diff --git a/github/resource_github_organization_ruleset.go b/github/resource_github_organization_ruleset.go index cfc67a95c7..a96294e1d4 100644 --- a/github/resource_github_organization_ruleset.go +++ b/github/resource_github_organization_ruleset.go @@ -68,8 +68,8 @@ func resourceGithubOrganizationRuleset() *schema.Resource { "actor_type": { Type: schema.TypeString, Required: true, - ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"Integration", "OrganizationAdmin", "RepositoryRole", "Team", "DeployKey"}, false)), - Description: "The type of actor that can bypass a ruleset. Can be one of: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, or `DeployKey`.", + ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"Integration", "OrganizationAdmin", "RepositoryRole", "Team", "DeployKey", "RepositoryMigration"}, false)), + Description: "The type of actor that can bypass a ruleset. Can be one of: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, `DeployKey`, or `RepositoryMigration`.", }, "bypass_mode": { Type: schema.TypeString, diff --git a/github/resource_github_organization_ruleset_test.go b/github/resource_github_organization_ruleset_test.go index 30afe67393..bc02b45075 100644 --- a/github/resource_github_organization_ruleset_test.go +++ b/github/resource_github_organization_ruleset_test.go @@ -77,6 +77,11 @@ resource "github_organization_ruleset" "test" { bypass_mode = "always" } + bypass_actors { + actor_type = "RepositoryMigration" + bypass_mode = "always" + } + conditions { repository_name { include = ["~ALL"] @@ -161,7 +166,7 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "name", rulesetName), resource.TestCheckResourceAttr("github_organization_ruleset.test", "target", "branch"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "enforcement", "active"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "3"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "4"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.actor_type", "DeployKey"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_id", "5"), @@ -170,6 +175,8 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_id", "1"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_type", "OrganizationAdmin"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.bypass_mode", "always"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_type", "RepositoryMigration"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "3"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.do_not_enforce_on_create", "true"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.required_workflow.0.path", workflowFilePath), diff --git a/github/resource_github_repository_ruleset.go b/github/resource_github_repository_ruleset.go index fb2549296b..7b84767bb4 100644 --- a/github/resource_github_repository_ruleset.go +++ b/github/resource_github_repository_ruleset.go @@ -73,7 +73,7 @@ func resourceGithubRepositoryRuleset() *schema.Resource { "actor_type": { Type: schema.TypeString, Required: true, - ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey"}, false)), + ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey", "RepositoryMigration"}, false)), Description: "The type of actor that can bypass a ruleset. See https://docs.github.com/en/rest/repos/rules for more information.", }, "bypass_mode": { diff --git a/github/resource_github_repository_ruleset_test.go b/github/resource_github_repository_ruleset_test.go index 3cb74e2117..8406fa3e9c 100644 --- a/github/resource_github_repository_ruleset_test.go +++ b/github/resource_github_repository_ruleset_test.go @@ -46,6 +46,11 @@ resource "github_repository_ruleset" "test" { bypass_mode = "always" } + bypass_actors { + actor_type = "RepositoryMigration" + bypass_mode = "always" + } + conditions { ref_name { include = ["refs/heads/main"] @@ -125,12 +130,14 @@ resource "github_repository_ruleset" "test" { resource.TestCheckResourceAttr("github_repository_ruleset.test", "name", "test"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "target", "branch"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "enforcement", "active"), - resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.#", "2"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.#", "3"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.actor_type", "DeployKey"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.bypass_mode", "always"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.1.actor_id", "5"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.1.actor_type", "RepositoryRole"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.1.bypass_mode", "always"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.2.actor_type", "RepositoryMigration"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.2.bypass_mode", "always"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "2"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "rules.0.required_code_scanning.0.required_code_scanning_tool.0.alerts_threshold", "errors"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "rules.0.required_code_scanning.0.required_code_scanning_tool.0.security_alerts_threshold", "high_or_higher"), diff --git a/website/docs/r/organization_ruleset.html.markdown b/website/docs/r/organization_ruleset.html.markdown index f0a052a159..7396514111 100644 --- a/website/docs/r/organization_ruleset.html.markdown +++ b/website/docs/r/organization_ruleset.html.markdown @@ -351,7 +351,7 @@ The `rules` block supports the following: - `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. Some actor types such as `DeployKey` do not have an ID. -- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`. +- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, `RepositoryMigration`. - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`. diff --git a/website/docs/r/repository_ruleset.html.markdown b/website/docs/r/repository_ruleset.html.markdown index 5c8b72ae4e..6d1fca23f2 100644 --- a/website/docs/r/repository_ruleset.html.markdown +++ b/website/docs/r/repository_ruleset.html.markdown @@ -300,7 +300,7 @@ The `rules` block supports the following: - `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `DeployKey` do not have an ID. -- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`. +- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, `RepositoryMigration`. - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`.