[FEAT]: allow check if user belongs to the organization before add to a team

[3cpt]

Describe the need

Hi. I have a small doubt and at the same time a request. As the title says, what about allowing check if user belongs to the organization before add to a team?

I am building an idea of gave the ownership to the users adding new team members through terraform, but, for security reasons and don't want to end up by sending invites to people that doesn't belong to the organization. Makes sense?

I am suggestion something like:

resource "github_team_membership" "some_team_member" {
  for_each = { for user in var.verified_users : user => user }

  team_id  = github_team.some_team.id
  username = each.value
  role     = "member" # Adjust as necessary
  verify_user = true
}

Set to true to not create a breaking change.

Thanks.

SDK Version

No response

API Version

No response

Relevant log output

No response

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[muru]

If verify_user is supposed to cause the plan to fail, you can use the github_membership data source instead:

data "github_membership" "org_users" {
  for_each = { for user in var.verified_users : user => user }
  username = each.value
}

resource "github_team_membership" "some_team_member" {
  for_each = data.github_membership.org_users

  team_id  = github_team.some_team.id
  username = each.key
  role     = each.value.role == "admin" ? "maintainer" : "member" # Admins have to be maintainers of teams they are in
}

The data source will error out if the user is not a member:

╷
│ Error: GET https://api.github.com/orgs/some-org/memberships/muru: 404 Not Found []
│
│   with data.github_membership.test,
│   on data.tf line 12, in data "github_membership" "test":
│   12: data "github_membership" "test" {
│
╵