From 9ff3e9bd91ff578def09f53c1a3de75b2a4b2e71 Mon Sep 17 00:00:00 2001 From: jackmtpt <115712715+jackmtpt@users.noreply.github.com> Date: Fri, 20 Feb 2026 14:50:08 +0000 Subject: [PATCH 1/8] allow EnterpriseOwner in ruleset --- github/resource_github_organization_ruleset.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/github/resource_github_organization_ruleset.go b/github/resource_github_organization_ruleset.go index e95e5e7af7..5ffc623945 100644 --- a/github/resource_github_organization_ruleset.go +++ b/github/resource_github_organization_ruleset.go @@ -63,13 +63,13 @@ func resourceGithubOrganizationRuleset() *schema.Resource { Type: schema.TypeInt, Optional: true, Default: nil, - Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. Some resources such as DeployKey do not have an ID and this should be omitted.", + Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. When it is `EnterpriseOwner` it should be 0. Some resources such as DeployKey do not have an ID and this should be omitted.", }, "actor_type": { Type: schema.TypeString, Required: true, - ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"Integration", "OrganizationAdmin", "RepositoryRole", "Team", "DeployKey"}, false)), - Description: "The type of actor that can bypass a ruleset. Can be one of: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, or `DeployKey`.", + ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"Integration", "OrganizationAdmin", "RepositoryRole", "Team", "DeployKey", "EnterpriseOwner"}, false)), + Description: "The type of actor that can bypass a ruleset. Can be one of: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, `DeployKey` or `EnterpriseOwner`.", }, "bypass_mode": { Type: schema.TypeString, From b0c9875af0c3b3d53ad6a007bf9cfe0928b80159 Mon Sep 17 00:00:00 2001 From: jackmtpt <115712715+jackmtpt@users.noreply.github.com> Date: Fri, 20 Feb 2026 14:53:07 +0000 Subject: [PATCH 2/8] add test case for EnterpriseOwner --- github/resource_github_organization_ruleset_test.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/github/resource_github_organization_ruleset_test.go b/github/resource_github_organization_ruleset_test.go index 30afe67393..37be033b3d 100644 --- a/github/resource_github_organization_ruleset_test.go +++ b/github/resource_github_organization_ruleset_test.go @@ -77,6 +77,12 @@ resource "github_organization_ruleset" "test" { bypass_mode = "always" } + bypass_actors { + actor_id = 0 + actor_type = "EnterpriseOwner" + bypass_mode = "always" + } + conditions { repository_name { include = ["~ALL"] @@ -170,6 +176,9 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_id", "1"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_type", "OrganizationAdmin"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.bypass_mode", "always"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_id", "0"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_type", "EnterpriseOwner"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "3"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.do_not_enforce_on_create", "true"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.required_workflow.0.path", workflowFilePath), From b8bf8b3ede711d3fdc516714da5fc3aa0894d56d Mon Sep 17 00:00:00 2001 From: jackmtpt <115712715+jackmtpt@users.noreply.github.com> Date: Fri, 20 Feb 2026 14:55:58 +0000 Subject: [PATCH 3/8] update resource docs --- website/docs/r/organization_ruleset.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/website/docs/r/organization_ruleset.html.markdown b/website/docs/r/organization_ruleset.html.markdown index f0a052a159..783a762a6f 100644 --- a/website/docs/r/organization_ruleset.html.markdown +++ b/website/docs/r/organization_ruleset.html.markdown @@ -351,12 +351,13 @@ The `rules` block supports the following: - `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. Some actor types such as `DeployKey` do not have an ID. -- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`. +- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `EnterpriseOwner`. - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`. ~>Note: at the time of writing this, the following actor types correspond to the following actor IDs: +- `EnterpriseOwner` -> `0` - `OrganizationAdmin` -> `1` - `RepositoryRole` (This is the actor type, the following are the base repository roles and their associated IDs.) - `maintain` -> `2` From 1647d3844c4d94c49b14cd2c7e0643d336feed97 Mon Sep 17 00:00:00 2001 From: Jack Murray Date: Mon, 23 Feb 2026 11:17:17 +0000 Subject: [PATCH 4/8] remove actor_id for the org admin + ent owner cases where it should not be set according to the API docs https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/rules?apiVersion=2022-11-28#create-an-organization-repository-ruleset --- github/resource_github_organization_ruleset.go | 2 +- github/resource_github_organization_ruleset_test.go | 6 ------ website/docs/r/organization_ruleset.html.markdown | 4 +--- website/docs/r/repository_ruleset.html.markdown | 3 +-- 4 files changed, 3 insertions(+), 12 deletions(-) diff --git a/github/resource_github_organization_ruleset.go b/github/resource_github_organization_ruleset.go index 5ffc623945..2ebaa5fb1d 100644 --- a/github/resource_github_organization_ruleset.go +++ b/github/resource_github_organization_ruleset.go @@ -63,7 +63,7 @@ func resourceGithubOrganizationRuleset() *schema.Resource { Type: schema.TypeInt, Optional: true, Default: nil, - Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. When it is `EnterpriseOwner` it should be 0. Some resources such as DeployKey do not have an ID and this should be omitted.", + Description: "The ID of the actor that can bypass a ruleset. Some actor types such as OrganizationAdmin/EnterpriseOwner/DeployKey do not have an ID and this should be omitted.", }, "actor_type": { Type: schema.TypeString, diff --git a/github/resource_github_organization_ruleset_test.go b/github/resource_github_organization_ruleset_test.go index 37be033b3d..5e380a36a9 100644 --- a/github/resource_github_organization_ruleset_test.go +++ b/github/resource_github_organization_ruleset_test.go @@ -72,13 +72,11 @@ resource "github_organization_ruleset" "test" { } bypass_actors { - actor_id = 1 actor_type = "OrganizationAdmin" bypass_mode = "always" } bypass_actors { - actor_id = 0 actor_type = "EnterpriseOwner" bypass_mode = "always" } @@ -173,10 +171,8 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_id", "5"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_type", "RepositoryRole"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.bypass_mode", "always"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_id", "1"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_type", "OrganizationAdmin"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.bypass_mode", "always"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_id", "0"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_type", "EnterpriseOwner"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "3"), @@ -636,7 +632,6 @@ resource "github_organization_ruleset" "test" { } bypass_actors { - actor_id = 1 actor_type = "OrganizationAdmin" bypass_mode = "always" } @@ -716,7 +711,6 @@ resource "github_organization_ruleset" "test" { enforcement = "active" bypass_actors { - actor_id = 1 actor_type = "OrganizationAdmin" bypass_mode = "%s" } diff --git a/website/docs/r/organization_ruleset.html.markdown b/website/docs/r/organization_ruleset.html.markdown index 783a762a6f..a2aff5deea 100644 --- a/website/docs/r/organization_ruleset.html.markdown +++ b/website/docs/r/organization_ruleset.html.markdown @@ -349,7 +349,7 @@ The `rules` block supports the following: #### bypass_actors #### -- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. Some actor types such as `DeployKey` do not have an ID. +- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. Some actor types such as `OrganizationAdmin`, `EnterpriseOwner` and `DeployKey` do not have an ID - this argument should not be set in those cases as the GitHub API will ignore it. - `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `EnterpriseOwner`. @@ -357,8 +357,6 @@ The `rules` block supports the following: ~>Note: at the time of writing this, the following actor types correspond to the following actor IDs: -- `EnterpriseOwner` -> `0` -- `OrganizationAdmin` -> `1` - `RepositoryRole` (This is the actor type, the following are the base repository roles and their associated IDs.) - `maintain` -> `2` - `write` -> `4` diff --git a/website/docs/r/repository_ruleset.html.markdown b/website/docs/r/repository_ruleset.html.markdown index ab2682a786..0700c3b63c 100644 --- a/website/docs/r/repository_ruleset.html.markdown +++ b/website/docs/r/repository_ruleset.html.markdown @@ -296,7 +296,7 @@ The `rules` block supports the following: #### bypass_actors #### -- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `DeployKey` do not have an ID. +- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `OrganizationAdmin` and `DeployKey` do not have an ID. - `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`. @@ -304,7 +304,6 @@ The `rules` block supports the following: ~> Note: at the time of writing this, the following actor types correspond to the following actor IDs: -- `OrganizationAdmin` -> `1` - `RepositoryRole` (This is the actor type, the following are the base repository roles and their associated IDs.) - `maintain` -> `2` - `write` -> `4` From b4806405ef4cf6ab0b50064389c0bf7d41c1cbab Mon Sep 17 00:00:00 2001 From: Jack Murray Date: Mon, 23 Feb 2026 11:31:29 +0000 Subject: [PATCH 5/8] fix count in test --- github/resource_github_organization_ruleset_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/resource_github_organization_ruleset_test.go b/github/resource_github_organization_ruleset_test.go index 5e380a36a9..4157c159e4 100644 --- a/github/resource_github_organization_ruleset_test.go +++ b/github/resource_github_organization_ruleset_test.go @@ -165,7 +165,7 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "name", rulesetName), resource.TestCheckResourceAttr("github_organization_ruleset.test", "target", "branch"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "enforcement", "active"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "3"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "4"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.actor_type", "DeployKey"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_id", "5"), From 1293372c66f8b6b533ca139d1013caf7d13480df Mon Sep 17 00:00:00 2001 From: Jack Murray Date: Mon, 23 Feb 2026 11:31:49 +0000 Subject: [PATCH 6/8] support ent owner in non-org rulesets as well --- github/resource_github_repository_ruleset.go | 4 ++-- github/resource_github_repository_ruleset_test.go | 8 ++++++++ website/docs/r/repository_ruleset.html.markdown | 4 ++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/github/resource_github_repository_ruleset.go b/github/resource_github_repository_ruleset.go index e2b557ad39..07e42ef3e2 100644 --- a/github/resource_github_repository_ruleset.go +++ b/github/resource_github_repository_ruleset.go @@ -68,12 +68,12 @@ func resourceGithubRepositoryRuleset() *schema.Resource { Type: schema.TypeInt, Optional: true, Default: nil, - Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. Some resources such as DeployKey do not have an ID and this should be omitted.", + Description: "The ID of the actor that can bypass a ruleset. Some actor types such as OrganizationAdmin/EnterpriseOwner/DeployKey do not have an ID and this should be omitted.", }, "actor_type": { Type: schema.TypeString, Required: true, - ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey"}, false)), + ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey", "EnterpriseOwner"}, false)), Description: "The type of actor that can bypass a ruleset. See https://docs.github.com/en/rest/repos/rules for more information.", }, "bypass_mode": { diff --git a/github/resource_github_repository_ruleset_test.go b/github/resource_github_repository_ruleset_test.go index 3cb74e2117..49798454c7 100644 --- a/github/resource_github_repository_ruleset_test.go +++ b/github/resource_github_repository_ruleset_test.go @@ -173,6 +173,11 @@ resource "github_repository_ruleset" "test" { } } + bypass_actors { + actor_type = "EnterpriseOwner" + bypass_mode = "always" + } + rules { branch_name_pattern { name = "test" @@ -193,6 +198,9 @@ resource "github_repository_ruleset" "test" { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("github_repository_ruleset.test", "name", "test"), resource.TestCheckResourceAttr("github_repository_ruleset.test", "enforcement", "active"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.#", "1"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.actor_type", "EnterpriseOwner"), + resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.bypass_mode", "always"), ), }, }, diff --git a/website/docs/r/repository_ruleset.html.markdown b/website/docs/r/repository_ruleset.html.markdown index 0700c3b63c..65532b0e01 100644 --- a/website/docs/r/repository_ruleset.html.markdown +++ b/website/docs/r/repository_ruleset.html.markdown @@ -296,9 +296,9 @@ The `rules` block supports the following: #### bypass_actors #### -- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `OrganizationAdmin` and `DeployKey` do not have an ID. +- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `OrganizationAdmin`, `EnterpriseOwner` and `DeployKey` do not have an ID. -- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`. +- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, `EnterpriseOwner`. - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`. From cdeca2987ab4cb53a0dcd0f599852f7a2b630d30 Mon Sep 17 00:00:00 2001 From: Jack Murray Date: Thu, 5 Mar 2026 15:56:10 +0000 Subject: [PATCH 7/8] only run the enterpriseowner tests in enterprise mode --- ...source_github_organization_ruleset_test.go | 65 ++++++++++++++++--- ...resource_github_repository_ruleset_test.go | 2 +- 2 files changed, 58 insertions(+), 9 deletions(-) diff --git a/github/resource_github_organization_ruleset_test.go b/github/resource_github_organization_ruleset_test.go index 4157c159e4..b7742a0624 100644 --- a/github/resource_github_organization_ruleset_test.go +++ b/github/resource_github_organization_ruleset_test.go @@ -76,11 +76,6 @@ resource "github_organization_ruleset" "test" { bypass_mode = "always" } - bypass_actors { - actor_type = "EnterpriseOwner" - bypass_mode = "always" - } - conditions { repository_name { include = ["~ALL"] @@ -165,7 +160,7 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "name", rulesetName), resource.TestCheckResourceAttr("github_organization_ruleset.test", "target", "branch"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "enforcement", "active"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "4"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "3"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.actor_type", "DeployKey"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_id", "5"), @@ -173,8 +168,6 @@ resource "github_organization_ruleset" "test" { resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_type", "OrganizationAdmin"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.bypass_mode", "always"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_type", "EnterpriseOwner"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.bypass_mode", "always"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "3"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.do_not_enforce_on_create", "true"), resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.required_workflow.0.path", workflowFilePath), @@ -1403,6 +1396,62 @@ resource "github_organization_ruleset" "test" { }, }) }) + + t.Run("create_branch_ruleset_with_enterprise_features", func(t *testing.T) { + randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum) + rulesetName := fmt.Sprintf("%s-branch-ruleset-%s", testResourcePrefix, randomID) + + config := fmt.Sprintf(` + resource "github_organization_ruleset" "test" { + name = "%s" + target = "branch" + enforcement = "active" + + conditions { + ref_name { + include = ["~ALL"] + exclude = [] + } + + repository_name { + include = ["~ALL"] + exclude = [] + } + } + + bypass_actors { + actor_type = "EnterpriseOwner" + bypass_mode = "always" + } + + rules { + branch_name_pattern { + name = "test" + negate = false + operator = "starts_with" + pattern = "test" + } + } + } +`, rulesetName) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { skipUnlessEnterprise(t) }, + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("github_organization_ruleset.test", "name", rulesetName), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "enforcement", "active"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "1"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.actor_type", "EnterpriseOwner"), + resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.bypass_mode", "always"), + ), + }, + }, + }) + }) } func TestOrganizationPushRulesetSupport(t *testing.T) { diff --git a/github/resource_github_repository_ruleset_test.go b/github/resource_github_repository_ruleset_test.go index 49798454c7..67ec2589a7 100644 --- a/github/resource_github_repository_ruleset_test.go +++ b/github/resource_github_repository_ruleset_test.go @@ -190,7 +190,7 @@ resource "github_repository_ruleset" "test" { `, repoName, testAccConf.testRepositoryVisibility) resource.Test(t, resource.TestCase{ - PreCheck: func() { skipUnauthenticated(t) }, + PreCheck: func() { skipUnlessEnterprise(t) }, ProviderFactories: providerFactories, Steps: []resource.TestStep{ { From 2df5697f861c4ee53618f2804ea1ad38f09155b8 Mon Sep 17 00:00:00 2001 From: Jack Murray Date: Thu, 30 Apr 2026 10:53:16 +0100 Subject: [PATCH 8/8] use ConfigStateChecks instead Co-authored-by: Copilot --- github/resource_github_organization_ruleset_test.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/github/resource_github_organization_ruleset_test.go b/github/resource_github_organization_ruleset_test.go index b7742a0624..0577a1c010 100644 --- a/github/resource_github_organization_ruleset_test.go +++ b/github/resource_github_organization_ruleset_test.go @@ -1441,13 +1441,12 @@ resource "github_organization_ruleset" "test" { Steps: []resource.TestStep{ { Config: config, - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("github_organization_ruleset.test", "name", rulesetName), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "enforcement", "active"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "1"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.actor_type", "EnterpriseOwner"), - resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.bypass_mode", "always"), - ), + ConfigStateChecks: []statecheck.StateCheck{ + statecheck.ExpectKnownValue("github_organization_ruleset.test", tfjsonpath.New("name"), knownvalue.StringExact(rulesetName)), + statecheck.ExpectKnownValue("github_organization_ruleset.test", tfjsonpath.New("enforcement"), knownvalue.StringExact("active")), + statecheck.ExpectKnownValue("github_organization_ruleset.test", tfjsonpath.New("bypass_actors").AtSliceIndex(0).AtMapKey("actor_type"), knownvalue.StringExact("EnterpriseOwner")), + statecheck.ExpectKnownValue("github_organization_ruleset.test", tfjsonpath.New("bypass_actors").AtSliceIndex(0).AtMapKey("bypass_mode"), knownvalue.StringExact("always")), + }, }, }, })