terraform-provider-github icon indicating copy to clipboard operation
terraform-provider-github copied to clipboard

Published 20 hours ago verified publisher icon integrations

Add GitHub Code Scanning Resource and Data Source

Open VariableExp0rt opened this issue 1 year ago • 2 comments
trafficstars

Resolves #1648

Before the change?

  • Before the change, code scanning was not able to be configured with a Terraform resource, and it's state was not able to be retrieved by a data source.

After the change?

  • The provider now supports configuring code scanning via its corresponding resource for a given repository, and the data source is able to retrieve it's current configuration.

Pull request checklist

  • [x] Tests for the changes have been added (for bug fixes / features)
  • [x] Docs have been reviewed and added / updated if needed (for bug fixes / features)

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

  • [ ] Yes
  • [x] No

I have a minor issue with my test setup, I have created an Org, and a test user, but the errors I am seeing are related to the running of the tests under the individual and organization scopes, which I've yet been able to resolve. I'd appreciate any help in that regard! It looks like I am seeing this

{
 "message": "No CodeQL supported languages were detected on this repository.",
 "documentation_url": "https://docs.github.com/rest/code-scanning/code-scanning#update-a-code-scanning-default-setup-configuration"
}

But then further down in the test log I can see (when tearing down):

{
 "state": "not-configured",
 "languages": [
  "python"
 ],
 "query_suite": "default",
 "updated_at": null,
 "schedule": null
}

I think this is because there is an action that is run on the enrolling repository, which takes a variable amount of time. Is there a good way to handle this? I presume the issue is perhaps down to the indexing happening as the codeql scanning resource is created. I've included a waiter for the codeql workflow job to finish.

VariableExp0rt avatar Dec 01 '23 09:12 VariableExp0rt

@VariableExp0rt I'm running into what I think is the same issue as you:

    testing.go:705: Step 0 error: errors during apply:
        
        Error: job scheduled on GitHub side; try again later
        
          on /tmp/tf-test3743193068/main.tf line 36:
          (source code not available)

CodeQL configuration can take several minutes...perhaps a true integration test would loop a wait and poll to see if/when it's enabled before running the checks. It wouldn't be something we'd want to run as a regular check due to the time associated, but perhaps it's still worth including. I don't know, I'm conflicted.

Can you post results of manual testing of the data source and resource you've conducted?

kfcampbell avatar Jan 05 '24 19:01 kfcampbell

Hi there, I've been working on this issue trying to solve the issues already mentioned here

A disclaimer about commit ownership I've removed @VariableExp0rt by mistake as I've started working from this PR.

pacoguzman avatar Apr 12 '24 08:04 pacoguzman

👋 Hey Friends, this pull request has been automatically marked as stale because it has no recent activity. It will be closed if no further activity occurs. Please add the Status: Pinned label if you feel that this issue needs to remain open/active. Thank you for your contributions and help in keeping things tidy!

github-actions[bot] avatar May 04 '25 02:05 github-actions[bot]