Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for managing organization ip allow list entries (Fixes #1067) #1315

Closed
wants to merge 12 commits into from
Closed

Add support for managing organization ip allow list entries (Fixes #1067) #1315

wants to merge 12 commits into from

Conversation

douglascayers
Copy link
Contributor

@douglascayers douglascayers commented Oct 3, 2022
edited
Loading

Changes

  • Fixes [feature] Manage Organization IP Allow Lists #1067
  • github/config.go
    • Add nodeId which is required with graphql (v4) api calls
    • The id database id is primarily for rest (v3) api calls
  • github/provider.go and github/resource_github_organization_ip_allow_list.go
    • Add github_organization_ip_allow_list_entry resource to read/create/update/delete ip allow list entries
  • github/util_v4.go and github/util.go
    • Moved non-v4 util function to util.go
    • Added v4 util function to check if error means query did not find a record by its node id
  • github/util_v4_organization_ip_allow_list.go
    • common types and functions for working with org ip allow list entries used by both data sources and resources
  • github/data_source_github_organization_ip_allow_list.go
    • refactored to use the common functions in new util file

Tests

TODO

How to Test

TODO

Test Output 
TODO

Usage

Example configuration:

locals {
  # List of GitHub's IP addresses for webhooks from the meta API endpoint.
  # https://api.github.com/meta
  github_hooks_cidr = toset([
    "192.30.252.0/22",
    "185.199.108.0/22",
    "140.82.112.0/20",
    "143.55.64.0/20",
    "2a0a:a440::/29",
    "2606:50c0::/32"
  ])
}

# Example 1: Create several entries from a list.
resource "github_organization_ip_allow_list_entry" "hooks" {
  for_each = local.github_hooks_cidr

  name      = "GitHub Webhooks"
  is_active = true

  allow_list_value = each.value
}

# Example 2: Manage a single entry.
resource "github_organization_ip_allow_list_entry" "web_server" {
  name      = "GitHub Web Server"
  is_active = true

  allow_list_value = "192.30.252.0/22"
}

image

douglascayers
douglascayers commented Oct 3, 2022
View reviewed changes
github/util.go
@@ -91,6 +91,17 @@ func buildChecksumID(v []string) string {
return fmt.Sprintf("%x", bs)
}

func expandNestedSet(m map[string]interface{}, target string) []string {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Moved from github/util_v4.go because this isn't v4 api specific (as far as I can tell) and looked similar to the expandStringList func that was here, too.

douglascayers
douglascayers commented Oct 3, 2022
View reviewed changes
github/util_v4.go
@@ -10,17 +11,6 @@ type PageInfo struct {
HasNextPage bool
}

func expandNestedSet(m map[string]interface{}, target string) []string {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Moved, see https://github.com/integrations/terraform-provider-github/pull/1315/files#r985417926

douglascayers
douglascayers commented Oct 3, 2022
View reviewed changes
github/util_v4.go
Comment on lines +48 to +50
func githubv4IsNodeNotFoundError(err error) bool {
return err != nil && strings.HasPrefix(err.Error(), "Could not resolve to a node with the global id")
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

douglascayers
douglascayers commented Oct 3, 2022
View reviewed changes
github/util_v4_organization_ip_allow_list.go
* Returns all IP allow list entries for an organization.
* This util function is used by both data_source and resource elements.
*/
func getOrganizationIpAllowListEntries(meta interface{}) ([]IpAllowListEntry, error) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic was moved fromdata_source_github_organization_ip_allow_list.go because I wanted to make use of this data in the resource.

My first attempt was having the resource call the datasource function but I felt that was too tightly coupled and a bit hacky.

@asaf400
Copy link

asaf400 commented Feb 8, 2023

Thanks @douglascayers
For working on the implementation of this Feature Request

@douglascayers douglascayers closed this by deleting the head repository May 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[feature] Manage Organization IP Allow Lists
2 participants
@douglascayers @asaf400