Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Apps to actor types in branch protection #615

Merged
merged 1 commit into from
Dec 18, 2020

Conversation

patrickmarabeas
Copy link
Contributor

@patrickmarabeas patrickmarabeas commented Nov 28, 2020

Adding Github Apps to actor types in the branch protection resource.

NOTE: Apps as an actor type is only available in push restrictions.

Resolves: #581

Resolves a comment in #572

Adding Github Apps to actor types in the branch protection resource.

NOTE: Apps as an actor type is only available in push restrictions.
@jcudit jcudit merged commit 81cbb1a into integrations:master Dec 18, 2020
@lorengordon
Copy link

oh wow, this has been driving me crazy for the last hour. couldn't figure out why the branch protection resource kept telling me it couldn't resolve the ID of the mergify app. decided to configure it manually, import the resource, and run the plan to see what was up, and even then the mergify app was just skipped in the plan output and not present in the tfstate. so started investigating open issues, just to find a likely patch was merged 6 hours ago! serendipity! looking forward to the release!

@lorengordon
Copy link

lorengordon commented Jan 29, 2021

Hmm, well, so far, this still isn't working for me... trying to add the mergify[bot] app/user:

Error: Could not resolve to User, Team, or App node with the global id of 'MDM6Qm90Mzc5MjkxNjI='

Pretty sure I have the correct node_id: https://api.github.com/users/mergify[bot]? Am I just using this wrong?

Edit: Tried just specifying the username, but that gave a different error message:

Error: Could not resolve to a node with the global id of 'mergify[bot]'

@lorengordon
Copy link

Ok, it is working. I was able to manually setup the branch protection, then remove it from tfstate and import it to find the correct node_id: MDM6QXBwMTA1NjI=. Now how to figure out what username that is...

@lorengordon
Copy link

Alright, GitHub Apps are just weird. Knowing it's an app, this gets the correct node_id: https://api.github.com/apps/mergify.

But there is no terraform data source for github apps, and even if there were, to lookup users/teams/apps from the friendly-name, I'd have to split the node_ids by type to map them to data sources, then combine the results for the push_restrictions list. Blech.

k24dizzle added a commit to lyft/terraform-provider-github that referenced this pull request Feb 22, 2021
* v4.1.0

* Fix unable to resolve node id for branch_protection (integrations#610)

* Don't check node id for length

* Check if node id is valid base 64

Co-authored-by: Willem Gillis <willem.gillis@imec.be>

* temporarily disable PR acceptance testing

these jobs all fail and are confusing to contributors when launched from 
a PR raised by a fork.  there are ways to get around this, but will 
defer until the repository is transferred.  disabling for now.

* remove `ForceNew` on `template*` as they are concerns only at creation time (integrations#609)

There are a number of resources that have been marked as `ForceNew: true` out of a desire in "correctness" by those that do not actually understand how these resources are used in the real world and damage that can be done. No one wants to blow up a repository to change something like this, if they need to there is a mechanism built into terraform called [taint](https://www.terraform.io/docs/commands/taint.html). While there are some things that make sense for using `ForceNew` a repository for source control on properties that the API will ignore outside of creation is not one of them.

Signed-off-by: Ben Abrams <me@benabrams.it>

* Add diff suppression function to the branch protection resource (integrations#614)

Adding a diff suppression function to the branch protection resource to
ignore the strict status check field if no contexts have been specified.

This resolves the issue with the GraphQL API returning a strict status
check value of "true" by default, regardless of contexts being set or
not.

* Add Apps to actor types in branch protection (integrations#615)

Adding Github Apps to actor types in the branch protection resource.

NOTE: Apps as an actor type is only available in push restrictions.

* Added `allowsDeletions`and `allowsForcePushes`settings (integrations#623)

* Added `allowsDeletions`and `allowsForcePushes`settings https://developer.github.com/v4/changelog/2020-11-13-schema-changes/ (#1)

* complete documentation

* update module github.com/shurcooL/githubv4 with `go get github.com/shurcooL/githubv4`

* vendor latest githubv4

* add test for deletions and force pushes

Co-authored-by: Jeremy Udit <jcudit@github.com>

* Fix syntax error

* Conditionally Run GHES Test Suite

* Run gofmt (integrations#645)

Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com>

* Allow dependabot to check github actions (integrations#643)

* Typo: s/visiblity/visibility (integrations#629)

Small typo in the docs.

* github_repository_webhook: describe content_type options (integrations#510)

* change private to visibility (integrations#635)

* Use commit SHA to lookup commit info in github_repository_file resource (integrations#644)

* Fix references to "master"

Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com>

* Use commit SHA to lookup commit info

Currently the provider loops through commits in a repo until it finds the most recent commit containing the managed file. This is inefficient and could lead to you being rate limited if managing a few files that were updated a long time ago.

This commit fixes that by storing the commit SHA when updating the file and using that SHA to lookup the commit info instead of looping through all commits.

Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com>

* add release automation for terraform registry

/cc https://www.terraform.io/docs/registry/providers/publishing.html

* Add v4.2.0 Release (integrations#641)

* add v4.1.1 release items

* correct semver version

* Document Additional Breaking Change For v3.0.0

* add `github_repository_file` bugfix

* move to correct release

* add goreleaser configuration to enable release automation

* resource/repository: add support for enabling github pages (integrations#490)

* add support for enabling github pages

* update resource comments

* add additional comments in expand methods

* add formatting fixes

Co-authored-by: Jeremy Udit <jcudit@github.com>

* Add `github_branch_protection_v3` Resource (integrations#642)

* Add `branch_protection_v3` Resource

- add new resource to `website/github.erb`
- add new resource to `website/docs/r/<resource>.html.markdown`
- add new resource to `github/provider.go`
- add tests for resource in `github/resource_<resource>_test.go`
- implement new resource in `github/resource_<resource>.go`

* fixup! gofmt fixes

* add changelog entries for v4.3.0 release (integrations#658)

* Remove github.com/hashicorp/terraform from dependencies (integrations#628)

* remove github.com/hashicorp/terraform from dependencies

* go mod tidy

* refactor: execute fmt

* Allow dependabot to check go dependencies (integrations#653)

* Fix link to Milestones page (integrations#663)

* github_branch_default: send only fields that changed. Fixes integrations#625 integrations#620. (integrations#666)

* github_branch_default: send only fields that changed. Fixes integrations#625 integrations#620.

* fix failing test and update docs

Co-authored-by: Jeremy Udit <jcudit@github.com>

* Fix error handling (integrations#668)

Do not silently proceed further on receiving an error response.

Signed-off-by: rustyclock <rustyclock@protonmail.com>

* Update CHANGELOG.md

* Remove Obsolete Test

My understanding is our use of Terraform Registry makes this failing test unnecessary.

* Update GitHub organization references (integrations#672)

Following the project transfer from `terraform-providers` organization to `integrations`.

* Add Example For `github_team_repository` (integrations#676)

* Add Example For `github_team_repository`

also documents a limitation with `for_each` in this scenario

* fixup! add newline

* changelog: manually fix links to issues (integrations#673)

They were pointing to the old archived repo, which doesn't have newer issues.

* Handle base64 decodable repo names (integrations#684)

* github/config: Fix detection of individual, non-org accounts (integrations#685)

- Previously, whenever an individual user tried to interact with their
  repos, the provider would return an error, rendering v4.3.1 unusable
  _for individuals_:

  ```
  ➜ terraform plan
  Error: GET https://api.github.com/orgs/issyl0: 404 Not Found []
  on /Users/issyl0/repos/terraform/github.tf line 1, in provider "github":
  ```

- `ConfigureOwner` works such that if the `owner.name` is not blank (ie,
  the user had specified `owner = <username>` in their Terraform file),
  the code progresses to check if the `owner.name` is an org.
  Importantly, that check (prior to this change) returned an error if
  `owner.name` was not an org. That final error meant it was impossible
  to run if not using an organisation account.

- Reproduction steps: https://gist.github.com/issyl0/cd61e4cb59de2c2e1e8f45e3cf7c12f5

* add changelog entry for v4.3.2

* Add `create_default_maintainer` Option To `github_team` (integrations#661)

* Add `create_default_maintainer` option to `github_team`

This adds a possible fix to the following issues by providing users with an option to remove the automatic addition of a default maintainer to a team during creation.

/cc integrations#527
/cc integrations#104
/cc integrations#130

* Refresh CONTRIBUTING Documentation (integrations#682)

* refresh contributing docs

* add quick instructions

* add updates for newer versions of terraform

* Add Diff Suppression Option To `repository_collaborator` (integrations#683)

* add diff suppression option to `repository_collaborator`

* fixup! remove comment

* remove hardcoded username from test

* Update CHANGELOG for v4.4.0 release

* Add repo context to error message when branch is not found (integrations#691)

* Add repo context to error message when branch is not found

* fix failing `TestAccGithubRepositoryFile` test

access committer data through `Commit` struct

Co-authored-by: Jeremy Udit <jcudit@github.com>

* fix based on linter (integrations#694)

* add v4.4.1 release notes

* Modify github_team_repository to accept slug as a valid team_id as well (integrations#693)

* First attempt

* Add comment

* Attempt to modify unit tests

* Edit docs to reflect change

* Make sure team_id is set appropriately

* fixing lint

* add passing tests for `github_team_repository`

Co-authored-by: Jeremy Udit <jcudit@github.com>

* add v4.5.0 release notes

* temporarily ignore `darwin/arm64` to unblock releases

/cc integrations#695

* update release notes for v4.5.0

Co-authored-by: tf-release-bot <terraform@hashicorp.com>
Co-authored-by: Polygens <willem.gillis@gmail.com>
Co-authored-by: Willem Gillis <willem.gillis@imec.be>
Co-authored-by: Jeremy Udit <jcudit@github.com>
Co-authored-by: Ben Abrams <me@benabrams.it>
Co-authored-by: Patrick Marabeas <patrick@marabeas.io>
Co-authored-by: Francois BAYART <francois.bayart@kensu.io>
Co-authored-by: Stephen Hoekstra <shoekstra@schubergphilis.com>
Co-authored-by: John Losito <lositojohnj@gmail.com>
Co-authored-by: Bret <166301+bcomnes@users.noreply.github.com>
Co-authored-by: Jakub Holy <jakubholy@jakubholy.net>
Co-authored-by: Ichinose Shogo <shogo82148@gmail.com>
Co-authored-by: angie pinilla <angelinepinilla@gmail.com>
Co-authored-by: Shu Kutsuzawa <cappyzawa@yahoo.ne.jp>
Co-authored-by: Oleksandr Dievri <o.dievri@gmail.com>
Co-authored-by: Dee Kryvenko <109895+dee-kryvenko@users.noreply.github.com>
Co-authored-by: Ravi <1299606+rustycl0ck@users.noreply.github.com>
Co-authored-by: Alexis Gauthiez <alexis.gauthiez@gmail.com>
Co-authored-by: Christian Höltje <docwhat@gerf.org>
Co-authored-by: Issy Long <me@issyl0.co.uk>
Co-authored-by: Michael Barany <1434605+mbarany@users.noreply.github.com>
usmonster added a commit to usmonster/terraform-provider-github that referenced this pull request Jun 17, 2021
A duplicated block meant that push restrictions on protected branches
could only be applied to teams. This enables users and apps to also be
taken into account, as was the intention of integrations#615.
usmonster added a commit to usmonster/terraform-provider-github that referenced this pull request Jun 17, 2021
A duplicated block meant that push restrictions on protected branches
could only be applied to teams. This enables users and apps to also be
taken into account, as was the intention of integrations#615.
jcudit pushed a commit that referenced this pull request Jun 18, 2021
A duplicated block meant that push restrictions on protected branches
could only be applied to teams. This enables users and apps to also be
taken into account, as was the intention of #615.
kfcampbell pushed a commit to kfcampbell/terraform-provider-github that referenced this pull request Jul 26, 2022
Adding Github Apps to actor types in the branch protection resource.

NOTE: Apps as an actor type is only available in push restrictions.
kfcampbell pushed a commit to kfcampbell/terraform-provider-github that referenced this pull request Jul 26, 2022
A duplicated block meant that push restrictions on protected branches
could only be applied to teams. This enables users and apps to also be
taken into account, as was the intention of integrations#615.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

push_restrictions does not support mixed types (teams, users, apps)
3 participants