From 7ae7c17e31ec1ffe9987398b6afc01899387f814 Mon Sep 17 00:00:00 2001 From: joshuahancox <67631498+joshuahancox@users.noreply.github.com> Date: Tue, 12 Apr 2022 13:53:50 +0100 Subject: [PATCH 1/4] feat(github_team_repository): allow for custom repository roles --- github/resource_github_team_repository.go | 1 - website/docs/r/team_repository.html.markdown | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/github/resource_github_team_repository.go b/github/resource_github_team_repository.go index f9784ccdb6..07cae7862e 100644 --- a/github/resource_github_team_repository.go +++ b/github/resource_github_team_repository.go @@ -36,7 +36,6 @@ func resourceGithubTeamRepository() *schema.Resource { Type: schema.TypeString, Optional: true, Default: "pull", - ValidateFunc: validateValueFunc([]string{"pull", "triage", "push", "maintain", "admin"}), }, "etag": { Type: schema.TypeString, diff --git a/website/docs/r/team_repository.html.markdown b/website/docs/r/team_repository.html.markdown index e35ebab343..b9af9ac8a5 100644 --- a/website/docs/r/team_repository.html.markdown +++ b/website/docs/r/team_repository.html.markdown @@ -44,7 +44,7 @@ The following arguments are supported: * `team_id` - (Required) The GitHub team id or the GitHub team slug * `repository` - (Required) The repository to add to the team. * `permission` - (Optional) The permissions of team members regarding the repository. - Must be one of `pull`, `triage`, `push`, `maintain`, or `admin`. Defaults to `pull`. + Must be one of `pull`, `triage`, `push`, `maintain`, `admin` or the name of an existing [custom repository role](https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization) within the organisation. Defaults to `pull`. ## Import From 6fcf61a39396f167f1c75839a0ae5e98a74cc2a9 Mon Sep 17 00:00:00 2001 From: Joshua Hancox Date: Mon, 23 May 2022 15:56:50 +0100 Subject: [PATCH 2/4] feat: validate repository role with github api --- github/resource_github_team_repository.go | 1 + github/util.go | 31 +++++++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/github/resource_github_team_repository.go b/github/resource_github_team_repository.go index 6bb1d00f0e..cf37c10911 100644 --- a/github/resource_github_team_repository.go +++ b/github/resource_github_team_repository.go @@ -36,6 +36,7 @@ func resourceGithubTeamRepository() *schema.Resource { Type: schema.TypeString, Optional: true, Default: "pull", + ValidateFunc: validateTeamRepositoryPermissionFunc, }, "etag": { Type: schema.TypeString, diff --git a/github/util.go b/github/util.go index 2b17a5cc54..6323e05c93 100644 --- a/github/util.go +++ b/github/util.go @@ -192,3 +192,34 @@ func validateSecretNameFunc(v interface{}, keyName string) (we []string, errs [] return we, errs } + +func validateTeamRepositoryPermissionFunc(v interface{}, keyName string, meta interface{}) (we []string, errors []error) { + newRoleName, ok := v.(string) + if !ok { + return nil, []error{fmt.Errorf("Expected type of %s to be string", keyName)} + } + + client := meta.(*Owner).v3client + orgName := meta.(*Owner).name + ctx := context.Background() + + roles, _, err := client.Organizations.ListCustomRepoRoles(ctx, orgName) + + if err != nil { + return nil, []error{fmt.Errorf("Error in response from github while checking for existing custom roles. Error: %s", err)} + } + + valid := false + for _, role := range roles.CustomRepoRoles { + if *role.Name == newRoleName { + valid = true + break + } + } + + if !valid { + return nil, []error{fmt.Errorf("A custom role with the name %s does not exist in this GitHub organisation", newRoleName)} + } + + return we, errors +} From 6d90a6123ee2d4ae0de28159f922d5ed98294a7d Mon Sep 17 00:00:00 2001 From: Joshua Hancox Date: Mon, 23 May 2022 17:05:53 +0100 Subject: [PATCH 3/4] fix: also include built-in roles --- github/util.go | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/github/util.go b/github/util.go index 6323e05c93..852cc29853 100644 --- a/github/util.go +++ b/github/util.go @@ -194,31 +194,37 @@ func validateSecretNameFunc(v interface{}, keyName string) (we []string, errs [] } func validateTeamRepositoryPermissionFunc(v interface{}, keyName string, meta interface{}) (we []string, errors []error) { - newRoleName, ok := v.(string) + roleName, ok := v.(string) if !ok { return nil, []error{fmt.Errorf("Expected type of %s to be string", keyName)} } + roles := []string{"pull", "triage", "push", "maintain", "admin"} + client := meta.(*Owner).v3client orgName := meta.(*Owner).name ctx := context.Background() - roles, _, err := client.Organizations.ListCustomRepoRoles(ctx, orgName) + customRoles, _, err := client.Organizations.ListCustomRepoRoles(ctx, orgName) if err != nil { return nil, []error{fmt.Errorf("Error in response from github while checking for existing custom roles. Error: %s", err)} } + for _, role := range customRoles.CustomRepoRoles { + roles = append(roles, *role.Name) + } + valid := false - for _, role := range roles.CustomRepoRoles { - if *role.Name == newRoleName { + for _, role := range roles { + if role == roleName { valid = true break } } if !valid { - return nil, []error{fmt.Errorf("A custom role with the name %s does not exist in this GitHub organisation", newRoleName)} + return nil, []error{fmt.Errorf("A custom role with the name %s does not exist in this GitHub organisation", roleName)} } return we, errors From 9275591275a728cfcd1ccc4333cd4fac1623ae41 Mon Sep 17 00:00:00 2001 From: joshuahancox <67631498+joshuahancox@users.noreply.github.com> Date: Mon, 23 May 2022 18:36:26 +0100 Subject: [PATCH 4/4] Update github/util.go Co-authored-by: Reed Loden --- github/util.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/util.go b/github/util.go index 852cc29853..2012c93bb9 100644 --- a/github/util.go +++ b/github/util.go @@ -224,7 +224,7 @@ func validateTeamRepositoryPermissionFunc(v interface{}, keyName string, meta in } if !valid { - return nil, []error{fmt.Errorf("A custom role with the name %s does not exist in this GitHub organisation", roleName)} + return nil, []error{fmt.Errorf("A role with the name %s does not exist in this GitHub organisation", roleName)} } return we, errors