[FEAT]: Add support for GitHub Advanced Security features

[samtarplee]

Describe the need

Github Advanced Security provides a lot of features, such as secret scanning, code scanning, and more expansive Dependabot management. Being able to manage these features for a GitHub organisation at scale using Terraform would be very useful, particularly the secret scanning, which can support custom patterns.

SDK Version

No response

API Version

No response

Relevant log output

No response

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[nnellanspdl]

What specifically do you need? I currently use the following GitHub Advanced Security features in my code:

resource "github_repository" "symbolic_name" {
  
  vulnerability_alerts = true

  security_and_analysis {
    advanced_security {
      status = "enabled"
    }
    secret_scanning {
      status = "enabled"
    }
    secret_scanning_push_protection {
      status = "enabled"
    }
  }
}

resource "github_repository_dependabot_security_updates" "symbolic_name" {
  enabled = true
}

[samtarplee]

@nnellanspdl Being able to manage custom patterns for secret scanning is the main one I'd like, as well as managing the above options on an organisation level.

[IMax153]

I agree - having the ability to configure these options on an organizational level would be extremely useful for the Effect-TS GitHub organization.

[kfcampbell]

Is this supported in the API? I'm not seeing it.

[samtarplee]

@kfcampbell I can't see it either. Is there a way to raise a feature request for the GitHub API itself?

[kfcampbell]

@samtarplee You might try asking for the feature in the community API discussions.

[ChristopherMank]

Would love to also see the ability to manage:

1. Scan for non-provider patterns
2. Use AI detection to find additional secrets
3. Validity checks
4. Autofix for CodeQL