Skip to content

feat: Update go-github to v89#3526

Merged
stevehipwell merged 9 commits into
integrations:mainfrom
stevehipwell:go-github-v89
Jul 10, 2026
Merged

feat: Update go-github to v89#3526
stevehipwell merged 9 commits into
integrations:mainfrom
stevehipwell:go-github-v89

Conversation

@stevehipwell

@stevehipwell stevehipwell commented Jul 7, 2026

Copy link
Copy Markdown
Collaborator

Resolves #ISSUE_NUMBER


Before the change?

After the change?

  • Updated go-github to v89.0.0
  • Fixed actions secrets and variables changes
  • Fixed secret drift detection
  • Fixed release resource
  • Updated tests for actions secrets & variables
  • Updated tests for Dependabot secrets
  • Updated docs for actions secrets & variables
  • Updated docs for Dependabot secrets
  • Updated docs for release resource

Pull request checklist

  • Schema migrations have been created if needed (example)
  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been reviewed and added / updated if needed (for bug fixes / features)

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

  • Yes
  • No

@stevehipwell stevehipwell added this to the v6.14.0 milestone Jul 7, 2026
@stevehipwell stevehipwell self-assigned this Jul 7, 2026
@stevehipwell stevehipwell added the dependencies Pull requests that update a dependency file label Jul 7, 2026
@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown

👋 Hi, and thank you for this contribution!

This repo is maintained by GitHub and community members on a best-effort basis. We'll get to this as soon as we can.

You can help us prioritize by joining the discussion on open issues and PRs, sharing details on the changes you need, and reviewing other contributions.


🤖 This is an automated message.

@stevehipwell stevehipwell added Type: Bug Something isn't working as documented Type: Maintenance Any dependency, housekeeping, and clean up Issue or PR labels Jul 8, 2026
@stevehipwell stevehipwell marked this pull request as ready for review July 8, 2026 12:49

@deiga deiga left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Partial review

Comment thread github/acc_helpers_test.go
Comment thread github/acc_helpers_test.go
deiga
deiga previously approved these changes Jul 8, 2026

@deiga deiga left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Comment thread github/resource_github_actions_organization_secret.go Outdated

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the provider's GitHub API client from google/go-github v88 to v89 and adapts the codebase to the v89 API surface (methods that now take owner, repo/int64 IDs instead of *github.Repository, iterator-based pagination via *Iter methods, and errors.AsType for error classification). Alongside the mechanical bump it fixes several resources (Actions/Dependabot secrets & variables drift detection, the release resource's repository-rename handling with a new V0→V1 state migration adding repository_id) and regenerates docs/examples into the modern tfplugindocs layout (resource_*.tf, import.sh, import-by-string-id.tf, templated import sections).

Changes:

  • Bump go-github/v88v89 across ~150 files and adapt call sites to the new API signatures and pagination iterators.
  • Fix secret drift detection (diffSecret now always compares updated_at vs remote_updated_at) and add a release-resource state migration + diffRepository rename handling.
  • Regenerate docs and examples for secrets, variables, and the release resource using standardized templates and example fragments.

Reviewed changes

Copilot reviewed 266 out of 268 changed files in this pull request and generated no comments.

Show a summary per file
File Description
github/util_diff.go New diffRepository/diffSecret logic and errors.AsType usage; reviewed, correct.
github/resource_github_release_migration.go (+test) New V0→V1 migration adding repository_id; wiring and error message consistent.
github/data_source_github_actions_environment_*.go Refactored to v89 signatures (GetEnvPublicKey, ListEnvSecretsIter, ExactlyOneOf); correct.
github/resource_github_actions_organization_secret_repository.go Uses int64 repo IDs and *Iter pagination per v89; correct.
github/resource_github_*organization_secret.go, ..._variable.go Import functions use d.Id() as the bare name (org from provider).
templates/resources/*.md.tmpl Standardized doc templates with templated Example/Import sections.
examples/resources/github_actions_variable/import-by-string-id.tf Import block swapped with the environment-variable resource (wrong resource + ID).
examples/resources/github_actions_environment_variable/import-by-string-id.tf Import block swapped with the repository-variable resource (wrong resource + ID).
examples/resources/github_{actions,dependabot}_organization_*/import-by-string-id.tf & import.sh Org-level import IDs incorrectly prefixed with organization-name:.
docs/resources/*.md, go.mod/go.sum, ~140 .go files Regenerated docs and mechanical v89 client references.

Findings (all MEDIUM):

  • The github_actions_variable and github_actions_environment_variable import-by-string-id.tf files are swapped — each references the other resource type with the wrong ID arity, contradicting the correct sibling import.sh files, and this propagates into the generated docs.
  • The org-level import examples (github_actions_organization_secret, github_actions_organization_variable, github_dependabot_organization_secret) use organization-name:<name> IDs, but the importers use d.Id() verbatim as the name (org comes from provider config), so following the docs would fail the import. The paired import.sh files carry the same error.
Comments suppressed due to low confidence (5)

examples/resources/github_actions_variable/import-by-string-id.tf:3

  • This import example lives in the github_actions_variable (repository-level) directory, but it references github_actions_environment_variable with a three-part environment ID. The github_actions_variable resource is imported with a two-part repository:variable_name ID (see the sibling import.sh, which correctly uses repo-name:variable-name). This block appears to have been swapped with the one under github_actions_environment_variable/ during the rename, so it and the generated docs point users at the wrong resource and ID format.
    examples/resources/github_actions_environment_variable/import-by-string-id.tf:3
  • This import example lives in the github_actions_environment_variable directory, but it references github_actions_variable with a two-part ID. The environment variable resource is imported with a three-part repository:environment:variable_name ID (see the sibling import.sh, which correctly uses repo-name:environment-name:variable-name). This block appears to have been swapped with the one under github_actions_variable/ during the rename, so it and the generated docs point users at the wrong resource and ID format.
    examples/resources/github_actions_organization_secret/import-by-string-id.tf:3
  • The github_actions_organization_secret importer uses the ID directly as the secret name (secretName := d.Id()), with the organization taken from the provider configuration, not from the ID. Prefixing the ID with organization-name: makes Terraform look up a secret literally named organization-name:secret-name, which fails. The import ID should be just the secret name. The sibling import.sh in this directory has the same incorrect prefix and should be corrected as well.
    examples/resources/github_actions_organization_variable/import-by-string-id.tf:3
  • The github_actions_organization_variable importer uses the ID directly as the variable name (varName := d.Id()), with the organization taken from the provider configuration, not from the ID. Prefixing the ID with organization-name: makes Terraform look up a variable literally named organization-name:variable-name, which fails. The import ID should be just the variable name. The sibling import.sh in this directory has the same incorrect prefix and should be corrected as well.
    examples/resources/github_dependabot_organization_secret/import-by-string-id.tf:3
  • The github_dependabot_organization_secret importer uses the ID directly as the secret name (secretName := d.Id()), with the organization taken from the provider configuration, not from the ID. Prefixing the ID with organization-name: makes Terraform look up a secret literally named organization-name:secret-name, which fails. The import ID should be just the secret name. The sibling import.sh in this directory has the same incorrect prefix and should be corrected as well.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 266 out of 268 changed files in this pull request and generated 4 comments.

Comment thread docs/resources/actions_variable.md Outdated
Comment thread docs/resources/actions_environment_variable.md Outdated
Comment thread docs/resources/actions_organization_variable.md Outdated
Comment thread docs/resources/actions_organization_variable.md Outdated

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 266 out of 268 changed files in this pull request and generated no new comments.

robert-crandall
robert-crandall previously approved these changes Jul 9, 2026

@robert-crandall robert-crandall left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for taking this on, Steve - the v89 bump plus the secret/variable/release cleanup is a lot of careful work, and the release schema migration with mock-backed tests is really nice to see. Builds and unit tests are green on my end. One small thing I'd love your take on: the refactored release Read now only refreshes the computed fields, so external drift on name/body/draft/prerelease won't be picked up on a plan anymore - was that an intentional trade-off to avoid the generate_release_notes perpetual diff? Happy either way, just want to make sure it's captured.

@stevehipwell

Copy link
Copy Markdown
Collaborator Author

One small thing I'd love your take on: the refactored release Read now only refreshes the computed fields, so external drift on name/body/draft/prerelease won't be picked up on a plan anymore - was that an intentional trade-off to avoid the generate_release_notes perpetual diff? Happy either way, just want to make sure it's captured.

@robert-crandall great spot, I was coming back to this but it was a much bigger task to update to v89 than I'd anticipated and it looks like I missed it. Let me fix it now.

@stevehipwell

Copy link
Copy Markdown
Collaborator Author

@robert-crandall further to my previous reply; if setting both generate_release_notes = true & body there will currently be a perpetual diff. This probably ought to be captured as an issue as a fix wouldn't be too complicated (e.g. add release_notes as optional/computed to be appended to body).

deiga
deiga previously approved these changes Jul 9, 2026

@deiga deiga left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Signed-off-by: Steve Hipwell <steve.hipwell@gmail.com>
deiga
deiga previously approved these changes Jul 10, 2026
@stevehipwell stevehipwell requested a review from Copilot July 10, 2026 08:25
@stevehipwell stevehipwell added the acctest For CI / automated testing label Jul 10, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 265 out of 267 changed files in this pull request and generated 15 comments.

Comment thread github/resource_github_actions_secret_migration.go
Comment thread github/resource_github_actions_secret_migration.go
Comment thread github/resource_github_actions_secret_migration.go
Comment thread github/resource_github_actions_secret_migration.go
Comment thread github/resource_github_actions_environment_secret_migration.go
Comment thread templates/resources/actions_environment_variable.md.tmpl
Comment thread templates/resources/actions_environment_secret.md.tmpl
Comment thread github/data_source_github_actions_environment_secrets.go
Comment thread github/data_source_github_actions_environment_secrets.go
Comment thread github/resource_github_release.go
@stevehipwell stevehipwell requested a review from deiga July 10, 2026 08:57
@stevehipwell stevehipwell removed the acctest For CI / automated testing label Jul 10, 2026

@deiga deiga left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@stevehipwell stevehipwell merged commit 7f16bd0 into integrations:main Jul 10, 2026
11 checks passed
@stevehipwell stevehipwell deleted the go-github-v89 branch July 10, 2026 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file Type: Bug Something isn't working as documented Type: Maintenance Any dependency, housekeeping, and clean up Issue or PR

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants