Closed k24dizzle closed 1 year ago
This does look related to https://github.com/terraform-providers/terraform-provider-github/pull/593. 🤔 we will likely need to update the import function to handle the more flexible behaviour of providing a node ID or a repository name.
Raised ☝️ with the import logic fixes. Take a look and let me know if the PR looks 👌 .
Tested well locally but am seeing some flakiness with the acceptance tests. Aiming to get this released alongside a couple of other fixes in the upcoming v4.0.1
release.
I think there's another issue with https://github.com/terraform-providers/terraform-provider-github/pull/593 when trying to apply branch_protection_rules where repository_id
is set to a repositories node_id
(as opposed to it's name
). When trying to add a rule I get:
Error: Could not resolve to a Repository with the name 'myOrgNname/whatIPresumeIsTheNodeId'.
When I switch repository_id
back to using name
, it creates the rule as expected.
Creating branch_protection_rules in 3.1.0 with node_id
works as expected.
@kchristensen see this branch which creates a branch protection rule in v4.0.0
using node_id
. I may be misunderstanding the issue though.
We encountered an issue today on this, and our repo name was base64 decoeable, so it tricked the code to use the node_id
path and fail with the same error. Turn out most 4 & 9 char string (a-z) are base64 decodeable. I'm sure there's more. The example repo name I tested was abcdefgh
. Log: https://gist.github.com/faultylee/974596a4349bb7d38dba42eddcfb4f08
Maybe consider checking of the decoded output is valid ascii.
NOTE: we've updated to v4.2.0
which contain #610
We then tried importing using node_id
and ran into a diff error, and have raised an issue here (#671)
Same here, the names wiki
and identity
are being interpreted as node_id
instead of name
:
Error: Could not resolve to a node with the global id of 'identity'
Version v4.3.1
I went ahead and gave the above bug a shot here: https://github.com/integrations/terraform-provider-github/pull/684
Working on verifying that it works locally
Just to update, this appears to still fail for me:
Initializing provider plugins...
- Finding integrations/github versions matching "4.5.0"...
- Installing integrations/github v4.5.0...
- Installed integrations/github v4.5.0 (signed by a HashiCorp partner, key ID 38027F80D7FD5FB2)
$ terraform import github_branch_protection.some_repo some_repo:branch
github_branch_protection.some_repo: Importing from ID "some_repo:branch"...
Error: nil entry in ImportState results. This is always a bug with
the resource that is being imported. Please report this as
a bug to Terraform.
The failure was due to master
not having branch protection setup.
It appears this issue (and https://github.com/integrations/terraform-provider-github/issues/671) are failing for me due to not checking if the imported resource exists on Github (which would be a nice check for those of us using Terraform to manage Github when we don't have direct Admin access)
Should be closed by https://github.com/integrations/terraform-provider-github/pull/721
Disregard, it looks like it doesn't fail nicely when branch protection doesn't exist
https://github.com/integrations/terraform-provider-github/pull/684/files#r590391784
those of us using Terraform to manage Github when we don't have direct Admin access
That call out is very much appreciated. Will have to factor this angle into how the project grows over time.
As for next steps to correct this behaviour, adding better error handling when branch protection does not exist makes sense.
Hello!
I am still encountering this issue in v4.26.1 when the branch protection does not exist (but the branch does exist):
Error: Could not resolve to a node with the global id of 'martibosch'
with:
resource "github_repository" "repository" {
name = "foo"
description = "bar"
visibility = "public"
allow_merge_commit = false
auto_init = true
gitignore_template = "Terraform"
license_template = "gpl-3.0"
}
data "github_user" "user" {
username = "martibosch"
}
## Branch protection rules
resource "github_branch_protection" "repository" {
repository_id = github_repository.repository.node_id
pattern = "develop"
required_linear_history = true
required_status_checks {
strict = true
contexts = ["ci"]
}
required_pull_request_reviews {
dismiss_stale_reviews = true
pull_request_bypassers = [data.github_user.user.username]
}
}
what can I do to overcome this error?
Thank you. Best, Martí
👋 Hey Friends, this issue has been automatically marked as stale
because it has no recent activity. It will be closed if no further activity occurs. Please add the Status: Pinned
label if you feel that this issue needs to remain open/active. Thank you for your contributions and help in keeping things tidy!
Terraform Version
v4.0.0
Affected Resource(s)
github_branch_protection
Terraform Configuration Files
Debug Output
https://gist.github.com/k24dizzle/db8134b8b00171f7b6dbd4c38d4886b4
I tried importing the branch protection, but the provider couldn't find the resource. But when I applied the changes, I ran into errors saying the branch protection rule for that branch already existed.
Expected Behavior
I expected terraform to import the state of the branch_protection of my
main
branch in this repo: https://github.com/kzhaotest/test as described in the documentation here: https://www.terraform.io/docs/providers/github/r/branch_protection.html#importActual Behavior
Steps to Reproduce
terraform init
terraform import github_branch_protection.test test:main
Notes
I did notice in other experiments that I was able to import a
github_branch_protection
resource by instead of usingrepo_name:branch_name
using thegraphql node id
of the branch protection rule.But I assume that this overall issue is related to https://github.com/terraform-providers/terraform-provider-github/pull/593
Interestingly enough, even though https://github.com/kzhaotest/test has a branch protection rule for the
main
branch, I wasn't able to get the id of the rule in the graphql explorer, so I wasn't able to test this assumption out here.