-
Notifications
You must be signed in to change notification settings - Fork 764
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Apps to actor types in branch protection #615
Conversation
Adding Github Apps to actor types in the branch protection resource. NOTE: Apps as an actor type is only available in push restrictions.
oh wow, this has been driving me crazy for the last hour. couldn't figure out why the branch protection resource kept telling me it couldn't resolve the ID of the mergify app. decided to configure it manually, import the resource, and run the plan to see what was up, and even then the mergify app was just skipped in the plan output and not present in the tfstate. so started investigating open issues, just to find a likely patch was merged 6 hours ago! serendipity! looking forward to the release! |
Hmm, well, so far, this still isn't working for me... trying to add the
Pretty sure I have the correct node_id: https://api.github.com/users/mergify[bot]? Am I just using this wrong? Edit: Tried just specifying the username, but that gave a different error message:
|
Ok, it is working. I was able to manually setup the branch protection, then remove it from tfstate and import it to find the correct node_id: |
Alright, GitHub Apps are just weird. Knowing it's an app, this gets the correct node_id: https://api.github.com/apps/mergify. But there is no terraform data source for github apps, and even if there were, to lookup users/teams/apps from the friendly-name, I'd have to split the node_ids by type to map them to data sources, then combine the results for the |
* v4.1.0 * Fix unable to resolve node id for branch_protection (integrations#610) * Don't check node id for length * Check if node id is valid base 64 Co-authored-by: Willem Gillis <willem.gillis@imec.be> * temporarily disable PR acceptance testing these jobs all fail and are confusing to contributors when launched from a PR raised by a fork. there are ways to get around this, but will defer until the repository is transferred. disabling for now. * remove `ForceNew` on `template*` as they are concerns only at creation time (integrations#609) There are a number of resources that have been marked as `ForceNew: true` out of a desire in "correctness" by those that do not actually understand how these resources are used in the real world and damage that can be done. No one wants to blow up a repository to change something like this, if they need to there is a mechanism built into terraform called [taint](https://www.terraform.io/docs/commands/taint.html). While there are some things that make sense for using `ForceNew` a repository for source control on properties that the API will ignore outside of creation is not one of them. Signed-off-by: Ben Abrams <me@benabrams.it> * Add diff suppression function to the branch protection resource (integrations#614) Adding a diff suppression function to the branch protection resource to ignore the strict status check field if no contexts have been specified. This resolves the issue with the GraphQL API returning a strict status check value of "true" by default, regardless of contexts being set or not. * Add Apps to actor types in branch protection (integrations#615) Adding Github Apps to actor types in the branch protection resource. NOTE: Apps as an actor type is only available in push restrictions. * Added `allowsDeletions`and `allowsForcePushes`settings (integrations#623) * Added `allowsDeletions`and `allowsForcePushes`settings https://developer.github.com/v4/changelog/2020-11-13-schema-changes/ (#1) * complete documentation * update module github.com/shurcooL/githubv4 with `go get github.com/shurcooL/githubv4` * vendor latest githubv4 * add test for deletions and force pushes Co-authored-by: Jeremy Udit <jcudit@github.com> * Fix syntax error * Conditionally Run GHES Test Suite * Run gofmt (integrations#645) Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com> * Allow dependabot to check github actions (integrations#643) * Typo: s/visiblity/visibility (integrations#629) Small typo in the docs. * github_repository_webhook: describe content_type options (integrations#510) * change private to visibility (integrations#635) * Use commit SHA to lookup commit info in github_repository_file resource (integrations#644) * Fix references to "master" Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com> * Use commit SHA to lookup commit info Currently the provider loops through commits in a repo until it finds the most recent commit containing the managed file. This is inefficient and could lead to you being rate limited if managing a few files that were updated a long time ago. This commit fixes that by storing the commit SHA when updating the file and using that SHA to lookup the commit info instead of looping through all commits. Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com> * add release automation for terraform registry /cc https://www.terraform.io/docs/registry/providers/publishing.html * Add v4.2.0 Release (integrations#641) * add v4.1.1 release items * correct semver version * Document Additional Breaking Change For v3.0.0 * add `github_repository_file` bugfix * move to correct release * add goreleaser configuration to enable release automation * resource/repository: add support for enabling github pages (integrations#490) * add support for enabling github pages * update resource comments * add additional comments in expand methods * add formatting fixes Co-authored-by: Jeremy Udit <jcudit@github.com> * Add `github_branch_protection_v3` Resource (integrations#642) * Add `branch_protection_v3` Resource - add new resource to `website/github.erb` - add new resource to `website/docs/r/<resource>.html.markdown` - add new resource to `github/provider.go` - add tests for resource in `github/resource_<resource>_test.go` - implement new resource in `github/resource_<resource>.go` * fixup! gofmt fixes * add changelog entries for v4.3.0 release (integrations#658) * Remove github.com/hashicorp/terraform from dependencies (integrations#628) * remove github.com/hashicorp/terraform from dependencies * go mod tidy * refactor: execute fmt * Allow dependabot to check go dependencies (integrations#653) * Fix link to Milestones page (integrations#663) * github_branch_default: send only fields that changed. Fixes integrations#625 integrations#620. (integrations#666) * github_branch_default: send only fields that changed. Fixes integrations#625 integrations#620. * fix failing test and update docs Co-authored-by: Jeremy Udit <jcudit@github.com> * Fix error handling (integrations#668) Do not silently proceed further on receiving an error response. Signed-off-by: rustyclock <rustyclock@protonmail.com> * Update CHANGELOG.md * Remove Obsolete Test My understanding is our use of Terraform Registry makes this failing test unnecessary. * Update GitHub organization references (integrations#672) Following the project transfer from `terraform-providers` organization to `integrations`. * Add Example For `github_team_repository` (integrations#676) * Add Example For `github_team_repository` also documents a limitation with `for_each` in this scenario * fixup! add newline * changelog: manually fix links to issues (integrations#673) They were pointing to the old archived repo, which doesn't have newer issues. * Handle base64 decodable repo names (integrations#684) * github/config: Fix detection of individual, non-org accounts (integrations#685) - Previously, whenever an individual user tried to interact with their repos, the provider would return an error, rendering v4.3.1 unusable _for individuals_: ``` ➜ terraform plan Error: GET https://api.github.com/orgs/issyl0: 404 Not Found [] on /Users/issyl0/repos/terraform/github.tf line 1, in provider "github": ``` - `ConfigureOwner` works such that if the `owner.name` is not blank (ie, the user had specified `owner = <username>` in their Terraform file), the code progresses to check if the `owner.name` is an org. Importantly, that check (prior to this change) returned an error if `owner.name` was not an org. That final error meant it was impossible to run if not using an organisation account. - Reproduction steps: https://gist.github.com/issyl0/cd61e4cb59de2c2e1e8f45e3cf7c12f5 * add changelog entry for v4.3.2 * Add `create_default_maintainer` Option To `github_team` (integrations#661) * Add `create_default_maintainer` option to `github_team` This adds a possible fix to the following issues by providing users with an option to remove the automatic addition of a default maintainer to a team during creation. /cc integrations#527 /cc integrations#104 /cc integrations#130 * Refresh CONTRIBUTING Documentation (integrations#682) * refresh contributing docs * add quick instructions * add updates for newer versions of terraform * Add Diff Suppression Option To `repository_collaborator` (integrations#683) * add diff suppression option to `repository_collaborator` * fixup! remove comment * remove hardcoded username from test * Update CHANGELOG for v4.4.0 release * Add repo context to error message when branch is not found (integrations#691) * Add repo context to error message when branch is not found * fix failing `TestAccGithubRepositoryFile` test access committer data through `Commit` struct Co-authored-by: Jeremy Udit <jcudit@github.com> * fix based on linter (integrations#694) * add v4.4.1 release notes * Modify github_team_repository to accept slug as a valid team_id as well (integrations#693) * First attempt * Add comment * Attempt to modify unit tests * Edit docs to reflect change * Make sure team_id is set appropriately * fixing lint * add passing tests for `github_team_repository` Co-authored-by: Jeremy Udit <jcudit@github.com> * add v4.5.0 release notes * temporarily ignore `darwin/arm64` to unblock releases /cc integrations#695 * update release notes for v4.5.0 Co-authored-by: tf-release-bot <terraform@hashicorp.com> Co-authored-by: Polygens <willem.gillis@gmail.com> Co-authored-by: Willem Gillis <willem.gillis@imec.be> Co-authored-by: Jeremy Udit <jcudit@github.com> Co-authored-by: Ben Abrams <me@benabrams.it> Co-authored-by: Patrick Marabeas <patrick@marabeas.io> Co-authored-by: Francois BAYART <francois.bayart@kensu.io> Co-authored-by: Stephen Hoekstra <shoekstra@schubergphilis.com> Co-authored-by: John Losito <lositojohnj@gmail.com> Co-authored-by: Bret <166301+bcomnes@users.noreply.github.com> Co-authored-by: Jakub Holy <jakubholy@jakubholy.net> Co-authored-by: Ichinose Shogo <shogo82148@gmail.com> Co-authored-by: angie pinilla <angelinepinilla@gmail.com> Co-authored-by: Shu Kutsuzawa <cappyzawa@yahoo.ne.jp> Co-authored-by: Oleksandr Dievri <o.dievri@gmail.com> Co-authored-by: Dee Kryvenko <109895+dee-kryvenko@users.noreply.github.com> Co-authored-by: Ravi <1299606+rustycl0ck@users.noreply.github.com> Co-authored-by: Alexis Gauthiez <alexis.gauthiez@gmail.com> Co-authored-by: Christian Höltje <docwhat@gerf.org> Co-authored-by: Issy Long <me@issyl0.co.uk> Co-authored-by: Michael Barany <1434605+mbarany@users.noreply.github.com>
A duplicated block meant that push restrictions on protected branches could only be applied to teams. This enables users and apps to also be taken into account, as was the intention of integrations#615.
A duplicated block meant that push restrictions on protected branches could only be applied to teams. This enables users and apps to also be taken into account, as was the intention of integrations#615.
A duplicated block meant that push restrictions on protected branches could only be applied to teams. This enables users and apps to also be taken into account, as was the intention of #615.
Adding Github Apps to actor types in the branch protection resource. NOTE: Apps as an actor type is only available in push restrictions.
A duplicated block meant that push restrictions on protected branches could only be applied to teams. This enables users and apps to also be taken into account, as was the intention of integrations#615.
Adding Github Apps to actor types in the branch protection resource.
NOTE: Apps as an actor type is only available in push restrictions.
Resolves: #581
Resolves a comment in #572