integrations
[BUG]: Ruleset, required_check should be optional
Expected Behavior
I want to create a ruleset with a required status check with only "Require branches to be up to date before merging" enabled, like this (created through the UI):
Actual Behavior
Error:
│ Error: PUT https://api.github.com/repos/RoyalAholdDelhaize/gso-tech-test-marco_mansi-1/rulesets/2669259: 422 Validation Failed [{Resource: Field: Code: Message:Invalid rule 'required_status_checks': Invalid parameter required_status_checks: Invalid array contents. Errors at index 0: Expected context to be present}] │ │ with module.gso_github_repo["gso-tech-test-marco_mansi-1"].github_repository_ruleset.ruleset, │ on gso_github_repo/main.tf line 84, in resource "github_repository_ruleset" "ruleset": │ 84: resource "github_repository_ruleset" "ruleset" {
Terraform Version
Terraform 1.9.8 integrations/github 6.3.1
Affected Resource(s)
- github_repository_ruleset
Terraform Configuration Files
No response
Steps to Reproduce
I am using this code:
resource "github_repository_ruleset" "ruleset" {
name = "PRs & conventional commits"
repository = github_repository.repo.name
target = "branch"
enforcement = "active"
conditions {
ref_name {
include = ["~DEFAULT_BRANCH"]
exclude = []
}
}
rules {
creation = true
update = true
deletion = true
required_linear_history = true
non_fast_forward = true
pull_request {
require_last_push_approval = true
dismiss_stale_reviews_on_push = true
required_review_thread_resolution = true
required_approving_review_count = 1
}
required_status_checks {
required_check {
context = ""
}
strict_required_status_checks_policy = true
}
}
}
The required_check block is required and context too. But it cannot be empty
Debug Output
No response
Panic Output
No response
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
I'm currently experience this as well. This is actually blocking our ability to configure repositories with the Terraform provider as it overwrites the rules on deploy.
Same here kris-evans. We want to block PR merges on any failing status checks, but we don't care what those status checks actually are, as they are so repo-specific across our org.
I don't think that this is possible, if you attempt to do this in the UI you now get the following error (I think the fact that the UI used to not error was confusing and a defect).
We want to block PR merges on any failing status checks, but we don't care what those status checks actually are, as they are so repo-specific across our org.
@cam-bond you would need use an app or workflow to be registered as the required check which could then handle checking the dynamic workflows.
That is a very recent change on githubs side because I was able to create rulesets without any required checks last week. Bummer. It shouldn't be this hard to specify 'don't allow merges on red'.
And I did verify last week that the behavior with this box checked without any required status checks was different than not having that box checked at all, and was the desired behavior (we dont care what checks run just dont allow merges on red).
I've started a discussion here: https://github.com/orgs/community/discussions/157415
also looks like this has been talked about here since 2020 https://github.com/orgs/community/discussions/26733
@cam-bond I've never had it work in the way the UI used to let you configure it.
@deiga I know you've got PRs open for the rulesets, do you think we could tighten up the validation to require checks to have been defined if the other options are being set?
@deiga I know you've got PRs open for the rulesets, do you think we could tighten up the validation to require checks to have been defined if the other options are being set?
@stevehipwell Sure thing!
Based on manual tests on the API, it should be sufficient to ensure that context is not empty: Here's the addition: https://github.com/integrations/terraform-provider-github/pull/2958/commits/77e8cfed2f65ee3b009bef456900a9a335480587
Let me know if there are other dimensions that should be validated as well!