feat: add github_organization_private_registry resource and data source#3424
feat: add github_organization_private_registry resource and data source#3424Gaardsholt wants to merge 22 commits into
Conversation
This introduces the `github_organization_private_registry` resource and data source, allowing users to configure and manage centralized private registries at the organization level for Dependabot. Includes full CRUD acceptance tests, examples, and documentation. Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
|
👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with |
|
A small note, I didn't add {
"message": "Failed to create private registry configuration",
"errors": [
"registry_type must be one of: maven_repository, nuget_feed, goproxy_server, npm_registry, rubygems_server, cargo_registry, composer_repository, docker_registry, git_source, helm_registry, pub_repository, python_index, terraform_registry"
],
"documentation_url": "https://docs.github.com/rest/private-registries/organization-configurations#create-a-private-registry-for-an-organization",
"status": "422"
} |
|
Did I miss anything or what can we do to get this merged? :) |
…b into private-registries Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
|
@Gaardsholt Sorry, we are currently short on capacity and thus are focus mainly on improving the foundations to reduce maintenance workload |
deiga
left a comment
There was a problem hiding this comment.
Not a full review, just noticed the most likely unnecessary docs templates
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
There was a problem hiding this comment.
Pull request overview
These provider review instructions are being used.
This PR introduces a new github_organization_private_registry resource and data source to manage centralized private registry configurations for Dependabot at the organization level. It resolves issues #2720 and #3339, enabling users to configure registry credentials (including OIDC auth) and visibility settings via Terraform.
Changes:
- New resource (
github_organization_private_registry) with full CRUD support, including secret encryption, multiple auth types (token, username_password, OIDC), and visibility control. - New data source (
github_organization_private_registry) to read existing registry configurations. - Documentation, examples, and acceptance tests for both the resource and data source.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| github/resource_github_organization_private_registry.go | New resource implementation with CRUD operations, schema, and secret encryption |
| github/data_source_github_organization_private_registry.go | New data source implementation for reading registry info |
| github/resource_github_organization_private_registry_test.go | Acceptance test for the resource (basic create + data source read) |
| github/data_source_github_organization_private_registry_test.go | Acceptance test for the data source |
| github/provider.go | Registers the new resource and data source |
| examples/resources/github_organization_private_registry/resource.tf | Example snippet for tfplugindocs |
| examples/data-sources/github_organization_private_registry/data-source.tf | Example snippet for tfplugindocs |
| docs/resources/organization_private_registry.md | Resource documentation |
| docs/data-sources/organization_private_registry.md | Data source documentation |
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
…make sure `secret` or `encrypted_value` is set when `auth_type` is `token` or `username_password` Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
| } | ||
|
|
||
| if v, ok := d.GetOk("username"); ok { | ||
| payload.Username = new(v.(string)) |
| url = "https://npm.pkg.github.com" | ||
| auth_type = "username_password" | ||
| username = "github-actions" | ||
| secret = "super_secret_token_123" |
| payload := github.UpdateOrganizationPrivateRegistry{ | ||
| RegistryType: (*github.PrivateRegistryType)(new(d.Get("registry_type").(string))), | ||
| } |
|
Hello @deiga, I am especially interested in this PR which I believe can resolve a big issue we have on our side. I understand you are working on others, but I would like to ask you if you have any ETA on merging the present one so that I can simply communicate internally. |
deiga
left a comment
There was a problem hiding this comment.
Please make sure you read the Contribution guide and the Architecture guide, there are multiple aspects where you're going against the standard we expect
This is just a partial review
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
I have read through both of the two guides, and have addressed most of your comments and hopefully I am now more closely following the standards. The only comment I haven't resolved is #3424 (comment) |
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
| "selected_repository_ids": { | ||
| Type: schema.TypeSet, | ||
| Optional: true, | ||
| Elem: &schema.Schema{ | ||
| Type: schema.TypeInt, | ||
| }, | ||
| Description: "An array of repository IDs that can access the organization private registry.", | ||
| }, |
| Importer: &schema.ResourceImporter{ | ||
| StateContext: schema.ImportStatePassthroughContext, | ||
| }, |
This introduces the
github_organization_private_registryresource and data source, allowing users to configure and manage centralized private registries at the organization level for Dependabot. Includes full CRUD acceptance tests, examples, and documentation.Resolves #2720
Resolves #3339
Before the change?
After the change?
Pull request checklist
Does this introduce a breaking change?
Please see our docs on breaking changes to help!
I have run the acceptance tests myself with the following command, which ran successfully:
I have also tested it by building the provider and using it with the following terraform:
Note
Full disclosure: This has been developed with the help of AI.