[go: up one dir, main page]

Add vulnerability_events parameter to Terraform webhook resources

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Proposal

Add vulnerability_events parameter support to the GitLab Terraform provider webhook resources (gitlab_project_hook and gitlab_group_hook) to enable Infrastructure as Code management of vulnerability webhooks.

Currently, the Terraform provider does not expose the vulnerability_events parameter for webhook configuration, despite this capability being available in the GitLab API since version 17.11. This prevents organizations from managing vulnerability webhooks through Terraform alongside their other infrastructure configurations.

Adding this parameter would:

  • Enable full IaC management of vulnerability webhooks
  • Eliminate configuration drift between Terraform-managed and manually-configured webhooks
  • Allow organizations to programmatically deploy vulnerability webhooks across hundreds of projects
  • Support event-driven security architecture migrations from API polling to webhooks

The implementation should follow the existing pattern used for other webhook event types (issues_events, merge_requests_events, pipeline_events, etc.) and expose the vulnerability_events boolean parameter in both project and group webhook resources.

Use Case

Organizations migrating from cron-based API polling to event-driven webhook architectures for security compliance need to manage all webhook configurations as code. Without Terraform support for vulnerability events, teams must:

  • Manually configure vulnerability webhooks through GitLab UI after Terraform deployments
  • Accept configuration drift between Terraform state and actual GitLab configuration
  • Maintain separate documentation for manual configuration steps outside their IaC workflow
  • Risk inconsistent webhook configurations across their project portfolio

This blocks full adoption of Infrastructure as Code practices for security automation workflows and forces hybrid manual/automated configuration approaches.

Edited by 🤖 GitLab Bot 🤖