feat: add enterprise network configuration support#3274
feat: add enterprise network configuration support#3274austenstone wants to merge 25 commits intointegrations:mainfrom
Conversation
…etwork configurations
…tation for network settings
…date related documentation
|
👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with |
|
Your validation commands would not actually run the tests. You should use make testacc and make test |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
…d unit tests for normalization
…proved readability
tag-assistant
left a comment
tag-assistant
left a comment
There was a problem hiding this comment.
Re-review ✅
All previous feedback addressed, plus some nice extras:
Addressed:
- ✅ Shared
runnerGroupNetworkingstruct + helpers inresource_github_actions_runner_group_networking.go— clean dedup - ✅
getRunnerGroupNetworkingnow takes a path string, works for both org and enterprise scopes - ✅ Trailing newline fixed on enterprise docs
- ✅
StatusNotModifiedhandling added togetRunnerGroupNetworking— consistent with the rest of the codebase
Bonus improvements (not requested):
- 🧪 173-line unit test file for all three shared helpers (
get,update,setState) — including 304 handling and null payload for removal. Solid. - 🔧
normalizeEtag()in util.go to handle weak vs strong ETag drift between create and read paths — nice catch, prevents state churn. - 🧪 Unit tests for
normalizeEtagcovering empty, strong, weak, and whitespace cases.
LGTM. Ship it 🚢
| "network_configuration_id": networkConfigurationID, | ||
| } | ||
|
|
||
| req, err := client.NewRequest("PATCH", path, payload) |
There was a problem hiding this comment.
issue: use only go-github provided functions
There was a problem hiding this comment.
I checked go-github v83 locally before changing this — there isn’t a first-class runner-group networking method for this endpoint yet, so this still has to stay as a thin NewRequest/Do shim for now.
There was a problem hiding this comment.
With google/go-github#4099, UpdateOrganizationRunnerGroup now accepts NetworkConfigurationID in the request struct, and GetOrganizationRunnerGroup returns it on the response. So yes — once that merges, this raw call can be replaced with the native go-github UpdateOrganizationRunnerGroup/UpdateEnterpriseRunnerGroup functions and the separate getRunnerGroupNetworking GET becomes unnecessary too.
… improve error handling
| networkConfigurationIDValue := networkConfigurationID.(string) | ||
| // The create endpoint does not accept network_configuration_id, so private networking | ||
| // must be attached with a follow-up PATCH after the runner group has been created. | ||
| if _, err = updateRunnerGroupNetworking(client, ctx, fmt.Sprintf("orgs/%s/actions/runner-groups/%d", orgName, runnerGroup.GetID()), &networkConfigurationIDValue); err != nil { |
There was a problem hiding this comment.
Isn't this UpdateOrganizationRunnerGroup what you're looking for?
There was a problem hiding this comment.
Yes — once google/go-github#4099 merges, UpdateOrganizationRunnerGroup will carry NetworkConfigurationID natively and this raw call goes away.
There was a problem hiding this comment.
That doesn't make sense. The function already exists
| if runnerGroup != nil { | ||
| if err = setGithubActionsRunnerGroupState(d, runnerGroup, runnerGroupEtag, selectedRepositoryIDs); err != nil { | ||
| return diag.FromErr(err) | ||
| } | ||
| } else { |
There was a problem hiding this comment.
Please explain this branching logic? Why aren't we setting the state values to nil if api returned nil?
There was a problem hiding this comment.
The nil case happens on a 304 Not Modified — the API returned no body, so runnerGroup is nil but resp is valid. In that case we can't call setGithubActionsRunnerGroupState (it'd nil-pointer on the getter methods), but we still need to update selected_repository_ids and etag since those came from separate API calls that did succeed. The rest of state stays untouched from the previous read, which is correct for a not-modified response.
There was a problem hiding this comment.
If the GET returned nil, then we need to exit early, instead of doing conditional setting
| networkConfigurationIDValue = &value | ||
| } | ||
|
|
||
| if _, err := updateRunnerGroupNetworking(client, ctx, fmt.Sprintf("orgs/%s/actions/runner-groups/%d", orgName, runnerGroupID), networkConfigurationIDValue); err != nil { |
There was a problem hiding this comment.
What about UpdateOrganizationRunnerGroup in go-github?
| } | ||
|
|
||
| func getRunnerGroupNetworking(client *github.Client, ctx context.Context, path string) (*runnerGroupNetworking, *github.Response, error) { | ||
| req, err := client.NewRequest("GET", path, nil) |
There was a problem hiding this comment.
If the functions don't exist in go-github, then you should open a PR in there to add them. We don't accept direct API endpoint interactions
…unner group types Add NetworkConfigurationID and HostedRunnersURL fields to EnterpriseRunnerGroup, and NetworkConfigurationID to CreateEnterpriseRunnerGroupRequest and UpdateEnterpriseRunnerGroupRequest to match the GitHub API response schema. These fields already exist on the organization-scoped RunnerGroup type but were missing from the enterprise equivalents. The GitHub API returns both fields on enterprise runner group endpoints (List, Get, Create, Update). Fixes: integrations/terraform-provider-github#3274
The response is always non-nil on the success path — if the API call errors we return early, and even the 304 Not Modified path returns a valid response object. The fallback to the stored ETag was unreachable.
|
All review feedback addressed except the raw |
|
Friendly bump — any chance this could get a review? Happy to address feedback. Thanks! |
3 participants
Overview
This PR adds enterprise-scoped hosted compute network configuration support for GitHub-hosted private networking.
It introduces a new
github_enterprise_network_configurationresource and addsnetwork_configuration_idsupport togithub_enterprise_actions_runner_groupso enterprise runner groups can be associated with hosted compute network configurations.This work is closely related to the organization-scoped implementation in #2895, and follows the same review-driven cleanup patterns to stay aligned with current project conventions.
What this PR adds
github_enterprise_network_configurationnetwork_configuration_idsupport ingithub_enterprise_actions_runner_groupNotes
network_configuration_id.network_configuration_id, so the provider applies the networking association with a follow-upPATCHafter creation.Create, safer GitHub error response checks, andConfigStateChecksfor the newer acceptance assertions.getOrganizationRunnerGroupnow only swallows304 Not Modifiedinstead of treating arbitraryErrorResponsevalues as cache hits.Createnow sets Terraform state directly from the create response and only falls back to a follow-upReadwhen the private networking association requires the extraPATCH.Validation
make testaccmake test