Skip to content

Commit 55b203a

Browse files
committed
Add https_enforced field
Signed-off-by: Timo Sand <timo.sand@f-secure.com>
1 parent 55ea292 commit 55b203a

6 files changed

+72
-1
lines changed

github/data_source_github_repository_pages.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,11 @@ func dataSourceGithubRepositoryPages() *schema.Resource {
8080
Computed: true,
8181
Description: "Whether the GitHub Pages site is publicly visible. If set to `true`, the site is accessible to anyone on the internet. If set to `false`, the site will only be accessible to users who have at least `read` access to the repository that published the site.",
8282
},
83+
"https_enforced": {
84+
Type: schema.TypeBool,
85+
Computed: true,
86+
Description: "Whether the rendered GitHub Pages site will only be served over HTTPS.",
87+
},
8388
},
8489
}
8590
}
@@ -127,6 +132,9 @@ func dataSourceGithubRepositoryPagesRead(ctx context.Context, d *schema.Resource
127132
if err := d.Set("public", pages.GetPublic()); err != nil {
128133
return diag.FromErr(err)
129134
}
135+
if err := d.Set("https_enforced", pages.GetHTTPSEnforced()); err != nil {
136+
return diag.FromErr(err)
137+
}
130138
// Set source only for legacy build type
131139
if pages.GetBuildType() == "legacy" && pages.GetSource() != nil {
132140
source := []map[string]any{

github/data_source_github_repository_pages_test.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,7 @@ func TestAccGithubRepositoryPagesDataSource(t *testing.T) {
6363
statecheck.ExpectKnownValue("data.github_repository_pages.test", tfjsonpath.New("build_status"), knownvalue.NotNull()),
6464
statecheck.CompareValuePairs("data.github_repository_pages.test", tfjsonpath.New("api_url"), "github_repository_pages.test", tfjsonpath.New("api_url"), compare.ValuesSame()),
6565
statecheck.ExpectKnownValue("data.github_repository_pages.test", tfjsonpath.New("public"), knownvalue.Bool(testAccConf.authMode != enterprise)),
66+
statecheck.CompareValuePairs("data.github_repository_pages.test", tfjsonpath.New("https_enforced"), "github_repository_pages.test", tfjsonpath.New("https_enforced"), compare.ValuesSame()),
6667
},
6768
},
6869
},
@@ -112,6 +113,7 @@ func TestAccGithubRepositoryPagesDataSource(t *testing.T) {
112113
statecheck.ExpectKnownValue("data.github_repository_pages.test", tfjsonpath.New("build_status"), knownvalue.NotNull()),
113114
statecheck.CompareValuePairs("data.github_repository_pages.test", tfjsonpath.New("api_url"), "github_repository_pages.test", tfjsonpath.New("api_url"), compare.ValuesSame()),
114115
statecheck.CompareValuePairs("data.github_repository_pages.test", tfjsonpath.New("public"), "github_repository_pages.test", tfjsonpath.New("public"), compare.ValuesSame()),
116+
statecheck.CompareValuePairs("data.github_repository_pages.test", tfjsonpath.New("https_enforced"), "github_repository_pages.test", tfjsonpath.New("https_enforced"), compare.ValuesSame()),
115117
},
116118
},
117119
},

github/resource_github_repository_pages.go

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,13 @@ func resourceGithubRepositoryPages() *schema.Resource {
103103
Computed: true,
104104
Description: "Whether the GitHub Pages site is publicly visible. If set to `true`, the site is accessible to anyone on the internet. If set to `false`, the site will only be accessible to users who have at least `read` access to the repository that published the site.",
105105
},
106+
"https_enforced": {
107+
Type: schema.TypeBool,
108+
Optional: true,
109+
Computed: true,
110+
RequiredWith: []string{"cname"},
111+
Description: "Whether the rendered GitHub Pages site will only be served over HTTPS. Requires 'cname' to be set.",
112+
},
106113
},
107114
CustomizeDiff: customdiff.All(resourceGithubRepositoryPagesDiff, diffRepository),
108115
}
@@ -168,6 +175,15 @@ func resourceGithubRepositoryPagesCreate(ctx context.Context, d *schema.Resource
168175
return diag.FromErr(err)
169176
}
170177
}
178+
httpsEnforced, httpsEnforcedExists := d.GetOkExists("https_enforced") // nolint:staticcheck // SA1019: There is no better alternative for checking if boolean value is set
179+
if httpsEnforcedExists && httpsEnforced != nil {
180+
shouldUpdatePage = true
181+
update.HTTPSEnforced = github.Ptr(httpsEnforced.(bool))
182+
} else {
183+
if err := d.Set("https_enforced", pages.GetHTTPSEnforced()); err != nil {
184+
return diag.FromErr(err)
185+
}
186+
}
171187

172188
if shouldUpdatePage {
173189
_, err = client.Repositories.UpdatePages(ctx, owner, repoName, update)
@@ -225,6 +241,9 @@ func resourceGithubRepositoryPagesRead(ctx context.Context, d *schema.ResourceDa
225241
if err := d.Set("public", pages.GetPublic()); err != nil {
226242
return diag.FromErr(err)
227243
}
244+
if err := d.Set("https_enforced", pages.GetHTTPSEnforced()); err != nil {
245+
return diag.FromErr(err)
246+
}
228247

229248
// Set source only for legacy build type
230249
if pages.GetBuildType() == "legacy" && pages.GetSource() != nil {
@@ -269,6 +288,13 @@ func resourceGithubRepositoryPagesUpdate(ctx context.Context, d *schema.Resource
269288
}
270289
}
271290

291+
if d.HasChange("https_enforced") {
292+
httpsEnforced, ok := d.Get("https_enforced").(bool)
293+
if ok {
294+
update.HTTPSEnforced = github.Ptr(httpsEnforced)
295+
}
296+
}
297+
272298
if d.HasChange("build_type") {
273299
buildType := d.Get("build_type").(string)
274300
update.BuildType = github.Ptr(buildType)

github/resource_github_repository_pages_test.go

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -218,6 +218,36 @@ source {
218218
})
219219
})
220220

221+
t.Run("errors_when_https_enforced_without_cname", func(t *testing.T) {
222+
randomID := acctest.RandString(5)
223+
repoName := fmt.Sprintf("%spages-%s", testResourcePrefix, randomID)
224+
225+
config := fmt.Sprintf(`
226+
resource "github_repository" "test" {
227+
name = "%s"
228+
visibility = "%s"
229+
auto_init = true
230+
}
231+
232+
resource "github_repository_pages" "test" {
233+
repository = github_repository.test.name
234+
build_type = "workflow"
235+
https_enforced = true
236+
}
237+
`, repoName, baseRepoVisibility)
238+
239+
resource.Test(t, resource.TestCase{
240+
PreCheck: func() { skipUnauthenticated(t) },
241+
ProviderFactories: providerFactories,
242+
Steps: []resource.TestStep{
243+
{
244+
Config: config,
245+
ExpectError: regexp.MustCompile(`all of .cname,https_enforced. must be specified`),
246+
},
247+
},
248+
})
249+
})
250+
221251
t.Run("imports_pages_configuration", func(t *testing.T) {
222252
randomID := acctest.RandString(5)
223253
repoName := fmt.Sprintf("%spages-%s", testResourcePrefix, randomID)

website/docs/d/repository_pages.html.markdown

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,8 @@ The following attributes are exported:
4343

4444
- `public` - Whether the GitHub Pages site is public.
4545

46+
- `https_enforced` - Whether HTTPS is enforced for the GitHub Pages site. This setting only applies when a custom domain is configured.
47+
4648
### Source
4749

4850
The `source` block contains:

website/docs/r/repository_pages.html.markdown

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,8 @@ resource "github_repository" "example" {
8080
resource "github_repository_pages" "example" {
8181
repository = github_repository.example.name
8282
build_type = "legacy"
83-
cname = "example.com"
83+
cname = "example.com"
84+
https_enforced = true
8485
8586
source {
8687
branch = "main"
@@ -103,6 +104,8 @@ The following arguments are supported:
103104

104105
- `public` - (Optional) Whether the GitHub Pages site is public.
105106

107+
- `https_enforced` - (Optional) Whether HTTPS is enforced for the GitHub Pages site. GitHub Pages sites serve over HTTPS by default; this setting only applies when a custom domain (`cname`) is configured. Requires `cname` to be set.
108+
106109
### Source
107110

108111
The `source` block supports the following:

0 commit comments

Comments
 (0)