Merge branch 'master' into ap_support_individual_repos

CHANGELOG.md

@@ -1,4 +1,14 @@
 ## 2.9.0 (Unreleased)
+## 2.8.1 (June 09, 2020)
+
+BUG FIXES:
+
+* resource/github_repository_file: Reduce API requests when looping through commits ([[#466](https://github.com/terraform-providers/terraform-provider-github/issues/466)])
+* resource/github_repository: Fix `auto_init` Destroying Repositories ([[#317](https://github.com/terraform-providers/terraform-provider-github/issues/317)])
+* resource/github_repository_deploy_key: Fix acceptance test approach ([[#471](https://github.com/terraform-providers/terraform-provider-github/issues/471)])
+* resource/github_actions_secret: Fix Case Where Secret Removed Outside Of Terraform ([[#482](https://github.com/terraform-providers/terraform-provider-github/issues/482)])
+* Documentation Addition Of `examples/` Directory
+
 ## 2.8.0 (May 15, 2020)
 
 BUG FIXES:

examples/README.md

@@ -0,0 +1,19 @@
+# GitHub Provider Examples
+
+This directory contains a set of examples of using various GitHub services with
+Terraform. The examples each have their own README containing more details
+on what the example does.
+
+To run any example, clone the repository and run `terraform init`, `terraform plan`, and `terraform apply` within
+the example's own directory.
+
+For example:
+
+```
+$ git clone https://github.com/terraform-providers/terraform-provider-github
+$ cd terraform-provider-github/examples/repository_collaborator
+$ terraform init
+$ terraform plan
+$ terraform apply
+...
+```

examples/release/README.md

@@ -0,0 +1,23 @@
+# Release Example
+
+This displays retrieval of a GitHub release.
+
+This example will look up a GitHub release available to the specified `owner` organization or a personal account. See https://www.terraform.io/docs/providers/github/index.html for details on configuring [`providers.tf`](./providers.tf) accordingly.
+
+Alternatively, you may use variables passed via command line:
+
+```console
+export GITHUB_ORG=
+export GITHUB_TOKEN=
+export RELEASE_OWNER=
+export RELEASE_REPOSITORY=
+export RELEASE_TAG=
+```
+```console
+terraform apply \
+  -var "organization=${GITHUB_ORG}" \
+  -var "github_token=${GITHUB_TOKEN}" \
+  -var "owner=${RELEASE_OWNER}" \
+  -var "repository=${RELEASE_REPOSITORY}" \
+  -var "release_tag=${RELEASE_TAG}"
+```

examples/release/main.tf

@@ -0,0 +1,6 @@
+data "github_release" "by_tag" {
+  repository  = var.repository
+  owner       = var.owner
+  release_tag = var.release_tag
+  retrieve_by = "tag"
+}

examples/release/outputs.tf

@@ -0,0 +1,4 @@
+output "github_release_assets_url" {
+  description = "Asset URL of a GitHub release"
+  value       = data.github_release.by_tag.asserts_url
+}

examples/release/providers.tf

@@ -0,0 +1,5 @@
+provider "github" {
+  version      = "2.8.0"
+  organization = var.organization
+  token        = var.github_token
+}

examples/release/variables.tf

@@ -0,0 +1,24 @@
+variable "organization" {
+  description = "GitHub organization used to configure the provider"
+  type        = string
+}
+
+variable "github_token" {
+  description = "GitHub access token used to configure the provider"
+  type        = string
+}
+
+variable "owner" {
+  description = "GitHub owner of a release to query"
+  type        = string
+}
+
+variable "repository" {
+  description = "GitHub repository of a release to query"
+  type        = string
+}
+
+variable "release_tag" {
+  description = "Tag of a release to query"
+  type        = string
+}

examples/repository_collaborator/README.md

@@ -0,0 +1,22 @@
+# Repository Collaborator
+
+This provides a template for managing [repository collaborators](https://help.github.com/en/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository).
+
+This example will also create a repository in the specified `owner` organization. See https://www.terraform.io/docs/providers/github/index.html for details on configuring [`providers.tf`](./providers.tf) accordingly.
+
+Alternatively, you may use variables passed via command line:
+
+```console
+export GITHUB_ORG=
+export GITHUB_TOKEN=
+export COLLABORATOR_USERNAME=
+export COLLABORATOR_PERMISSION=
+```
+
+```console
+terraform apply \
+  -var "organization=${GITHUB_ORG}" \
+  -var "github_token=${GITHUB_TOKEN}" \
+  -var "username=${COLLABORATOR_USERNAME}" \
+  -var "permission=${COLLABORATOR_PERMISSION}"
+```

examples/repository_collaborator/main.tf

@@ -0,0 +1,11 @@
+resource "github_repository" "collaboration" {
+  name        = "collaboration"
+  private     = true
+  description = "A collaborative repository"
+}
+
+resource "github_repository_collaborator" "collaborator" {
+  repository = github_repository.collaboration.name
+  username   = var.username
+  permission = var.permission
+}

examples/repository_collaborator/outputs.tf

@@ -0,0 +1,4 @@
+output "repository" {
+  description = "Collaborative repository JSON blob"
+  value       = github_repository.collaboration
+}

examples/repository_collaborator/providers.tf

@@ -0,0 +1,5 @@
+provider "github" {
+  version      = "2.8.0"
+  organization = var.organization
+  token        = var.github_token
+}

examples/repository_collaborator/variables.tf

@@ -0,0 +1,19 @@
+variable "username" {
+  description = "Username of a collaborator"
+  type        = string
+}
+
+variable "permission" {
+  description = "Permission level for a collaborator"
+  type        = string
+}
+
+variable "organization" {
+  description = "GitHub organization used to configure the provider"
+  type        = string
+}
+
+variable "github_token" {
+  description = "GitHub access token used to configure the provider"
+  type        = string
+}

examples/repository_delete_branch_on_merge/README.md

@@ -0,0 +1,18 @@
+# Repository `delete_branch_on_merge` Example
+
+This displays configurability of the `delete_branch_on_merge` feature for GitHub repositories.
+
+This example will create a repository in the specified `owner` organization. See https://www.terraform.io/docs/providers/github/index.html for details on configuring [`providers.tf`](./providers.tf) accordingly.
+
+Alternatively, you may use variables passed via command line:
+
+```console
+export GITHUB_ORG=
+export GITHUB_TOKEN=
+```
+
+```console
+terraform apply \
+  -var "organization=${GITHUB_ORG}" \
+  -var "github_token=${GITHUB_TOKEN}"
+```

examples/repository_delete_branch_on_merge/main.tf

@@ -0,0 +1,7 @@
+resource "github_repository" "delete_branch_on_merge" {
+  name                   = "delete_branch_on_merge"
+  description            = "A repository with delete-branch-on-merge configured"
+  default_branch         = "master"
+  private                = true
+  delete_branch_on_merge = true
+}

examples/repository_delete_branch_on_merge/outputs.tf

@@ -0,0 +1,4 @@
+output "repository" {
+  description = "Example repository JSON blob"
+  value       = github_repository.delete_branch_on_merge
+}

examples/repository_delete_branch_on_merge/providers.tf

@@ -0,0 +1,5 @@
+provider "github" {
+  version      = "2.8.0"
+  organization = var.organization
+  token        = var.github_token
+}

examples/repository_delete_branch_on_merge/variables.tf

@@ -0,0 +1,9 @@
+variable "organization" {
+  description = "GitHub organization used to configure the provider"
+  type        = string
+}
+
+variable "github_token" {
+  description = "GitHub access token used to configure the provider"
+  type        = string
+}

github/resource_github_actions_secret.go

@@ -8,6 +8,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"golang.org/x/crypto/nacl/box"
 	"log"
+	"net/http"
 )
 
 func resourceGithubActionsSecret() *schema.Resource {
@@ -101,7 +102,14 @@ func resourceGithubActionsSecretRead(d *schema.ResourceData, meta interface{}) e
 
 	secret, _, err := client.Actions.GetSecret(ctx, owner, repoName, secretName)
 	if err != nil {
-		d.SetId("")
+		if ghErr, ok := err.(*github.ErrorResponse); ok {
+			if ghErr.Response.StatusCode == http.StatusNotFound {
+				log.Printf("[WARN] Removing actions secret %s from state because it no longer exists in GitHub",
+					d.Id())
+				d.SetId("")
+				return nil
+			}
+		}
 		return err
 	}
 

github/resource_github_actions_secret_test.go

@@ -3,15 +3,15 @@ package github
 import (
 	"context"
 	"fmt"
-	"os"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
 )
 
 func TestAccGithubActionsSecret_basic(t *testing.T) {
-	repo := os.Getenv("GITHUB_TEMPLATE_REPOSITORY")
+	repo := acctest.RandomWithPrefix("tf-acc-test")
 
 	secretResourceName := "github_actions_secret.test_secret"
 	secretValue := "super_secret_value"
@@ -45,23 +45,47 @@ func TestAccGithubActionsSecret_basic(t *testing.T) {
 	})
 }
 
-func testAccGithubActionsSecretFullConfig(repoName, plaintext string) string {
-
-	// Take resources from other tests to avoid manual creation of secrets / repos
-	githubPKData := testAccCheckGithubActionsPublicKeyDataSourceConfig(repoName)
-	githubActionsSecretResource := testAccGithubActionsSecretConfig(repoName, plaintext)
+func TestAccGithubActionsSecret_disappears(t *testing.T) {
+	repo := acctest.RandomWithPrefix("tf-acc-test")
+	secretResourceName := "github_actions_secret.test_secret"
+	secretValue := "super_secret_value"
 
-	return fmt.Sprintf("%s%s", githubPKData, githubActionsSecretResource)
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckGithubActionsSecretDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccGithubActionsSecretFullConfig(repo, secretValue),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckGithubActionsSecretExists(secretResourceName, "test_secret_name", t),
+					testAccCheckGithubActionsSecretDisappears(secretResourceName),
+				),
+				ExpectNonEmptyPlan: true,
+			},
+		},
+	})
 }
 
-func testAccGithubActionsSecretConfig(repo, plaintext string) string {
+func testAccGithubActionsSecretFullConfig(repoName, plaintext string) string {
+	// To allow tests to run in parallel and prevent re-using resources defined across the
+	// codebase, we create a repository resource and define it's actions public key here
+	// alongside the new actions secret resource
 	return fmt.Sprintf(`
+data "github_actions_public_key" "test_pk" {
+  repository = github_repository.test.name
+}
+
+resource "github_repository" "test" {
+  name = "%s"
+}
+
 resource "github_actions_secret" "test_secret" {
-  repository       = "%s"
+  repository       = github_repository.test.name
   secret_name      = "test_secret_name"
   plaintext_value  = "%s"
 }
-`, repo, plaintext)
+`, repoName, plaintext)
 }
 
 func testAccCheckGithubActionsSecretExists(resourceName, secretName string, t *testing.T) resource.TestCheckFunc {
@@ -88,6 +112,23 @@ func testAccCheckGithubActionsSecretExists(resourceName, secretName string, t *t
 	}
 }
 
+func testAccCheckGithubActionsSecretDisappears(resourceName string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return fmt.Errorf("Not found: %s", resourceName)
+		}
+		conn := testAccProvider.Meta().(*Organization).v3client
+		owner := testAccProvider.Meta().(*Organization).name
+		repoName, secretName, err := parseTwoPartID(rs.Primary.ID, "repository", "secret_name")
+		if err != nil {
+			return err
+		}
+		_, err = conn.Actions.DeleteSecret(context.TODO(), owner, repoName, secretName)
+		return err
+	}
+}
+
 func testAccCheckGithubActionsSecretDestroy(s *terraform.State) error {
 	client := testAccProvider.Meta().(*Organization).v3client
 

github/resource_github_repository.go

@@ -87,7 +87,6 @@ func resourceGithubRepository() *schema.Resource {
 			"auto_init": {
 				Type:     schema.TypeBool,
 				Optional: true,
-				ForceNew: true,
 			},
 			"default_branch": {
 				Type:        schema.TypeString,

github/resource_github_repository_deploy_key_test.go

@@ -3,6 +3,8 @@ package github
 import (
 	"context"
 	"fmt"
+	"os"
+	"os/exec"
 	"path/filepath"
 	"regexp"
 	"strconv"
@@ -51,6 +53,15 @@ func TestSuppressDeployKeyDiff(t *testing.T) {
 }
 
 func TestAccGithubRepositoryDeployKey_basic(t *testing.T) {
+	testUserEmail := os.Getenv("GITHUB_TEST_USER_EMAIL")
+	if testUserEmail == "" {
+		t.Skip("Skipping because `GITHUB_TEST_USER_EMAIL` is not set")
+	}
+	cmd := exec.Command("bash", "-c", fmt.Sprintf("ssh-keygen -t rsa -b 4096 -C %s -N '' -f test-fixtures/id_rsa>/dev/null <<< y >/dev/null", testUserEmail))
+	if err := cmd.Run(); err != nil {
+		t.Fatal(err)
+	}
+
 	rn := "github_repository_deploy_key.test_repo_deploy_key"
 	rs := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)
 	repositoryName := fmt.Sprintf("acctest-%s", rs)