Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support rule type code_scanning #2436

Merged
merged 5 commits into from
Nov 21, 2024
Merged

feat: Support rule type code_scanning #2436

merged 5 commits into from
Nov 21, 2024

Conversation

ihor-hrytskiv
Copy link
Contributor

@ihor-hrytskiv ihor-hrytskiv commented Oct 23, 2024
edited
Loading

Support rule type code_scanning for github_organization_ruleset and github_repository_ruleset

Resolves #2310

Example:

data "github_repository" "workflow_repo" {
    name = "workflow_repo"
}

resource "github_organization_ruleset" "org_ruleset" {
    name        = "example"
    target      = "branch"
    enforcement = "active"

    rules {
        required_code_scanning {
            required_code_scanning_tool {
                alerts_threshold          = "errors"
                security_alerts_threshold = "high_or_higher"
                tool                      = "CodeQL"
            }
        }
    }
}

resource "github_repository_ruleset" "repo_ruleset" {
    name        = "example"
    repository  = data.github_repository.workflow_repo.name
    target      = "branch"
    enforcement = "active"

    rules {
        required_code_scanning {
            required_code_scanning_tool {
                alerts_threshold          = "errors"
                security_alerts_threshold = "high_or_higher"
                tool                      = "CodeQL"
            }
        }
    }
}

Pull request checklist

  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been reviewed and added / updated if needed (for bug fixes / features)

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

  • Yes
  • No

@ihor-hrytskiv ihor-hrytskiv changed the title feat: support rule type code_scanning feat: Support rule type code_scanning Oct 23, 2024
@kfcampbell
Copy link
Member

@ihor-hrytskiv would it be possible to split out the google/go-github v66 upgrade to a separate PR? It makes it easier to roll back if something goes wrong with either part of the change, which we've had happen before.

@ihor-hrytskiv ihor-hrytskiv mentioned this pull request Oct 28, 2024
Merged
@ihor-hrytskiv
Copy link
Contributor Author

ihor-hrytskiv commented Oct 28, 2024
edited
Loading

Resolves #2310

Thank @kfcampbell for the suggestion, this is my PR

@tsalright
Copy link

It's awesome to run into something you are working on @kfcampbell!

I wanted to check on what is the status of this pull request? I ran a cross it when I was trying to built out some terraform for a client and ran into this missing feature in the code that is blocking me from proceeding. I can shelf the code for now since I am only dealing with one organization at the moment, but wondering when this feature may become available since I will be supporting larger enterprise efforts in the near future where enabling the code scan tool is a requirement.

@kfcampbell
Copy link
Member

@ihor-hrytskiv I merged your other PR and gave a shot at a merge from there into here. It looks like there's some issues with deprecated routes and linting errors, though that could be my fault from the merge. Thoughts?

@ihor-hrytskiv
Copy link
Contributor Author

@ihor-hrytskiv I merged your other PR and gave a shot at a merge from there into here. It looks like there's some issues with deprecated routes and linting errors, though that could be my fault from the merge. Thoughts?

@kfcampbell fixed

kfcampbell
kfcampbell approved these changes Nov 21, 2024
View reviewed changes
Copy link
Member

@kfcampbell kfcampbell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ihor-hrytskiv thank you!

@kfcampbell kfcampbell merged commit c644bee into integrations:main Nov 21, 2024
3 checks passed
MXfive pushed a commit to MXfive/terraform-provider-github that referenced this pull request Nov 27, 2024
@ihor-hrytskiv @kfcampbell @MXfive
feat: Support rule type code_scanning (integrations#2436)
955fad8 
* feat: support rule type code_scanning for github_organization_ruleset and github_repository_ruleset

* feat: docs

* feat: docs

* chore: remove tag protection endpoint

---------

Co-authored-by: Keegan Campbell <me@kfcampbell.com>
@ihor-hrytskiv ihor-hrytskiv deleted the feat/code-scanning branch December 25, 2024 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kfcampbell kfcampbell kfcampbell approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEAT]: support rule type code_scanning for github_organization_ruleset
3 participants
@ihor-hrytskiv @kfcampbell @tsalright