FociSolutions · vedantthapa · Oct 6, 2025 · Oct 3, 2025 · Oct 3, 2025 · Oct 3, 2025
diff --git a/examples/ruleset/repository-ruleset.tf b/examples/ruleset/repository-ruleset.tf
@@ -1,7 +1,8 @@
 module "github_repo_ruleset" {
   source = "../../modules/ruleset"
 
-  name = "repo-specific-ruleset"
+  name       = "repo-specific-ruleset"
+  repository = "my-target-repo"
   bypass_actors = {
     repository_roles = [
       { role_id = "maintainer_id", always_bypass = true }

diff --git a/modules/repository_base/rulesets.tf b/modules/repository_base/rulesets.tf
@@ -41,6 +41,7 @@ module "ruleset" {
 
   for_each = var.rulesets
 
+  repository  = github_repository.repository.name
   name        = each.key
   target      = each.value.target
   enforcement = each.value.enforcement

diff --git a/modules/ruleset/README.md b/modules/ruleset/README.md
@@ -31,6 +31,7 @@ No modules.
 | <a name="input_name"></a> [name](#input\_name) | The name of the ruleset. | `string` | n/a | yes |
 | <a name="input_ref_name_exclusions"></a> [ref\_name\_exclusions](#input\_ref\_name\_exclusions) | A list of ref names or patterns to exclude. Defaults to an empty list. If set and `ruleset_type` is set to `organization` then either `repository_name_inclusions` or `repository_name_exclusions` must be set to a list of atleast 1 string. | `list(string)` | `[]` | no |
 | <a name="input_ref_name_inclusions"></a> [ref\_name\_inclusions](#input\_ref\_name\_inclusions) | A list of ref names or patterns to include. Defaults to an empty list. If set and `ruleset_type` is set to `organization` then either `repository_name_inclusions` or `repository_name_exclusions` must be set to a list of atleast 1 string. | `list(string)` | `[]` | no |
+| <a name="input_repository"></a> [repository](#input\_repository) | The name of the repository to apply the ruleset to. Only used when ruleset\_type is 'repository'. | `string` | `null` | no |
 | <a name="input_repository_name_exclusions"></a> [repository\_name\_exclusions](#input\_repository\_name\_exclusions) | A list of repository names or patterns to exclude. If `ruleset_type` is set to `repository` then this field is ignored. | `list(string)` | `[]` | no |
 | <a name="input_repository_name_inclusions"></a> [repository\_name\_inclusions](#input\_repository\_name\_inclusions) | A list of repository names or patterns to include. If `ruleset_type` is set to `repository` then this field is ignored. | `list(string)` | `[]` | no |
 | <a name="input_rules"></a> [rules](#input\_rules) | An object containing fields for all the rule definitions the ruleset should enforce. | <pre>object({<br/>    branch_name_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    tag_name_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    commit_author_email_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    commit_message_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    committer_email_pattern = optional(object({<br/>      operator = string<br/>      pattern  = string<br/>      name     = optional(string)<br/>      negate   = optional(bool)<br/>    }))<br/>    creation                      = optional(bool)<br/>    deletion                      = optional(bool)<br/>    update                        = optional(bool)<br/>    non_fast_forward              = optional(bool)<br/>    required_linear_history       = optional(bool)<br/>    required_signatures           = optional(bool)<br/>    update_allows_fetch_and_merge = optional(bool)<br/>    pull_request = optional(object({<br/>      dismiss_stale_reviews_on_push     = optional(bool)<br/>      require_code_owner_review         = optional(bool)<br/>      require_last_push_approval        = optional(bool)<br/>      required_approving_review_count   = optional(number)<br/>      required_review_thread_resolution = optional(bool)<br/>    }))<br/>    required_status_checks = optional(object({<br/>      required_check = list(object({<br/>        context        = string<br/>        integration_id = optional(number)<br/>      }))<br/>      strict_required_status_check_policy = optional(bool)<br/>    }))<br/>    required_workflows = optional(object({<br/>      required_workflows = list(object({<br/>        repository_id = number<br/>        path          = string<br/>        ref           = optional(string)<br/>      }))<br/>    }))<br/>    required_deployment_environments = optional(list(string))<br/>  })</pre> | n/a | yes |

diff --git a/modules/ruleset/repository_ruleset.tf b/modules/ruleset/repository_ruleset.tf
@@ -1,5 +1,6 @@
 resource "github_repository_ruleset" "ruleset" {
   count       = var.ruleset_type == "repository" ? 1 : 0
+  repository  = var.repository
   name        = var.name
   target      = var.target
   enforcement = var.enforcement

diff --git a/modules/ruleset/repository_ruleset.tftest.hcl b/modules/ruleset/repository_ruleset.tftest.hcl
@@ -5,6 +5,7 @@ variables {
 
   name         = "ruleset_name"
   ruleset_type = "repository"
+  repository   = "repository_name"
   target       = "tag"
   enforcement  = "disabled"
 

diff --git a/modules/ruleset/variables.tf b/modules/ruleset/variables.tf
@@ -3,6 +3,12 @@ variable "name" {
   description = "The name of the ruleset."
 }
 
+variable "repository" {
+  type        = string
+  default     = null
+  description = "The name of the repository to apply the ruleset to. Only used when ruleset_type is 'repository'."
+}
+
 variable "bypass_actors" {
   type = object({
     repository_roles = optional(list(object({