Add GitHub Code Scanning Resource and Data Source (Continuation)

[pacoguzman]

Resolves #1648

---

Before the change?

• Before the change, code scanning was not able to be configured with a Terraform resource, and it's state was not able to be retrieved by a data source.

After the change?

• The provider now supports configuring code scanning via its corresponding resource for a given repository, and the data source is able to retrieve it's current configuration.

Pull request checklist

• [x] Tests for the changes have been added (for bug fixes / features)
• [x] Docs have been reviewed and added / updated if needed (for bug fixes / features)

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

• [ ] Yes
• [x] No

---

This is a continuation of the #2036 as it looks stuck

The following is an example of a manual testing terraform apply

 terraform apply \
  -var "owner=${TF_VAR_github_owner}" \
  -var "github_token=${TF_VAR_github_token}"
╷
│ Warning: Provider development overrides are in effect
│
│ The following provider development overrides are set in the CLI configuration:
│  - integrations/github in /Users/pacoguzman/dev/github/pacoguzman-gitops/terraform-provider-github/bin
│
│ The behavior may therefore not match any released version of the provider and applying changes may cause the state to become incompatible with published releases.
╵

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # github_repository.terraformed will be created
  + resource "github_repository" "terraformed" {
      + allow_auto_merge            = false
      + allow_merge_commit          = true
      + allow_rebase_merge          = true
      + allow_squash_merge          = true
      + archived                    = false
      + auto_init                   = true
      + default_branch              = (known after apply)
      + delete_branch_on_merge      = false
      + description                 = "A repository created by terraform"
      + etag                        = (known after apply)
      + full_name                   = (known after apply)
      + git_clone_url               = (known after apply)
      + html_url                    = (known after apply)
      + http_clone_url              = (known after apply)
      + id                          = (known after apply)
      + merge_commit_message        = "PR_TITLE"
      + merge_commit_title          = "MERGE_MESSAGE"
      + name                        = "terraformed"
      + node_id                     = (known after apply)
      + primary_language            = (known after apply)
      + private                     = (known after apply)
      + repo_id                     = (known after apply)
      + squash_merge_commit_message = "COMMIT_MESSAGES"
      + squash_merge_commit_title   = "COMMIT_OR_PR_TITLE"
      + ssh_clone_url               = (known after apply)
      + svn_url                     = (known after apply)
      + topics                      = (known after apply)
      + visibility                  = "public"
      + vulnerability_alerts        = true
      + web_commit_signoff_required = false

      + security_and_analysis {
          + secret_scanning {
              + status = "enabled"
            }
          + secret_scanning_push_protection {
              + status = "enabled"
            }
        }
    }

  # github_repository_code_scanning.terraformed will be created
  + resource "github_repository_code_scanning" "terraformed" {
      + id          = (known after apply)
      + languages   = (known after apply)
      + query_suite = "default"
      + repository  = "terraformed"
      + state       = "configured"
      + updated_at  = (known after apply)
    }

  # github_repository_file.terraformed will be created
  + resource "github_repository_file" "terraformed" {
      + branch              = "main"
      + commit_author       = "Terraform User"
      + commit_email        = "terraform@example.com"
      + commit_message      = "Managed by Terraform"
      + commit_sha          = (known after apply)
      + content             = <<-EOT
            if __name__ == "__main__":
                            print ("This is a test")
        EOT
      + file                = "main.py"
      + id                  = (known after apply)
      + overwrite_on_create = true
      + ref                 = (known after apply)
      + repository          = "terraformed"
      + sha                 = (known after apply)
    }

Plan: 3 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + repository               = {
      + allow_auto_merge                        = false
      + allow_merge_commit                      = true
      + allow_rebase_merge                      = true
      + allow_squash_merge                      = true
      + allow_update_branch                     = null
      + archive_on_destroy                      = null
      + archived                                = false
      + auto_init                               = true
      + default_branch                          = (known after apply)
      + delete_branch_on_merge                  = false
      + description                             = "A repository created by terraform"
      + etag                                    = (known after apply)
      + full_name                               = (known after apply)
      + git_clone_url                           = (known after apply)
      + gitignore_template                      = null
      + has_discussions                         = null
      + has_downloads                           = null
      + has_issues                              = null
      + has_projects                            = null
      + has_wiki                                = null
      + homepage_url                            = null
      + html_url                                = (known after apply)
      + http_clone_url                          = (known after apply)
      + id                                      = (known after apply)
      + ignore_vulnerability_alerts_during_read = null
      + is_template                             = null
      + license_template                        = null
      + merge_commit_message                    = "PR_TITLE"
      + merge_commit_title                      = "MERGE_MESSAGE"
      + name                                    = "terraformed"
      + node_id                                 = (known after apply)
      + pages                                   = []
      + primary_language                        = (known after apply)
      + private                                 = (known after apply)
      + repo_id                                 = (known after apply)
      + security_and_analysis                   = [
          + {
              + advanced_security               = []
              + secret_scanning                 = [
                  + {
                      + status = "enabled"
                    },
                ]
              + secret_scanning_push_protection = [
                  + {
                      + status = "enabled"
                    },
                ]
            },
        ]
      + squash_merge_commit_message             = "COMMIT_MESSAGES"
      + squash_merge_commit_title               = "COMMIT_OR_PR_TITLE"
      + ssh_clone_url                           = (known after apply)
      + svn_url                                 = (known after apply)
      + template                                = []
      + topics                                  = (known after apply)
      + visibility                              = "public"
      + vulnerability_alerts                    = true
      + web_commit_signoff_required             = false
    }
  + repository_code_scanning = {
      + id          = (known after apply)
      + languages   = (known after apply)
      + query_suite = "default"
      + repository  = "terraformed"
      + state       = "configured"
      + updated_at  = (known after apply)
    }

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

github_repository.terraformed: Creating...
github_repository.terraformed: Creation complete after 7s [id=terraformed]
github_repository_file.terraformed: Creating...
github_repository_file.terraformed: Creation complete after 2s [id=terraformed/main.py]
github_repository_code_scanning.terraformed: Creating...
github_repository_code_scanning.terraformed: Creation complete after 5s [id=terraformed]

Apply complete! Resources: 3 added, 0 changed, 0 destroyed.

Outputs:

repository = {
  "allow_auto_merge" = false
  "allow_merge_commit" = true
  "allow_rebase_merge" = true
  "allow_squash_merge" = true
  "allow_update_branch" = false
  "archive_on_destroy" = tobool(null)
  "archived" = false
  "auto_init" = true
  "default_branch" = "main"
  "delete_branch_on_merge" = false
  "description" = "A repository created by terraform"
  "etag" = "W/\"e2e58f76629f7b82ff984ee4d3bfdc72a4bfe116650b9889e48ca91474c503a1\""
  "full_name" = "pacoguzman-gitops/terraformed"
  "git_clone_url" = "git://github.com/pacoguzman-gitops/terraformed.git"
  "gitignore_template" = tostring(null)
  "has_discussions" = false
  "has_downloads" = false
  "has_issues" = false
  "has_projects" = false
  "has_wiki" = false
  "homepage_url" = ""
  "html_url" = "https://github.com/pacoguzman-gitops/terraformed"
  "http_clone_url" = "https://github.com/pacoguzman-gitops/terraformed.git"
  "id" = "terraformed"
  "ignore_vulnerability_alerts_during_read" = tobool(null)
  "is_template" = false
  "license_template" = tostring(null)
  "merge_commit_message" = "PR_TITLE"
  "merge_commit_title" = "MERGE_MESSAGE"
  "name" = "terraformed"
  "node_id" = "R_kgDOLtOKmA"
  "pages" = tolist([])
  "primary_language" = ""
  "private" = false
  "repo_id" = 785615512
  "security_and_analysis" = tolist([
    {
      "advanced_security" = tolist([])
      "secret_scanning" = tolist([
        {
          "status" = "enabled"
        },
      ])
      "secret_scanning_push_protection" = tolist([
        {
          "status" = "enabled"
        },
      ])
    },
  ])
  "squash_merge_commit_message" = "COMMIT_MESSAGES"
  "squash_merge_commit_title" = "COMMIT_OR_PR_TITLE"
  "ssh_clone_url" = "git@github.com:pacoguzman-gitops/terraformed.git"
  "svn_url" = "https://github.com/pacoguzman-gitops/terraformed"
  "template" = tolist([])
  "topics" = toset([])
  "visibility" = "public"
  "vulnerability_alerts" = true
  "web_commit_signoff_required" = false
}
repository_code_scanning = {
  "id" = "terraformed"
  "languages" = tolist([])
  "query_suite" = "default"
  "repository" = "terraformed"
  "state" = "configured"
  "updated_at" = ""
}

[kfcampbell]

I approved the CI checks here but cannot proceed with validating the testing as the builds aren't successful. I appreciate you picking this up and giving it attention!

[pacoguzman]

@kfcampbell I've pushed changes they should pass CI checks