diff --git a/examples/ruleset/repository-ruleset.tf b/examples/ruleset/repository-ruleset.tf
index b770834..4873065 100644
--- a/examples/ruleset/repository-ruleset.tf
+++ b/examples/ruleset/repository-ruleset.tf
@@ -1,7 +1,8 @@
module "github_repo_ruleset" {
source = "../../modules/ruleset"
- name = "repo-specific-ruleset"
+ name = "repo-specific-ruleset"
+ repository = "my-target-repo"
bypass_actors = {
repository_roles = [
{ role_id = "maintainer_id", always_bypass = true }
diff --git a/modules/repository_base/rulesets.tf b/modules/repository_base/rulesets.tf
index b68b6fb..bf6c02b 100644
--- a/modules/repository_base/rulesets.tf
+++ b/modules/repository_base/rulesets.tf
@@ -41,6 +41,7 @@ module "ruleset" {
for_each = var.rulesets
+ repository = github_repository.repository.name
name = each.key
target = each.value.target
enforcement = each.value.enforcement
diff --git a/modules/ruleset/README.md b/modules/ruleset/README.md
index 6869210..9153b43 100644
--- a/modules/ruleset/README.md
+++ b/modules/ruleset/README.md
@@ -31,6 +31,7 @@ No modules.
| [name](#input\_name) | The name of the ruleset. | `string` | n/a | yes |
| [ref\_name\_exclusions](#input\_ref\_name\_exclusions) | A list of ref names or patterns to exclude. Defaults to an empty list. If set and `ruleset_type` is set to `organization` then either `repository_name_inclusions` or `repository_name_exclusions` must be set to a list of atleast 1 string. | `list(string)` | `[]` | no |
| [ref\_name\_inclusions](#input\_ref\_name\_inclusions) | A list of ref names or patterns to include. Defaults to an empty list. If set and `ruleset_type` is set to `organization` then either `repository_name_inclusions` or `repository_name_exclusions` must be set to a list of atleast 1 string. | `list(string)` | `[]` | no |
+| [repository](#input\_repository) | The name of the repository to apply the ruleset to. Only used when ruleset\_type is 'repository'. | `string` | `null` | no |
| [repository\_name\_exclusions](#input\_repository\_name\_exclusions) | A list of repository names or patterns to exclude. If `ruleset_type` is set to `repository` then this field is ignored. | `list(string)` | `[]` | no |
| [repository\_name\_inclusions](#input\_repository\_name\_inclusions) | A list of repository names or patterns to include. If `ruleset_type` is set to `repository` then this field is ignored. | `list(string)` | `[]` | no |
| [rules](#input\_rules) | An object containing fields for all the rule definitions the ruleset should enforce. | object({
branch_name_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
tag_name_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
commit_author_email_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
commit_message_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
committer_email_pattern = optional(object({
operator = string
pattern = string
name = optional(string)
negate = optional(bool)
}))
creation = optional(bool)
deletion = optional(bool)
update = optional(bool)
non_fast_forward = optional(bool)
required_linear_history = optional(bool)
required_signatures = optional(bool)
update_allows_fetch_and_merge = optional(bool)
pull_request = optional(object({
dismiss_stale_reviews_on_push = optional(bool)
require_code_owner_review = optional(bool)
require_last_push_approval = optional(bool)
required_approving_review_count = optional(number)
required_review_thread_resolution = optional(bool)
}))
required_status_checks = optional(object({
required_check = list(object({
context = string
integration_id = optional(number)
}))
strict_required_status_check_policy = optional(bool)
}))
required_workflows = optional(object({
required_workflows = list(object({
repository_id = number
path = string
ref = optional(string)
}))
}))
required_deployment_environments = optional(list(string))
}) | n/a | yes |
diff --git a/modules/ruleset/repository_ruleset.tf b/modules/ruleset/repository_ruleset.tf
index 7bfcd59..df2b436 100644
--- a/modules/ruleset/repository_ruleset.tf
+++ b/modules/ruleset/repository_ruleset.tf
@@ -1,5 +1,6 @@
resource "github_repository_ruleset" "ruleset" {
count = var.ruleset_type == "repository" ? 1 : 0
+ repository = var.repository
name = var.name
target = var.target
enforcement = var.enforcement
diff --git a/modules/ruleset/repository_ruleset.tftest.hcl b/modules/ruleset/repository_ruleset.tftest.hcl
index 836566e..ac454bf 100644
--- a/modules/ruleset/repository_ruleset.tftest.hcl
+++ b/modules/ruleset/repository_ruleset.tftest.hcl
@@ -5,6 +5,7 @@ variables {
name = "ruleset_name"
ruleset_type = "repository"
+ repository = "repository_name"
target = "tag"
enforcement = "disabled"
diff --git a/modules/ruleset/variables.tf b/modules/ruleset/variables.tf
index e0c9369..d9764d1 100644
--- a/modules/ruleset/variables.tf
+++ b/modules/ruleset/variables.tf
@@ -3,6 +3,12 @@ variable "name" {
description = "The name of the ruleset."
}
+variable "repository" {
+ type = string
+ default = null
+ description = "The name of the repository to apply the ruleset to. Only used when ruleset_type is 'repository'."
+}
+
variable "bypass_actors" {
type = object({
repository_roles = optional(list(object({