From 133eb2f6fe0b92aafcb546045e7eff11d4533bd1 Mon Sep 17 00:00:00 2001 From: Eric Nieuwenhuijsen Date: Fri, 25 Mar 2022 22:01:05 +0100 Subject: [PATCH] Add support for disabling the use of the vulnerability management endpoint (#1022) * Add support for disabling the use of the vulnerability management endpoint * Run make lint Co-authored-by: Keegan Campbell --- github/resource_github_repository.go | 14 ++++++++++---- website/docs/r/repository.html.markdown | 2 ++ 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go index d8a16ee611..9c87f748aa 100644 --- a/github/resource_github_repository.go +++ b/github/resource_github_repository.go @@ -202,6 +202,10 @@ func resourceGithubRepository() *schema.Resource { Type: schema.TypeBool, Optional: true, }, + "ignore_vulnerability_alerts_during_read": { + Type: schema.TypeBool, + Optional: true, + }, "full_name": { Type: schema.TypeString, Computed: true, @@ -477,11 +481,13 @@ func resourceGithubRepositoryRead(d *schema.ResourceData, meta interface{}) erro d.Set("template", []interface{}{}) } - vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName) - if err != nil { - return fmt.Errorf("Error reading repository vulnerability alerts: %v", err) + if !d.Get("ignore_vulnerability_alerts_during_read").(bool) { + vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName) + if err != nil { + return fmt.Errorf("Error reading repository vulnerability alerts: %v", err) + } + d.Set("vulnerability_alerts", vulnerabilityAlerts) } - d.Set("vulnerability_alerts", vulnerabilityAlerts) return nil } diff --git a/website/docs/r/repository.html.markdown b/website/docs/r/repository.html.markdown index 4b65964a80..7ebbbfd3f5 100644 --- a/website/docs/r/repository.html.markdown +++ b/website/docs/r/repository.html.markdown @@ -103,6 +103,8 @@ initial repository creation and create the target branch inside of the repositor * `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. +* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. + ### GitHub Pages Configuration The `pages` block supports the following: