diff --git a/docs/resources/repository_ruleset.md b/docs/resources/repository_ruleset.md index 3d7bfe1363..28e98984d0 100644 --- a/docs/resources/repository_ruleset.md +++ b/docs/resources/repository_ruleset.md @@ -296,9 +296,9 @@ The `rules` block supports the following: #### bypass_actors -- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `DeployKey` do not have an ID. +- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). If `actor_type` is `User`, `actor_id` is the numeric GitHub user ID. Some actor types such as `DeployKey` do not have an ID. -- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`. +- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, `User`. - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`. @@ -309,6 +309,7 @@ The `rules` block supports the following: - `maintain` -> `2` - `write` -> `4` - `admin` -> `5` +- `User` -> the numeric GitHub user ID #### conditions diff --git a/github/resource_github_repository_ruleset.go b/github/resource_github_repository_ruleset.go index 1a3ed3fe64..ec6f6c1108 100644 --- a/github/resource_github_repository_ruleset.go +++ b/github/resource_github_repository_ruleset.go @@ -68,13 +68,13 @@ func resourceGithubRepositoryRuleset() *schema.Resource { Type: schema.TypeInt, Optional: true, Default: nil, - Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. Some resources such as DeployKey do not have an ID and this should be omitted.", + Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. When `actor_type` is `User`, this should be set to the numeric GitHub user ID. Some resources such as DeployKey do not have an ID and this should be omitted.", }, "actor_type": { Type: schema.TypeString, Required: true, - ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey"}, false)), - Description: "The type of actor that can bypass a ruleset. See https://docs.github.com/en/rest/repos/rules for more information.", + ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey", "User"}, false)), + Description: "The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, or `User`. See https://docs.github.com/en/rest/repos/rules for more information.", }, "bypass_mode": { Type: schema.TypeString, diff --git a/github/resource_github_repository_ruleset_test.go b/github/resource_github_repository_ruleset_test.go index 3cb74e2117..8b9ed0c5a7 100644 --- a/github/resource_github_repository_ruleset_test.go +++ b/github/resource_github_repository_ruleset_test.go @@ -29,6 +29,10 @@ resource "github_repository_environment" "example" { repository = github_repository.test.name } +data "github_user" "current" { + username = "%[3]s" +} + resource "github_repository_ruleset" "test" { name = "test" repository = github_repository.test.id @@ -46,6 +50,12 @@ resource "github_repository_ruleset" "test" { bypass_mode = "always" } + bypass_actors { + actor_id = tonumber(data.github_user.current.id) + actor_type = "User" + bypass_mode = "always" + } + conditions { ref_name { include = ["refs/heads/main"] @@ -113,7 +123,7 @@ resource "github_repository_ruleset" "test" { non_fast_forward = true } } -`, repoName, testAccConf.testRepositoryVisibility) +`, repoName, testAccConf.testRepositoryVisibility, testAccConf.username) resource.Test(t, resource.TestCase{ PreCheck: func() { skipUnauthenticated(t) }, @@ -125,12 +135,15 @@ resource "github_repository_ruleset" "test" { resource.TestCheckResourceAttr("github_repository_ruleset.test", "name", "test"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "target", "branch"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "enforcement", "active"), - resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.#", "2"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.#", "3"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.actor_type", "DeployKey"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.bypass_mode", "always"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.1.actor_id", "5"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.1.actor_type", "RepositoryRole"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.1.bypass_mode", "always"), + resource.TestCheckResourceAttrPair("github_repository_ruleset.test", "bypass_actors.2.actor_id", "data.github_user.current", "id"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.2.actor_type", "User"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.2.bypass_mode", "always"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "2"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "rules.0.required_code_scanning.0.required_code_scanning_tool.0.alerts_threshold", "errors"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "rules.0.required_code_scanning.0.required_code_scanning_tool.0.security_alerts_threshold", "high_or_higher"), diff --git a/templates/resources/repository_ruleset.md.tmpl b/templates/resources/repository_ruleset.md.tmpl index d40b5262bb..d223dbe24c 100644 --- a/templates/resources/repository_ruleset.md.tmpl +++ b/templates/resources/repository_ruleset.md.tmpl @@ -225,9 +225,9 @@ The `rules` block supports the following: #### bypass_actors -- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `DeployKey` do not have an ID. +- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). If `actor_type` is `User`, `actor_id` is the numeric GitHub user ID. Some actor types such as `DeployKey` do not have an ID. -- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`. +- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, `User`. - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`. @@ -238,6 +238,7 @@ The `rules` block supports the following: - `maintain` -> `2` - `write` -> `4` - `admin` -> `5` +- `User` -> the numeric GitHub user ID #### conditions