Skip to content

fix: bypass actors not being deleted from repository rulesets#2780

Merged
nickfloyd merged 4 commits intointegrations:mainfrom
dblinkhorn:dblinkhorn/fix-bypass-actors-deletion
Oct 21, 2025
Merged

fix: bypass actors not being deleted from repository rulesets#2780
nickfloyd merged 4 commits intointegrations:mainfrom
dblinkhorn:dblinkhorn/fix-bypass-actors-deletion

Conversation

@dblinkhorn
Copy link
Copy Markdown
Contributor

@dblinkhorn dblinkhorn commented Oct 17, 2025

Closes #2179

Before the change?

Although Terraform showed bypass actors as being removed in the plan output, they persisted in GitHub. This occurred because the go-github client's UpdateRuleset() function uses the omitempty JSON tag on BypassActors, causing empty BypassActors to be omitted from API requests. GitHub interprets the missing field as "don't modify".

See comment in go-github's client code for more information.

After the change?

Changed resourceGithubRepositoryRulesetUpdate() to always use UpdateRulesetNoBypassActor() instead of UpdateRuleset(). UpdateRulesetNoBypassActor() always includes the bypass_actors field in the JSON payload, even when empty. When bypass actors are removed from Terraform config, they are now properly deleted from GitHub.

Pull request checklist

  • Tests for the changes have been added (for bug fixes / features)
    • Manually tested with live GitHub repo
    • Verified bypass actors are deleted when removing them from Terraform config
  • Docs have been reviewed and added / updated if needed (for bug fixes / features)
    • No documentation changes should be needed. This change just makes the resource work as intended.

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

  • Yes
  • No

@dblinkhorn
Fix bypass actors not being deleted from repository rulesets
fde811e 
When bypass_actors are removed from Terraform config, they persist
in GitHub despite Terraform showing them as removed. This occurred
because go-github's UpdateRuleset() uses the 'omitempty' JSON tag on
BypassActors, causing empty arrays to be omitted from the request.
GitHub interprets a missing field as 'don't modify'.

Changed to always use UpdateRulesetNoBypassActor() which includes the
bypass_actors field even when empty, allowing proper deletion.

Closes integrations#2179
@nickfloyd nickfloyd moved this from Backlog to On Deck in Terraform Provider Oct 20, 2025
@nickfloyd nickfloyd added the Type: Bug Something isn't working as documented label Oct 20, 2025
@nickfloyd nickfloyd moved this from On Deck to In Progress in Terraform Provider Oct 21, 2025
@nickfloyd nickfloyd moved this from In Progress to In Review in Terraform Provider Oct 21, 2025
@nickfloyd nickfloyd merged commit 1d3427e into integrations:main Oct 21, 2025
3 checks passed
@github-project-automation github-project-automation bot moved this from In Review to Done in Terraform Provider Oct 21, 2025
@github-project-automation github-project-automation bot moved this from 🆕 Triage to ✅ Done in 🧰 Octokit Active Oct 21, 2025
@shenbenson shenbenson mentioned this pull request Oct 24, 2025
Closed
1 task
@dblinkhorn dblinkhorn mentioned this pull request Oct 27, 2025
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nickfloyd nickfloyd nickfloyd approved these changes

Assignees

No one assigned

Labels

Type: Bug Something isn't working as documented

Projects

Terraform Provider
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG]: Resource github_repository_ruleset doesn't delete bypass_actors on GitHub

3 participants

@dblinkhorn @nickfloyd @octokitbot