Feat: Fixes abandoned PR #2017: Add support for the require_last_push…

…_approval flag in github_branch_protection_v3 (#2199) * Add the require_last_push_approval flag as an option for the required_pull_request_reviews of github_branch_protection_v3 * Update github/resource_github_branch_protection_v3.go * Update website/docs/r/branch_protection_v3.html.markdown * Use local var to capture RequireLastPushApproval value, and pass it to the containing struct as a reference * Add missing property read --------- Co-authored-by: Matthew Costa <matthew.costa@tide.co> Co-authored-by: Keegan Campbell <me@kfcampbell.com> Co-authored-by: Matthew Costa <127119678+matthewcostatide@users.noreply.github.com>
integrations · Mar 18, 2024 · 84e8d55 · 84e8d55
1 parent b1243e4
commit 84e8d55
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 0 deletions.
diff --git a/github/resource_github_branch_protection_v3.go b/github/resource_github_branch_protection_v3.go
@@ -128,6 +128,12 @@ func resourceGithubBranchProtectionV3() *schema.Resource {
 							Description:      "Require 'x' number of approvals to satisfy branch protection requirements. If this is specified it must be a number between 0-6.",
 							ValidateDiagFunc: toDiagFunc(validation.IntBetween(0, 6), "required_approving_review_count"),
 						},
+						"require_last_push_approval": {
+							Type:        schema.TypeBool,
+							Optional:    true,
+							Default:     false,
+							Description: "Require that the most recent push must be approved by someone other than the last pusher.",
+						},
 						"bypass_pull_request_allowances": {
 							Type:     schema.TypeList,
 							Optional: true,

diff --git a/github/resource_github_branch_protection_v3_test.go b/github/resource_github_branch_protection_v3_test.go
@@ -320,6 +320,7 @@ func TestAccGithubBranchProtectionV3_required_pull_request_reviews(t *testing.T)
 				  dismiss_stale_reviews      = true
 				  require_code_owner_reviews = true
 				  required_approving_review_count = 1
+				  require_last_push_approval = true
 				  dismissal_users = ["a"]
 				  dismissal_teams = ["b"]
 				  dismissal_apps = ["c"]
@@ -347,6 +348,9 @@ func TestAccGithubBranchProtectionV3_required_pull_request_reviews(t *testing.T)
 			resource.TestCheckResourceAttr(
 				"github_branch_protection_v3.test", "required_pull_request_reviews.0.required_approving_review_count", "1",
 			),
+			resource.TestCheckResourceAttr(
+				"github_branch_protection_v3.test", "required_pull_request_reviews.0.require_last_push_approval", "true",
+			),
 			resource.TestCheckResourceAttr(
 				"github_branch_protection_v3.test", "required_pull_request_reviews.0.dismissal_users.#", "1",
 			),

diff --git a/github/resource_github_branch_protection_v3_utils.go b/github/resource_github_branch_protection_v3_utils.go
@@ -195,6 +195,7 @@ func flattenAndSetRequiredPullRequestReviews(d *schema.ResourceData, protection
 				"dismissal_teams":                 schema.NewSet(schema.HashString, teams),
 				"dismissal_apps":                  schema.NewSet(schema.HashString, apps),
 				"require_code_owner_reviews":      rprr.RequireCodeOwnerReviews,
+				"require_last_push_approval":      rprr.RequireLastPushApproval,
 				"required_approving_review_count": rprr.RequiredApprovingReviewCount,
 				"bypass_pull_request_allowances":  bpra,
 			},
@@ -351,6 +352,8 @@ func expandRequiredPullRequestReviews(d *schema.ResourceData) (*github.PullReque
 			rprr.DismissStaleReviews = m["dismiss_stale_reviews"].(bool)
 			rprr.RequireCodeOwnerReviews = m["require_code_owner_reviews"].(bool)
 			rprr.RequiredApprovingReviewCount = m["required_approving_review_count"].(int)
+			requireLastPushApproval := m["require_last_push_approval"].(bool)
+			rprr.RequireLastPushApproval = &requireLastPushApproval
 			rprr.BypassPullRequestAllowancesRequest = bpra
 		}
 

diff --git a/website/docs/r/branch_protection_v3.html.markdown b/website/docs/r/branch_protection_v3.html.markdown
@@ -118,6 +118,7 @@ For workflows that use reusable workflows, the pattern is `<initial_workflow.job
 * `require_code_owner_reviews`: (Optional) Require an approved review in pull requests including files with a designated code owner. Defaults to `false`.
 * `required_approving_review_count`: (Optional) Require x number of approvals to satisfy branch protection requirements. If this is specified it must be a number between 0-6. This requirement matches GitHub's API, see the upstream [documentation](https://developer.github.com/v3/repos/branches/#parameters-1) for more information.
 * `bypass_pull_request_allowances`: (Optional) Allow specific users, teams, or apps to bypass pull request requirements. See [Bypass Pull Request Allowances](#bypass-pull-request-allowances) below for details.
+* `require_last_push_approval`: (Optional) Require that the most recent push must be approved by someone other than the last pusher.  Defaults to `false`
 
 ### Restrictions