Creating a `gitlab_group` resource with a `default_branch_protection_defaults` block fails with status code 500

Bug Report

Consider the following configuration which is used to create a new foo-group:

resource "gitlab_group" "test" {
  name      = "foo-group"
  path      = "foo-group"
  # Set to the group ID of a top-level group.
  parent_id = XXX
  default_branch_protection_defaults {
    allowed_to_merge           = ["maintainer"]
    allowed_to_push            = ["maintainer"]
    developer_can_initial_push = true
    allow_force_push           = false
  }
}

The group fails to be created using the commands:

tofu plan -out=tfplan
tofu apply tfplan

The error message is:

Error: POST https://gitlab.com/api/v4/groups: 500 {message: 500 Internal Server Error}

If the default_branch_protection_defaults block is removed then the group is created successfully. Once the resource is available it is possible to re-add the default_branch_protection_defaults block, and the group configuration will be updated correctly.

Relevant Terraform Configuration

resource "gitlab_group" "test" {
  name      = "foo-group"
  path      = "foo-group"
  # Set to the group ID of a top-level group.
  parent_id = XXX
  # group fails to be created when that block is present
  # works fine with that block if the group is already created
  default_branch_protection_defaults {
    allowed_to_merge           = ["maintainer"]
    allowed_to_push            = ["maintainer"]
    developer_can_initial_push = true
    allow_force_push           = false
  }
}

Relevant Terraform Command

tofu plan -out=tfplan
tofu apply tfplan

Relevant Log Output

These are the debug logs of the `terraform` command output:

{
  "@caller": "gitlab.com/gitlab-org/terraform-provider-gitlab/internal/provider/sdk/resource_gitlab_group.go:484",
  "@level": "debug",
  "@message": "[DEBUG] create gitlab group",
  "@module": "gitlab",
  "@timestamp": "2024-10-03T22:56:18.850203-04:00",
  "name": "foo-group",
  "tf_mux_provider": "tf5to6server.v5tov6Server",
  "tf_provider_addr": "registry.terraform.io/gitlabhq/gitlab",
  "tf_req_id": "d0802808-17a2-202c-5baf-c04a44db98c3",
  "tf_resource_type": "gitlab_group",
  "tf_rpc": "ApplyResourceChange",
  "timestamp": "2024-10-03T22:56:18.850-0400"
}
{
  "@caller": "github.com/hashicorp/terraform-plugin-sdk/v2@v2.34.0/helper/logging/logging_http_transport.go:160",
  "@level": "debug",
  "@message": "Sending HTTP Request",
  "@module": "gitlab.GitLab",
  "@timestamp": "2024-10-03T22:56:18.850711-04:00",
  "Accept": "application/json",
  "Accept-Encoding": "gzip",
  "Authorization": "xxxxx,
  "Content-Length": "239",
  "Content-Type": "application/json",
  "Host": "gitlab.com",
  "User-Agent": "Terraform/1.8.2 (+https://www.terraform.io) Terraform-Plugin-SDK/2.34.0 terraform-provider-gitlab/17.4.0",
  "new_logger_warning": "This log was generated by a subsystem logger that wasn't created before being used. Use tflog.NewSubsystem to create this logger before it is used.",
  "tf_http_op_type": "request",
  "tf_http_req_body": "{\"name\":\"foo-group\",\"path\":\"foo-group\",\"default_branch_protection_defaults\":{\"allowed_to_push\":[{\"access_level\":40}],\"allow_force_push\":false,\"allowed_to_merge\":[{\"access_level\":40}],\"developer_can_initial_push\":true},\"parent_id\":xxxxxx}",
  "tf_http_req_method": "POST",
  "tf_http_req_uri": "/api/v4/groups",
  "tf_http_req_version": "HTTP/1.1",
  "tf_http_trans_id": "8d316cd1-d04b-7e2f-878f-981e02b4adc0",
  "timestamp": "2024-10-03T22:56:18.850-0400"
}
{
  "@caller": "github.com/hashicorp/terraform-plugin-sdk/v2@v2.34.0/helper/logging/logging_http_transport.go:160",
  "@level": "debug",
  "@message": "Received HTTP Response",
  "@module": "gitlab.GitLab",
  "@timestamp": "2024-10-03T22:56:19.087126-04:00",
  "Cache-Control": "no-cache",
  "Cf-Cache-Status": "DYNAMIC",
  "Cf-Ray": "8cd1e5e5fc8f0f87-EWR",
  "Content-Length": "39",
  "Content-Security-Policy": "default-src 'none'",
  "Content-Type": "application/json",
  "Date": "Fri, 04 Oct 2024 02:56:19 GMT",
  "Gitlab-Lb": "haproxy-main-36-lb-gprd",
  "Gitlab-Sv": "api-gke-us-east1-b",
  "Nel": "{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}",
  "Referrer-Policy": "strict-origin-when-cross-origin",
  "Report-To": "...",
  "Server": "cloudflare",
  "Set-Cookie": "...",
  "Strict-Transport-Security": "max-age=31536000",
  "Vary": "Origin",
  "X-Content-Type-Options": "nosniff",
  "X-Gitlab-Meta": "...",
  "X-Request-Id": "0c92749cfa5a7d8a12eedb610c1b0367",
  "X-Runtime": "0.191859",
  "new_logger_warning": "This log was generated by a subsystem logger that wasn't created before being used. Use tflog.NewSubsystem to create this logger before it is used.",
  "tf_http_op_type": "response",
  "tf_http_res_body": "{\"message\":\"500 Internal Server Error\"}",
  "tf_http_res_status_code": 500,
  "tf_http_res_status_reason": "500 Internal Server Error",
  "tf_http_res_version": "HTTP/2.0",
  "tf_http_trans_id": "8d316cd1-d04b-7e2f-878f-981e02b4adc0",
  "timestamp": "2024-10-03T22:56:19.086-0400"
}

Additional Details

• GitLab Terraform Provider Version: registry.opentofu.org/gitlabhq/gitlab v17.4.0
• GitLab Version: SaaS (Premium)
• Terraform Version: OpenTofu v1.8.2 on darwin_arm64