Add support for EnterpriseOwner

github/resource_github_organization_ruleset.go

@@ -63,13 +63,13 @@ func resourceGithubOrganizationRuleset() *schema.Resource {
 							Type:        schema.TypeInt,
 							Optional:    true,
 							Default:     nil,
-							Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. Some resources such as DeployKey do not have an ID and this should be omitted.",
+							Description: "The ID of the actor that can bypass a ruleset. Some actor types such as OrganizationAdmin/EnterpriseOwner/DeployKey do not have an ID and this should be omitted.",
 						},
 						"actor_type": {
 							Type:             schema.TypeString,
 							Required:         true,
-							ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"Integration", "OrganizationAdmin", "RepositoryRole", "Team", "DeployKey"}, false)),
-							Description:      "The type of actor that can bypass a ruleset. Can be one of: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, or `DeployKey`.",
+							ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"Integration", "OrganizationAdmin", "RepositoryRole", "Team", "DeployKey", "EnterpriseOwner"}, false)),
+							Description:      "The type of actor that can bypass a ruleset. Can be one of: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, `DeployKey` or `EnterpriseOwner`.",
 						},
 						"bypass_mode": {
 							Type:             schema.TypeString,

github/resource_github_organization_ruleset_test.go

@@ -70,11 +70,15 @@ resource "github_organization_ruleset" "test" {
 	}
 
 	bypass_actors {
-		actor_id    = 1
 		actor_type  = "OrganizationAdmin"
 		bypass_mode = "always"
 	}
 
+	bypass_actors {
+		actor_type  = "EnterpriseOwner"
+		bypass_mode = "always"
+	}
+
 	conditions {
 		repository_name {
 			include = ["~ALL"]
@@ -159,15 +163,16 @@ resource "github_organization_ruleset" "test" {
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "name", rulesetName),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "target", "branch"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "enforcement", "active"),
-						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "3"),
+						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.#", "4"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.actor_type", "DeployKey"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.0.bypass_mode", "always"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_id", "5"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.actor_type", "RepositoryRole"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.1.bypass_mode", "always"),
-						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_id", "1"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.actor_type", "OrganizationAdmin"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.2.bypass_mode", "always"),
+						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.actor_type", "EnterpriseOwner"),
+						resource.TestCheckResourceAttr("github_organization_ruleset.test", "bypass_actors.3.bypass_mode", "always"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.pull_request.0.allowed_merge_methods.#", "3"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.do_not_enforce_on_create", "true"),
 						resource.TestCheckResourceAttr("github_organization_ruleset.test", "rules.0.required_workflows.0.required_workflow.0.path", workflowFilePath),
@@ -331,7 +336,6 @@ resource "github_organization_ruleset" "test" {
 	}
 
 	bypass_actors {
-		actor_id    = 1
 		actor_type  = "OrganizationAdmin"
 		bypass_mode = "always"
 	}
@@ -411,7 +415,6 @@ resource "github_organization_ruleset" "test" {
 	enforcement = "active"
 
 	bypass_actors {
-		actor_id    = 1
 		actor_type  = "OrganizationAdmin"
 		bypass_mode = "%s"
 	}

github/resource_github_repository_ruleset.go

@@ -68,12 +68,12 @@ func resourceGithubRepositoryRuleset() *schema.Resource {
 							Type:        schema.TypeInt,
 							Optional:    true,
 							Default:     nil,
-							Description: "The ID of the actor that can bypass a ruleset. When `actor_type` is `OrganizationAdmin`, this should be set to `1`. Some resources such as DeployKey do not have an ID and this should be omitted.",
+							Description: "The ID of the actor that can bypass a ruleset. Some actor types such as OrganizationAdmin/EnterpriseOwner/DeployKey do not have an ID and this should be omitted.",
 						},
 						"actor_type": {
 							Type:             schema.TypeString,
 							Required:         true,
-							ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey"}, false)),
+							ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{"RepositoryRole", "Team", "Integration", "OrganizationAdmin", "DeployKey", "EnterpriseOwner"}, false)),
 							Description:      "The type of actor that can bypass a ruleset. See https://docs.github.com/en/rest/repos/rules for more information.",
 						},
 						"bypass_mode": {

github/resource_github_repository_ruleset_test.go

@@ -173,6 +173,11 @@ resource "github_repository_ruleset" "test" {
 			}
 		}
 
+		bypass_actors {
+			actor_type  = "EnterpriseOwner"
+			bypass_mode = "always"
+		}
+
 		rules {
 			branch_name_pattern {
 				name     = "test"
@@ -193,6 +198,9 @@ resource "github_repository_ruleset" "test" {
 					Check: resource.ComposeTestCheckFunc(
 						resource.TestCheckResourceAttr("github_repository_ruleset.test", "name", "test"),
 						resource.TestCheckResourceAttr("github_repository_ruleset.test", "enforcement", "active"),
+						resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.#", "1"),
+						resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.actor_type", "EnterpriseOwner"),
+						resource.TestCheckResourceAttr("github_repository_ruleset.test", "bypass_actors.0.bypass_mode", "always"),
 					),
 				},
 			},

website/docs/r/organization_ruleset.html.markdown

@@ -308,15 +308,14 @@ The `rules` block supports the following:
 
 #### bypass_actors ####
 
-- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. Some actor types such as `DeployKey` do not have an ID.
+- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. Some actor types such as `OrganizationAdmin`, `EnterpriseOwner` and `DeployKey` do not have an ID - this argument should not be set in those cases as the GitHub API will ignore it.
 
-- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`.
+- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `EnterpriseOwner`.
 
 - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`.
 
 ~>Note: at the time of writing this, the following actor types correspond to the following actor IDs:
 
-- `OrganizationAdmin` -> `1`
 - `RepositoryRole` (This is the actor type, the following are the base repository roles and their associated IDs.)
     - `maintain` -> `2`
     - `write` -> `4`

website/docs/r/repository_ruleset.html.markdown

@@ -298,15 +298,14 @@ The `rules` block supports the following:
 
 #### bypass_actors ####
 
-- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `DeployKey` do not have an ID.
+- `actor_id` - (Optional) (Number) The ID of the actor that can bypass a ruleset. If `actor_type` is `Integration`, `actor_id` is a GitHub App ID. App ID can be obtained by following instructions from the [Get an App API docs](https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app). Some actor types such as `OrganizationAdmin`, `EnterpriseOwner` and `DeployKey` do not have an ID.
 
-- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`.
+- `actor_type` (String) The type of actor that can bypass a ruleset. Can be one of: `RepositoryRole`, `Team`, `Integration`, `OrganizationAdmin`, `DeployKey`, `EnterpriseOwner`.
 
 - `bypass_mode` - (Optional) (String) When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. Can be one of: `always`, `pull_request`, `exempt`.
 
 ~> Note: at the time of writing this, the following actor types correspond to the following actor IDs:
 
-- `OrganizationAdmin` -> `1`
 - `RepositoryRole` (This is the actor type, the following are the base repository roles and their associated IDs.)
     - `maintain` -> `2`
     - `write` -> `4`