terraform-provider-github icon indicating copy to clipboard operation
terraform-provider-github copied to clipboard
verified publisher icon integrations

[FEAT]: allow check if user belongs to the organization before add to a team

Open 3cpt opened this issue 1 year ago • 1 comments

Describe the need

Hi. I have a small doubt and at the same time a request. As the title says, what about allowing check if user belongs to the organization before add to a team?

I am building an idea of gave the ownership to the users adding new team members through terraform, but, for security reasons and don't want to end up by sending invites to people that doesn't belong to the organization. Makes sense?

I am suggestion something like:

resource "github_team_membership" "some_team_member" {
  for_each = { for user in var.verified_users : user => user }

  team_id  = github_team.some_team.id
  username = each.value
  role     = "member" # Adjust as necessary
  verify_user = true
}

Set to true to not create a breaking change.

Thanks.

SDK Version

No response

API Version

No response

Relevant log output

No response

Code of Conduct

  • [X] I agree to follow this project's Code of Conduct

3cpt avatar Feb 09 '24 12:02 3cpt

If verify_user is supposed to cause the plan to fail, you can use the github_membership data source instead:

data "github_membership" "org_users" {
  for_each = { for user in var.verified_users : user => user }
  username = each.value
}

resource "github_team_membership" "some_team_member" {
  for_each = data.github_membership.org_users

  team_id  = github_team.some_team.id
  username = each.key
  role     = each.value.role == "admin" ? "maintainer" : "member" # Admins have to be maintainers of teams they are in
}

The data source will error out if the user is not a member:

╷
│ Error: GET https://api.github.com/orgs/some-org/memberships/muru: 404 Not Found []
│
│   with data.github_membership.test,
│   on data.tf line 12, in data "github_membership" "test":
│   12: data "github_membership" "test" {
│
╵

muru avatar Jul 12 '24 06:07 muru

👋 Hey Friends, this issue has been automatically marked as stale because it has no recent activity. It will be closed if no further activity occurs. Please add the Status: Pinned label if you feel that this issue needs to remain open/active. Thank you for your contributions and help in keeping things tidy!

github-actions[bot] avatar Apr 09 '25 02:04 github-actions[bot]