-
Notifications
You must be signed in to change notification settings - Fork 764
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for tag-based environment deployment branch policy #2165
Add support for tag-based environment deployment branch policy #2165
Conversation
The Type field is only necessary when creating a deployment branch policy. When updating a deployment branch policy, the Type field is not needed and is therefore set to nil. Resources: - https://docs.github.com/en/rest/deployments/branch-policies?apiVersion=2022-11-28
…ry_environment_deployment_policy resource
…nt_policy" This reverts commit 88b1369.
…_policy resource" This reverts commit a534219.
…repository_environment_deployment_policy resource" This reverts commit 029960b.
This reverts commit af308a1.
Tests are all passing for me. The chosen
It doesn't seem to me like a new resource in Terraform is created here; the same One other reasonable option might be to create a new resource, something like |
The update endpoint for deployment branch policies does not support changing from a branch pattern to a tag pattern or vice versa; it only supports pattern changes within the pattern type that was chosen at creation time. So if terraform config changes like this: resource "github_repository_environment_deployment_policy" "test" {
repository = github_repository.test.name
environment = github_repository_environment.test.environment
- branch_pattern = "release/*"
+ tag_pattern = "release/*"
} then this plugin marks the resource with the These two tests: (1, 2) were designed to ensure that a new resource is created by comparing the unique ids of the created and updated policies. This is in contrast to these two tests (1, 2) which confirm the policy id does not change when only the pattern changes. A simpler alternative is to always, overeagerly recreate environment deployment policies when their configuration changes.
GitHub only uses one term (deployment branch policy) for both branch-based and tag-based policies and I think there's some advantage in matching what they're doing. That said, I don't think the naming used for these resources is perfect. Right now we have both: |
Any update on this? |
bump |
Code looks good to me. Would love to see this added soon as I'm setting envs up in GHES. |
Do you know if there's any progress on this? )) |
Is there any progress on this? |
This is something that we are waiting for. |
In the mean time I am using this work around that leverages the GitHub CLI.
Next I call this script using the local provisioner
Once it executes you will end up with: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's an obnoxious issue with the repository resource's vulnerability alerts that was breaking the tests. Adding the line ignore_vulnerability_alerts_during_read = true
to the repository's test schema fixes it. Now the old and newly-added tests are all passing. Thank you for the contributions!
…rations#2165) * Add Type field to DeploymentBranchPolicyRequest struct The Type field is only necessary when creating a deployment branch policy. When updating a deployment branch policy, the Type field is not needed and is therefore set to nil. Resources: - https://docs.github.com/en/rest/deployments/branch-policies?apiVersion=2022-11-28 * Change name of branch_pattern argument to pattern for github_repository_environment_deployment_policy resource * Add type argument to github_repository_environment_deployment_policy resource * Add tag-based test for github_repository_environment_deployment_policy * Revert "Add tag-based test for github_repository_environment_deployment_policy" This reverts commit 88b1369. * Revert "Add type argument to github_repository_environment_deployment_policy resource" This reverts commit a534219. * Revert "Change name of branch_pattern argument to pattern for github_repository_environment_deployment_policy resource" This reverts commit 029960b. * Revert "Add Type field to DeploymentBranchPolicyRequest struct" This reverts commit af308a1. * Add tag_pattern attribute to github_repository_environment_deployment_policy resource * Correct typo See integrations#2050 (comment). * Remove type parameter from deployment policy update * Add pattern assertions to existing tests * Fix pattern read to address existing tag policy test * Fix update to read the configured pattern * Force new resource when pattern type changes * Fix tests by ignoring vulnerability_alerts --------- Co-authored-by: Peter McEvoy <[email protected]> Co-authored-by: Keegan Campbell <[email protected]> Co-authored-by: Nick Floyd <[email protected]>
Resolves #1974. Supersedes #2050.
Before the change?
github_repository_environment_deployment_policy
only supported branch-based policies even though the GitHub API has support for both branch-based and tag-based policies.After the change?
tag_pattern
attribute has been added to thegithub_repository_environment_deployment_policy
resource.Pull request checklist
Does this introduce a breaking change?
Please see our docs on breaking changes to help!
Because the update API does not support pattern type (only name), I attempted to make switching between
branch_pattern
andtag_pattern
require a new resource. Not entirely sure I did that or tested it well, so would appreciate particular attention on that aspect of this PR.