Github Branch Protection seems to cycle through two states at every push

[SamHummerstoneCC]

Terraform Version

$ terraform -v
Terraform v0.10.7

Affected Resource(s)

• github_branch_protection

Terraform Configuration Files

resource "github_branch_protection" "repo_name_master" {
  repository = "${github_repository.repo_name.name}"
  branch = "master"

  required_pull_request_reviews {
    dismiss_stale_reviews = true
    dismissal_teams = ["${github_team.team_name1.name}"]
    dismissal_users = []
  }

  restrictions {
    teams = ["${github_team.team_name1.name}", "${github_team.team_name2.name}"]
    users = ["${github_membership.membership_user.username}"]
  }
}

repo_name, team_name and user have been redacted for privacy reasons, but are valid and existing resources inside of our terraform stack.

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

Expected Behavior

No changes. Infrastructure is up-to-date.

Actual Behavior

Cycles between the following actions:

Terraform will perform the following actions:

  ~ github_branch_protection.repo_name_master
      restrictions.0.users.#:          "0" => "1"
      restrictions.0.users.3330811490: "" => "membership_user"

Terraform will perform the following actions:

  ~ github_branch_protection.repo_name_master
      restrictions.0.teams.#:          "0" => "2"
      restrictions.0.teams.3998454083: "" => "team_name1"
      restrictions.0.teams.754948132:  "" => "team_name2"
      restrictions.0.users.#:          "0" => "1"
      restrictions.0.users.3330811490: "" => "membership_user"

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform plan
2. terraform apply
3. terraform plan

Important Factoids

This has happened before and it was fixed by manually un-managing, re-importing the branch_protection, and changing the team names to be all lower-case (As I thought it was causing slug-name != team-name conflicts).

[majormoses]

I saw something similar when I had mistakenly given it a team_id rather than a team_name I would guess that it does not do a good job validating the request on submission and github returns that is submitted the job but then it fails for reasons that may not be exposed to the terraform (http) client. It also could very easily be bad validation/verification on terraform's end as well I have not delved in deep enough to determine this.

[SamHummerstoneCC]

After seeing this repeatedly, the issue steam from the fact that the team name is passed for branch protection, but the team slug-name is what is being returned by git, so it sees it as inconsistent and tries to update it. I am guessing that this is a bug?

[radeksimko]

Reproduced using this full config, thanks for the report.

I'm going to investigate further and see if/how we can fix this.

[radeksimko]

PR pending review in https://github.com/terraform-providers/terraform-provider-github/pull/136

Thanks for the patience.