Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for disabling the use of the vulnerability management endpoint #1022

Merged
merged 3 commits into from
Mar 25, 2022
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 10 additions & 4 deletions github/resource_github_repository.go
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,10 @@ func resourceGithubRepository() *schema.Resource {
Type: schema.TypeBool,
Optional: true,
},
"ignore_vulnerability_alerts_during_read": {
Type: schema.TypeBool,
Optional: true,
},
"full_name": {
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -481,11 +485,13 @@ func resourceGithubRepositoryRead(d *schema.ResourceData, meta interface{}) erro
d.Set("template", []interface{}{})
}

vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName)
if err != nil {
return fmt.Errorf("Error reading repository vulnerability alerts: %v", err)
if !d.Get("ignore_vulnerability_alerts_during_read").(bool) {
vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName)
if err != nil {
return fmt.Errorf("Error reading repository vulnerability alerts: %v", err)
}
d.Set("vulnerability_alerts", vulnerabilityAlerts)
}
d.Set("vulnerability_alerts", vulnerabilityAlerts)

return nil
}
Expand Down
2 changes: 2 additions & 0 deletions website/docs/r/repository.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,8 @@ initial repository creation and create the target branch inside of the repositor

* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings.

* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read.

### GitHub Pages Configuration

The `pages` block supports the following:
Expand Down