string
+  description = "The name of the repository to apply the ruleset to. Only used when ruleset_type is 'repository'."
+}
+
 variable "bypass_actors" {
   type = object({
     repository_roles = optional(list(object({

From c20aa9f8e53f06b980f83080b4ba425f30c4a79a Mon Sep 17 00:00:00 2001
From: vedantthapa <thapavedant@gmail.com>
Date: Fri, 3 Oct 2025 17:42:01 -0300
Subject: [PATCH 2/6] fix: add default value for repository

---
 modules/ruleset/variables.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/ruleset/variables.tf b/modules/ruleset/variables.tf
index 8aa2eeb..d9764d1 100644
--- a/modules/ruleset/variables.tf
+++ b/modules/ruleset/variables.tf
@@ -5,6 +5,7 @@ variable "name" {
 
 variable "repository" {
   type        = string
+  default     = null
   description = "The name of the repository to apply the ruleset to. Only used when ruleset_type is 'repository'."
 }
 

From 63a942fd66a914a40a510558263a4a283cd27f52 Mon Sep 17 00:00:00 2001
From: vedantthapa <thapavedant@gmail.com>
Date: Fri, 3 Oct 2025 17:43:58 -0300
Subject: [PATCH 3/6] fix: add repository_name arg

---
 examples/ruleset/repository-ruleset.tf | 3 ++-
 modules/repository_base/rulesets.tf    | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/examples/ruleset/repository-ruleset.tf b/examples/ruleset/repository-ruleset.tf
index b770834..4873065 100644
--- a/examples/ruleset/repository-ruleset.tf
+++ b/examples/ruleset/repository-ruleset.tf
@@ -1,7 +1,8 @@
 module "github_repo_ruleset" {
   source = "../../modules/ruleset"
 
-  name = "repo-specific-ruleset"
+  name       = "repo-specific-ruleset"
+  repository = "my-target-repo"
   bypass_actors = {
     repository_roles = [
       { role_id = "maintainer_id", always_bypass = true }
diff --git a/modules/repository_base/rulesets.tf b/modules/repository_base/rulesets.tf
index b68b6fb..bf6c02b 100644
--- a/modules/repository_base/rulesets.tf
+++ b/modules/repository_base/rulesets.tf
@@ -41,6 +41,7 @@ module "ruleset" {
 
   for_each = var.rulesets
 
+  repository  = github_repository.repository.name
   name        = each.key
   target      = each.value.target
   enforcement = each.value.enforcement

From 41231583b3146560cec1740586ea6806aa50ba98 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Fri, 3 Oct 2025 21:00:55 +0000
Subject: [PATCH 4/6] terraform-docs: automated action

---
 modules/ruleset/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/ruleset/README.md b/modules/ruleset/README.md
index 6869210..9153b43 100644
--- a/modules/ruleset/README.md
+++ b/modules/ruleset/README.md
@@ -31,6 +31,7 @@ No modules.
 | <a name="input_name"></a> [name](#input\_name) | The name of the ruleset. | `string` | n/a | yes |
 | <a name="input_ref_name_exclusions"></a> [ref\_name\_exclusions](#input\_ref\_name\_exclusions) | A list of ref names or patterns to exclude. Defaults to an empty list. If set and `ruleset_type` is set to `organization` then either `repository_name_inclusions` or `repository_name_exclusions` must be set to a list of atleast 1 string. | `list(string)` | `[]` | no |
 | <a name="input_ref_name_inclusions"></a> [ref\_name\_inclusions](#input\_ref\_name\_inclusions) | A list of ref names or patterns to include. Defaults to an empty list. If set and `ruleset_type` is set to `organization` then either `repository_name_inclusions` or `repository_name_exclusions` must be set to a list of atleast 1 string. | `list(string)` | `[]` | no |
+| <a name="input_repository"></a> [repository](#input\_repository) | The name of the repository to apply the ruleset to. Only used when ruleset\_type is 'repository'. | `string` | `null` | no |
 | <a name="input_repository_name_exclusions"></a> [repository\_name\_exclusions](#input\_repository\_name\_exclusions) | A list of repository names or patterns to exclude. If `ruleset_type` is set to `repository` then this field is ignored. | `list(string)` | `[]` | no |
 | <a name="input_repository_name_inclusions"></a> [repository\_name\_inclusions](#input\_repository\_name\_inclusions) | A list of repository names or patterns to include. If `ruleset_type` is set to `repository` then this field is ignored. | `list(string)` | `[]` | no |
 | <a name="input_rules"></a> [rules](#input\_rules) | An object containing fields for all the rule definitions the ruleset should enforce. | <pre>object({<br/>    branch_name_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    tag_name_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    commit_author_email_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    commit_message_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    committer_email_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    creation                      = optional(bool)<br/>    deletion                      = optional(bool)<br/>    update                        = optional(bool)<br/>    non_fast_forward              = optional(bool)<br/>    required_linear_history       = optional(bool)<br/>    required_signatures           = optional(bool)<br/>    update_allows_fetch_and_merge = optional(bool)<br/>    pull_request = optional(object({<br/>      dismiss_stale_reviews_on_push     = optional(bool)<br/>      require_code_owner_review         = optional(bool)<br/>      require_last_push_approval        = optional(bool)<br/>      required_approving_review_count   = optional(number)<br/>      required_review_thread_resolution = optional(bool)<br/>    }))<br/>    required_status_checks = optional(object({<br/>      required_check = list(object({<br/>        context        = string<br/>        integration_id = optional(number)<br/>      }))<br/>      strict_required_status_check_policy = optional(bool)<br/>    }))<br/>    required_workflows = optional(object({<br/>      required_workflows = list(object({<br/>        repository_id = number<br/>        path          = string<br/>        ref           = optional(string)<br/>      }))<br/>    }))<br/>    required_deployment_environments = optional(list(string))<br/>  })</pre> | n/a | yes |

From 250ea3233a8eb6ff03bedeed90d31d4636acb828 Mon Sep 17 00:00:00 2001
From: vedantthapa <thapavedant@gmail.com>
Date: Fri, 3 Oct 2025 18:30:16 -0300
Subject: [PATCH 5/6] chore: add validation condition and test

---
 modules/ruleset/repository_ruleset.tftest.hcl | 13 +++++++++++++
 modules/ruleset/variables.tf                  |  4 ++++
 2 files changed, 17 insertions(+)

diff --git a/modules/ruleset/repository_ruleset.tftest.hcl b/modules/ruleset/repository_ruleset.tftest.hcl
index ac454bf..4200e5e 100644
--- a/modules/ruleset/repository_ruleset.tftest.hcl
+++ b/modules/ruleset/repository_ruleset.tftest.hcl
@@ -344,3 +344,16 @@ run "bypass_actor_organization_admin_test" {
     error_message = "The bypass actor type is incorrect."
   }
 }
+
+# Test repository variable is required when ruleset_type is `repository`
+run "repository_validation_test" {
+  command = plan
+
+  variables {
+    repository = null
+  }
+
+  expect_failures = [
+    var.repository,
+  ]
+}
diff --git a/modules/ruleset/variables.tf b/modules/ruleset/variables.tf
index d9764d1..b7a9686 100644
--- a/modules/ruleset/variables.tf
+++ b/modules/ruleset/variables.tf
@@ -7,6 +7,10 @@ variable "repository" {
   type        = string
   default     = null
   description = "The name of the repository to apply the ruleset to. Only used when ruleset_type is 'repository'."
+  validation {
+    condition     = var.ruleset_type != "repository" || var.repository != null
+    error_message = "The repository variable must be provided when ruleset_type is 'repository'."
+  }
 }
 
 variable "bypass_actors" {

From 8f63ee235fd1e2a3621542dfefa104c309636070 Mon Sep 17 00:00:00 2001
From: vedantthapa <thapavedant@gmail.com>
Date: Mon, 6 Oct 2025 17:36:07 -0300
Subject: [PATCH 6/6] Revert "chore: add validation condition and test"

This reverts commit 250ea3233a8eb6ff03bedeed90d31d4636acb828.
---
 modules/ruleset/repository_ruleset.tftest.hcl | 13 -------------
 modules/ruleset/variables.tf                  |  4 ----
 2 files changed, 17 deletions(-)

diff --git a/modules/ruleset/repository_ruleset.tftest.hcl b/modules/ruleset/repository_ruleset.tftest.hcl
index 4200e5e..ac454bf 100644
--- a/modules/ruleset/repository_ruleset.tftest.hcl
+++ b/modules/ruleset/repository_ruleset.tftest.hcl
@@ -344,16 +344,3 @@ run "bypass_actor_organization_admin_test" {
     error_message = "The bypass actor type is incorrect."
   }
 }
-
-# Test repository variable is required when ruleset_type is `repository`
-run "repository_validation_test" {
-  command = plan
-
-  variables {
-    repository = null
-  }
-
-  expect_failures = [
-    var.repository,
-  ]
-}
diff --git a/modules/ruleset/variables.tf b/modules/ruleset/variables.tf
index b7a9686..d9764d1 100644
--- a/modules/ruleset/variables.tf
+++ b/modules/ruleset/variables.tf
@@ -7,10 +7,6 @@ variable "repository" {
   type        = string
   default     = null
   description = "The name of the repository to apply the ruleset to. Only used when ruleset_type is 'repository'."
-  validation {
-    condition     = var.ruleset_type != "repository" || var.repository != null
-    error_message = "The repository variable must be provided when ruleset_type is 'repository'."
-  }
 }
 
 variable "bypass_actors" {