integrations
Fix issues/2252
Resolves #2252
Before the change?
If the security_and_analysis block of github_repository is either unset, unchanged, or ignored by Terraform by using the ignore_changes list in the lifecycle block, the provider sends an update containing that information. This causes the following error if there are enterprise policies preventing such a change:
│ Error: PATCH https://api.github.com/repos/$ORG_REDACTED/$REPO_REDACTED: 422 An enterprise policy prevented modifying advanced security enablement. Contact your enterprise owner for details. [] │ │ with github_repository.all['$REPO_REDACTED'], │ on main.tf line 1, in resource "github_repository" "all": │ 1: resource "github_repository" "all" {
After the change?
- The provider properly ignores unset, unchanged, or ignored values for
security_and_analysis
Pull request checklist
- [ ] Tests for the changes have been added (for bug fixes / features)
- [x] Docs have been reviewed and added / updated if needed (for bug fixes / features)
Does this introduce a breaking change?
Not specifically, but if anyone was relying on the incorrect behavior, this will likely break that workflow.
Please see our docs on breaking changes to help!
- [ ] Yes
- [x] No
I've tested this as thoroughly as I am able, but I do not have an organization that pays for the advanced security, that also does not have enterprise policies preventing changes.
Thus, I tested the following scenarios:
- No change to
security_and_analysis: No error when enterprise policies forbid changing these values - Change to
security_and_analysis: Error when enterprise policies forbid changing these values, identical to error in this scenario before the code change.
@nickfloyd @kfcampbell This has been sitting for a few weeks now, with no comments or movement. Is there something else I need to do in order for this to get some traction? Thanks!