From 7aceac1a8e194e474d4dc58d9b99086a55232dab Mon Sep 17 00:00:00 2001 From: JamBalaya56562 Date: Sat, 16 May 2026 23:46:47 +0900 Subject: [PATCH] feat: Expose deploy_keys_enabled_for_repositories on github_organization_settings Add the new `deploy_keys_enabled_for_repositories` boolean to the `github_organization_settings` resource and the `github_organization` data source. This mirrors the existing `members_can_fork_private_repositories` pattern (schema, read, buildOrganizationSettings, debug log, tests, docs, example). The field maps to `Organization.DeployKeysEnabledForRepositories`, added in go-github v86 via google/go-github#4188, which the project picked up in #3413. --- docs/data-sources/organization.md | 1 + docs/resources/organization_settings.md | 2 ++ .../resources/organization_settings/example_1.tf | 1 + github/data_source_github_organization.go | 5 +++++ github/data_source_github_organization_test.go | 2 ++ github/resource_github_organization_settings.go | 15 +++++++++++++++ .../resource_github_organization_settings_test.go | 11 +++++++++++ templates/data-sources/organization.md.tmpl | 1 + templates/resources/organization_settings.md.tmpl | 1 + 9 files changed, 39 insertions(+) diff --git a/docs/data-sources/organization.md b/docs/data-sources/organization.md index def786ba5d..067f5b0101 100644 --- a/docs/data-sources/organization.md +++ b/docs/data-sources/organization.md @@ -49,6 +49,7 @@ data "github_organization" "example" { - `members_can_create_public_pages` - Whether organization members can create public pages sites. - `members_can_create_private_pages` - Whether organization members can create private pages sites. - `members_can_fork_private_repositories` - Whether organization members can create private repository forks. +- `deploy_keys_enabled_for_repositories` - Whether deploy keys may be added and used for repositories in the organization. - `web_commit_signoff_required` - Whether organization members must sign all commits. - `advanced_security_enabled_for_new_repositories` - Whether advanced security is enabled for new repositories. - `dependabot_alerts_enabled_for_new_repositories` - Whether Dependabot alerts is automatically enabled for new repositories. diff --git a/docs/resources/organization_settings.md b/docs/resources/organization_settings.md index 6275f737c9..fdd0fc9cbf 100644 --- a/docs/resources/organization_settings.md +++ b/docs/resources/organization_settings.md @@ -31,6 +31,7 @@ resource "github_organization_settings" "test" { members_can_create_public_pages = true members_can_create_private_pages = true members_can_fork_private_repositories = true + deploy_keys_enabled_for_repositories = true web_commit_signoff_required = true advanced_security_enabled_for_new_repositories = false dependabot_alerts_enabled_for_new_repositories = false @@ -64,6 +65,7 @@ The following arguments are supported: - `members_can_create_public_pages` - (Optional) Whether or not organization members can create new public pages. Defaults to `true`. - `members_can_create_private_pages` - (Optional) Whether or not organization members can create new private pages. Defaults to `true`. - `members_can_fork_private_repositories` - (Optional) Whether or not organization members can fork private repositories. Defaults to `false`. +- `deploy_keys_enabled_for_repositories` - (Optional) Whether deploy keys may be added and used for repositories in the organization. If unset, the current setting on the organization is preserved. - `web_commit_signoff_required` - (Optional) Whether or not commit signatures are required for commits to the organization. Defaults to `false`. - `advanced_security_enabled_for_new_repositories` - (Optional) Whether or not advanced security is enabled for new repositories. Defaults to `false`. - `dependabot_alerts_enabled_for_new_repositories` - (Optional) Whether or not dependabot alerts are enabled for new repositories. Defaults to `false`. diff --git a/examples/resources/organization_settings/example_1.tf b/examples/resources/organization_settings/example_1.tf index 1dab26f0ab..3d6681feff 100644 --- a/examples/resources/organization_settings/example_1.tf +++ b/examples/resources/organization_settings/example_1.tf @@ -18,6 +18,7 @@ resource "github_organization_settings" "test" { members_can_create_public_pages = true members_can_create_private_pages = true members_can_fork_private_repositories = true + deploy_keys_enabled_for_repositories = true web_commit_signoff_required = true advanced_security_enabled_for_new_repositories = false dependabot_alerts_enabled_for_new_repositories = false diff --git a/github/data_source_github_organization.go b/github/data_source_github_organization.go index b5222b0868..a8c36b2476 100644 --- a/github/data_source_github_organization.go +++ b/github/data_source_github_organization.go @@ -113,6 +113,10 @@ func dataSourceGithubOrganization() *schema.Resource { Type: schema.TypeBool, Computed: true, }, + "deploy_keys_enabled_for_repositories": { + Type: schema.TypeBool, + Computed: true, + }, "web_commit_signoff_required": { Type: schema.TypeBool, Computed: true, @@ -255,6 +259,7 @@ func dataSourceGithubOrganizationRead(ctx context.Context, d *schema.ResourceDat _ = d.Set("members_can_create_private_repositories", organization.GetMembersCanCreatePrivateRepos()) _ = d.Set("members_can_create_internal_repositories", organization.GetMembersCanCreateInternalRepos()) _ = d.Set("members_can_fork_private_repositories", organization.GetMembersCanForkPrivateRepos()) + _ = d.Set("deploy_keys_enabled_for_repositories", organization.GetDeployKeysEnabledForRepositories()) _ = d.Set("web_commit_signoff_required", organization.GetWebCommitSignoffRequired()) _ = d.Set("members_can_create_pages", organization.GetMembersCanCreatePages()) _ = d.Set("members_can_create_public_pages", organization.GetMembersCanCreatePublicPages()) diff --git a/github/data_source_github_organization_test.go b/github/data_source_github_organization_test.go index 5d8da74a42..4fb7db7592 100644 --- a/github/data_source_github_organization_test.go +++ b/github/data_source_github_organization_test.go @@ -31,6 +31,7 @@ func TestAccGithubOrganizationDataSource(t *testing.T) { resource.TestCheckResourceAttrSet("data.github_organization.test", "members_can_create_private_repositories"), resource.TestCheckResourceAttrSet("data.github_organization.test", "members_can_create_internal_repositories"), resource.TestCheckResourceAttrSet("data.github_organization.test", "members_can_fork_private_repositories"), + resource.TestCheckResourceAttrSet("data.github_organization.test", "deploy_keys_enabled_for_repositories"), resource.TestCheckResourceAttrSet("data.github_organization.test", "web_commit_signoff_required"), resource.TestCheckResourceAttrSet("data.github_organization.test", "members_can_create_pages"), resource.TestCheckResourceAttrSet("data.github_organization.test", "members_can_create_public_pages"), @@ -129,6 +130,7 @@ func TestAccGithubOrganizationDataSource(t *testing.T) { resource.TestCheckNoResourceAttr("data.github_organization.test", "members_can_create_private_repositories"), resource.TestCheckNoResourceAttr("data.github_organization.test", "members_can_create_internal_repositories"), resource.TestCheckNoResourceAttr("data.github_organization.test", "members_can_fork_private_repositories"), + resource.TestCheckNoResourceAttr("data.github_organization.test", "deploy_keys_enabled_for_repositories"), resource.TestCheckNoResourceAttr("data.github_organization.test", "web_commit_signoff_required"), resource.TestCheckNoResourceAttr("data.github_organization.test", "members_can_create_pages"), resource.TestCheckNoResourceAttr("data.github_organization.test", "members_can_create_public_pages"), diff --git a/github/resource_github_organization_settings.go b/github/resource_github_organization_settings.go index ac2a832de4..6f821bec3e 100644 --- a/github/resource_github_organization_settings.go +++ b/github/resource_github_organization_settings.go @@ -122,6 +122,12 @@ func resourceGithubOrganizationSettings() *schema.Resource { Default: false, Description: "Whether or not organization members can fork private repositories.", }, + "deploy_keys_enabled_for_repositories": { + Type: schema.TypeBool, + Optional: true, + Computed: true, + Description: "Whether deploy keys may be added and used for repositories in the organization.", + }, "web_commit_signoff_required": { Type: schema.TypeBool, Optional: true, @@ -269,6 +275,9 @@ func buildOrganizationSettings(d *schema.ResourceData, isEnterprise bool) *githu if shouldInclude("members_can_fork_private_repositories") { settings.MembersCanForkPrivateRepos = new(d.Get("members_can_fork_private_repositories").(bool)) } + if shouldInclude("deploy_keys_enabled_for_repositories") { + settings.DeployKeysEnabledForRepositories = new(d.Get("deploy_keys_enabled_for_repositories").(bool)) + } if shouldInclude("web_commit_signoff_required") { settings.WebCommitSignoffRequired = new(d.Get("web_commit_signoff_required").(bool)) } @@ -378,6 +387,9 @@ func resourceGithubOrganizationSettingsCreateOrUpdate(d *schema.ResourceData, me if settings.MembersCanForkPrivateRepos != nil { log.Printf("[DEBUG] MembersCanForkPrivateRepos: %v", *settings.MembersCanForkPrivateRepos) } + if settings.DeployKeysEnabledForRepositories != nil { + log.Printf("[DEBUG] DeployKeysEnabledForRepositories: %v", *settings.DeployKeysEnabledForRepositories) + } if settings.WebCommitSignoffRequired != nil { log.Printf("[DEBUG] WebCommitSignoffRequired: %v", *settings.WebCommitSignoffRequired) } @@ -489,6 +501,9 @@ func resourceGithubOrganizationSettingsRead(d *schema.ResourceData, meta any) er if err = d.Set("members_can_fork_private_repositories", orgSettings.GetMembersCanForkPrivateRepos()); err != nil { return err } + if err = d.Set("deploy_keys_enabled_for_repositories", orgSettings.GetDeployKeysEnabledForRepositories()); err != nil { + return err + } if err = d.Set("web_commit_signoff_required", orgSettings.GetWebCommitSignoffRequired()); err != nil { return err } diff --git a/github/resource_github_organization_settings_test.go b/github/resource_github_organization_settings_test.go index 742f779b3e..5213f43ea7 100644 --- a/github/resource_github_organization_settings_test.go +++ b/github/resource_github_organization_settings_test.go @@ -32,6 +32,7 @@ func TestAccGithubOrganizationSettings(t *testing.T) { members_can_create_public_pages = true members_can_create_private_pages = true members_can_fork_private_repositories = true + deploy_keys_enabled_for_repositories = true web_commit_signoff_required = true advanced_security_enabled_for_new_repositories = false dependabot_alerts_enabled_for_new_repositories= false @@ -152,6 +153,7 @@ func TestAccGithubOrganizationSettings(t *testing.T) { members_can_create_private_repositories = false members_can_create_internal_repositories = false members_can_fork_private_repositories = false + deploy_keys_enabled_for_repositories = false web_commit_signoff_required = false advanced_security_enabled_for_new_repositories = false dependabot_alerts_enabled_for_new_repositories = false @@ -178,6 +180,10 @@ func TestAccGithubOrganizationSettings(t *testing.T) { "github_organization_settings.test", "members_can_fork_private_repositories", "false", ), + resource.TestCheckResourceAttr( + "github_organization_settings.test", + "deploy_keys_enabled_for_repositories", "false", + ), resource.TestCheckResourceAttr( "github_organization_settings.test", "web_commit_signoff_required", "false", @@ -227,6 +233,7 @@ func TestAccGithubOrganizationSettings(t *testing.T) { members_can_create_private_repositories = false members_can_create_internal_repositories = true members_can_fork_private_repositories = false + deploy_keys_enabled_for_repositories = true web_commit_signoff_required = true advanced_security_enabled_for_new_repositories = false dependabot_alerts_enabled_for_new_repositories = true @@ -253,6 +260,10 @@ func TestAccGithubOrganizationSettings(t *testing.T) { "github_organization_settings.test", "members_can_fork_private_repositories", "false", ), + resource.TestCheckResourceAttr( + "github_organization_settings.test", + "deploy_keys_enabled_for_repositories", "true", + ), resource.TestCheckResourceAttr( "github_organization_settings.test", "web_commit_signoff_required", "true", diff --git a/templates/data-sources/organization.md.tmpl b/templates/data-sources/organization.md.tmpl index bc36284217..b901c274c0 100644 --- a/templates/data-sources/organization.md.tmpl +++ b/templates/data-sources/organization.md.tmpl @@ -45,6 +45,7 @@ Use this data source to retrieve basic information about a GitHub Organization. - `members_can_create_public_pages` - Whether organization members can create public pages sites. - `members_can_create_private_pages` - Whether organization members can create private pages sites. - `members_can_fork_private_repositories` - Whether organization members can create private repository forks. +- `deploy_keys_enabled_for_repositories` - Whether deploy keys may be added and used for repositories in the organization. - `web_commit_signoff_required` - Whether organization members must sign all commits. - `advanced_security_enabled_for_new_repositories` - Whether advanced security is enabled for new repositories. - `dependabot_alerts_enabled_for_new_repositories` - Whether Dependabot alerts is automatically enabled for new repositories. diff --git a/templates/resources/organization_settings.md.tmpl b/templates/resources/organization_settings.md.tmpl index bdd5318c1a..2d38553217 100644 --- a/templates/resources/organization_settings.md.tmpl +++ b/templates/resources/organization_settings.md.tmpl @@ -35,6 +35,7 @@ The following arguments are supported: - `members_can_create_public_pages` - (Optional) Whether or not organization members can create new public pages. Defaults to `true`. - `members_can_create_private_pages` - (Optional) Whether or not organization members can create new private pages. Defaults to `true`. - `members_can_fork_private_repositories` - (Optional) Whether or not organization members can fork private repositories. Defaults to `false`. +- `deploy_keys_enabled_for_repositories` - (Optional) Whether deploy keys may be added and used for repositories in the organization. If unset, the current setting on the organization is preserved. - `web_commit_signoff_required` - (Optional) Whether or not commit signatures are required for commits to the organization. Defaults to `false`. - `advanced_security_enabled_for_new_repositories` - (Optional) Whether or not advanced security is enabled for new repositories. Defaults to `false`. - `dependabot_alerts_enabled_for_new_repositories` - (Optional) Whether or not dependabot alerts are enabled for new repositories. Defaults to `false`.