diff --git a/README.md b/README.md
index d510269..6fabe12 100644
--- a/README.md
+++ b/README.md
@@ -330,7 +330,8 @@ module "github_runner_with_packer" {
| [security\_group\_ids](#input\_security\_group\_ids) | The list of Security Group IDs for AWS CodeBuild to launch ephemeral EC2 instances in. | `list(string)` | `[]` | no |
| [security\_group\_name](#input\_security\_group\_name) | Name to use on created Security Group. Defaults to `name` | `string` | `null` | no |
| [source\_auth](#input\_source\_auth) | Override the default CodeBuild source credential for this project. This allows using project-specific authentication instead of the account/region baseline credential. See docs/GITHUB-AUTH-SETUP.md for usage details. | object({
type = string
resource = string
}) | `null` | no |
-| [source\_location](#input\_source\_location) | Your source code repo location, for example https://github.com/my/repo.git | `string` | n/a | yes |
+| [source\_location](#input\_source\_location) | Your source code repo location, for example https://github.com/my/repo.git, or `CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION` for org-level webhooks. | `string` | n/a | yes |
+| [source\_organization](#input\_source\_organization) | Your GitHub organization name for organization-level webhook creation. | `string` | `null` | no |
| [subnet\_ids](#input\_subnet\_ids) | The list of Subnet IDs for AWS CodeBuild to launch ephemeral EC2 instances in. | `list(string)` | `[]` | no |
| [tags](#input\_tags) | A map of tags to assign to the resources created by this module. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(string)` | `{}` | no |
| [vpc\_id](#input\_vpc\_id) | The VPC ID for AWS CodeBuild to launch ephemeral instances in. | `string` | `null` | no |
diff --git a/docs/org_level_runners.md b/docs/org_level_runners.md
new file mode 100644
index 0000000..8c98824
--- /dev/null
+++ b/docs/org_level_runners.md
@@ -0,0 +1,12 @@
+# Organization Level Runners
+
+To set up the codebuild runners at the GitHub organization level, use the `source_location` and `source_organization` module inputs like the following:
+
+```hcl
+module "github_runner" {
+ ...
+ source_location = "CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION"
+ source_organization = "your-org-name"
+ ...
+}
+```
diff --git a/examples/basic-org/README.md b/examples/basic-org/README.md
new file mode 100644
index 0000000..218125c
--- /dev/null
+++ b/examples/basic-org/README.md
@@ -0,0 +1,69 @@
+
+----
+## main.tf
+```hcl
+module "github_runner" {
+ source = "../../"
+
+ # Required parameters
+ ############################
+ # Naming for all created resources
+ name = "github-runner-codebuild-test"
+ source_location = "CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION"
+ source_organization = "cloudandthings"
+
+ # Environment image is not specified so it will default to:
+ # "aws/codebuild/amazonlinux2-x86_64-standard:5.0"
+
+ # Optional parameters
+ ############################
+ description = "Created by my-org/my-runner-repo.git"
+
+ github_personal_access_token = "example"
+
+ vpc_id = "vpc-0ffaabbcc1122"
+ subnet_ids = ["subnet-0123", "subnet-0456"]
+}
+```
+----
+
+## Documentation
+
+----
+### Inputs
+
+No inputs.
+
+----
+### Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [github\_runner](#module\_github\_runner) | ../../ | n/a |
+
+----
+### Outputs
+
+No outputs.
+
+----
+### Providers
+
+No providers.
+
+----
+### Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 0.14.0 |
+| [aws](#requirement\_aws) | >= 4.9 |
+| [http](#requirement\_http) | 3.0.1 |
+
+----
+### Resources
+
+No resources.
+
+----
+
diff --git a/examples/basic-org/main.tf b/examples/basic-org/main.tf
new file mode 100644
index 0000000..863d918
--- /dev/null
+++ b/examples/basic-org/main.tf
@@ -0,0 +1,22 @@
+module "github_runner" {
+ source = "../../"
+
+ # Required parameters
+ ############################
+ # Naming for all created resources
+ name = "github-runner-codebuild-test"
+ source_location = "CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION"
+ source_organization = "cloudandthings"
+
+ # Environment image is not specified so it will default to:
+ # "aws/codebuild/amazonlinux2-x86_64-standard:5.0"
+
+ # Optional parameters
+ ############################
+ description = "Created by my-org/my-runner-repo.git"
+
+ github_personal_access_token = "example"
+
+ vpc_id = "vpc-0ffaabbcc1122"
+ subnet_ids = ["subnet-0123", "subnet-0456"]
+}
diff --git a/examples/basic-org/outputs.tf b/examples/basic-org/outputs.tf
new file mode 100644
index 0000000..e69de29
diff --git a/examples/basic-org/providers.tf b/examples/basic-org/providers.tf
new file mode 100644
index 0000000..e62fc36
--- /dev/null
+++ b/examples/basic-org/providers.tf
@@ -0,0 +1,3 @@
+provider "aws" {
+ region = "eu-west-1"
+}
diff --git a/examples/basic-org/terraform.tf b/examples/basic-org/terraform.tf
new file mode 100644
index 0000000..f975384
--- /dev/null
+++ b/examples/basic-org/terraform.tf
@@ -0,0 +1,13 @@
+terraform {
+ required_version = ">= 0.14.0"
+ required_providers {
+ http = {
+ source = "hashicorp/http"
+ version = "3.0.1"
+ }
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.9"
+ }
+ }
+}
diff --git a/examples/basic-org/variables.tf b/examples/basic-org/variables.tf
new file mode 100644
index 0000000..e69de29
diff --git a/main.tf b/main.tf
index 6a04c57..ad9cc8a 100644
--- a/main.tf
+++ b/main.tf
@@ -140,6 +140,13 @@ resource "aws_codebuild_webhook" "this" {
pattern = "WORKFLOW_JOB_QUEUED"
}
}
+ dynamic "scope_configuration" {
+ for_each = var.source_location == "CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION" && var.source_organization != null ? toset([1]) : toset([])
+ content {
+ name = var.source_organization
+ scope = "GITHUB_ORGANIZATION"
+ }
+ }
}
################################################################################
diff --git a/variables.tf b/variables.tf
index fc10110..7ac2ffa 100644
--- a/variables.tf
+++ b/variables.tf
@@ -12,10 +12,10 @@ variable "name" {
variable "source_location" {
type = string
- description = "Your source code repo location, for example https://github.com/my/repo.git"
+ description = "Your source code repo location, for example https://github.com/my/repo.git, or `CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION` for org-level webhooks."
validation {
- condition = can(regex("^https://github\\.com/[^/]+/[^/]+\\.git$", var.source_location))
- error_message = "The source_location must be a valid GitHub repository URL in the format: https://github.com/owner/repo.git."
+ condition = can(regex("^(?:https://github\\.com/[^/]+/[^/]+\\.git|CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION)$", var.source_location))
+ error_message = "The source_location must be a valid GitHub repository URL in the format: https://github.com/owner/repo.git, or the string `CODEBUILD_DEFAULT_WEBHOOK_SOURCE_LOCATION`."
}
}
@@ -24,6 +24,12 @@ variable "source_location" {
# -----------------------------------------------------
# General
+variable "source_organization" {
+ type = string
+ default = null
+ description = "Your GitHub organization name for organization-level webhook creation."
+}
+
variable "build_timeout" {
type = number
default = 5