Skip to content

Organization Settings

The following table captures all supported settings on organization level:

Key Value Description Notes
name string or null The display name of the organization
description string or null The description of the organization
plan string The billing plan of the organization read-only property
email string or null The main contact point of the organization
billing_email string The billing email
blog string or null The blog url (usually links to the homepage of the organization)
twitter_username string or null The twitter username of the organization
location string or null The geographic location of the organization
company string or null The company name if
default_branch_name string The default branch name for newly created repositories
default_repository_permission string The base permission for all members of the organization for its repositories none, read, write or admin
default_code_security_configurations_disabled boolean If default code security configuration should be disabled, no processing if the setting is set to true
discussion_source_repository string or null The source repository to host organization discussions
has_discussions boolean If discussions are enabled for the organization. If true, property discussion_source_repository must be set as well
has_organization_projects boolean If the organization can have organization projects
has_repository_projects boolean If the repositories can have repository projects
members_can_change_project_visibility boolean If members with admin permissions for a project can change its visibility
members_can_change_repo_visibility boolean If members with admin permissions for a repo can change its visibility
members_can_create_private_repositories boolean If members can create private repos
members_can_create_public_pages boolean If members can create public GitHub Pages sites in this organization. If disabled, no GitHub Pages will not be published for the organization.
members_can_create_public_repositories boolean If members can create public repos
members_can_create_teams boolean If members can create new teams
members_can_delete_issues boolean If members with admin permissions for a repo can delete issues, otherwise only organization owners can delete issues
members_can_delete_repositories boolean If members with admin permissions for a repo can delete or transfer it
members_can_fork_private_repositories boolean If members can fork private repos
packages_containers_internal boolean If members can publish internal releases / containers visible to all organization members
packages_containers_public boolean If members can publish public releases / containers visible to anyone
readers_can_create_discussions boolean or null If users with read access can create and comment on discussions
security_managers list[string] List of teams that should act as security managers
two_factor_requirement boolean If two factor is required for all members read-only property, can only be changed via the Web UI
web_commit_signoff_required boolean If repositories require contributors to sign-off on commits they make through GitHub's web interface. If enabled on organization level, it overrides the setting on repo level
custom_properties list[CustomProperty] Definition of custom properties
workflows Workflow Settings Workflow settings on organizational level

Embedded Models

Workflow Settings

Key Value Description Notes
enabled_repositories string Defines which repositories are permitted to use GitHub Actions all, none or selected
selected_repositories list[string] The list of repositories that are permitted to use GitHub Actions Only taken into account when enabled_repositories is set to selected
allowed_actions string Defines which type of GitHub Actions are permitted to run all, local_only or selected
allow_github_owned_actions boolean If GitHub owned actions are permitted to run Only taken into account when allowed_actions is set to selected
allow_verified_creator_actions boolean If GitHub Actions from verified creators are permitted to run Only taken into account when allowed_actions is set to selected
allow_action_patterns list[string] A list of action patterns permitted to run Only taken into account when allowed_actions is set to selected
default_workflow_permissions string The default workflow permissions granted to the GITHUB_TOKEN read or write
actions_can_approve_pull_request_reviews boolean If actions can approve and merge pull requests

Validation rules

  • enabling either dependabot_alerts_enabled_for_new_repositories or dependabot_security_updates_enabled_for_new_repositories also requires enabling dependency_graph_enabled_for_new_repositories
  • enabling dependabot_security_updates_enabled_for_new_repositories also requires enabling dependabot_alerts_enabled_for_new_repositories
  • enabling has_discussions also requires setting discussion_source_repository to a valid repository to host the discussions
  • specifying a non-empty list of selected_repositories while enabled_repositories is not set to selected, triggers a warning
  • specifying a non-empty list of allow_action_patterns while allowed_actions is not set to selected, triggers a warning

Example usage

orgs.newOrg('adoptium') {
    settings+: {
        blog: "https://adoptium.net",
        default_repository_permission: "none",
        description: "The Adoptium Working Group ...",
        name: "Eclipse Adoptium",
        readers_can_create_discussions: true,
        security_managers+: [
            "adoptium-project-leads"
        ],
        twitter_username: "adoptium",
        web_commit_signoff_required: false,
        workflows+: {
          allowed_actions: "selected",
          allow_action_patterns: [
            "marocchino/sticky-pull-request-comment@*",
            "release-drafter/release-drafter@*"
          ]
        }
    },
    ...
}