Missing parameter to prevent overrides of default branch protection
Created by: Jac2NL
GitLab Provider version
3.18.0
GitLab version
GitLab EE 15.5
Terraform version
Terraform v1.2.8 on linux_amd64
Relevant Terraform Configuration
# I would expect something like this to work on GitLab Premium or higher:
#
# Prevent overrides of default branch protection
resource "gitlab_application_settings" "this" {
group_owners_can_manage_default_branch_protection = false
}
Relevant log output
n/a
Description
Instance-level protections for default branches can be overridden on a per-group basis by the group’s owner. In GitLab Premium or higher, self-hosting GitLab administrators can disable this privilege for group owners, enforcing the instance-level protection rule. This is documented here.
The GitLab API has support for this parameter. The following works fine:
curl -sS --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/application/settings?group_owners_can_manage_default_branch_protection=false"
The GitLab API documentation previously did not mention "group_owners_can_manage_default_branch_protection" but this has been resolved.
The parameter is also available in the go-gitlab library: https://github.com/xanzy/go-gitlab/blob/4ec1dc623eec23f9b09ab295e7a7c6f662ba2860/settings.go#L178
But the parameter is missing in the Terraform provider: https://github.com/gitlabhq/terraform-provider-gitlab/blob/main/docs/resources/application_settings.md