The gitlab_branch_protection
resource allows to manage the lifecycle of a protected branch of a repository.
Upstream API: GitLab REST API docs
resource "gitlab_branch_protection" "BranchProtect" {
project = "12345"
branch = "BranchProtected"
push_access_level = "developer"
merge_access_level = "developer"
unprotect_access_level = "developer"
allow_force_push = true
code_owner_approval_required = true
allowed_to_push {
user_id = 5
}
allowed_to_push {
user_id = 521
}
allowed_to_merge {
user_id = 15
}
allowed_to_merge {
user_id = 37
}
allowed_to_unprotect {
user_id = 15
}
allowed_to_unprotect {
group_id = 42
}
}
# Example using dynamic block
resource "gitlab_branch_protection" "main" {
project = "12345"
branch = "main"
push_access_level = "maintainer"
merge_access_level = "maintainer"
unprotect_access_level = "maintainer"
dynamic "allowed_to_push" {
for_each = [50, 55, 60]
content {
user_id = allowed_to_push.value
}
}
}
branch
(String) Name of the branch.project
(String) The id of the project.allow_force_push
(Boolean) Can be set to true to allow users with push access to force push.allowed_to_merge
(Block Set) Array of access levels and user(s)/group(s) allowed to merge to protected branch. (see below for nested schema)allowed_to_push
(Block Set) Array of access levels and user(s)/group(s) allowed to push to protected branch. (see below for nested schema)allowed_to_unprotect
(Block Set) Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch. (see below for nested schema)code_owner_approval_required
(Boolean) Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.merge_access_level
(String) Access levels allowed to merge. Valid values are: no one
, developer
, maintainer
.push_access_level
(String) Access levels allowed to push. Valid values are: no one
, developer
, maintainer
.unprotect_access_level
(String) Access levels allowed to unprotect. Valid values are: developer
, maintainer
, admin
.branch_protection_id
(Number) The ID of the branch protection (not the branch name).id
(String) The ID of this Terraform resource. In the format of <project-id:branch>
.allowed_to_merge
Optional:
group_id
(Number) The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id
.user_id
(Number) The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id
.Read-Only:
access_level
(String) Access levels allowed to merge to protected branch. Valid values are: no one
, developer
, maintainer
.access_level_description
(String) Readable description of access level.allowed_to_push
Optional:
group_id
(Number) The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id
.user_id
(Number) The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id
.Read-Only:
access_level
(String) Access levels allowed to push to protected branch. Valid values are: no one
, developer
, maintainer
.access_level_description
(String) Readable description of access level.allowed_to_unprotect
Optional:
group_id
(Number) The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id
.user_id
(Number) The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id
.Read-Only:
access_level
(String) Access levels allowed to unprotect push to protected branch. Valid values are: developer
, maintainer
, admin
.access_level_description
(String) Readable description of access level.Import is supported using the following syntax:
# Gitlab protected branches can be imported with a key composed of `<project_id>:<branch>`, e.g.
terraform import gitlab_branch_protection.BranchProtect "12345:main"