-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #757 from github/jusuchin85/2024-11-19_graphql_ip-…
…allow-lists Add GraphQL Queries for Managing the IP Allow List (and Other Small Usability Fixes)
- Loading branch information
Showing
32 changed files
with
223 additions
and
18 deletions.
There are no files selected for viewing
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
# Grab current IP allow list settings for an enterprise. | ||
# This includes: | ||
# - The IP allow list entries | ||
# - The IP allow list enabled setting | ||
# - The IP allow list for GitHub Apps enabled setting | ||
|
||
query GetEnterpriseIPAllowList { | ||
enterprise(slug: "ENTERPRISE_SLUG") { | ||
owner_id: id | ||
enterprise_slug: slug | ||
enterprise_owner_info: ownerInfo { | ||
is_ip_allow_list_enabled: ipAllowListEnabledSetting | ||
is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting | ||
ipAllowListEntries(first: 100) { | ||
nodes { | ||
ip_allow_list_entry_id: id | ||
ip_allow_list_entry_name: name | ||
ip_allow_list_entry_value: allowListValue | ||
ip_allow_list_entry_created: createdAt | ||
is_ip_allow_list_entry_active: isActive | ||
} | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# This query is used to add an IP address to the IP allow list. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation AddIPAddressToIPAllowList { | ||
createIpAllowListEntry( | ||
input: { | ||
ownerId: "OWNER_ID" | ||
name: "DESCRIPTION_OF_IP_ADDRESS" | ||
allowListValue: "IP_ADDRESS" | ||
isActive: true | ||
} | ||
) { | ||
ipAllowListEntry { | ||
ip_allow_list_entry_id: id | ||
ip_allow_list_entry_name: name | ||
ip_allow_list_entry_ip_address: allowListValue | ||
ip_allow_list_entry_created: createdAt | ||
ip_allow_list_entry_updated: updatedAt | ||
is_ip_allow_list_entry_active: isActive | ||
} | ||
} | ||
} |
17 changes: 17 additions & 0 deletions
17
graphql/queries/ip-allow-list-disable-github-apps-only.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# This query is used to disable the IP allow list feature. This will apply to GitHub Apps only. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation DisableIPAllowListForGitHubAppsOnly { | ||
updateIpAllowListForInstalledAppsEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: DISABLED } | ||
) { | ||
clientMutationId | ||
} | ||
} |
17 changes: 17 additions & 0 deletions
17
graphql/queries/ip-allow-list-disable-ip-address-only.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# This query is used to disable the IP allow list feature. This will apply to IP addresses only. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation DisableAllowListForIpsOnly { | ||
updateIpAllowListEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: DISABLED } | ||
) { | ||
clientMutationId | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
# This query is used to disable the IP allow list feature. This will apply to both IP addresses and GitHub Apps. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation DisableIPAllowList { | ||
updateIpAllowListEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: DISABLED } | ||
) { | ||
clientMutationId | ||
} | ||
updateIpAllowListForInstalledAppsEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: DISABLED } | ||
) { | ||
clientMutationId | ||
} | ||
} |
17 changes: 17 additions & 0 deletions
17
graphql/queries/ip-allow-list-enable-github-apps-only.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# This query is used to enable the IP allow list feature. This will apply to GitHub Apps only. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation EnableIPAllowListForGitHubAppsOnly { | ||
updateIpAllowListForInstalledAppsEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: ENABLED } | ||
) { | ||
clientMutationId | ||
} | ||
} |
17 changes: 17 additions & 0 deletions
17
graphql/queries/ip-allow-list-enable-ip-address-only.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# This query is used to enable the IP allow list feature. This will apply to IP addresses only. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation EnableAllowListForIpsOnly { | ||
updateIpAllowListEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: ENABLED } | ||
) { | ||
clientMutationId | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
# This query is used to enable the IP allow list feature. This will apply to both IP addresses and GitHub Apps. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `OWNER_ID` is the ID of the organization or enterprise account. You can | ||
# get the ID of an organization or enterprise account by executing either of | ||
# the following queries and referring to the value from `owner_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation EnableIPAllowList { | ||
updateIpAllowListEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: ENABLED } | ||
) { | ||
clientMutationId | ||
} | ||
updateIpAllowListForInstalledAppsEnabledSetting( | ||
input: { ownerId: "OWNER_ID", settingValue: ENABLED } | ||
) { | ||
clientMutationId | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# This query is used to remove an IP allow list entry from the IP allow list. | ||
# This can be used on both organizations and enterprise accounts. | ||
# | ||
# The `IP_ENTRY_ID` is the ID of the IP allow list entry. You can | ||
# get the ID for this by executing either of the following queries | ||
# and referring to the value from `ip_allow_list_entry_id` field: | ||
# | ||
# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql | ||
# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql | ||
|
||
mutation DeleteIPAddressFromIPAllowList { | ||
deleteIpAllowListEntry(input: { ipAllowListEntryId: "IP_ENTRY_ID" }) { | ||
clientMutationId | ||
} | ||
} |
2 changes: 1 addition & 1 deletion
2
...ies/11-mutation-issue-comment-add.graphql → graphql/queries/issue-add-comment.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
6 changes: 3 additions & 3 deletions
6
...ranches-and-commits-by-repository.graphql → ...ranches-and-commits-by-repository.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# Grab current IP allow list settings for an organization. | ||
# This includes: | ||
# - The IP allow list entries | ||
# - The IP allow list enabled setting | ||
# - The IP allow list for GitHub Apps enabled setting | ||
|
||
query GetOrganizationIPAllowList { | ||
organization(login: "ORG_NAME") { | ||
owner_id: id | ||
organization_slug: login | ||
is_ip_allow_list_enabled: ipAllowListEnabledSetting | ||
is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting | ||
ipAllowListEntries(first: 100) { | ||
totalCount | ||
nodes { | ||
ip_allow_list_entry_id: id | ||
ip_allow_list_entry_name: name | ||
ip_allow_list_entry_ip_address: allowListValue | ||
ip_allow_list_entry_created: createdAt | ||
is_ip_allow_list_entry_active: isActive | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
4 changes: 2 additions & 2 deletions
4
...ries/pr-merged-info-by-repository.graphql → .../org-pr-merged-info-by-repository.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
2 changes: 1 addition & 1 deletion
2
.../9-org-repos-fragment-directive-2.graphql → ...es/org-repos-fragment-directive-2.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...es/8-org-repos-fragment-directive.graphql → ...ries/org-repos-fragment-directive.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 2 additions & 2 deletions
4
.../10-query-issue-comment-get-issue.graphql → ...ries/repos-get-last-issue-comment.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters