From 17896d719f297e47d5c5492435d39eec382b70ac Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Mon, 14 Jul 2025 15:13:56 +0200 Subject: [PATCH 01/15] feat: add data source for GitHub Actions organization remove token --- ...ithub_actions_organization_remove_token.go | 49 +++++++++++++++++++ ..._actions_organization_remove_token_test.go | 49 +++++++++++++++++++ github/provider.go | 1 + 3 files changed, 99 insertions(+) create mode 100644 github/data_source_github_actions_organization_remove_token.go create mode 100644 github/data_source_github_actions_organization_remove_token_test.go diff --git a/github/data_source_github_actions_organization_remove_token.go b/github/data_source_github_actions_organization_remove_token.go new file mode 100644 index 0000000000..926993ed7a --- /dev/null +++ b/github/data_source_github_actions_organization_remove_token.go @@ -0,0 +1,49 @@ +package github + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceGithubActionsOrganizationRemoveToken() *schema.Resource { + return &schema.Resource{ + Read: dataSourceGithubActionsOrganizationRemoveTokenRead, + + Schema: map[string]*schema.Schema{ + "token": { + Type: schema.TypeString, + Computed: true, + }, + "expires_at": { + Type: schema.TypeInt, + Computed: true, + }, + }, + } +} + +func dataSourceGithubActionsOrganizationRemoveTokenRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*Owner).v3client + owner := meta.(*Owner).name + + log.Printf("[DEBUG] Creating a GitHub Actions organization remove token for %s", owner) + token, _, err := client.Actions.CreateOrganizationRemoveToken(context.TODO(), owner) + if err != nil { + return fmt.Errorf("error creating a GitHub Actions organization remove token for %s: %s", owner, err) + } + + d.SetId(owner) + err = d.Set("token", token.Token) + if err != nil { + return err + } + err = d.Set("expires_at", token.ExpiresAt.Unix()) + if err != nil { + return err + } + + return nil +} diff --git a/github/data_source_github_actions_organization_remove_token_test.go b/github/data_source_github_actions_organization_remove_token_test.go new file mode 100644 index 0000000000..71babfdfca --- /dev/null +++ b/github/data_source_github_actions_organization_remove_token_test.go @@ -0,0 +1,49 @@ +package github + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccGithubActionsOrganizationRemoveTokenDataSource(t *testing.T) { + + t.Run("get an organization remove token without error", func(t *testing.T) { + + config := ` + data "github_actions_organization_remove_token" "test" { + } + ` + + check := resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.github_actions_organization_remove_token.test", "token"), + resource.TestCheckResourceAttrSet("data.github_actions_organization_remove_token.test", "expires_at"), + ) + + testCase := func(t *testing.T, mode string) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { skipUnlessMode(t, mode) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: config, + Check: check, + }, + }, + }) + } + + t.Run("with an anonymous account", func(t *testing.T) { + t.Skip("anonymous account not supported for this operation") + }) + + t.Run("with an individual account", func(t *testing.T) { + testCase(t, individual) + }) + + t.Run("with an organization account", func(t *testing.T) { + testCase(t, organization) + }) + + }) +} diff --git a/github/provider.go b/github/provider.go index 57f1da449e..089a99ed49 100644 --- a/github/provider.go +++ b/github/provider.go @@ -221,6 +221,7 @@ func Provider() *schema.Provider { "github_actions_organization_oidc_subject_claim_customization_template": dataSourceGithubActionsOrganizationOIDCSubjectClaimCustomizationTemplate(), "github_actions_organization_public_key": dataSourceGithubActionsOrganizationPublicKey(), "github_actions_organization_registration_token": dataSourceGithubActionsOrganizationRegistrationToken(), + "github_actions_organization_registration_tokens": dataSourceGithubActionsOrganizationRemoveToken(), "github_actions_organization_secrets": dataSourceGithubActionsOrganizationSecrets(), "github_actions_organization_variables": dataSourceGithubActionsOrganizationVariables(), "github_actions_public_key": dataSourceGithubActionsPublicKey(), From adcff115acf39449df56ad023e21d5e703524565 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Mon, 14 Jul 2025 22:28:10 +0200 Subject: [PATCH 02/15] fix(provider): correct data source name for github_actions_organization_remove_token --- github/provider.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/provider.go b/github/provider.go index 089a99ed49..fcef85a5e0 100644 --- a/github/provider.go +++ b/github/provider.go @@ -221,7 +221,7 @@ func Provider() *schema.Provider { "github_actions_organization_oidc_subject_claim_customization_template": dataSourceGithubActionsOrganizationOIDCSubjectClaimCustomizationTemplate(), "github_actions_organization_public_key": dataSourceGithubActionsOrganizationPublicKey(), "github_actions_organization_registration_token": dataSourceGithubActionsOrganizationRegistrationToken(), - "github_actions_organization_registration_tokens": dataSourceGithubActionsOrganizationRemoveToken(), + "github_actions_organization_remove_token": dataSourceGithubActionsOrganizationRemoveToken(), "github_actions_organization_secrets": dataSourceGithubActionsOrganizationSecrets(), "github_actions_organization_variables": dataSourceGithubActionsOrganizationVariables(), "github_actions_public_key": dataSourceGithubActionsPublicKey(), From 34ea424da98fa5b787a9cd688778554428204908 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Tue, 15 Jul 2025 21:24:33 +0200 Subject: [PATCH 03/15] feat(actions): add data source for GitHub Actions remove token Add github_actions_remove_token data source to retrieve remove tokens for GitHub Actions runners. The data source provides token and expiration time fields for managing runner removal operations. --- ...data_source_github_actions_remove_token.go | 49 +++++++++++++++++++ ...source_github_actions_remove_token_test.go | 49 +++++++++++++++++++ github/provider.go | 1 + 3 files changed, 99 insertions(+) create mode 100644 github/data_source_github_actions_remove_token.go create mode 100644 github/data_source_github_actions_remove_token_test.go diff --git a/github/data_source_github_actions_remove_token.go b/github/data_source_github_actions_remove_token.go new file mode 100644 index 0000000000..29baab13cd --- /dev/null +++ b/github/data_source_github_actions_remove_token.go @@ -0,0 +1,49 @@ +package github + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceGithubActionsRemoveToken() *schema.Resource { + return &schema.Resource{ + Read: dataSourceGithubActionsRemoveTokenRead, + + Schema: map[string]*schema.Schema{ + "token": { + Type: schema.TypeString, + Computed: true, + }, + "expires_at": { + Type: schema.TypeInt, + Computed: true, + }, + }, + } +} + +func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*Owner).v3client + owner := meta.(*Owner).name + + log.Printf("[DEBUG] Creating a GitHub Actions organization remove token for %s", owner) + token, _, err := client.Actions.CreateOrganizationRemoveToken(context.TODO(), owner) + if err != nil { + return fmt.Errorf("error creating a GitHub Actions organization remove token for %s: %s", owner, err) + } + + d.SetId(owner) + err = d.Set("token", token.Token) + if err != nil { + return err + } + err = d.Set("expires_at", token.ExpiresAt.Unix()) + if err != nil { + return err + } + + return nil +} diff --git a/github/data_source_github_actions_remove_token_test.go b/github/data_source_github_actions_remove_token_test.go new file mode 100644 index 0000000000..8c8edeba85 --- /dev/null +++ b/github/data_source_github_actions_remove_token_test.go @@ -0,0 +1,49 @@ +package github + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccGithubActionsRemoveTokenDataSource(t *testing.T) { + + t.Run("get an organization remove token without error", func(t *testing.T) { + + config := ` + data "github_actions_remove_token" "test" { + } + ` + + check := resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.github_actions_remove_token.test", "token"), + resource.TestCheckResourceAttrSet("data.github_actions_remove_token.test", "expires_at"), + ) + + testCase := func(t *testing.T, mode string) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { skipUnlessMode(t, mode) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: config, + Check: check, + }, + }, + }) + } + + t.Run("with an anonymous account", func(t *testing.T) { + t.Skip("anonymous account not supported for this operation") + }) + + t.Run("with an individual account", func(t *testing.T) { + testCase(t, individual) + }) + + t.Run("with an organization account", func(t *testing.T) { + testCase(t, organization) + }) + + }) +} diff --git a/github/provider.go b/github/provider.go index fcef85a5e0..486e307b28 100644 --- a/github/provider.go +++ b/github/provider.go @@ -226,6 +226,7 @@ func Provider() *schema.Provider { "github_actions_organization_variables": dataSourceGithubActionsOrganizationVariables(), "github_actions_public_key": dataSourceGithubActionsPublicKey(), "github_actions_registration_token": dataSourceGithubActionsRegistrationToken(), + "github_actions_remove_token": dataSourceGithubActionsRemoveToken(), "github_actions_repository_oidc_subject_claim_customization_template": dataSourceGithubActionsRepositoryOIDCSubjectClaimCustomizationTemplate(), "github_actions_secrets": dataSourceGithubActionsSecrets(), "github_actions_variables": dataSourceGithubActionsVariables(), From ad0540955773b6ceedcbcc1f06afe72e35a30b80 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Tue, 15 Jul 2025 22:14:39 +0200 Subject: [PATCH 04/15] feat(actions): add repository support for GitHub Actions remove token data source --- ...data_source_github_actions_remove_token.go | 17 +++++++++--- ...source_github_actions_remove_token_test.go | 17 +++++++++--- ...ns_organization_remove_token.html.markdown | 24 +++++++++++++++++ .../docs/d/actions_remove_token.html.markdown | 27 +++++++++++++++++++ 4 files changed, 78 insertions(+), 7 deletions(-) create mode 100644 website/docs/d/actions_organization_remove_token.html.markdown create mode 100644 website/docs/d/actions_remove_token.html.markdown diff --git a/github/data_source_github_actions_remove_token.go b/github/data_source_github_actions_remove_token.go index 29baab13cd..ba5f5cf54b 100644 --- a/github/data_source_github_actions_remove_token.go +++ b/github/data_source_github_actions_remove_token.go @@ -13,6 +13,11 @@ func dataSourceGithubActionsRemoveToken() *schema.Resource { Read: dataSourceGithubActionsRemoveTokenRead, Schema: map[string]*schema.Schema{ + "repository": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, "token": { Type: schema.TypeString, Computed: true, @@ -28,14 +33,15 @@ func dataSourceGithubActionsRemoveToken() *schema.Resource { func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interface{}) error { client := meta.(*Owner).v3client owner := meta.(*Owner).name + repoName := d.Get("repository").(string) - log.Printf("[DEBUG] Creating a GitHub Actions organization remove token for %s", owner) - token, _, err := client.Actions.CreateOrganizationRemoveToken(context.TODO(), owner) + log.Printf("[DEBUG] Creating a GitHub Actions repository registration token for %s/%s", owner, repoName) + token, _, err := client.Actions.CreateRegistrationToken(context.TODO(), owner, repoName) if err != nil { - return fmt.Errorf("error creating a GitHub Actions organization remove token for %s: %s", owner, err) + return fmt.Errorf("error creating a GitHub Actions repository registration token for %s/%s: %s", owner, repoName, err) } - d.SetId(owner) + d.SetId(fmt.Sprintf("%s/%s", owner, repoName)) err = d.Set("token", token.Token) if err != nil { return err @@ -44,6 +50,9 @@ func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interfa if err != nil { return err } + if token.Token != nil { + log.Printf("tokenoutput: %s", *token.Token) + } return nil } diff --git a/github/data_source_github_actions_remove_token_test.go b/github/data_source_github_actions_remove_token_test.go index 8c8edeba85..d6b6da9a48 100644 --- a/github/data_source_github_actions_remove_token_test.go +++ b/github/data_source_github_actions_remove_token_test.go @@ -1,21 +1,32 @@ package github import ( + "fmt" "testing" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" ) func TestAccGithubActionsRemoveTokenDataSource(t *testing.T) { - t.Run("get an organization remove token without error", func(t *testing.T) { + randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum) + + t.Run("get a repository remove token without error", func(t *testing.T) { + + config := fmt.Sprintf(` + resource "github_repository" "test" { + name = "tf-acc-test-%[1]s" + auto_init = true + } - config := ` data "github_actions_remove_token" "test" { + repository = github_repository.test.id } - ` + `, randomID) check := resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.github_actions_remove_token.test", "repository", fmt.Sprintf("tf-acc-test-%s", randomID)), resource.TestCheckResourceAttrSet("data.github_actions_remove_token.test", "token"), resource.TestCheckResourceAttrSet("data.github_actions_remove_token.test", "expires_at"), ) diff --git a/website/docs/d/actions_organization_remove_token.html.markdown b/website/docs/d/actions_organization_remove_token.html.markdown new file mode 100644 index 0000000000..4f2dd287f5 --- /dev/null +++ b/website/docs/d/actions_organization_remove_token.html.markdown @@ -0,0 +1,24 @@ +--- +layout: "github" +page_title: "GitHub: actions_organization_remove_token" +description: |- + Get a GitHub Actions organization remove token. +--- + +# actions_regmove_token + +Use this data source to retrieve a GitHub Actions organization remove token. This token can then be used to register a self-hosted runner. + +## Example Usage + +```hcl +data "github_actions_organization_remove_token" "example" { +} +``` + +## Argument Reference + +## Attributes Reference + + * `token` - The token that has been retrieved. + * `expires_at` - The token expiration date. \ No newline at end of file diff --git a/website/docs/d/actions_remove_token.html.markdown b/website/docs/d/actions_remove_token.html.markdown new file mode 100644 index 0000000000..410a5cc783 --- /dev/null +++ b/website/docs/d/actions_remove_token.html.markdown @@ -0,0 +1,27 @@ +--- +layout: "github" +page_title: "GitHub: actions_remove_token" +description: |- + Get a GitHub Actions repository registration token. +--- + +# actions_remove_token + +Use this data source to retrieve a GitHub Actions repository registration token. This token can then be used to register a self-hosted runner. + +## Example Usage + +```hcl +data "github_actions_remove_token" "example" { + repository = "example_repo" +} +``` + +## Argument Reference + + * `repository` - (Required) Name of the repository to get a GitHub Actions registration token for. + +## Attributes Reference + + * `token` - The token that has been retrieved. + * `expires_at` - The token expiration date. From 067ff85c8c042fc5bb74891f79aa6e033cf4ca02 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Tue, 15 Jul 2025 23:10:48 +0200 Subject: [PATCH 05/15] fix(actions): set correct function for remove token --- github/data_source_github_actions_remove_token.go | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/github/data_source_github_actions_remove_token.go b/github/data_source_github_actions_remove_token.go index ba5f5cf54b..535f918fe5 100644 --- a/github/data_source_github_actions_remove_token.go +++ b/github/data_source_github_actions_remove_token.go @@ -35,10 +35,10 @@ func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interfa owner := meta.(*Owner).name repoName := d.Get("repository").(string) - log.Printf("[DEBUG] Creating a GitHub Actions repository registration token for %s/%s", owner, repoName) - token, _, err := client.Actions.CreateRegistrationToken(context.TODO(), owner, repoName) + log.Printf("[DEBUG] Creating a GitHub Actions repository remove token for %s/%s", owner, repoName) + token, _, err := client.Actions.CreateRemoveToken(context.TODO(), owner, repoName) if err != nil { - return fmt.Errorf("error creating a GitHub Actions repository registration token for %s/%s: %s", owner, repoName, err) + return fmt.Errorf("error creating a GitHub Actions repository remove token for %s/%s: %s", owner, repoName, err) } d.SetId(fmt.Sprintf("%s/%s", owner, repoName)) @@ -50,9 +50,6 @@ func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interfa if err != nil { return err } - if token.Token != nil { - log.Printf("tokenoutput: %s", *token.Token) - } return nil } From f1196369c823e2d93270d7778dca8586b14ca488 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Wed, 16 Jul 2025 01:58:39 +0200 Subject: [PATCH 06/15] test(actions): enable vulnerability alerts in GitHub Actions token test repositories to avoid drift, as vuln alerts are automatically activated for newly created repositories --- github/data_source_github_actions_registration_token_test.go | 1 + github/data_source_github_actions_remove_token_test.go | 1 + 2 files changed, 2 insertions(+) diff --git a/github/data_source_github_actions_registration_token_test.go b/github/data_source_github_actions_registration_token_test.go index 742b5c48d8..a9d862ee15 100644 --- a/github/data_source_github_actions_registration_token_test.go +++ b/github/data_source_github_actions_registration_token_test.go @@ -16,6 +16,7 @@ func TestAccGithubActionsRegistrationTokenDataSource(t *testing.T) { resource "github_repository" "test" { name = "tf-acc-test-%[1]s" auto_init = true + vulnerability_alerts = true } data "github_actions_registration_token" "test" { diff --git a/github/data_source_github_actions_remove_token_test.go b/github/data_source_github_actions_remove_token_test.go index d6b6da9a48..dd850cae03 100644 --- a/github/data_source_github_actions_remove_token_test.go +++ b/github/data_source_github_actions_remove_token_test.go @@ -18,6 +18,7 @@ func TestAccGithubActionsRemoveTokenDataSource(t *testing.T) { resource "github_repository" "test" { name = "tf-acc-test-%[1]s" auto_init = true + vulnerability_alerts = true } data "github_actions_remove_token" "test" { From 25d9540d0d22d9a659b759b37852c19d8c3be1fe Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Wed, 16 Jul 2025 10:58:49 +0200 Subject: [PATCH 07/15] fix docs wording for org level runner --- .../docs/d/actions_organization_remove_token.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/d/actions_organization_remove_token.html.markdown b/website/docs/d/actions_organization_remove_token.html.markdown index 4f2dd287f5..77e55630b4 100644 --- a/website/docs/d/actions_organization_remove_token.html.markdown +++ b/website/docs/d/actions_organization_remove_token.html.markdown @@ -7,7 +7,7 @@ description: |- # actions_regmove_token -Use this data source to retrieve a GitHub Actions organization remove token. This token can then be used to register a self-hosted runner. +Use this data source to retrieve a GitHub Actions organization remove token. This token can then be used to remove a self-hosted runner. ## Example Usage @@ -21,4 +21,4 @@ data "github_actions_organization_remove_token" "example" { ## Attributes Reference * `token` - The token that has been retrieved. - * `expires_at` - The token expiration date. \ No newline at end of file + * `expires_at` - The token expiration date. From 991830c26f56d3baba1ef3426df74e6bf23dad52 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Wed, 16 Jul 2025 10:59:33 +0200 Subject: [PATCH 08/15] fix typo --- website/docs/d/actions_organization_remove_token.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/actions_organization_remove_token.html.markdown b/website/docs/d/actions_organization_remove_token.html.markdown index 77e55630b4..ee33a9b0d2 100644 --- a/website/docs/d/actions_organization_remove_token.html.markdown +++ b/website/docs/d/actions_organization_remove_token.html.markdown @@ -5,7 +5,7 @@ description: |- Get a GitHub Actions organization remove token. --- -# actions_regmove_token +# actions_remove_token Use this data source to retrieve a GitHub Actions organization remove token. This token can then be used to remove a self-hosted runner. From c66e3cf81b8aab0e29d3011b65ea359b10693b89 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Wed, 16 Jul 2025 11:00:55 +0200 Subject: [PATCH 09/15] fix docs for repo level token --- website/docs/d/actions_remove_token.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/actions_remove_token.html.markdown b/website/docs/d/actions_remove_token.html.markdown index 410a5cc783..6bfc68f2f2 100644 --- a/website/docs/d/actions_remove_token.html.markdown +++ b/website/docs/d/actions_remove_token.html.markdown @@ -7,7 +7,7 @@ description: |- # actions_remove_token -Use this data source to retrieve a GitHub Actions repository registration token. This token can then be used to register a self-hosted runner. +Use this data source to retrieve a GitHub Actions repository registration token. This token can then be used to remove a self-hosted runner. ## Example Usage From 1d405aa9277ce85f63b9cb778aa2984309362444 Mon Sep 17 00:00:00 2001 From: dankress <113473726+dankress@users.noreply.github.com> Date: Wed, 16 Jul 2025 11:07:24 +0200 Subject: [PATCH 10/15] change left over wording in docs --- website/docs/d/actions_remove_token.html.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/docs/d/actions_remove_token.html.markdown b/website/docs/d/actions_remove_token.html.markdown index 6bfc68f2f2..842ce93ca8 100644 --- a/website/docs/d/actions_remove_token.html.markdown +++ b/website/docs/d/actions_remove_token.html.markdown @@ -2,12 +2,12 @@ layout: "github" page_title: "GitHub: actions_remove_token" description: |- - Get a GitHub Actions repository registration token. + Get a GitHub Actions repository remove token. --- # actions_remove_token -Use this data source to retrieve a GitHub Actions repository registration token. This token can then be used to remove a self-hosted runner. +Use this data source to retrieve a GitHub Actions repository remove token. This token can then be used to remove a self-hosted runner. ## Example Usage @@ -19,7 +19,7 @@ data "github_actions_remove_token" "example" { ## Argument Reference - * `repository` - (Required) Name of the repository to get a GitHub Actions registration token for. + * `repository` - (Required) Name of the repository to get a GitHub Actions remove token for. ## Attributes Reference From 855e14d5268b9b6f5cbc69f757001bc10598c1eb Mon Sep 17 00:00:00 2001 From: Diogenes Fernandes Date: Tue, 2 Dec 2025 07:07:49 -0300 Subject: [PATCH 11/15] gofumpt Signed-off-by: Diogenes Fernandes --- ...ata_source_github_actions_organization_remove_token_test.go | 3 --- github/data_source_github_actions_remove_token_test.go | 3 --- github/resource_github_team.go | 2 +- 3 files changed, 1 insertion(+), 7 deletions(-) diff --git a/github/data_source_github_actions_organization_remove_token_test.go b/github/data_source_github_actions_organization_remove_token_test.go index 71babfdfca..bdfa772be9 100644 --- a/github/data_source_github_actions_organization_remove_token_test.go +++ b/github/data_source_github_actions_organization_remove_token_test.go @@ -7,9 +7,7 @@ import ( ) func TestAccGithubActionsOrganizationRemoveTokenDataSource(t *testing.T) { - t.Run("get an organization remove token without error", func(t *testing.T) { - config := ` data "github_actions_organization_remove_token" "test" { } @@ -44,6 +42,5 @@ func TestAccGithubActionsOrganizationRemoveTokenDataSource(t *testing.T) { t.Run("with an organization account", func(t *testing.T) { testCase(t, organization) }) - }) } diff --git a/github/data_source_github_actions_remove_token_test.go b/github/data_source_github_actions_remove_token_test.go index dd850cae03..e2f553514b 100644 --- a/github/data_source_github_actions_remove_token_test.go +++ b/github/data_source_github_actions_remove_token_test.go @@ -9,11 +9,9 @@ import ( ) func TestAccGithubActionsRemoveTokenDataSource(t *testing.T) { - randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum) t.Run("get a repository remove token without error", func(t *testing.T) { - config := fmt.Sprintf(` resource "github_repository" "test" { name = "tf-acc-test-%[1]s" @@ -56,6 +54,5 @@ func TestAccGithubActionsRemoveTokenDataSource(t *testing.T) { t.Run("with an organization account", func(t *testing.T) { testCase(t, organization) }) - }) } diff --git a/github/resource_github_team.go b/github/resource_github_team.go index 482b9bc860..f59c083cdc 100644 --- a/github/resource_github_team.go +++ b/github/resource_github_team.go @@ -335,7 +335,7 @@ func resourceGithubTeamDelete(d *schema.ResourceData, meta any) error { been deleted already (via parallel runs), the child team is also already gone (deleted by GitHub automatically). So we're checking if it still exists and if not, simply remove it from TF state. - */if err != nil { + */ if err != nil { // Fetch the team in order to see if it exists or not (http 404) _, _, err = client.Teams.GetTeamByID(ctx, orgId, id) if err != nil { From 58eb3dd9c4683b8915be0e4f67d74ae243af20bd Mon Sep 17 00:00:00 2001 From: Diogenes Fernandes Date: Tue, 2 Dec 2025 07:08:36 -0300 Subject: [PATCH 12/15] Using right error directive Signed-off-by: Diogenes Fernandes --- github/data_source_github_actions_organization_remove_token.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/data_source_github_actions_organization_remove_token.go b/github/data_source_github_actions_organization_remove_token.go index 926993ed7a..d47fde55b9 100644 --- a/github/data_source_github_actions_organization_remove_token.go +++ b/github/data_source_github_actions_organization_remove_token.go @@ -32,7 +32,7 @@ func dataSourceGithubActionsOrganizationRemoveTokenRead(d *schema.ResourceData, log.Printf("[DEBUG] Creating a GitHub Actions organization remove token for %s", owner) token, _, err := client.Actions.CreateOrganizationRemoveToken(context.TODO(), owner) if err != nil { - return fmt.Errorf("error creating a GitHub Actions organization remove token for %s: %s", owner, err) + return fmt.Errorf("error creating a GitHub Actions organization remove token for %s: %w", owner, err) } d.SetId(owner) From 25fbc953e0f702f84ca0c8193b4ae69bfae2accf Mon Sep 17 00:00:00 2001 From: Diogenes Fernandes Date: Tue, 2 Dec 2025 07:14:02 -0300 Subject: [PATCH 13/15] Adding docs to the resource Signed-off-by: Diogenes Fernandes Right aligning Signed-off-by: Diogenes Fernandes fmt issues Signed-off-by: Diogenes Fernandes --- ..._github_actions_organization_remove_token.go | 5 ++++- .../data_source_github_actions_remove_token.go | 7 +++++-- github/resource_github_team.go | 17 +++++++++-------- 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/github/data_source_github_actions_organization_remove_token.go b/github/data_source_github_actions_organization_remove_token.go index d47fde55b9..384cb8749a 100644 --- a/github/data_source_github_actions_organization_remove_token.go +++ b/github/data_source_github_actions_organization_remove_token.go @@ -8,6 +8,9 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) +// dataSourceGithubActionsOrganizationRemoveToken is a data source that creates a token that can be +// used to remove a self-hosted runner from an organization. +// https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-a-remove-token-for-an-organization func dataSourceGithubActionsOrganizationRemoveToken() *schema.Resource { return &schema.Resource{ Read: dataSourceGithubActionsOrganizationRemoveTokenRead, @@ -25,7 +28,7 @@ func dataSourceGithubActionsOrganizationRemoveToken() *schema.Resource { } } -func dataSourceGithubActionsOrganizationRemoveTokenRead(d *schema.ResourceData, meta interface{}) error { +func dataSourceGithubActionsOrganizationRemoveTokenRead(d *schema.ResourceData, meta any) error { client := meta.(*Owner).v3client owner := meta.(*Owner).name diff --git a/github/data_source_github_actions_remove_token.go b/github/data_source_github_actions_remove_token.go index 535f918fe5..a6fae39dcc 100644 --- a/github/data_source_github_actions_remove_token.go +++ b/github/data_source_github_actions_remove_token.go @@ -8,6 +8,9 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) +// dataSourceGithubActionsRemoveToken is a data source that creates a token that can be +// used to remove a self-hosted runner from a repository. +// https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-a-remove-token-for-a-repository func dataSourceGithubActionsRemoveToken() *schema.Resource { return &schema.Resource{ Read: dataSourceGithubActionsRemoveTokenRead, @@ -30,7 +33,7 @@ func dataSourceGithubActionsRemoveToken() *schema.Resource { } } -func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interface{}) error { +func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta any) error { client := meta.(*Owner).v3client owner := meta.(*Owner).name repoName := d.Get("repository").(string) @@ -38,7 +41,7 @@ func dataSourceGithubActionsRemoveTokenRead(d *schema.ResourceData, meta interfa log.Printf("[DEBUG] Creating a GitHub Actions repository remove token for %s/%s", owner, repoName) token, _, err := client.Actions.CreateRemoveToken(context.TODO(), owner, repoName) if err != nil { - return fmt.Errorf("error creating a GitHub Actions repository remove token for %s/%s: %s", owner, repoName, err) + return fmt.Errorf("error creating a GitHub Actions repository remove token for %s/%s: %w", owner, repoName, err) } d.SetId(fmt.Sprintf("%s/%s", owner, repoName)) diff --git a/github/resource_github_team.go b/github/resource_github_team.go index f59c083cdc..e6201a6480 100644 --- a/github/resource_github_team.go +++ b/github/resource_github_team.go @@ -328,14 +328,15 @@ func resourceGithubTeamDelete(d *schema.ResourceData, meta any) error { ctx := context.WithValue(context.Background(), ctxId, d.Id()) _, err = client.Teams.DeleteTeamByID(ctx, orgId, id) - /* - When deleting a team and it failed, we need to check if it has already been deleted meanwhile. - This could be the case when deleting nested teams via Terraform by looping through a module - or resource and the parent team might have been deleted already. If the parent team had - been deleted already (via parallel runs), the child team is also already gone (deleted by - GitHub automatically). - So we're checking if it still exists and if not, simply remove it from TF state. - */ if err != nil { + // When deleting a team and it failed, we need to check if it has already been deleted meanwhile. + // This could be the case when deleting nested teams via Terraform by looping through a module + // or resource and the parent team might have been deleted already. If the parent team had + // been deleted already (via parallel runs), the child team is also already gone (deleted by + // GitHub automatically). + // So we're checking if it still exists and if not, simply remove it from TF state. + // + // https://docs.github.com/en/enterprise-cloud@latest/rest/teams/teams?apiVersion=2022-11-28#delete-a-team + if err != nil { // Fetch the team in order to see if it exists or not (http 404) _, _, err = client.Teams.GetTeamByID(ctx, orgId, id) if err != nil { From 8cd6d0b2f102f229a2f294f2294354da8a8449d4 Mon Sep 17 00:00:00 2001 From: Diogenes Fernandes Date: Tue, 2 Dec 2025 07:31:40 -0300 Subject: [PATCH 14/15] Add Sensitive attribute to token Signed-off-by: Diogenes Fernandes --- .../data_source_github_actions_organization_remove_token.go | 5 +++-- github/data_source_github_actions_remove_token.go | 5 +++-- .../docs/d/actions_organization_remove_token.html.markdown | 2 +- website/docs/d/actions_remove_token.html.markdown | 2 +- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/github/data_source_github_actions_organization_remove_token.go b/github/data_source_github_actions_organization_remove_token.go index 384cb8749a..44b29a2894 100644 --- a/github/data_source_github_actions_organization_remove_token.go +++ b/github/data_source_github_actions_organization_remove_token.go @@ -17,8 +17,9 @@ func dataSourceGithubActionsOrganizationRemoveToken() *schema.Resource { Schema: map[string]*schema.Schema{ "token": { - Type: schema.TypeString, - Computed: true, + Type: schema.TypeString, + Computed: true, + Sensitive: true, }, "expires_at": { Type: schema.TypeInt, diff --git a/github/data_source_github_actions_remove_token.go b/github/data_source_github_actions_remove_token.go index a6fae39dcc..031189b0dc 100644 --- a/github/data_source_github_actions_remove_token.go +++ b/github/data_source_github_actions_remove_token.go @@ -22,8 +22,9 @@ func dataSourceGithubActionsRemoveToken() *schema.Resource { ForceNew: true, }, "token": { - Type: schema.TypeString, - Computed: true, + Type: schema.TypeString, + Computed: true, + Sensitive: true, }, "expires_at": { Type: schema.TypeInt, diff --git a/website/docs/d/actions_organization_remove_token.html.markdown b/website/docs/d/actions_organization_remove_token.html.markdown index ee33a9b0d2..18958133b4 100644 --- a/website/docs/d/actions_organization_remove_token.html.markdown +++ b/website/docs/d/actions_organization_remove_token.html.markdown @@ -1,6 +1,6 @@ --- layout: "github" -page_title: "GitHub: actions_organization_remove_token" +page_title: "GitHub: github_actions_organization_remove_token" description: |- Get a GitHub Actions organization remove token. --- diff --git a/website/docs/d/actions_remove_token.html.markdown b/website/docs/d/actions_remove_token.html.markdown index 842ce93ca8..8d4b20855e 100644 --- a/website/docs/d/actions_remove_token.html.markdown +++ b/website/docs/d/actions_remove_token.html.markdown @@ -1,6 +1,6 @@ --- layout: "github" -page_title: "GitHub: actions_remove_token" +page_title: "GitHub: github_actions_remove_token" description: |- Get a GitHub Actions repository remove token. --- From fed1bdeafca47d422cf5b7728efe008c3b29f8e1 Mon Sep 17 00:00:00 2001 From: Diogenes Fernandes Date: Tue, 2 Dec 2025 07:36:41 -0300 Subject: [PATCH 15/15] Add description to the fields Signed-off-by: Diogenes Fernandes --- ...ithub_actions_organization_remove_token.go | 12 +++++++----- ...data_source_github_actions_remove_token.go | 19 +++++++++++-------- 2 files changed, 18 insertions(+), 13 deletions(-) diff --git a/github/data_source_github_actions_organization_remove_token.go b/github/data_source_github_actions_organization_remove_token.go index 44b29a2894..109ef8313f 100644 --- a/github/data_source_github_actions_organization_remove_token.go +++ b/github/data_source_github_actions_organization_remove_token.go @@ -17,13 +17,15 @@ func dataSourceGithubActionsOrganizationRemoveToken() *schema.Resource { Schema: map[string]*schema.Schema{ "token": { - Type: schema.TypeString, - Computed: true, - Sensitive: true, + Type: schema.TypeString, + Computed: true, + Sensitive: true, + Description: "Token used to remove a self-hosted runner from an organization.", }, "expires_at": { - Type: schema.TypeInt, - Computed: true, + Type: schema.TypeInt, + Computed: true, + Description: "The token expiration date.", }, }, } diff --git a/github/data_source_github_actions_remove_token.go b/github/data_source_github_actions_remove_token.go index 031189b0dc..f4d6b1024d 100644 --- a/github/data_source_github_actions_remove_token.go +++ b/github/data_source_github_actions_remove_token.go @@ -17,18 +17,21 @@ func dataSourceGithubActionsRemoveToken() *schema.Resource { Schema: map[string]*schema.Schema{ "repository": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Repository to remove the self-hosted runner from.", }, "token": { - Type: schema.TypeString, - Computed: true, - Sensitive: true, + Type: schema.TypeString, + Computed: true, + Sensitive: true, + Description: "Token used to remove a self-hosted runner from a repository.", }, "expires_at": { - Type: schema.TypeInt, - Computed: true, + Type: schema.TypeInt, + Computed: true, + Description: "The token expiration date.", }, }, }