Repository environment creation error #1262
Comments
|
This is effecting me in Pulumi, doing a refresh does not seem to import the manually updated state so the workaround did not work for me. Here is a relevant thread in GitHub community that might help bring some attention to the issue if its on their end. |
ok, so probably is not a terraform problem but github api |
|
TLDR; I suppose is Using resource "github_repository_environment" "project_repo_env" {
repository = data.github_repository.project_repo.name
environment = var.gh_project_environment
}Debugging a Terraform apply: Using const result = await request('PUT /repos/{owner}/{repo}/environments/{environment_name}', {
headers: {
authorization: "token 0000000000000000000000000",
},
owner: 'roger',
repo: 'my-repo',
environment_name: 'develop'
})I suppose is "wait_timer" parameter that has been sent even if omited, because when I run with this parameter shows the same error const result = await request('PUT /repos/{owner}/{repo}/environments/{environment_name}', {
headers: {
authorization: "token 0000000000000000000000000",
},
owner: 'roger',
repo: 'my-repo',
environment_name: 'develop',
wait_timer: null
}) |
|
Relevant Terraform provider Go file: https://github.com/integrations/terraform-provider-github/blame/main/vendor/github.com/google/go-github/v47/github/repos_environments.go Line 147-172 Seems due to this being a new feature for GitHub Teams when the relevant Terraform provider code was written they didn't count for a use case where a user would want to create environments but have no access to the branch protection rule feature. |
|
We're also struggling with this. The environments do get created, but tf errors out with a 422 each time, so state is not updated. |
|
Is this something that we can expect a quick fix for?? |
|
There's a work around, this is how we solved it: Because it only fails on create/update you can create the environments manually or via API (we had quite a few to create, so we opted for this, very straightforward to use) and then import the environments into your code. Obviously this is not a long term solution, but can work if the missing feature is blocking you. |
|
@AnitaErnszt what version are you importing with? I'm also impacted by this |
|
@0xBigBoss I have managed to reproduce this error when the credentials were invalid (expired in my case, but I assume it returns the same error for any invalid cred) We're still using 4.26, but I just tested with 5.2.0 and works |
|
I note that I can reproduce this error with valid credentials, and where we are able to update the custom branch rules via the web UI (meaning we have sufficient account privileges). Trying various options directly via the API seems to yield the same result. |
|
See: https://github.com/orgs/community/discussions/30201#discussioncomment-3801138 for API request attempts. |
|
@richchurcher as I have mentioned before, this issue is with the provider. If you are on GitHub Pro or Teams, you'll face the issue. It's completely unrelated to the creds validity. (On my previous message I was debugging the error raised a message above, trying to help someone to work around the issue with a temporary solution, and is also unrelated to the GitHub issue discussed in the tread) Hope this helps. |
|
Ended up upgrading to GitHub Enterprise to remove the blocker 🤷 |
|
For what it's worth. We are also facing this issue in our company. I used the http-full provider to try to have this as automated as possible (terraform's http provider does not support put) Then, in my secrets I have Its not ideal, but it helps |
|
I don't use any protection rules, I would like to be able to create a new environment like this: It'd be very useful if Github provider could support it otherwise I'll have to do some workaround. The following would also help: |
kfcampbell
added
Type: Bug
|
If anybody has interest in opening up a PR to fix this behavior, I'd be happy to review! |
|
@kfcampbell I have opened the issue in They suggested to either add a flag or separate the feature into 2 API endpoints, but not sure how it would work on the provider side: An alternative solution can be if we error handle on 422 (aka the original call failed because we don't have enterprise) and make a second API call to the alternative endpoint? An other, but less elegant solution can be if we let the terraform user decide whether they have the |
There's not anything built into
Hmm...there's a GitHub Billing API but it doesn't look like what we're looking for either.
We do have a precedent for handling 422s like this here. It's definitely a little gross but it would be better than not solving the issue at all. |
|
@kfcampbell got a PR out in |
Terraform Version
Terraform v1.0.7Affected Resource(s)
github_repository_environmentTerraform Configuration Files
Debug Output
Expected Behavior
Create an environment
Actual Behavior
Got this errore (both staging and production)
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
terraform applyWork arround
If I set the "Deployment branches" in the GUI (protected branches), import the resource and add the following config terraform terminates well.
The text was updated successfully, but these errors were encountered: