Open daniel-jimenezgarcia-ow opened 12 months ago
This is needed in order to update repos after the security fix which broke the old way of doing tag-based deployment protection.
Has the work started on this? Or should we do the scriptops again? :)
Worth noting this is now added to the REST API, as well as v56 version of go-github client (which added a new Type
parameter for the DeploymentBranchPolicy
and DeploymentBranchPolicyRequest
types)
@george-zubrienko it has not; PRs are very welcome!
Hi 👋
We're currently migrating to became a Terraform managed GitHub organization. This feature is something that would benefit us greatly so if i've dug a bit into the implementation of this resource.
I'm entirely new to writing terraform providers so please correct me when i got things at the wrong end here, but the way i see it there are roughly 2 ways to implement this:
branch_pattern
property to something like pattern
and adding a secondary option to control the type
to match (branches / tags).
branch_pattern
optional and putting a tag_pattern
to sit as it's counterpart.
I was wondering if there is a best-practice / general consensus on what would be the preferred approach to a problem like this when it comes to TF providers?
FYI: I implemented the first approach in the comment above for the github_repository_environment_deployment_policy
resource in https://github.com/integrations/terraform-provider-github/pull/2050 and am awaiting feedback. The implementation should be simple to apply to the github_repository_deployment_branch_policy
as well.
This is becoming an issue in our organization, we need to be able to manage this through IaC. How come this has been implemented since Dec 2023 but nothing has advanced since then? Is there a way to help this move forward?
+1
Describe the need
Deployment policies now allows creating policies that match either branches or tags: https://github.blog/changelog/2023-10-06-actions-secure-deployment-rollouts-to-protected-environments-based-on-select-tag-patterns/
However in Terraform we only have the
github_repository_deployment_branch_policy
available, which creates policies that match branches.We need the ability to create policies that match tags (In the UX, you select a "ref type" when creating the policy). This could either be via a new
ref_type
parameter in the existing resource or a new resource likegithub_repository_deployment_tag_policy
SDK Version
No response
API Version
No response
Relevant log output
No response
Code of Conduct