Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: fix persistent drift in github branch protection resource #2549

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix: fix persistent drift in github branch protection resource #2549

wants to merge 3 commits into from

Conversation

RoseSecurity
Copy link

Resolves #2243

Before the change?

Within the github_branch_protection resource, I have a restrict_pushes block that allows pushes to the protected branch by fetching the github_user node_id.

  restrict_pushes {
    blocks_creations = var.restrict_pushes_blocks_creations
    push_allowances = var.push_restrictions_enabled ? [
      join("", data.github_user.allowed_user[*].node_id),
    ] : []
  }

Every time I run a plan or apply, it shows drift and that the resource needs to be updated in place although the value remains the same.

Actual Behavior

This is how each plan and apply appears:

  # github_branch_protection.default[0] will be updated in-place
  ~ resource "github_branch_protection" "default" {
        id                              = "BPR_XXXXXXXXXXXX"
        # (10 unchanged attributes hidden)

      ~ restrict_pushes {
          ~ push_allowances  = [
              + "U_XXXXXXXX",
            ]
            # (1 unchanged attribute hidden)
        }

        # (1 unchanged block hidden)
    }

Terraform Version

Terraform v1.5.6 on M1 Mac with integrations/github v6.2.1

Affected Resource(s)

  • github_branch_protection

Terraform Configuration Files

# github_branch_protection.default[0] will be updated in-place
  ~ resource "github_branch_protection" "default" {
        id                              = "BPR_XXXXXXXXXXXX"
        # (10 unchanged attributes hidden)

      ~ restrict_pushes {
          ~ push_allowances  = [
              + "U_XXXXXXXX",
            ]
            # (1 unchanged attribute hidden)
        }

        # (1 unchanged block hidden)
    }

After the change?

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

Pull request checklist

Note

Existing tests cover this drift fix

  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been reviewed and added / updated if needed (for bug fixes / features)

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

  • Yes
  • No

@RoseSecurity RoseSecurity changed the title Fix persistent drift in GitHub branch protection resource fix: fix persistent drift in github branch protection resource Jan 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG]: Persistent Drift Issue in github_branch_protection Resource Despite No Changes
1 participant
@RoseSecurity