Update security_and_analysis settings only when there are changes (#2397

) The `resourceGithubRepositoryUpdate` function currently passes the current state of security_and_analysis to the PATCH /repo request. If the repo has an enforced security configuration, this can result in the API returning a 422 response because changing security settings is not allowed in this case. Even though the security_and_analysis settings remain the same, and only some other settings are changed, the request will still fail. To avoid the request failing when security_and_analysis remains the same, we will only pass it in the request payload when changes have been made. Co-authored-by: Keegan Campbell <me@kfcampbell.com>
integrations · Oct 17, 2024 · ab6c7e6 · ab6c7e6
1 parent f77aa4f
commit ab6c7e6
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go
@@ -752,6 +752,11 @@ func resourceGithubRepositoryUpdate(d *schema.ResourceData, meta interface{}) er
 	// handle visibility updates separately from other fields
 	repoReq.Visibility = nil
 
+	if !d.HasChange("security_and_analysis") {
+		repoReq.SecurityAndAnalysis = nil
+		log.Print("[DEBUG] No security_and_analysis update required. Removing this field from the payload.")
+	}
+
 	// The documentation for `default_branch` states: "This can only be set
 	// after a repository has already been created". However, for backwards
 	// compatibility we need to allow terraform configurations that set