fix: default vulnerability_alerts to null to skip GHE 3.x unsupported…

… endpoint GHE 3.13 does not support the vulnerability-alerts API endpoint - both PUT and DELETE return 404. When the variable defaults to false, the GitHub provider calls DELETE which raises a 404 error on apply. Changing the default to null (with nullable=true) causes the provider to leave the attribute unmanaged, skipping the API call entirely. The lifecycle ignore_changes entry (from prior commit) also prevents drift from causing issues on re-apply.
CSVD · Apr 7, 2026 · 7e088f3 · 7e088f3
1 parent d7d39cb
commit 7e088f3
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/variables.tf b/variables.tf
@@ -257,9 +257,10 @@ variable "archive_on_destroy" {
 }
 
 variable "vulnerability_alerts" {
-  description = "Enable Dependabot alerts"
+  description = "Enable Dependabot alerts. Defaults to null (unmanaged) to avoid calling the\nvulnerability-alerts API endpoint, which returns 404 on GitHub Enterprise Server 3.x."
   type        = bool
-  default     = false
+  nullable    = true
+  default     = null
 }
 
 variable "gitignore_template" {