[BUG]: 422 Validation Failed [] on api.github.com/organizations/XXX/team/XXX/repos/XXX/YYY

[aamkye]

Expected Behavior

The resource creation/modification would complete w/o error.

Actual Behavior

Returns: Error: PUT https://api.github.com/organizations/XXX/team/XXX/repos/XXX/YYY: 422 Validation Failed [] without any further information.

While doing plan, this appears:

Terraform will perform the following actions:

  # github_team_repository.repository["devops.YYY"] will be updated in-place
  ~ resource "github_team_repository" "repository" {
        id         = "1234567:YYY"
      ~ permission = "read" -> "write"
        # (3 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

and then:

│ Error: PUT https://api.github.com/organizations/XXX/team/XXX/repos/XXX/YYY: 422 Validation Failed []
│
│   with github_team_repository.repository["devops.YYY"],
│   on main.tf line 124, in resource "github_team_repository" "repository":
│  124: resource "github_team_repository" "repository" {
│

but second run shows no errors, like the state has been updated, but real resource remain unchanged.

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no
changes are needed.

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Terraform Version

Terraform v1.7.4 and v1.7.5 on darwin_arm64

• provider registry.terraform.io/integrations/github v6.1.0

Affected Resource(s)

• github_team_repository
• github_repository_collaborator

Terraform Configuration Files

---
teams:
  devops:
    name: DevOps
    privacy: closed
    parent_team_id: NULL
    repositories:
      YYY:
        role: write

users:
  XXX:
    username: xxx
    role: member
    teams:
      devops:
        role: member
    repositories:
      YYY:
        role: maintain

repositories:
  YYY:
    name: YYY
    visibility: public

---

locals {
  values = yamldecode(file("values.yaml"))
}

resource "github_repository" "repository" {
  for_each = local.values.repositories

  name            = each.key
  description     = try(each.value.description, null)
  topics          = try(each.value.topics, null)
  visibility      = try(each.value.visibility, local.values.default_repository_values.visibility)
}

resource "github_team_repository" "repository" {
  for_each = {
    for _repository in flatten([
      for team, team_details in local.values.teams : [
        for repository, repository_details in team_details.repositories : {
          repository = github_repository.repository[repository]
          team       = github_team.team[team]
          permission = repository_details.role
        }
      ]
      if lookup(team_details, "repositories", null) != null
      ]
    ) :
    "${_repository.team.slug}.${_repository.repository.name}" => _repository
  }

  team_id    = each.value.team.id
  repository = each.value.repository.name
  permission = each.value.permission

  depends_on = [ github_team.team, github_repository.repository ]
}

resource "github_repository_collaborator" "collaborator" {
  for_each = {
    for _repository in flatten([
      for user, user_details in local.values.users : [
        for repository, repository_details in user_details.repositories : {
          repository = github_repository.repository[repository]
          user       = github_membership.user[user]
          permission = repository_details.role
        }
      ]
      if lookup(user_details, "repositories", null) != null
      ]
    ) :
    "${_repository.user.username}.${_repository.repository.name}" => _repository
  }

  repository = each.value.repository.name
  username   = each.value.user.username
  permission = each.value.permission

  depends_on = [ github_membership.user, github_repository.repository ]
}

Steps to Reproduce

terraform apply

Debug Output

(...)
2024-03-14T22:51:19.940+0100 [INFO]  Starting apply for github_team_repository.repository["YYY"]
2024-03-14T22:51:19.940+0100 [DEBUG] github_team_repository.repository["YYY"]: applying the planned Update change
2024-03-14T22:51:20.199+0100 [ERROR] provider.terraform-provider-github_v6.1.0: Response contains error diagnostic: @caller=github.com/hashicorp/terraform-plugin-go@v0.22.0/tfprotov5/internal/diag/diagnostics.go:58 tf_rpc=ApplyResourceChange @module=sdk.proto diagnostic_detail="" tf_req_id=c09ef4d2-cb12-5584-f621-85b635c0e177 tf_resource_type=github_team_repository diagnostic_severity=ERROR diagnostic_summary="PUT https://api.github.com/organizations/XXX/team/XXX/repos/XXX/YYY: 422 Validation Failed []" tf_proto_version=5.4 tf_provider_addr=provider timestamp="2024-03-14T22:51:20.199+0100"
2024-03-14T22:51:20.199+0100 [DEBUG] State storage *cloud.State declined to persist a state snapshot
2024-03-14T22:51:20.200+0100 [ERROR] vertex "github_team_repository.repository[\"YYY\"]" error: PUT https://api.github.com/organizations/XXX/team/XXX/repos/XXX/YYY: 422 Validation Failed []
2024-03-14T22:51:20.200+0100 [DEBUG] cloud/state: state read serial is: 88; serial is: 88
2024-03-14T22:51:20.200+0100 [DEBUG] cloud/state: state read lineage is: 0b65673b-dd96-3503-729c-7452b1fe1445; lineage is: 0b65673b-dd96-3503-729c-7452b1fe1445
2024-03-14T22:51:21.850+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-03-14T22:51:21.852+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/integrations/github/6.1.0/darwin_arm64/terraform-provider-github_v6.1.0 pid=97342
2024-03-14T22:51:21.852+0100 [DEBUG] provider: plugin exited

Panic Output

No response

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[nickfloyd]

Hey @aamkye thanks for tracking this down. Let us know if you'd be interested in fixing the issue and submitting a PR. For now I have labeled this as "Up For Grabs" so that the community can take a stab at getting this fixed as well. ❤️

[aamkye]

I'm willing to be a testing ground guy for such PR, 😀 unfortunately, my Golang and Terraform engine knowledge is quite limited. But, I can provide all the necessary details if guided 💪!