Skip to content

Commit

Permalink
Explore setting vulnerability alerts correctly (integrations#768)
Browse files Browse the repository at this point in the history
* Initial commit of setting vulnerability_alerts

* Remove vulnerability alerts handling from create and keep on update

* Add note for unsuccessful enterprise vulnerability alert setting
  • Loading branch information
kfcampbell authored Jul 26, 2021
1 parent af3c59f commit c40bccb
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 23 deletions.
26 changes: 4 additions & 22 deletions github/resource_github_repository.go
Original file line number Diff line number Diff line change
Expand Up @@ -364,24 +364,6 @@ func resourceGithubRepositoryCreate(d *schema.ResourceData, meta interface{}) er
}
}

var alerts bool
if a, ok := d.GetOk("vulnerability_alerts"); ok {
alerts = a.(bool)
}

var createVulnerabilityAlerts func(context.Context, string, string) (*github.Response, error)
if isPrivate && alerts {
createVulnerabilityAlerts = client.Repositories.EnableVulnerabilityAlerts
} else if !isPrivate && !alerts {
createVulnerabilityAlerts = client.Repositories.DisableVulnerabilityAlerts
}
if createVulnerabilityAlerts != nil {
_, err := createVulnerabilityAlerts(ctx, owner, repoName)
if err != nil {
return err
}
}

pages := expandPages(d.Get("pages").([]interface{}))
if pages != nil {
_, _, err := client.Repositories.EnablePages(ctx, owner, repoName, pages)
Expand Down Expand Up @@ -544,7 +526,7 @@ func resourceGithubRepositoryUpdate(d *schema.ResourceData, meta interface{}) er
}
}

if !d.IsNewResource() && d.HasChange("vulnerability_alerts") {
if d.HasChange("vulnerability_alerts") {
updateVulnerabilityAlerts := client.Repositories.DisableVulnerabilityAlerts
if vulnerabilityAlerts, ok := d.GetOk("vulnerability_alerts"); ok && vulnerabilityAlerts.(bool) {
updateVulnerabilityAlerts = client.Repositories.EnableVulnerabilityAlerts
Expand All @@ -559,21 +541,21 @@ func resourceGithubRepositoryUpdate(d *schema.ResourceData, meta interface{}) er
if d.HasChange("visibility") {
o, n := d.GetChange("visibility")
repoReq.Visibility = github.String(n.(string))
log.Printf("[DEBUG] <<<<<<<<<<<<< Updating repository visibility from %s to %s", o, n)
log.Printf("[DEBUG] Updating repository visibility from %s to %s", o, n)
_, _, err = client.Repositories.Edit(ctx, owner, repoName, repoReq)
if err != nil {
if !strings.Contains(err.Error(), fmt.Sprintf("422 Visibility is already %s", n.(string))) {
return err
}
}
} else {
log.Printf("[DEBUG] <<<<<<<<<< no visibility update required. visibility: %s", d.Get("visibility"))
log.Printf("[DEBUG] No visibility update required. visibility: %s", d.Get("visibility"))
}

if d.HasChange("private") {
o, n := d.GetChange("private")
repoReq.Private = github.Bool(n.(bool))
log.Printf("[DEBUG] <<<<<<<<<<<<< Updating repository privacy from %v to %v", o, n)
log.Printf("[DEBUG] Updating repository privacy from %v to %v", o, n)
_, _, err = client.Repositories.Edit(ctx, owner, repoName, repoReq)
if err != nil {
if !strings.Contains(err.Error(), "422 Privacy is already set") {
Expand Down
2 changes: 1 addition & 1 deletion website/docs/r/repository.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ initial repository creation and create the target branch inside of the repositor

* `template` - (Optional) Use a template repository to create this resource. See [Template Repositories](#template-repositories) below for details.

* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details.
* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings.

### GitHub Pages Configuration

Expand Down

0 comments on commit c40bccb

Please sign in to comment.