Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Call to github API yields error for resource github_dependabot_organization_secret #1208

Closed
lneves75 opened this issue Jun 28, 2022 · 2 comments · Fixed by #1323
Closed

Call to github API yields error for resource github_dependabot_organization_secret #1208

lneves75 opened this issue Jun 28, 2022 · 2 comments · Fixed by #1323

Comments

@lneves75
Copy link

lneves75 commented Jun 28, 2022
edited
Loading

Hi there,

Opening an issue here too, just in case someone else hits this problem. This was traced to github's go client, but potentially to github's implementation of the two org secrets endpoints (actions and dependabot). More details below.

Terraform Version

Terraform v0.14.5
+ provider registry.terraform.io/hashicorp/aws v4.20.1
+ provider registry.terraform.io/hashicorp/github v4.26.1

Affected Resource(s)

  • github_dependabot_organization_secret

Terraform Configuration Files

terraform {
  required_providers {
    github = {
      source  = "hashicorp/github"
      version = "~> 4.0"
    }
  }
}

provider "aws" {
  region = "foo"
}

provider "github" {
  owner = "myorg"
}

data "aws_secretsmanager_secret" "foo" {
  name = "foo"
}

data "aws_secretsmanager_secret_version" "foo" {
  secret_id = data.aws_secretsmanager_secret.foo.id
}

data "github_repository" "my-repo" {
  name = "my-repo"
}

data "github_repository" "my-other-repo" {
  name = "my-other-repo"
}

resource "github_dependabot_organization_secret" "github_dependabot_bar" {
  secret_name     = "BAR"
  visibility      = "selected"
  plaintext_value = jsondecode(data.aws_secretsmanager_secret_version.foo.secret_string)["bar"]
  selected_repository_ids = [
    data. github_repository.my-repo.repo_id,
    data. github_repository.my-other-repo.repo_id
  ]
}

Debug Output

Output of request and error response call to the /orgs/{org}/dependabot/secrets/{secret_name} endpoint

Output of request and success response call to the /orgs/{org}/actions/secrets/{secret_name} endpoint (for comparison)

Panic Output

None

Expected Behavior

The creation of the dependabot org secret works with the intended type

Actual Behavior

Given the API documentation for the dependabot secrets endpoint, an array of strings is expected and, in fact, the validation returns a 422 HTTP status

What actually happened?

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply

Important Factoids

  • The issue was traced to the go client for github
  • There's also a mismatch between github's API implementation and the official documentation

For example. Making the PUT API call to the endpoint /orgs/myorg/actions/secrets/BAR with a set of strings we get a 422

{
	"message": "Invalid request.\n\nFor 'items', \"123\" is not an integer.\nFor 'items', \"456\" is not an integer.",
	"documentation_url": "https://docs.github.com/rest/reference/actions#create-or-update-an-organization-secret"
}

This is not consistent with the API documentation.

References
@parviste-fortum
Copy link

After upgrading to the Github provider v5.3.0 the situation is even worse, and the provider panics:

panic: interface conversion: interface {} is int, not string

goroutine 2931 [running]:
github.com/integrations/terraform-provider-github/v5/github.resourceGithubDependabotOrganizationSecretCreateOrUpdate(0xf08340?, {0xe8ce60?, 0xc00012e800?})
	github.com/integrations/terraform-provider-github/v5/github/resource_github_dependabot_organization_secret.go:98 +0x5f0
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).Apply(0xc0000c3f40, 0xc000914050, 0xc0009086a0, {0xe8ce60, 0xc00012e800})
	github.com/hashicorp/[email protected]/helper/schema/resource.go:320 +0x438
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Provider).Apply(0xc0000d8780, 0xc00082d9a0, 0x107b7bb?, 0xf?)
	github.com/hashicorp/[email protected]/helper/schema/provider.go:294 +0x70
github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ApplyResourceChange(0xc00000e8c0, {0xc00014b1f0?, 0x4b8686?}, 0xc00014b1f0)
	github.com/hashicorp/[email protected]/internal/helper/plugin/grpc_provider.go:895 +0x7c5
github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x102f3e0?, 0xc00000e8c0}, {0x1290f50, 0xc000904540}, 0xc000088d20, 0x0)
	github.com/hashicorp/[email protected]/internal/tfplugin5/tfplugin5.pb.go:3305 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0002e0380, {0x1294640, 0xc000310000}, 0xc00066afc0, 0xc0002e6870, 0x193a560, 0x0)
	google.golang.org/[email protected]/server.go:1283 +0xcfd
google.golang.org/grpc.(*Server).handleStream(0xc0002e0380, {0x1294640, 0xc000310000}, 0xc00066afc0, 0x0)
	google.golang.org/[email protected]/server.go:1620 +0xa1b
google.golang.org/grpc.(*Server).serveStreams.func1.2()
	google.golang.org/[email protected]/server.go:922 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
	google.golang.org/[email protected]/server.go:920 +0x28a

Error: The terraform-provider-github_v5.3.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

@gsuess gsuess mentioned this issue Sep 29, 2022
Closed
@vubogovich
Copy link

Looks like there is small bug from #1258 in the line mentioned in the stack trace above:

selectedRepositoryIDs = append(selectedRepositoryIDs, id.(string))

I have never used Go. Simple search suggests:

selectedRepositoryIDs = append(selectedRepositoryIDs, strconv.Itoa(id))

@nikolay nikolay mentioned this issue Oct 12, 2022
Merged
kfcampbell added a commit that referenced this issue Oct 12, 2022
@nikolay @kfcampbell
fix: github_dependabot_organization_secret panic (#1323)
25f682b 
* fix: `github_dependabot_organization_secret` panic

Closes #1208

* Fix linting/compilation error

Co-authored-by: Keegan Campbell <[email protected]>
@vubogovich vubogovich mentioned this issue Nov 14, 2022
Closed
kazaker pushed a commit to auto1-oss/terraform-provider-github that referenced this issue Dec 28, 2022
@nikolay @kfcampbell
fix: github_dependabot_organization_secret panic (integrations#1323)
6c66a2d 
* fix: `github_dependabot_organization_secret` panic

Closes integrations#1208

* Fix linting/compilation error

Co-authored-by: Keegan Campbell <[email protected]>
avidspartan1 pushed a commit to avidspartan1/terraform-provider-github that referenced this issue Feb 5, 2024
@nikolay @kfcampbell
fix: github_dependabot_organization_secret panic (integrations#1323)
4379b48 
* fix: `github_dependabot_organization_secret` panic

Closes integrations#1208

* Fix linting/compilation error

Co-authored-by: Keegan Campbell <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: github_dependabot_organization_secret panic
3 participants
@lneves75 @vubogovich @parviste-fortum