terraform-provider-github
terraform-provider-github copied to clipboard
integrations
[FEAT]: What should github_membership do if the invitation is expired?
Describe the need
Imagine I've invited a bunch people in the organisation at once using:
resource "github_membership" "student_membership" {
for_each = var.students
//...
}
By Murphy's law of course a couple of them missed the invitation email and all the reminders, and so their invitation was expired. However, the resource doesn't report an update in the plan: it has created an invitation, it exists, it's UP-TO-DATE. On the members page, however, you can see those expired invitations.
However, I can look at that that there is an «error» in the resource: the person is not in the organisation. One can look at that like the membership is tainted: for some reason the invitation in question needs to be recreated (or at least destroyed). Even more, if I would manually terraform taint that membership it would be recreated on next apply.
One way to do this could be by tracking in Terraform state the state of the invitation:
SENTwhen it's created,ACCEPTEDwhen it was accepted in time and the person is the member,EXPIREDwhen it wasn't used,MISSINGif a person is not a member and the invitation is gone. (the wording is, of course, just a draft, and I might be missing cases). I don't know how exactly it is reported in the API, but it might be a partially client-side state.
That could provide several features:
- One could track statuses of invitations in Terraform output,
- On apply or plan, Terraform could show Objects have changed outside the Terraform prompt noting the status of the invitations,
- If the invitation is expired: prompt to recreate it based on breaking change
status: EXPIRED -> SENT(if still wanted) or dispose and destroy it (if not wanted anymore).
SDK Version
No response
API Version
No response
Relevant log output
$ terraform version
Terraform v1.3.7
on linux_amd64
+ provider registry.terraform.io/hashicorp/null v3.2.1
+ provider registry.terraform.io/integrations/github v5.13.0
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
Looks like failed invitations (maybe this is a more appropriate status) are available at a separate endpoint: https://docs.github.com/en/rest/orgs/members?apiVersion=2022-11-28
Hmm...this is a great question. I'd also be curious to see what other providers that manage invitations do in this case.
I guess current behaviour is one of the options: we send invitation, if it's not accepted it's fine (yet seeing the invitation status would still be an improvement).
However, we could introduce some other provider-only option, like reinvite_if_expired, that could be set and force resource to be recreated upon reaching EXPIRED status.
👋 Hey Friends, this issue has been automatically marked as stale because it has no recent activity. It will be closed if no further activity occurs. Please add the Status: Pinned label if you feel that this issue needs to remain open/active. Thank you for your contributions and help in keeping things tidy!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}