Dependabot Org Secrets creation returns 422 error

[lneves75]

Hi all. This surfaced when creating dependabot organisation secrets using the terraform provider.

Versions

Terraform v0.14.5
+ provider registry.terraform.io/hashicorp/aws v4.20.1
+ provider registry.terraform.io/hashicorp/github v4.26.1

Terraform github provider

• "github.com/google/go-github/v45/github"
• go version 1.16

Expected Behaviour

The API is consistent with the docs and returns a type mismatch

Actual Behaviour

Error: PUT https://api.github.com/orgs/myorg/dependabot/secrets/BAR: 422 Invalid request.

Debug Output

Output of request and error response call to the /orgs/{org}/dependabot/secrets/{secret_name} endpoint

Output of request and success response call to the /orgs/{org}/actions/secrets/{secret_name} endpoint (for comparison)

Other inputs / findings

There's an inconsistency between the behaviour of both the actions secrets and dependabot secrets endpoints, despite the fact that the docs mention the same type, an array of strings, for the selected_repository_ids attribute.

Maybe the actions secret endpoint converts the array of integers into an array of strings or there's no hard type validation in place.

Making a PUT API call to /orgs/myorg/dependabot/secrets/BAR with the body bellow, I'm able to successfully add a dependabot secret for a couple of repos in the org.

{
 "key_id": "<redacted>",
 "encrypted_value": "<redacted>",
 "visibility": "selected",
 "selected_repository_ids": [
  "123",
  "456"
 ]
}

[gmlewis]

Thank you for the bug report, @lneves75 , apologies for the problem.

Would you like to submit a PR for this issue or would you like someone else to work on it?

Never mind... I have a PR ready... I'll push momentarily.