fix: Prevent enterprise org taint on SAML enforcement error#3026
Merged
stevehipwell merged 2 commits intointegrations:mainfrom Jan 15, 2026
Merged
Conversation
|
👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with |
Contributor
Author
|
Tested manually in EMU environment:
|
nickfloyd
requested changes
Jan 8, 2026
nickfloyd
requested changes
Jan 8, 2026
Member
nickfloyd
left a comment
There was a problem hiding this comment.
Just a couple more - post merge.
Collaborator
|
@ericpardee could you please rebase this PR? |
8407e6a to
c831293
Compare
Collaborator
|
@nickfloyd could you please review this? |
nickfloyd
approved these changes
Jan 15, 2026
When creating an enterprise organization in an EMU environment, the REST API call to set description/display_name fails with a SAML enforcement error until the PAT is authorized for the new org. Previously this would taint the resource, causing Terraform to destroy and recreate the org on the next apply. This fix: - Catches SAML enforcement errors in Create and Update functions - Clears description/display_name from state on create, resets to previous values on update, so state reflects reality and next plan shows drift - Returns success instead of error to prevent tainting - Logs a warning instructing the user to authorize the PAT and re-apply Fixes: integrations#1914 # Conflicts: # github/resource_github_enterprise_organization.go
c831293 to
f481cf0
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #1914
Before the change?
When creating a
github_enterprise_organizationin an EMU environment, REST API calls fail with SAML enforcement errors until the PAT is authorized for the new org. This affects settingdescription/display_nameduring create (and any subsequent updates). The error caused Terraform to taint the resource, leading to destroy+recreate on the next apply.After the change?
SAML enforcement errors during create/update are now caught and handled gracefully:
description/display_namefrom state so it reflects realityNext plan will show drift and retry after PAT authorization.
Pull request checklist
Does this introduce a breaking change?