-
Notifications
You must be signed in to change notification settings - Fork 763
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Resource: github_actions_runner_group #821
New Resource: github_actions_runner_group #821
Conversation
Another, more general question: when I try to run any preexisting test that includes the
My
And I believe the token has the needed scopes:
In case it helps, my env should be configured as described in CONTRIBUTING.md:
(Marking as ready for review to request feedback) |
The |
@jcudit could you enable workflows for @soulshake? I recall you saying some tests can only be run by you (?). |
What is the best way to move this forward and get support for the Actions API into the provider? |
Apologies for the inactivity here, lets get this ready to ship! Please cherry-pick b5b793a in order to get the tests aligned to the project's testing suite. I've tested this branch on the latest GHES release as well as with a GHEC account. Functionality seems 👌🏾 for GHEC but we are lacking API support for GHES as of 3.1: ---[ REQUEST ]---------------------------------------
POST /api/v3/orgs/terraformtesting/actions/runner-groups HTTP/1.1
Host: jcudit-1628516972.ghe-test.com
User-Agent: go-github
Content-Length: 48
Accept: application/vnd.github.v3+json
Content-Type: application/json
Accept-Encoding: gzip
{
"name": "tf-acc-test-e4zrk",
"visibility": "all"
}
-----------------------------------------------------
2021/08/09 10:41:33 [DEBUG] Github API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 404 Not Found
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset
Content-Security-Policy: default-src 'none'
Content-Type: application/json; charset=utf-8
Date: Mon, 09 Aug 2021 14:41:33 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Accepted-Oauth-Scopes: repo
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Github-Enterprise-Version: 3.1.4
X-Github-Media-Type: github.v3; format=json
X-Github-Request-Id: 9367b480-ff75-41ba-a46a-1819e252a0a2
X-Oauth-Scopes: admin:enterprise, admin:gpg_key, admin:org, admin:org_hook, admin:pre_receive_hook, admin:public_key, admin:repo_hook, delete:packages, delete_repo, gist, notifications, repo, site_admin, user, workflow, write:discussion, write:packages
X-Runtime-Rack: 0.018059
X-Xss-Protection: 1; mode=block
{
"message": "Not Found",
"documentation_url": "https://docs.github.com/enterprise/3.1/rest"
} As for the visibility configuration, this is the most troublesome bit. Perhaps we can ship this resource with limited support and revisit setting visibility to We will also need to add docs for the new resource before this can merge. Adding these will allow us to communicate limitations around GHES use and the |
f89cd45
to
da349c1
Compare
@jcudit Thanks! I've added docs and a few more tests. Please let me know if this is what you had in mind. The tests seem to be passing: Test output
However, I haven't been able to actually test the provider locally; not sure what I'm doing wrong: Attempt at using built provider
After adding required_providers block
|
log.Printf("[DEBUG] Reading organization runner group repositories: %s (%s)", d.Id(), orgName) | ||
runnerGroupRepositories, resp, err := client.Actions.ListRepositoryAccessRunnerGroup(ctx, orgName, runnerGroupID) | ||
|
||
selectedRepositoryIDs := []int64{} | ||
for _, repo := range runnerGroupRepositories.Repositories { | ||
selectedRepositoryIDs = append(selectedRepositoryIDs, *repo.ID) | ||
} | ||
log.Printf("[DEBUG] Got selected_repository_ids: %v", selectedRepositoryIDs) | ||
d.Set("selected_repository_ids", selectedRepositoryIDs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did not see a way to get the selected_repository_ids
without making this additional API call.
|
||
t.Run("creates runner groups without error", func(t *testing.T) { | ||
|
||
// t.Skip("requires an enterprise cloud account") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since the tests don't run when this line is present, I wasn't sure if it should be there or not.
t.Skip("always shows a diff for visibility 'all' => 'private'") | ||
testCase(t, organization) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't sure if I should leave this test here or take it out entirely.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Safe to leave in for this first pass. We may upgrade our testing suite and revisit in the future 🤞🏾
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is pretty close and will likely ship with the next release. Can we get 5ec99a3 cherry-picked in to finalize documentation?
Aiming to play more with the test suite against different versions of enterprise deployments. Hoping to get limitations documented and flush out any obvious bugs.
Excellent effort 🙇🏾 !
3dc6c65
to
edfd706
Compare
@jcudit cherry-pick has been done, thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small fix required but otherwise tested well for enterprise use too. Good to merge once the import has been fixed.
@jcudit Suggestion merged 👍 Thanks! |
Ah, one more round of fixes 🙃 Can we get the conflicts removed here as another PR was merged that added a new resource. |
a96f4dd
to
320ddb3
Compare
Of course! Done and done |
* WIP * fixup! add tests compatible with test suite * Add doc * Set selected_repository_ids * Add import tests * Add note to docs regarding unsupported `visibility = private` * Add check for selected_repository_ids.# when importing a 'selected' runner group * Add a few more name checks * fixup! link new resource documentation * Update github/resource_github_actions_runner_group.go Co-authored-by: Jeremy Udit <[email protected]> * fixup! handle error to satisfy linter * fixup! discard unused return value Co-authored-by: Jeremy Udit <[email protected]>
(Disclaimer: this is my first time working on a Terraform provider, and this PR is still a work in progress)
This PR is intended to add support for self-hosted runner groups in GitHub Actions as described in https://docs.github.com/en/rest/reference/actions#self-hosted-runner-groups.
My questions
visibility
which should acceptprivate
as an option. But I can't get a runner group withvisibility = private
through any combination ofPOST
orPATCH
calls I've tried (details below). Should I still attempt to add support for this?allows_public_repositories
parameter, but providing this parameter seems to have an effect. Should I add support for this?1. visibility = private?
I added tests, but the one that tests
visibility = true
is failing.Output of failing test for a runner group with `visibility = private`
After testing manually with
curl
to debug this failing test, I'm confused about the expected behavior of thePOST /orgs/{org}/actions/runner-groups
method. The API returns a runner group with visibilityall
, despite specifying"visibility": "private"
in the request:It may be worth mentioning that the dropdown on the web UI only has options for "Selected" and "All" (whether updating a runner group or creating a new runner group):
(There is also a checkmark--hidden by the dropdown in the screenshot above--for "Allow public repositories" that is checkable whether "selected" or "all" is chosen from the dropdown.)
Am I missing something?
2.
allows_public_repositories
parameter?There is no documented
allows_public_repositories
parameter (ref), but specifying it seems to be the only way to get a value ofallows_public_repositories": true
in thecreate
response:Related: #542