From 8d7cf6886fdccc31d192f7e28e581fb37106c2f6 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:49:45 -0600 Subject: [PATCH 01/13] fix env secrets --- github/resource_github_actions_environment_secret.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/github/resource_github_actions_environment_secret.go b/github/resource_github_actions_environment_secret.go index d556faeb0d..a0aa3b2bcf 100644 --- a/github/resource_github_actions_environment_secret.go +++ b/github/resource_github_actions_environment_secret.go @@ -139,6 +139,7 @@ func resourceGithubActionsEnvironmentSecretRead(d *schema.ResourceData, meta any d.SetId("") return nil } + return err } return err } @@ -153,6 +154,7 @@ func resourceGithubActionsEnvironmentSecretRead(d *schema.ResourceData, meta any d.SetId("") return nil } + return err } return err } From 459f14c9411ff2f205dff02d74c9662ab43b7b16 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:50:26 -0600 Subject: [PATCH 02/13] fixes env vars --- github/resource_github_actions_environment_variable.go | 1 + 1 file changed, 1 insertion(+) diff --git a/github/resource_github_actions_environment_variable.go b/github/resource_github_actions_environment_variable.go index a055c0a01c..e56bfd05e2 100644 --- a/github/resource_github_actions_environment_variable.go +++ b/github/resource_github_actions_environment_variable.go @@ -118,6 +118,7 @@ func resourceGithubActionsEnvironmentVariableRead(d *schema.ResourceData, meta a d.SetId("") return nil } + return err } return err } From 407299b8f6a3ed75658a6717fb8d54bc0354fafb Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:50:41 -0600 Subject: [PATCH 03/13] fixes default branch --- github/resource_github_branch_default.go | 1 + 1 file changed, 1 insertion(+) diff --git a/github/resource_github_branch_default.go b/github/resource_github_branch_default.go index 465ef00f13..b353a6191e 100644 --- a/github/resource_github_branch_default.go +++ b/github/resource_github_branch_default.go @@ -109,6 +109,7 @@ func resourceGithubBranchDefaultRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } From 2759ce7f640b3a3fc4a8d9e9d351b1ea11653f30 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:50:50 -0600 Subject: [PATCH 04/13] fixes issues --- github/resource_github_issue.go | 1 + 1 file changed, 1 insertion(+) diff --git a/github/resource_github_issue.go b/github/resource_github_issue.go index a3f07a1660..178acd2e46 100644 --- a/github/resource_github_issue.go +++ b/github/resource_github_issue.go @@ -164,6 +164,7 @@ func resourceGithubIssueRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } From 2e78d007eab2bbc94aab64e797a5e30bb5304d80 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:51:00 -0600 Subject: [PATCH 05/13] fixes membership --- github/resource_github_membership.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/github/resource_github_membership.go b/github/resource_github_membership.go index 0f508ed10a..2c81000189 100644 --- a/github/resource_github_membership.go +++ b/github/resource_github_membership.go @@ -113,6 +113,7 @@ func resourceGithubMembershipRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } @@ -158,6 +159,7 @@ func resourceGithubMembershipDelete(d *schema.ResourceData, meta any) error { log.Printf("[INFO] Not downgrading '%s' membership for '%s' because they are not a member of the org anymore", orgName, username) return nil } + return err } return err From 9d8428494490ad3f939727fbc9b5771aee47eedd Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:51:16 -0600 Subject: [PATCH 06/13] fixes org webhooks --- github/resource_github_organization_ruleset.go | 1 + 1 file changed, 1 insertion(+) diff --git a/github/resource_github_organization_ruleset.go b/github/resource_github_organization_ruleset.go index a92c5f14df..4cab5f861c 100644 --- a/github/resource_github_organization_ruleset.go +++ b/github/resource_github_organization_ruleset.go @@ -636,6 +636,7 @@ func resourceGithubOrganizationRulesetRead(d *schema.ResourceData, meta any) err d.SetId("") return nil } + return err } return err } From 46cfac3f63a7ff773d9c70d82cea67852290fd16 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:51:42 -0600 Subject: [PATCH 07/13] fixes org webhook --- github/resource_github_organization_webhook.go | 1 + 1 file changed, 1 insertion(+) diff --git a/github/resource_github_organization_webhook.go b/github/resource_github_organization_webhook.go index dc43d7a5d3..bf0ab1f61c 100644 --- a/github/resource_github_organization_webhook.go +++ b/github/resource_github_organization_webhook.go @@ -136,6 +136,7 @@ func resourceGithubOrganizationWebhookRead(d *schema.ResourceData, meta any) err d.SetId("") return nil } + return err } return err } From c7ae53918376ea93e9093e0437e81388c4cb74d4 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 15:52:22 -0600 Subject: [PATCH 08/13] fixes repo collab, deply key, policy, and project --- github/resource_github_repository_collaborator.go | 1 + github/resource_github_repository_deploy_key.go | 1 + .../resource_github_repository_environment_deployment_policy.go | 1 + github/resource_github_repository_project.go | 1 + 4 files changed, 4 insertions(+) diff --git a/github/resource_github_repository_collaborator.go b/github/resource_github_repository_collaborator.go index 387617d1b7..ab467b9506 100644 --- a/github/resource_github_repository_collaborator.go +++ b/github/resource_github_repository_collaborator.go @@ -116,6 +116,7 @@ func resourceGithubRepositoryCollaboratorRead(d *schema.ResourceData, meta any) d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_repository_deploy_key.go b/github/resource_github_repository_deploy_key.go index 944eaa6054..95f9552565 100644 --- a/github/resource_github_repository_deploy_key.go +++ b/github/resource_github_repository_deploy_key.go @@ -115,6 +115,7 @@ func resourceGithubRepositoryDeployKeyRead(d *schema.ResourceData, meta any) err d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_repository_environment_deployment_policy.go b/github/resource_github_repository_environment_deployment_policy.go index 2b573fce29..d13a3cdcf6 100644 --- a/github/resource_github_repository_environment_deployment_policy.go +++ b/github/resource_github_repository_environment_deployment_policy.go @@ -115,6 +115,7 @@ func resourceGithubRepositoryEnvironmentDeploymentPolicyRead(d *schema.ResourceD d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_repository_project.go b/github/resource_github_repository_project.go index 2b3b13e789..a440006940 100644 --- a/github/resource_github_repository_project.go +++ b/github/resource_github_repository_project.go @@ -120,6 +120,7 @@ func resourceGithubRepositoryProjectRead(d *schema.ResourceData, meta any) error d.SetId("") return nil } + return err } return err } From a6f70c8ec11312de8b4a17d808ae4a787d68c043 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 16:11:02 -0600 Subject: [PATCH 09/13] fix the remaining batch of resources --- .../workflows/copy-secrets-to-environment.yml | 127 ++++++++++++++++++ 1 file changed, 127 insertions(+) create mode 100644 .github/workflows/copy-secrets-to-environment.yml diff --git a/.github/workflows/copy-secrets-to-environment.yml b/.github/workflows/copy-secrets-to-environment.yml new file mode 100644 index 0000000000..d8bc386e3b --- /dev/null +++ b/.github/workflows/copy-secrets-to-environment.yml @@ -0,0 +1,127 @@ +name: Copy Secrets to Release Environment + +on: + workflow_dispatch: + inputs: + environment: + description: 'Target environment' + required: true + default: 'release' + +jobs: + copy-secrets: + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + + steps: + - name: Install dependencies + run: pip3 install PyNaCl requests + + - name: Copy secrets to environment + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + TARGET_ENV: ${{ inputs.environment }} + + SECRET_GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} + SECRET_PASSPHRASE: ${{ secrets.PASSPHRASE }} + + run: | + python3 << 'EOF' + import os + import sys + import base64 + import requests + from nacl import encoding, public + + def encrypt_secret(public_key: str, secret_value: str) -> str: + """Encrypt a secret using the public key.""" + public_key_bytes = base64.b64decode(public_key) + sealed_box = public.SealedBox(public.PublicKey(public_key_bytes)) + encrypted = sealed_box.encrypt(secret_value.encode("utf-8")) + return base64.b64encode(encrypted).decode("utf-8") + + # Get config from environment + token = os.environ["GITHUB_TOKEN"] + repo = os.environ["GITHUB_REPOSITORY"] + target_env = os.environ["TARGET_ENV"] + + headers = { + "Authorization": f"token {token}", + "Accept": "application/vnd.github+json", + "Content-Type": "application/json" + } + + # Get environment public key + print(f"Fetching public key for environment: {target_env}") + response = requests.get( + f"https://api.github.com/repos/{repo}/environments/{target_env}/secrets/public-key", + headers=headers + ) + response.raise_for_status() + env_key_data = response.json() + env_key = env_key_data["key"] + env_key_id = env_key_data["key_id"] + + print(f"✓ Got public key (ID: {env_key_id})") + print() + + # Get secrets from environment variables (prefixed with SECRET_) + secrets_to_copy = {} + for key, value in os.environ.items(): + if key.startswith("SECRET_") and value: + secret_name = key[7:] # Remove SECRET_ prefix + secrets_to_copy[secret_name] = value + + if not secrets_to_copy: + print("⚠️ No secrets found to copy!") + sys.exit(1) + + print(f"Copying {len(secrets_to_copy)} secret(s) to environment '{target_env}':") + print() + + success_count = 0 + fail_count = 0 + + for secret_name, secret_value in secrets_to_copy.items(): + try: + print(f" • {secret_name} ... ", end="", flush=True) + + # Encrypt the secret + encrypted_value = encrypt_secret(env_key, secret_value) + + # Upload to environment + response = requests.put( + f"https://api.github.com/repos/{repo}/environments/{target_env}/secrets/{secret_name}", + headers=headers, + json={ + "encrypted_value": encrypted_value, + "key_id": env_key_id + } + ) + + if response.status_code in [201, 204]: + print("✓") + success_count += 1 + else: + print(f"✗ (HTTP {response.status_code})") + print(f" Error: {response.text}") + fail_count += 1 + + except Exception as e: + print(f"✗ (Error: {str(e)})") + fail_count += 1 + + print() + print("Summary:") + print(f" ✓ Successfully copied: {success_count}") + if fail_count > 0: + print(f" ✗ Failed: {fail_count}") + print() + + if fail_count > 0: + sys.exit(1) + + print("All secrets copied successfully!") + EOF From cf1ecf9e1974816fe615a7ca14818fd24457ab79 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 16:11:25 -0600 Subject: [PATCH 10/13] fixes the final batch of resources --- github/resource_github_actions_variable.go | 1 + github/resource_github_codespaces_organization_secret.go | 1 + github/resource_github_codespaces_secret.go | 1 + github/resource_github_codespaces_user_secret.go | 1 + github/resource_github_issue_label.go | 1 + github/resource_github_repository.go | 1 + github/resource_github_repository_deployment_branch_policy.go | 1 + github/resource_github_repository_topics.go | 1 + github/resource_github_team.go | 1 + github/resource_github_team_membership.go | 1 + github/resource_github_user_ssh_key.go | 2 ++ 11 files changed, 12 insertions(+) diff --git a/github/resource_github_actions_variable.go b/github/resource_github_actions_variable.go index a40f6baceb..4928e7a6f1 100644 --- a/github/resource_github_actions_variable.go +++ b/github/resource_github_actions_variable.go @@ -112,6 +112,7 @@ func resourceGithubActionsVariableRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_codespaces_organization_secret.go b/github/resource_github_codespaces_organization_secret.go index a79cd76a51..2c4ddb1f33 100644 --- a/github/resource_github_codespaces_organization_secret.go +++ b/github/resource_github_codespaces_organization_secret.go @@ -157,6 +157,7 @@ func resourceGithubCodespacesOrganizationSecretRead(d *schema.ResourceData, meta d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_codespaces_secret.go b/github/resource_github_codespaces_secret.go index 94615b6e24..e314075fcc 100644 --- a/github/resource_github_codespaces_secret.go +++ b/github/resource_github_codespaces_secret.go @@ -127,6 +127,7 @@ func resourceGithubCodespacesSecretRead(d *schema.ResourceData, meta any) error d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_codespaces_user_secret.go b/github/resource_github_codespaces_user_secret.go index 91762f29e8..e352d7c934 100644 --- a/github/resource_github_codespaces_user_secret.go +++ b/github/resource_github_codespaces_user_secret.go @@ -141,6 +141,7 @@ func resourceGithubCodespacesUserSecretRead(d *schema.ResourceData, meta any) er d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_issue_label.go b/github/resource_github_issue_label.go index 57176fd555..2311aba55c 100644 --- a/github/resource_github_issue_label.go +++ b/github/resource_github_issue_label.go @@ -170,6 +170,7 @@ func resourceGithubIssueLabelRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go index bc155879f5..255581b243 100644 --- a/github/resource_github_repository.go +++ b/github/resource_github_repository.go @@ -782,6 +782,7 @@ func resourceGithubRepositoryRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_repository_deployment_branch_policy.go b/github/resource_github_repository_deployment_branch_policy.go index a62436260e..3791490b64 100644 --- a/github/resource_github_repository_deployment_branch_policy.go +++ b/github/resource_github_repository_deployment_branch_policy.go @@ -127,6 +127,7 @@ func resourceGithubRepositoryDeploymentBranchPolicyRead(d *schema.ResourceData, d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_repository_topics.go b/github/resource_github_repository_topics.go index e4ef9a2558..63d2c79be2 100644 --- a/github/resource_github_repository_topics.go +++ b/github/resource_github_repository_topics.go @@ -83,6 +83,7 @@ func resourceGithubRepositoryTopicsRead(d *schema.ResourceData, meta any) error d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_team.go b/github/resource_github_team.go index 482b9bc860..37080da5ef 100644 --- a/github/resource_github_team.go +++ b/github/resource_github_team.go @@ -207,6 +207,7 @@ func resourceGithubTeamRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_team_membership.go b/github/resource_github_team_membership.go index 601cb723c4..ac9bc5fb3a 100644 --- a/github/resource_github_team_membership.go +++ b/github/resource_github_team_membership.go @@ -136,6 +136,7 @@ func resourceGithubTeamMembershipRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } return err } diff --git a/github/resource_github_user_ssh_key.go b/github/resource_github_user_ssh_key.go index 4850f60e96..32b3ce199e 100644 --- a/github/resource_github_user_ssh_key.go +++ b/github/resource_github_user_ssh_key.go @@ -96,7 +96,9 @@ func resourceGithubUserSshKeyRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } + return err } + return err } if err = d.Set("etag", resp.Header.Get("ETag")); err != nil { From b9c72cad88b5ec20653776a41d66f7a7ba620b38 Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 16:12:38 -0600 Subject: [PATCH 11/13] Removes workflow --- .../workflows/copy-secrets-to-environment.yml | 127 ------------------ 1 file changed, 127 deletions(-) delete mode 100644 .github/workflows/copy-secrets-to-environment.yml diff --git a/.github/workflows/copy-secrets-to-environment.yml b/.github/workflows/copy-secrets-to-environment.yml deleted file mode 100644 index d8bc386e3b..0000000000 --- a/.github/workflows/copy-secrets-to-environment.yml +++ /dev/null @@ -1,127 +0,0 @@ -name: Copy Secrets to Release Environment - -on: - workflow_dispatch: - inputs: - environment: - description: 'Target environment' - required: true - default: 'release' - -jobs: - copy-secrets: - runs-on: ubuntu-latest - permissions: - contents: read - actions: write - - steps: - - name: Install dependencies - run: pip3 install PyNaCl requests - - - name: Copy secrets to environment - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - TARGET_ENV: ${{ inputs.environment }} - - SECRET_GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - SECRET_PASSPHRASE: ${{ secrets.PASSPHRASE }} - - run: | - python3 << 'EOF' - import os - import sys - import base64 - import requests - from nacl import encoding, public - - def encrypt_secret(public_key: str, secret_value: str) -> str: - """Encrypt a secret using the public key.""" - public_key_bytes = base64.b64decode(public_key) - sealed_box = public.SealedBox(public.PublicKey(public_key_bytes)) - encrypted = sealed_box.encrypt(secret_value.encode("utf-8")) - return base64.b64encode(encrypted).decode("utf-8") - - # Get config from environment - token = os.environ["GITHUB_TOKEN"] - repo = os.environ["GITHUB_REPOSITORY"] - target_env = os.environ["TARGET_ENV"] - - headers = { - "Authorization": f"token {token}", - "Accept": "application/vnd.github+json", - "Content-Type": "application/json" - } - - # Get environment public key - print(f"Fetching public key for environment: {target_env}") - response = requests.get( - f"https://api.github.com/repos/{repo}/environments/{target_env}/secrets/public-key", - headers=headers - ) - response.raise_for_status() - env_key_data = response.json() - env_key = env_key_data["key"] - env_key_id = env_key_data["key_id"] - - print(f"✓ Got public key (ID: {env_key_id})") - print() - - # Get secrets from environment variables (prefixed with SECRET_) - secrets_to_copy = {} - for key, value in os.environ.items(): - if key.startswith("SECRET_") and value: - secret_name = key[7:] # Remove SECRET_ prefix - secrets_to_copy[secret_name] = value - - if not secrets_to_copy: - print("⚠️ No secrets found to copy!") - sys.exit(1) - - print(f"Copying {len(secrets_to_copy)} secret(s) to environment '{target_env}':") - print() - - success_count = 0 - fail_count = 0 - - for secret_name, secret_value in secrets_to_copy.items(): - try: - print(f" • {secret_name} ... ", end="", flush=True) - - # Encrypt the secret - encrypted_value = encrypt_secret(env_key, secret_value) - - # Upload to environment - response = requests.put( - f"https://api.github.com/repos/{repo}/environments/{target_env}/secrets/{secret_name}", - headers=headers, - json={ - "encrypted_value": encrypted_value, - "key_id": env_key_id - } - ) - - if response.status_code in [201, 204]: - print("✓") - success_count += 1 - else: - print(f"✗ (HTTP {response.status_code})") - print(f" Error: {response.text}") - fail_count += 1 - - except Exception as e: - print(f"✗ (Error: {str(e)})") - fail_count += 1 - - print() - print("Summary:") - print(f" ✓ Successfully copied: {success_count}") - if fail_count > 0: - print(f" ✗ Failed: {fail_count}") - print() - - if fail_count > 0: - sys.exit(1) - - print("All secrets copied successfully!") - EOF From 15b86253b2758c62797bf458f277e0f24753796b Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Wed, 3 Dec 2025 18:34:01 -0600 Subject: [PATCH 12/13] Removes all redundant returns --- github/resource_github_actions_environment_secret.go | 2 -- github/resource_github_actions_environment_variable.go | 1 - github/resource_github_actions_variable.go | 1 - github/resource_github_branch_default.go | 1 - github/resource_github_codespaces_organization_secret.go | 1 - github/resource_github_codespaces_secret.go | 1 - github/resource_github_codespaces_user_secret.go | 1 - github/resource_github_issue.go | 1 - github/resource_github_issue_label.go | 1 - github/resource_github_membership.go | 2 -- github/resource_github_organization_ruleset.go | 1 - github/resource_github_organization_webhook.go | 1 - github/resource_github_repository.go | 1 - github/resource_github_repository_collaborator.go | 1 - github/resource_github_repository_deploy_key.go | 1 - github/resource_github_repository_deployment_branch_policy.go | 1 - .../resource_github_repository_environment_deployment_policy.go | 1 - github/resource_github_repository_project.go | 1 - github/resource_github_repository_topics.go | 1 - github/resource_github_team.go | 1 - github/resource_github_team_membership.go | 1 - github/resource_github_user_ssh_key.go | 1 - 22 files changed, 24 deletions(-) diff --git a/github/resource_github_actions_environment_secret.go b/github/resource_github_actions_environment_secret.go index a0aa3b2bcf..d556faeb0d 100644 --- a/github/resource_github_actions_environment_secret.go +++ b/github/resource_github_actions_environment_secret.go @@ -139,7 +139,6 @@ func resourceGithubActionsEnvironmentSecretRead(d *schema.ResourceData, meta any d.SetId("") return nil } - return err } return err } @@ -154,7 +153,6 @@ func resourceGithubActionsEnvironmentSecretRead(d *schema.ResourceData, meta any d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_actions_environment_variable.go b/github/resource_github_actions_environment_variable.go index e56bfd05e2..a055c0a01c 100644 --- a/github/resource_github_actions_environment_variable.go +++ b/github/resource_github_actions_environment_variable.go @@ -118,7 +118,6 @@ func resourceGithubActionsEnvironmentVariableRead(d *schema.ResourceData, meta a d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_actions_variable.go b/github/resource_github_actions_variable.go index 4928e7a6f1..a40f6baceb 100644 --- a/github/resource_github_actions_variable.go +++ b/github/resource_github_actions_variable.go @@ -112,7 +112,6 @@ func resourceGithubActionsVariableRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_branch_default.go b/github/resource_github_branch_default.go index b353a6191e..465ef00f13 100644 --- a/github/resource_github_branch_default.go +++ b/github/resource_github_branch_default.go @@ -109,7 +109,6 @@ func resourceGithubBranchDefaultRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_codespaces_organization_secret.go b/github/resource_github_codespaces_organization_secret.go index 2c4ddb1f33..a79cd76a51 100644 --- a/github/resource_github_codespaces_organization_secret.go +++ b/github/resource_github_codespaces_organization_secret.go @@ -157,7 +157,6 @@ func resourceGithubCodespacesOrganizationSecretRead(d *schema.ResourceData, meta d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_codespaces_secret.go b/github/resource_github_codespaces_secret.go index e314075fcc..94615b6e24 100644 --- a/github/resource_github_codespaces_secret.go +++ b/github/resource_github_codespaces_secret.go @@ -127,7 +127,6 @@ func resourceGithubCodespacesSecretRead(d *schema.ResourceData, meta any) error d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_codespaces_user_secret.go b/github/resource_github_codespaces_user_secret.go index e352d7c934..91762f29e8 100644 --- a/github/resource_github_codespaces_user_secret.go +++ b/github/resource_github_codespaces_user_secret.go @@ -141,7 +141,6 @@ func resourceGithubCodespacesUserSecretRead(d *schema.ResourceData, meta any) er d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_issue.go b/github/resource_github_issue.go index 178acd2e46..a3f07a1660 100644 --- a/github/resource_github_issue.go +++ b/github/resource_github_issue.go @@ -164,7 +164,6 @@ func resourceGithubIssueRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_issue_label.go b/github/resource_github_issue_label.go index 2311aba55c..57176fd555 100644 --- a/github/resource_github_issue_label.go +++ b/github/resource_github_issue_label.go @@ -170,7 +170,6 @@ func resourceGithubIssueLabelRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_membership.go b/github/resource_github_membership.go index 2c81000189..0f508ed10a 100644 --- a/github/resource_github_membership.go +++ b/github/resource_github_membership.go @@ -113,7 +113,6 @@ func resourceGithubMembershipRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } @@ -159,7 +158,6 @@ func resourceGithubMembershipDelete(d *schema.ResourceData, meta any) error { log.Printf("[INFO] Not downgrading '%s' membership for '%s' because they are not a member of the org anymore", orgName, username) return nil } - return err } return err diff --git a/github/resource_github_organization_ruleset.go b/github/resource_github_organization_ruleset.go index 4cab5f861c..a92c5f14df 100644 --- a/github/resource_github_organization_ruleset.go +++ b/github/resource_github_organization_ruleset.go @@ -636,7 +636,6 @@ func resourceGithubOrganizationRulesetRead(d *schema.ResourceData, meta any) err d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_organization_webhook.go b/github/resource_github_organization_webhook.go index bf0ab1f61c..dc43d7a5d3 100644 --- a/github/resource_github_organization_webhook.go +++ b/github/resource_github_organization_webhook.go @@ -136,7 +136,6 @@ func resourceGithubOrganizationWebhookRead(d *schema.ResourceData, meta any) err d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go index 255581b243..bc155879f5 100644 --- a/github/resource_github_repository.go +++ b/github/resource_github_repository.go @@ -782,7 +782,6 @@ func resourceGithubRepositoryRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository_collaborator.go b/github/resource_github_repository_collaborator.go index ab467b9506..387617d1b7 100644 --- a/github/resource_github_repository_collaborator.go +++ b/github/resource_github_repository_collaborator.go @@ -116,7 +116,6 @@ func resourceGithubRepositoryCollaboratorRead(d *schema.ResourceData, meta any) d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository_deploy_key.go b/github/resource_github_repository_deploy_key.go index 95f9552565..944eaa6054 100644 --- a/github/resource_github_repository_deploy_key.go +++ b/github/resource_github_repository_deploy_key.go @@ -115,7 +115,6 @@ func resourceGithubRepositoryDeployKeyRead(d *schema.ResourceData, meta any) err d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository_deployment_branch_policy.go b/github/resource_github_repository_deployment_branch_policy.go index 3791490b64..a62436260e 100644 --- a/github/resource_github_repository_deployment_branch_policy.go +++ b/github/resource_github_repository_deployment_branch_policy.go @@ -127,7 +127,6 @@ func resourceGithubRepositoryDeploymentBranchPolicyRead(d *schema.ResourceData, d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository_environment_deployment_policy.go b/github/resource_github_repository_environment_deployment_policy.go index d13a3cdcf6..2b573fce29 100644 --- a/github/resource_github_repository_environment_deployment_policy.go +++ b/github/resource_github_repository_environment_deployment_policy.go @@ -115,7 +115,6 @@ func resourceGithubRepositoryEnvironmentDeploymentPolicyRead(d *schema.ResourceD d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository_project.go b/github/resource_github_repository_project.go index a440006940..2b3b13e789 100644 --- a/github/resource_github_repository_project.go +++ b/github/resource_github_repository_project.go @@ -120,7 +120,6 @@ func resourceGithubRepositoryProjectRead(d *schema.ResourceData, meta any) error d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_repository_topics.go b/github/resource_github_repository_topics.go index 63d2c79be2..e4ef9a2558 100644 --- a/github/resource_github_repository_topics.go +++ b/github/resource_github_repository_topics.go @@ -83,7 +83,6 @@ func resourceGithubRepositoryTopicsRead(d *schema.ResourceData, meta any) error d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_team.go b/github/resource_github_team.go index 37080da5ef..482b9bc860 100644 --- a/github/resource_github_team.go +++ b/github/resource_github_team.go @@ -207,7 +207,6 @@ func resourceGithubTeamRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_team_membership.go b/github/resource_github_team_membership.go index ac9bc5fb3a..601cb723c4 100644 --- a/github/resource_github_team_membership.go +++ b/github/resource_github_team_membership.go @@ -136,7 +136,6 @@ func resourceGithubTeamMembershipRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } diff --git a/github/resource_github_user_ssh_key.go b/github/resource_github_user_ssh_key.go index 32b3ce199e..34b6030fe7 100644 --- a/github/resource_github_user_ssh_key.go +++ b/github/resource_github_user_ssh_key.go @@ -96,7 +96,6 @@ func resourceGithubUserSshKeyRead(d *schema.ResourceData, meta any) error { d.SetId("") return nil } - return err } return err } From 50f95cd230476ba1c355039cc6ec69906c222c2d Mon Sep 17 00:00:00 2001 From: Nick Floyd Date: Thu, 4 Dec 2025 10:37:31 -0600 Subject: [PATCH 13/13] Updates the logic to remove duplicate contionals and simplify --- .../resource_github_actions_environment_variable.go | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/github/resource_github_actions_environment_variable.go b/github/resource_github_actions_environment_variable.go index a055c0a01c..239141e888 100644 --- a/github/resource_github_actions_environment_variable.go +++ b/github/resource_github_actions_environment_variable.go @@ -78,14 +78,11 @@ func resourceGithubActionsEnvironmentVariableCreateOrUpdate(d *schema.ResourceDa _, err := client.Actions.CreateEnvVariable(ctx, owner, repoName, escapedEnvName, variable) if err != nil { ghErr := &github.ErrorResponse{} - if errors.As(err, &ghErr) { - if ghErr.Response.StatusCode == http.StatusConflict { - // Variable already exists, try to update instead - _, err = client.Actions.UpdateEnvVariable(ctx, owner, repoName, escapedEnvName, variable) - if err != nil { - return err - } - } else { + if errors.As(err, &ghErr) && ghErr.Response.StatusCode == http.StatusConflict { + // Variable already exists, try to update instead + // If it fails here, we want to return the error otherwise continue + _, err = client.Actions.UpdateEnvVariable(ctx, owner, repoName, escapedEnvName, variable) + if err != nil { return err } } else {