feat: add github_organization_private_registry resource and data source#3424
Open
Gaardsholt wants to merge 8 commits into
Open
feat: add github_organization_private_registry resource and data source#3424Gaardsholt wants to merge 8 commits into
Gaardsholt wants to merge 8 commits into
Conversation
This introduces the `github_organization_private_registry` resource and data source, allowing users to configure and manage centralized private registries at the organization level for Dependabot. Includes full CRUD acceptance tests, examples, and documentation. Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
|
👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with |
Contributor
Author
|
A small note, I didn't add {
"message": "Failed to create private registry configuration",
"errors": [
"registry_type must be one of: maven_repository, nuget_feed, goproxy_server, npm_registry, rubygems_server, cargo_registry, composer_repository, docker_registry, git_source, helm_registry, pub_repository, python_index, terraform_registry"
],
"documentation_url": "https://docs.github.com/rest/private-registries/organization-configurations#create-a-private-registry-for-an-organization",
"status": "422"
} |
Contributor
Author
|
Did I miss anything or what can we do to get this merged? :) |
…b into private-registries Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Collaborator
|
@Gaardsholt Sorry, we are currently short on capacity and thus are focus mainly on improving the foundations to reduce maintenance workload |
deiga
requested changes
May 26, 2026
Collaborator
deiga
left a comment
deiga
left a comment
There was a problem hiding this comment.
Not a full review, just noticed the most likely unnecessary docs templates
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Signed-off-by: Lasse Gaardsholt <lasse.gaardsholt@bestseller.com>
Contributor
There was a problem hiding this comment.
Pull request overview
These provider review instructions are being used.
This PR introduces a new github_organization_private_registry resource and data source to manage centralized private registry configurations for Dependabot at the organization level. It resolves issues #2720 and #3339, enabling users to configure registry credentials (including OIDC auth) and visibility settings via Terraform.
Changes:
- New resource (
github_organization_private_registry) with full CRUD support, including secret encryption, multiple auth types (token, username_password, OIDC), and visibility control. - New data source (
github_organization_private_registry) to read existing registry configurations. - Documentation, examples, and acceptance tests for both the resource and data source.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| github/resource_github_organization_private_registry.go | New resource implementation with CRUD operations, schema, and secret encryption |
| github/data_source_github_organization_private_registry.go | New data source implementation for reading registry info |
| github/resource_github_organization_private_registry_test.go | Acceptance test for the resource (basic create + data source read) |
| github/data_source_github_organization_private_registry_test.go | Acceptance test for the data source |
| github/provider.go | Registers the new resource and data source |
| examples/resources/github_organization_private_registry/resource.tf | Example snippet for tfplugindocs |
| examples/data-sources/github_organization_private_registry/data-source.tf | Example snippet for tfplugindocs |
| docs/resources/organization_private_registry.md | Resource documentation |
| docs/data-sources/organization_private_registry.md | Data source documentation |
Comment on lines
+52
to
+65
| "secret": { | ||
| Type: schema.TypeString, | ||
| Optional: true, | ||
| Sensitive: true, | ||
| ExactlyOneOf: []string{"secret", "encrypted_value"}, | ||
| Description: "The plaintext secret to be encrypted and sent to GitHub. This is used for a token when auth_type is token, and for a password when auth_type is username_password. Required when auth_type is token or username_password.", | ||
| }, | ||
| "encrypted_value": { | ||
| Type: schema.TypeString, | ||
| Optional: true, | ||
| Sensitive: true, | ||
| ExactlyOneOf: []string{"secret", "encrypted_value"}, | ||
| Description: "The encrypted value of the secret using the GitHub public key in Base64 format.", | ||
| }, |
|
|
||
| The following arguments are supported: | ||
|
|
||
| - `name` - (Required) The name of the private registry. |
Comment on lines
+51
to
+55
| ## Attributes Reference | ||
|
|
||
| - `id` - The ID of the private registry. | ||
| - `created_at` - Timestamp of when the private registry was created. | ||
| - `updated_at` - Timestamp of when the private registry was last updated. |
Comment on lines
+38
to
+44
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: config, | ||
| Check: check, | ||
| }, | ||
| }, | ||
| }) |
Comment on lines
+443
to
+448
| _, err := client.PrivateRegistries.DeleteOrganizationPrivateRegistry(ctx, org, d.Id()) | ||
| if err != nil { | ||
| return diag.FromErr(err) | ||
| } | ||
|
|
||
| return nil |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This introduces the
github_organization_private_registryresource and data source, allowing users to configure and manage centralized private registries at the organization level for Dependabot. Includes full CRUD acceptance tests, examples, and documentation.Resolves #2720
Resolves #3339
Before the change?
After the change?
Pull request checklist
Does this introduce a breaking change?
Please see our docs on breaking changes to help!
I have run the acceptance tests myself with the following command, which ran successfully:
I have also tested it by building the provider and using it with the following terraform:
Note
Full disclosure: This has been developed with the help of AI.