Skip to content

[BUG]: There appears to be a race condition in the github api when creating new repos #2604

New issue
New issue
Open
#3060
Open
[BUG]: There appears to be a race condition in the github api when creating new repos#2604
#3060
Labels
Status: TriageThis is being looked at and prioritizedType: BugSomething isn't working as documented
@randy-coburn-zeam

Description

@randy-coburn-zeam
randy-coburn-zeam
opened on Mar 25, 2025

Expected Behavior

When creating a new repo by making use of a github action runner from github hosted runners repos can be created and configured as required.

Actual Behavior

When running the same code on a computer that is not close to the github api all functionality works as expected. Run the same code with the same credentials within an actions runner and configurations appear to fail.

I think this is because the repo is not yet available even though the API has responded to say that it is. If you are just a few ms slower in the requests, it will work.

I suspect a simple "sleep 2" after the repo create api call returns would be enough to fix the problem. Or check after the create has happened to confirm that the repo is actually visible now.

Terraform Version

Terraform: 1.10.3
registry.terraform.io/integrations/github = 6.6.0"

Affected Resource(s)

  • github_repository
  • github_repository_environment

Terraform Configuration Files

variable "name" {
  description = "Repo name"
  type = string
}

variable "description" {
  description = "Repo description"
  type = string
}

variable "visibility" {
  description = "Repo visibility"
  type = string
  default = "internal"
}

variable "environment_protections" {
  description = "Environment protection rules. Map key is the environment name."
  type = map(object({
    prevent_self_review = optional(bool, true)
    can_admins_bypass = optional(bool, true)
    reviewers = object({
      teams = optional(list(string), [])
      users = optional(list(string), [])
    })
  }))
  default = {}
}

resource github_repository "current" {
  name        = var.name
  description = var.description
  visibility  = var.visibility
  auto_init   = true
  archive_on_destroy = true
  
  # This one appears to cause a 422 error
  vulnerability_alerts = true
}

# This also causes a 422
resource github_repository_environment "current" {
  for_each = var.environment_protections
  environment = each.key
  repository  = github_repository.current.name

  prevent_self_review = each.value.prevent_self_review
  can_admins_bypass   = each.value.can_admins_bypass
  reviewers {
    teams = each.value.reviewers.teams
    users = each.value.reviewers.users
  }
}

Steps to Reproduce

You need to run this code from within a github actions runner so you get really low latency on the API.
You'll need to create your variables values as required in the code.

Debug Output

# This is the response from the console logs.

│ Error: PUT https://api.github.com/repos/XXX/devops-junk-3/vulnerability-alerts: 422 Failed to change dependabot alerts status. []
│ 
│   with module.zeam_generic_repos["devops-junk-3"].github_repository.current,
│   on ../modules/github/repo/main.tf line 47, in resource "github_repository" "current":
│   47: resource github_repository "current" {

Panic Output

na

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    Status: TriageThis is being looked at and prioritizedType: BugSomething isn't working as documented

    Type

    No type

    Projects

    🧰 Octokit Active

    Status

    🔥 Backlog
    Terraform Provider

    Status

    In Progress

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions