diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go index d8a16ee611..9c87f748aa 100644 --- a/github/resource_github_repository.go +++ b/github/resource_github_repository.go @@ -202,6 +202,10 @@ func resourceGithubRepository() *schema.Resource { Type: schema.TypeBool, Optional: true, }, + "ignore_vulnerability_alerts_during_read": { + Type: schema.TypeBool, + Optional: true, + }, "full_name": { Type: schema.TypeString, Computed: true, @@ -477,11 +481,13 @@ func resourceGithubRepositoryRead(d *schema.ResourceData, meta interface{}) erro d.Set("template", []interface{}{}) } - vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName) - if err != nil { - return fmt.Errorf("Error reading repository vulnerability alerts: %v", err) + if !d.Get("ignore_vulnerability_alerts_during_read").(bool) { + vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName) + if err != nil { + return fmt.Errorf("Error reading repository vulnerability alerts: %v", err) + } + d.Set("vulnerability_alerts", vulnerabilityAlerts) } - d.Set("vulnerability_alerts", vulnerabilityAlerts) return nil } diff --git a/website/docs/r/repository.html.markdown b/website/docs/r/repository.html.markdown index 4b65964a80..7ebbbfd3f5 100644 --- a/website/docs/r/repository.html.markdown +++ b/website/docs/r/repository.html.markdown @@ -103,6 +103,8 @@ initial repository creation and create the target branch inside of the repositor * `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. +* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. + ### GitHub Pages Configuration The `pages` block supports the following: