[BUG]: github_repository: 422 An enforced security configuration prevented modifying advanced security enablement. #2383
Description
Expected Behavior
We have been using the github_repository resource for some time. We recently signed up for GHAS, and enabled enforcement on our repos.
We expect that an apply of a plan like the following should succeed:
terraform apply -target module.repo.github_repository.repo
…
# module.repo.github_repository.repo will be updated in-place
~ resource "github_repository" "repo" {
~ allow_rebase_merge = false -> true
id = "myrepo"
name = "myrepo"
# (33 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
…
Actual Behavior
The first time the terraform runs with an expected change, we get the following error:
│ Error: PATCH https://api.github.com/repos/groq/myrepo: 422 An enforced security configuration prevented modifying advanced security enablement. Contact your organization owner for details. []
After this run, manual inspection in the UI shows that the change is applied (in this case, allowing rebase and merge). The next run of the terraform rightfully detects that there are no changes:
No changes. Your infrastructure matches the configuration.
Note that if I disabled enforcement of GHAS and run the terraform apply again when there are pending changes (in this example, toggling allow_rebase_merge between true and false), then the apply succeed with no errors.
Terraform Version
Terraform v1.9.3
on darwin_amd64
- provider registry.terraform.io/buildkite/buildkite v1.10.2
- provider registry.terraform.io/hashicorp/google v6.0.1
- provider registry.terraform.io/integrations/github v6.2.3
Affected Resource(s)
- github_repository
Terraform Configuration Files
No response
Steps to Reproduce
$ terraform apply
Debug Output
No response
Panic Output
No response
Code of Conduct
- I agree to follow this project's Code of Conduct