From ab6c7e6d78cf13f99ab3c592775ebfa016742bf3 Mon Sep 17 00:00:00 2001 From: James Tran Date: Thu, 17 Oct 2024 12:49:42 -0400 Subject: [PATCH] Update security_and_analysis settings only when there are changes (#2397) The `resourceGithubRepositoryUpdate` function currently passes the current state of security_and_analysis to the PATCH /repo request. If the repo has an enforced security configuration, this can result in the API returning a 422 response because changing security settings is not allowed in this case. Even though the security_and_analysis settings remain the same, and only some other settings are changed, the request will still fail. To avoid the request failing when security_and_analysis remains the same, we will only pass it in the request payload when changes have been made. Co-authored-by: Keegan Campbell --- github/resource_github_repository.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go index 9afbdd8960..cc3c3a129d 100644 --- a/github/resource_github_repository.go +++ b/github/resource_github_repository.go @@ -752,6 +752,11 @@ func resourceGithubRepositoryUpdate(d *schema.ResourceData, meta interface{}) er // handle visibility updates separately from other fields repoReq.Visibility = nil + if !d.HasChange("security_and_analysis") { + repoReq.SecurityAndAnalysis = nil + log.Print("[DEBUG] No security_and_analysis update required. Removing this field from the payload.") + } + // The documentation for `default_branch` states: "This can only be set // after a repository has already been created". However, for backwards // compatibility we need to allow terraform configurations that set