From 26c74d71f3f472363397d826902a02ec6deb1098 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Thu, 20 Nov 2025 11:46:42 +0100 Subject: [PATCH 01/12] chore(actions): Add post release workflow --- .../workflows/post-relese-smoke-tests.yaml | 65 +++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 .github/workflows/post-relese-smoke-tests.yaml diff --git a/.github/workflows/post-relese-smoke-tests.yaml b/.github/workflows/post-relese-smoke-tests.yaml new file mode 100644 index 0000000000..dd76e662ac --- /dev/null +++ b/.github/workflows/post-relese-smoke-tests.yaml @@ -0,0 +1,65 @@ +# Terraform Provider release workflow. +name: Post release smoke tests + +# This GitHub action runs smoke tests after a release is published. +on: + release: + types: [published] + +permissions: read-all + +jobs: + post-release-tests: + name: Run tests after release + runs-on: ubuntu-latest + env: + test_stacks_directory: test_tf_stacks # root directory for test stacks + post_release_tests: provider_only # directory name for post-release tests + permissions: + contents: read + + steps: + - name: Checkout + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + + - name: Setup Go + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 + with: + go-version-file: go.mod + cache: true + + - name: Build provider + run: go build -o terraform-provider-github + + - name: Setup dev overrides + run: | + ROOT_DIR=$(pwd) + cat > ~/.terraformrc << EOF + provider_installation { + dev_overrides { + "integrations/github" = "${ROOT_DIR}" + } + direct {} + } + EOF + + - name: Verify dev overrides setup + run: cat ~/.terraformrc + + - name: Setup Terraform + uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 + with: + terraform_version: 1.x + + - name: Check Terraform version + run: terraform version + + - name: Terraform init + continue-on-error: true # continue even if init fails + run: terraform -chdir=./${{ env.test_stacks_directory }}/${{ env.post_release_tests }} init + + - name: Terraform validate + run: terraform -chdir=./${{ env.test_stacks_directory }}/${{ env.post_release_tests }} validate + + - name: Clean up + run: rm -f ~/.terraformrc terraform-provider-github From d49d4fae69b8d25bf5ddc36432f38d0f7e472933 Mon Sep 17 00:00:00 2001 From: Viacheslav Date: Thu, 20 Nov 2025 12:12:45 +0100 Subject: [PATCH 02/12] Update post-relese-smoke-tests.yaml --- .github/workflows/post-relese-smoke-tests.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/post-relese-smoke-tests.yaml b/.github/workflows/post-relese-smoke-tests.yaml index dd76e662ac..c1d0d298e6 100644 --- a/.github/workflows/post-relese-smoke-tests.yaml +++ b/.github/workflows/post-relese-smoke-tests.yaml @@ -4,7 +4,6 @@ name: Post release smoke tests # This GitHub action runs smoke tests after a release is published. on: release: - types: [published] permissions: read-all From 606359ba45ed039b0f37477dadac1391b5fa6032 Mon Sep 17 00:00:00 2001 From: Viacheslav Date: Thu, 20 Nov 2025 12:26:43 +0100 Subject: [PATCH 03/12] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 98b391f118..8b16c3b42d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ # NOTE: CHANGELOG.md is deprecated + After the release of v4.24.0, please see the [GitHub release notes](https://github.com/integrations/terraform-provider-github/releases) for the provider in order to view the most up-to-date changes. # 4.24.0 (Apr 28, 2022) From 3580ffc4614392be4e9689383f3048684550b6ae Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Mon, 8 Dec 2025 13:12:01 +0100 Subject: [PATCH 04/12] Add attestation on release notes Signed-off-by: Viacheslav Kudinov --- .../workflows/post-relese-smoke-tests.yaml | 64 ------------------- .github/workflows/release.yaml | 15 +++++ CHANGELOG.md | 1 - 3 files changed, 15 insertions(+), 65 deletions(-) delete mode 100644 .github/workflows/post-relese-smoke-tests.yaml diff --git a/.github/workflows/post-relese-smoke-tests.yaml b/.github/workflows/post-relese-smoke-tests.yaml deleted file mode 100644 index c1d0d298e6..0000000000 --- a/.github/workflows/post-relese-smoke-tests.yaml +++ /dev/null @@ -1,64 +0,0 @@ -# Terraform Provider release workflow. -name: Post release smoke tests - -# This GitHub action runs smoke tests after a release is published. -on: - release: - -permissions: read-all - -jobs: - post-release-tests: - name: Run tests after release - runs-on: ubuntu-latest - env: - test_stacks_directory: test_tf_stacks # root directory for test stacks - post_release_tests: provider_only # directory name for post-release tests - permissions: - contents: read - - steps: - - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - - name: Setup Go - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 - with: - go-version-file: go.mod - cache: true - - - name: Build provider - run: go build -o terraform-provider-github - - - name: Setup dev overrides - run: | - ROOT_DIR=$(pwd) - cat > ~/.terraformrc << EOF - provider_installation { - dev_overrides { - "integrations/github" = "${ROOT_DIR}" - } - direct {} - } - EOF - - - name: Verify dev overrides setup - run: cat ~/.terraformrc - - - name: Setup Terraform - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 - with: - terraform_version: 1.x - - - name: Check Terraform version - run: terraform version - - - name: Terraform init - continue-on-error: true # continue even if init fails - run: terraform -chdir=./${{ env.test_stacks_directory }}/${{ env.post_release_tests }} init - - - name: Terraform validate - run: terraform -chdir=./${{ env.test_stacks_directory }}/${{ env.post_release_tests }} validate - - - name: Clean up - run: rm -f ~/.terraformrc terraform-provider-github diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 81c97ec068..76f2a3803b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -65,5 +65,20 @@ jobs: - name: Attest artifacts uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 + id: attest with: subject-checksums: ./dist/${{ github.event.repository.name }}_${{ fromJSON(steps.goreleaser.outputs.metadata).version }}_SHA256SUMS + + - name: Update release notes with attestation + run: | + gh release view "${{ github.ref_name }}" --json body -q '.body' --repo "${{ github.repository }}" > new-release-notes.md + echo "" >> new-release-notes.md + echo "## Attestation" >> new-release-notes.md + echo "" >> new-release-notes.md + echo "Build provenance attestation: [View attestation](${{ steps.attest.outputs.attestation-url }})" >> new-release-notes.md + echo "" >> new-release-notes.md + echo "Verify the artifacts by running:" >> new-release-notes.md + echo "\`\`\`bash" >> new-release-notes.md + echo "gh attestation verify --repo ${{ github.repository }}" >> new-release-notes.md + echo "\`\`\`" >> new-release-notes.md + gh release edit "${{ github.ref_name }}" --notes-file new-release-notes.md --repo "${{ github.repository }}" diff --git a/CHANGELOG.md b/CHANGELOG.md index 8b16c3b42d..98b391f118 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,5 @@ # NOTE: CHANGELOG.md is deprecated - After the release of v4.24.0, please see the [GitHub release notes](https://github.com/integrations/terraform-provider-github/releases) for the provider in order to view the most up-to-date changes. # 4.24.0 (Apr 28, 2022) From 090a3a3edef202211702aa4d81ccc2104abbc54f Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Mon, 8 Dec 2025 13:27:38 +0100 Subject: [PATCH 05/12] Add token variable --- .github/workflows/release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 76f2a3803b..68e5ae8789 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -70,6 +70,8 @@ jobs: subject-checksums: ./dist/${{ github.event.repository.name }}_${{ fromJSON(steps.goreleaser.outputs.metadata).version }}_SHA256SUMS - name: Update release notes with attestation + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh release view "${{ github.ref_name }}" --json body -q '.body' --repo "${{ github.repository }}" > new-release-notes.md echo "" >> new-release-notes.md From 9b0b1b2e154d0fb95ed54131ba7690f4415666ea Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Mon, 8 Dec 2025 13:39:05 +0100 Subject: [PATCH 06/12] Update filename --- .github/workflows/release.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 68e5ae8789..ebdfff733a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -73,14 +73,14 @@ jobs: env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh release view "${{ github.ref_name }}" --json body -q '.body' --repo "${{ github.repository }}" > new-release-notes.md - echo "" >> new-release-notes.md - echo "## Attestation" >> new-release-notes.md - echo "" >> new-release-notes.md - echo "Build provenance attestation: [View attestation](${{ steps.attest.outputs.attestation-url }})" >> new-release-notes.md - echo "" >> new-release-notes.md - echo "Verify the artifacts by running:" >> new-release-notes.md - echo "\`\`\`bash" >> new-release-notes.md - echo "gh attestation verify --repo ${{ github.repository }}" >> new-release-notes.md - echo "\`\`\`" >> new-release-notes.md - gh release edit "${{ github.ref_name }}" --notes-file new-release-notes.md --repo "${{ github.repository }}" + gh release view "${{ github.ref_name }}" --json body -q '.body' --repo "${{ github.repository }}" > release-notes-with-attestation.md + echo "" >> release-notes-with-attestation.md + echo "## Attestation" >> release-notes-with-attestation.md + echo "" >> release-notes-with-attestation.md + echo "Built provenance attestation: [View attestation](${{ steps.attest.outputs.attestation-url }})" >> release-notes-with-attestation.md + echo "" >> release-notes-with-attestation.md + echo "Verify the artifacts by running:" >> release-notes-with-attestation.md + echo "\`\`\`bash" >> release-notes-with-attestation.md + echo "gh attestation verify --repo ${{ github.repository }}" >> release-notes-with-attestation.md + echo "\`\`\`" >> release-notes-with-attestation.md + gh release edit "${{ github.ref_name }}" --notes-file release-notes-with-attestation.md --repo "${{ github.repository }}" From a3c956674cee5f81baa742df86bcad85bd91ab19 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Mon, 8 Dec 2025 13:48:05 +0100 Subject: [PATCH 07/12] Add download command --- .github/workflows/release.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ebdfff733a..cf62b0005f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -79,6 +79,10 @@ jobs: echo "" >> release-notes-with-attestation.md echo "Built provenance attestation: [View attestation](${{ steps.attest.outputs.attestation-url }})" >> release-notes-with-attestation.md echo "" >> release-notes-with-attestation.md + echo "Download the artifacts:" >> release-notes-with-attestation.md + echo "\`\`\`bash" >> release-notes-with-attestation.md + echo "gh release download ${{ github.ref_name }} -repo ${{ github.repository }} -p "*.zip"" + echo "\`\`\`" >> release-notes-with-attestation.md echo "Verify the artifacts by running:" >> release-notes-with-attestation.md echo "\`\`\`bash" >> release-notes-with-attestation.md echo "gh attestation verify --repo ${{ github.repository }}" >> release-notes-with-attestation.md From 8748c8d100640bd21e2d2bb7a0b95fb59dd78fad Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Mon, 8 Dec 2025 14:28:02 +0100 Subject: [PATCH 08/12] Fix download command --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cf62b0005f..2c9baa9989 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -81,7 +81,7 @@ jobs: echo "" >> release-notes-with-attestation.md echo "Download the artifacts:" >> release-notes-with-attestation.md echo "\`\`\`bash" >> release-notes-with-attestation.md - echo "gh release download ${{ github.ref_name }} -repo ${{ github.repository }} -p "*.zip"" + echo "gh release download ${{ github.ref_name }} -repo ${{ github.repository }} -p "*.zip"" >> release-notes-with-attestation.md echo "\`\`\`" >> release-notes-with-attestation.md echo "Verify the artifacts by running:" >> release-notes-with-attestation.md echo "\`\`\`bash" >> release-notes-with-attestation.md From 98924c8134debefba02111de9f0ed26a4303b144 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Mon, 8 Dec 2025 14:38:20 +0100 Subject: [PATCH 09/12] Tune new notes generation --- .github/workflows/release.yaml | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2c9baa9989..8226fa3556 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -73,18 +73,17 @@ jobs: env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh release view "${{ github.ref_name }}" --json body -q '.body' --repo "${{ github.repository }}" > release-notes-with-attestation.md - echo "" >> release-notes-with-attestation.md - echo "## Attestation" >> release-notes-with-attestation.md - echo "" >> release-notes-with-attestation.md - echo "Built provenance attestation: [View attestation](${{ steps.attest.outputs.attestation-url }})" >> release-notes-with-attestation.md - echo "" >> release-notes-with-attestation.md - echo "Download the artifacts:" >> release-notes-with-attestation.md - echo "\`\`\`bash" >> release-notes-with-attestation.md - echo "gh release download ${{ github.ref_name }} -repo ${{ github.repository }} -p "*.zip"" >> release-notes-with-attestation.md - echo "\`\`\`" >> release-notes-with-attestation.md - echo "Verify the artifacts by running:" >> release-notes-with-attestation.md - echo "\`\`\`bash" >> release-notes-with-attestation.md - echo "gh attestation verify --repo ${{ github.repository }}" >> release-notes-with-attestation.md - echo "\`\`\`" >> release-notes-with-attestation.md - gh release edit "${{ github.ref_name }}" --notes-file release-notes-with-attestation.md --repo "${{ github.repository }}" + gh release view "${{ github.ref_name }}" --json body -q '.body' --repo "${{ github.repository }}" > notes.md + cat >> notes.md < --repo ${{ github.repository }} + \`\`\` + EOF + gh release edit "${{ github.ref_name }}" --notes-file notes.md --repo "${{ github.repository }}" From fe8e66428d0ecbed8678407c37dddd130c466514 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Sun, 18 Jan 2026 09:26:59 +0100 Subject: [PATCH 10/12] Update status check doc Signed-off-by: Viacheslav Kudinov --- .../docs/r/branch_protection.html.markdown | 42 +++++++++++++++++-- 1 file changed, 39 insertions(+), 3 deletions(-) diff --git a/website/docs/r/branch_protection.html.markdown b/website/docs/r/branch_protection.html.markdown index 842f33b390..13d79bb854 100644 --- a/website/docs/r/branch_protection.html.markdown +++ b/website/docs/r/branch_protection.html.markdown @@ -112,9 +112,45 @@ The following arguments are supported: * `strict`: (Optional) Require branches to be up to date before merging. Defaults to `false`. * `contexts`: (Optional) The list of status checks to require in order to merge into this branch. No status checks are required by default. -~> Note: This attribute can contain multiple string patterns. -If specified, usual value is the [job name](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname). Otherwise, the [job id](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname) is defaulted to. -For workflows that use matrixes, append the matrix name to the value using the following pattern `([, ])`. Matrixes should be specified based on the order of matrix properties in the workflow file. See [GitHub Documentation]("https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#using-a-matrix-strategy") for more information. +~> **Note:** This attribute can contain multiple string patterns. +If specified, usual value is the [job name](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname). Otherwise, the [job id](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_id) is defaulted to. + +For example, given the following workflow: +```yaml +... +jobs: + build: + name: Build and Test + runs-on: ubuntu-latest + steps: + ... + test: + runs-on: ubuntu-latest + steps: + ... +``` +The value to use in `contexts` would be either `Build and Test` or `build` for the first job, and `test` for the second job. + +For workflows that use matrixes, append the matrix name to the value using the following pattern `([, ])`. Matrixes should be specified based on the order of matrix properties in the workflow file. See [GitHub Documentation](https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations?versionId=free-pro-team%40latest&productId=actions&restPage=how-tos%2Cwrite-workflows#adding-a-matrix-strategy-to-your-workflow-job) for more information. + +For example, given the following workflow: +```yaml +jobs: + example_matrix: + strategy: + matrix: + version: [10, 12, 14] + os: [ubuntu-latest, windows-latest] +``` +The values to use in `contexts` would be any of the following six options: +- `example_matrix (10, ubuntu-latest)` +- `example_matrix (10, windows-latest)` +- `example_matrix (12, ubuntu-latest)` +- `example_matrix (12, windows-latest)` +- `example_matrix (14, ubuntu-latest)` +- `example_matrix (14, windows-latest)` +or combinations thereof. + For workflows that use reusable workflows, the pattern is ` / `. This can extend multiple levels. ### Required Pull Request Reviews From bc30ce023631f225baa99b4ae1a7c7fc2ca6c4b9 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Sun, 18 Jan 2026 09:52:32 +0100 Subject: [PATCH 11/12] Tune status check doc Signed-off-by: Viacheslav Kudinov --- website/docs/r/branch_protection.html.markdown | 4 ---- 1 file changed, 4 deletions(-) diff --git a/website/docs/r/branch_protection.html.markdown b/website/docs/r/branch_protection.html.markdown index 13d79bb854..41312af904 100644 --- a/website/docs/r/branch_protection.html.markdown +++ b/website/docs/r/branch_protection.html.markdown @@ -114,7 +114,6 @@ The following arguments are supported: ~> **Note:** This attribute can contain multiple string patterns. If specified, usual value is the [job name](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname). Otherwise, the [job id](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_id) is defaulted to. - For example, given the following workflow: ```yaml ... @@ -130,9 +129,7 @@ jobs: ... ``` The value to use in `contexts` would be either `Build and Test` or `build` for the first job, and `test` for the second job. - For workflows that use matrixes, append the matrix name to the value using the following pattern `([, ])`. Matrixes should be specified based on the order of matrix properties in the workflow file. See [GitHub Documentation](https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations?versionId=free-pro-team%40latest&productId=actions&restPage=how-tos%2Cwrite-workflows#adding-a-matrix-strategy-to-your-workflow-job) for more information. - For example, given the following workflow: ```yaml jobs: @@ -150,7 +147,6 @@ The values to use in `contexts` would be any of the following six options: - `example_matrix (14, ubuntu-latest)` - `example_matrix (14, windows-latest)` or combinations thereof. - For workflows that use reusable workflows, the pattern is ` / `. This can extend multiple levels. ### Required Pull Request Reviews From 4c9f930f0194e4a87efa0ca6a7149f64b568a547 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Sat, 7 Feb 2026 19:45:17 +0100 Subject: [PATCH 12/12] Tune status check doc Signed-off-by: Viacheslav Kudinov --- .../docs/r/branch_protection.html.markdown | 235 +++++++++++++++--- 1 file changed, 199 insertions(+), 36 deletions(-) diff --git a/website/docs/r/branch_protection.html.markdown b/website/docs/r/branch_protection.html.markdown index 41312af904..63736ef711 100644 --- a/website/docs/r/branch_protection.html.markdown +++ b/website/docs/r/branch_protection.html.markdown @@ -87,6 +87,200 @@ resource "github_team_repository" "example" { } ``` +## Example Usage - Status Check with job_name and/or job_id + +Given the following workflow: + +```yaml +... +jobs: + build: + name: Build and Test + runs-on: ubuntu-latest + steps: + ... + test: + runs-on: ubuntu-latest + steps: + ... +``` + +The value to use in `contexts` would be `Build and Test` (the job name) for the first job, and `test` (the job_id) for the second job. + +~> **Note:** When a job has a `name` attribute, GitHub uses the **name** as the status check context. When a job doesn't have a `name`, GitHub uses the `job_id`. You must use whichever one GitHub reports as the status check context. + +```hcl +resource "github_branch_protection" "example" { + repository_id = github_repository.example.node_id + pattern = "main" + + required_status_checks { + contexts = [ + "Build and Test", # Uses job name because name is specified + "test", # Uses job_id because no name is specified + ] + } +} +``` +## Example Usage - Status Check with Matrix Jobs +For example, given the following workflow: +```yaml +... +jobs: + example_matrix: + name: Example Matrix + strategy: + matrix: + version: [10, 12, 14] + os: [ubuntu-latest, windows-latest] + ... +``` +Since the job has a `name` attribute, you must use the job name (not the job id). The values to use in `contexts` would be: +- Example Matrix (10, ubuntu-latest) +- Example Matrix (10, windows-latest) +- Example Matrix (12, ubuntu-latest) +- Example Matrix (12, windows-latest) +- Example Matrix (14, ubuntu-latest) +- Example Matrix (14, windows-latest) + +```hcl +resource "github_branch_protection" "example" { + repository_id = github_repository.example.node_id + pattern = "main" + required_status_checks { + contexts = [ + "Example Matrix (10, ubuntu-latest)", + "Example Matrix (10, windows-latest)", + "Example Matrix (12, ubuntu-latest)", + "Example Matrix (12, windows-latest)", + "Example Matrix (14, ubuntu-latest)", + "Example Matrix (14, windows-latest)", + ] + } +} +``` + +## Example Usage - Status Check with Matrix Jobs (No Job Name) + +If the workflow does **not** have a `name` attribute: +```yaml +... +jobs: + example_matrix: + strategy: + matrix: + version: [10, 12, 14] + os: [ubuntu-latest, windows-latest] + ... +``` +Since there's no `name` attribute, you must use the `job_id`. The values to use in `contexts` would be: +- example_matrix (10, ubuntu-latest) +- example_matrix (10, windows-latest) +- example_matrix (12, ubuntu-latest) +- example_matrix (12, windows-latest) +- example_matrix (14, ubuntu-latest) +- example_matrix (14, windows-latest) + +```hcl +resource "github_branch_protection" "example" { + repository_id = github_repository.example.node_id + pattern = "main" + required_status_checks { + contexts = [ + "example_matrix (10, ubuntu-latest)", + "example_matrix (10, windows-latest)", + "example_matrix (12, ubuntu-latest)", + "example_matrix (12, windows-latest)", + "example_matrix (14, ubuntu-latest)", + "example_matrix (14, windows-latest)", + ] + } +} +``` + +## Example Usage - Status Check with Reusable Workflows + +When using reusable workflows, the status check context follows the pattern: ` / `. +If the caller or called workflow job has a `name` attribute, use the job name. If it doesn't have a `name` attribute, use the `job_id`. + +Given the following caller workflow (`.github/workflows/caller.yml`): +```yaml +jobs: + call-workflow: + name: Call Reusable Workflow + uses: ./.github/workflows/reusable.yml +``` + +And the reusable workflow (`.github/workflows/reusable.yml`): +```yaml +jobs: + build: + name: Build Application + runs-on: ubuntu-latest + steps: + ... + test: + runs-on: ubuntu-latest + steps: + ... +``` + +Since both the caller job and the first reusable job have `name` attributes, use both names. The second job in the reusable workflow has no name, so use its `job_id`: + +```hcl +resource "github_branch_protection" "example" { + repository_id = github_repository.example.node_id + pattern = "main" + required_status_checks { + contexts = [ + "Call Reusable Workflow / Build Application", # caller name / reusable job name + "Call Reusable Workflow / test", # caller name / reusable job_id + ] + } +} +``` + +## Example Usage - Status Check with Reusable Workflows (No Job Names) + +If the workflows do **not** have `name` attributes: + +Caller workflow (`.github/workflows/caller.yml`): +```yaml +jobs: + call-workflow: + uses: ./.github/workflows/reusable.yml +``` + +Reusable workflow (`.github/workflows/reusable.yml`): +```yaml +jobs: + build: + runs-on: ubuntu-latest + steps: + ... + test: + runs-on: ubuntu-latest + steps: + ... +``` + +Use the `job_id` for both the caller and the reusable workflow jobs: + +```hcl +resource "github_branch_protection" "example" { + repository_id = github_repository.example.node_id + pattern = "main" + required_status_checks { + contexts = [ + "call-workflow / build", # caller job_id / reusable job_id + "call-workflow / test", # caller job_id / reusable job_id + ] + } +} +``` + +~> **Note:** For multi-level reusable workflows, the pattern extends: ` / / `. + ## Argument Reference The following arguments are supported: @@ -112,42 +306,11 @@ The following arguments are supported: * `strict`: (Optional) Require branches to be up to date before merging. Defaults to `false`. * `contexts`: (Optional) The list of status checks to require in order to merge into this branch. No status checks are required by default. -~> **Note:** This attribute can contain multiple string patterns. -If specified, usual value is the [job name](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname). Otherwise, the [job id](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_id) is defaulted to. -For example, given the following workflow: -```yaml -... -jobs: - build: - name: Build and Test - runs-on: ubuntu-latest - steps: - ... - test: - runs-on: ubuntu-latest - steps: - ... -``` -The value to use in `contexts` would be either `Build and Test` or `build` for the first job, and `test` for the second job. -For workflows that use matrixes, append the matrix name to the value using the following pattern `([, ])`. Matrixes should be specified based on the order of matrix properties in the workflow file. See [GitHub Documentation](https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations?versionId=free-pro-team%40latest&productId=actions&restPage=how-tos%2Cwrite-workflows#adding-a-matrix-strategy-to-your-workflow-job) for more information. -For example, given the following workflow: -```yaml -jobs: - example_matrix: - strategy: - matrix: - version: [10, 12, 14] - os: [ubuntu-latest, windows-latest] -``` -The values to use in `contexts` would be any of the following six options: -- `example_matrix (10, ubuntu-latest)` -- `example_matrix (10, windows-latest)` -- `example_matrix (12, ubuntu-latest)` -- `example_matrix (12, windows-latest)` -- `example_matrix (14, ubuntu-latest)` -- `example_matrix (14, windows-latest)` -or combinations thereof. -For workflows that use reusable workflows, the pattern is ` / `. This can extend multiple levels. +~> **Note:** This attribute can contain multiple string patterns representing GitHub Actions workflow job status checks. +If a job has a [`name`](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname) attribute, use the job name as the context value. +If a job does **not** have a `name` attribute, use the [`job_id`](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_id) as the context value. +Append the matrix values to the job name or job_id using the pattern: ` (, )`. For example: `Example Matrix (10, ubuntu-latest)`. See the examples above and [GitHub Documentation](https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs) for more information. +Use the pattern: ` / `. Apply the `name` vs `job_id` rule to both the caller and called workflow jobs. For multi-level reusable workflows, extend the pattern with additional levels separated by ` / `. See the examples above for more information. ### Required Pull Request Reviews