From fbc89c1844b40242e01abc9b9efa36d68fa7889c Mon Sep 17 00:00:00 2001 From: Justin Alex Paramanandan <1155821+jusuchin85@users.noreply.github.com> Date: Tue, 19 Nov 2024 13:13:22 +1100 Subject: [PATCH 1/6] Add new GraphQL queries for IP allow lists Adding some GraphQL queries for managing the IP allow list feature in GitHub.com. These queries include: - a query for getting the IP allow list configuration for an enterprise. - a query for getting the IP allow list configuration for an organization. - a query for adding an IP address to an IP allow list. - a query for removing an IP address from an IP allow list. - a query for enabling an IP allow list. - a query for disabling an IP allow list. --- .../enterprise-get-ip-allow-list.graphql | 25 +++++++++++++++ graphql/queries/ip-allow-list-add-ip.graphql | 31 +++++++++++++++++++ graphql/queries/ip-allow-list-disable.graphql | 21 +++++++++++++ graphql/queries/ip-allow-list-enable.graphql | 21 +++++++++++++ .../ip-allow-list-remove-ip-entry.graphql | 17 ++++++++++ graphql/queries/org-get-ip-allow-list.graphql | 24 ++++++++++++++ 6 files changed, 139 insertions(+) create mode 100644 graphql/queries/enterprise-get-ip-allow-list.graphql create mode 100644 graphql/queries/ip-allow-list-add-ip.graphql create mode 100644 graphql/queries/ip-allow-list-disable.graphql create mode 100644 graphql/queries/ip-allow-list-enable.graphql create mode 100644 graphql/queries/ip-allow-list-remove-ip-entry.graphql create mode 100644 graphql/queries/org-get-ip-allow-list.graphql diff --git a/graphql/queries/enterprise-get-ip-allow-list.graphql b/graphql/queries/enterprise-get-ip-allow-list.graphql new file mode 100644 index 000000000..92d68fdba --- /dev/null +++ b/graphql/queries/enterprise-get-ip-allow-list.graphql @@ -0,0 +1,25 @@ +# Grab current IP allow list settings for an enterprise. +# This includes: +# - The IP allow list entries +# - The IP allow list enabled setting +# - The IP allow list for GitHub Apps enabled setting + +query GetEnterpriseIPAllowList { + enterprise(slug: "ENTERPRISE_SLUG") { + owner_id: id + enterprise_slug: slug + enterprise_owner_info: ownerInfo { + is_ip_allow_list_enabled: ipAllowListEnabledSetting + is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting + ipAllowListEntries(first: 100) { + nodes { + ip_allow_list_entry_id: id + ip_allow_list_entry_name: name + ip_allow_list_entry_value: allowListValue + ip_allow_list_entry_created: createdAt + is_ip_allow_list_entry_active: isActive + } + } + } + } +} diff --git a/graphql/queries/ip-allow-list-add-ip.graphql b/graphql/queries/ip-allow-list-add-ip.graphql new file mode 100644 index 000000000..510289b7e --- /dev/null +++ b/graphql/queries/ip-allow-list-add-ip.graphql @@ -0,0 +1,31 @@ +# This query is used to add an IP address to the IP allow list. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation AddIPAddressToIPAllowList { + createIpAllowListEntry( + input: { + clientMutationId: "true" + ownerId: "OWNER_ID" + name: "DESCRIPTION_OF_IP_ADDRESS" + allowListValue: "IP_ADDRESS" + isActive: true + } + ) { + clientMutationId + ipAllowListEntry { + ip_allow_list_entry_id: id + ip_allow_list_entry_name: name + ip_allow_list_entry_ip_address: allowListValue + ip_allow_list_entry_created: createdAt + ip_allow_list_entry_updated: updatedAt + is_ip_allow_list_entry_active: isActive + } + } +} diff --git a/graphql/queries/ip-allow-list-disable.graphql b/graphql/queries/ip-allow-list-disable.graphql new file mode 100644 index 000000000..df984b56e --- /dev/null +++ b/graphql/queries/ip-allow-list-disable.graphql @@ -0,0 +1,21 @@ +# This query is used to disable the IP allow list feature. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation EnableIPAllowList { + updateIpAllowListEnabledSetting( + input: { + clientMutationId: "true" + ownerId: "OWNER_ID" + settingValue: DISABLED + } + ) { + clientMutationId + } +} diff --git a/graphql/queries/ip-allow-list-enable.graphql b/graphql/queries/ip-allow-list-enable.graphql new file mode 100644 index 000000000..68b0809d3 --- /dev/null +++ b/graphql/queries/ip-allow-list-enable.graphql @@ -0,0 +1,21 @@ +# This query is used to enable the IP allow list feature. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation EnableIPAllowList { + updateIpAllowListEnabledSetting( + input: { + clientMutationId: "true" + ownerId: "OWNER_ID" + settingValue: ENABLED + } + ) { + clientMutationId + } +} diff --git a/graphql/queries/ip-allow-list-remove-ip-entry.graphql b/graphql/queries/ip-allow-list-remove-ip-entry.graphql new file mode 100644 index 000000000..c3cd64484 --- /dev/null +++ b/graphql/queries/ip-allow-list-remove-ip-entry.graphql @@ -0,0 +1,17 @@ +# This query is used to remove an IP allow list entry from the IP allow list. +# This can be used on both organizations and enterprise accounts. +# +# The `IP_ENTRY_ID` is the ID of the IP allow list entry. You can +# get the ID for this by executing either of the following queries +# and referring to the value from `ip_allow_list_entry_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation DeleteIPAddressFromIPAllowList { + deleteIpAllowListEntry( + input: { clientMutationId: "true", ipAllowListEntryId: "IP_ENTRY_ID" } + ) { + clientMutationId + } +} diff --git a/graphql/queries/org-get-ip-allow-list.graphql b/graphql/queries/org-get-ip-allow-list.graphql new file mode 100644 index 000000000..c3f5cc7b9 --- /dev/null +++ b/graphql/queries/org-get-ip-allow-list.graphql @@ -0,0 +1,24 @@ +# Grab current IP allow list settings for an organization. +# This includes: +# - The IP allow list entries +# - The IP allow list enabled setting +# - The IP allow list for GitHub Apps enabled setting + +query GetOrganizationIPAllowList { + organization(login: "ORGANIZATION_SLUG") { + owner_id: id + organization_slug: login + is_ip_allow_list_enabled: ipAllowListEnabledSetting + is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting + ipAllowListEntries(first: 100) { + totalCount + nodes { + ip_allow_list_entry_id: id + ip_allow_list_entry_name: name + ip_allow_list_entry_ip_address: allowListValue + ip_allow_list_entry_created: createdAt + is_ip_allow_list_entry_active: isActive + } + } + } +} From 58cbb382fe8c922981f8fcc0c41260144eb0482f Mon Sep 17 00:00:00 2001 From: Justin Alex Paramanandan <1155821+jusuchin85@users.noreply.github.com> Date: Tue, 19 Nov 2024 13:29:07 +1100 Subject: [PATCH 2/6] Rename existing files to match their scope The previous file names were a bit disorganised (some had numbers in the beginning, while some had the scope between the file name). This commit addresses this to ensure that consumers are able to identify which GraphQL file to look for based on their needs. --- ...identities.graphql => emu-scim-list-scim-identities.graphql} | 0 ...ities.graphql => emu-scim-oidc-list-scim-identities.graphql} | 0 ...erprise-level.graphql => enterprise-saml-identities.graphql} | 0 ...rise.graphql => enterprise-scim-identities-all-orgs.graphql} | 0 ...tion-issue-comment-add.graphql => issue-add-comment.graphql} | 2 +- ...s.graphql => issue-search-for-issue-or-bug-requests.graphql} | 0 ...y.graphql => org-branches-and-commits-by-repository.graphql} | 0 ...bers-commit-msgs.graphql => org-members-commit-msgs.graphql} | 0 ...g-members-variable.graphql => org-members-with-role.graphql} | 0 graphql/queries/{1-org-members.graphql => org-members.graphql} | 0 ...ository.graphql => org-pr-merged-info-by-repository.graphql} | 0 ...rg-repos-fragment-2.graphql => org-repos-fragment-2.graphql} | 0 ...rective-2.graphql => org-repos-fragment-directive-2.graphql} | 0 ...t-directive.graphql => org-repos-fragment-directive.graphql} | 0 ...{4-org-repos-fragment.graphql => org-repos-fragment.graphql} | 0 ...-single-organization.graphql => org-saml-identities.graphql} | 0 ...-single-organization.graphql => org-scim-identities.graphql} | 0 .../{6-org-with-alias.graphql => org-with-alias.graphql} | 0 ...{7-org-with-variables.graphql => org-with-variables.graphql} | 0 ...t-get-issue.graphql => repos-get-last-issue-comment.graphql} | 0 20 files changed, 1 insertion(+), 1 deletion(-) rename graphql/queries/{scim-emu-list-enterprise-scim-identities.graphql => emu-scim-list-scim-identities.graphql} (100%) rename graphql/queries/{scim-emu-enterprises-list-scim-identities.graphql => emu-scim-oidc-list-scim-identities.graphql} (100%) rename graphql/queries/{saml-identities-enterprise-level.graphql => enterprise-saml-identities.graphql} (100%) rename graphql/queries/{scim-identities-all-orgs-in-enterprise.graphql => enterprise-scim-identities-all-orgs.graphql} (100%) rename graphql/queries/{11-mutation-issue-comment-add.graphql => issue-add-comment.graphql} (68%) rename graphql/queries/{search-for-issue-or-bug-requests.graphql => issue-search-for-issue-or-bug-requests.graphql} (100%) rename graphql/queries/{branches-and-commits-by-repository.graphql => org-branches-and-commits-by-repository.graphql} (100%) rename graphql/queries/{3-org-members-commit-msgs.graphql => org-members-commit-msgs.graphql} (100%) rename graphql/queries/{2-org-members-variable.graphql => org-members-with-role.graphql} (100%) rename graphql/queries/{1-org-members.graphql => org-members.graphql} (100%) rename graphql/queries/{pr-merged-info-by-repository.graphql => org-pr-merged-info-by-repository.graphql} (100%) rename graphql/queries/{5-org-repos-fragment-2.graphql => org-repos-fragment-2.graphql} (100%) rename graphql/queries/{9-org-repos-fragment-directive-2.graphql => org-repos-fragment-directive-2.graphql} (100%) rename graphql/queries/{8-org-repos-fragment-directive.graphql => org-repos-fragment-directive.graphql} (100%) rename graphql/queries/{4-org-repos-fragment.graphql => org-repos-fragment.graphql} (100%) rename graphql/queries/{saml-identities-single-organization.graphql => org-saml-identities.graphql} (100%) rename graphql/queries/{scim-identities-single-organization.graphql => org-scim-identities.graphql} (100%) rename graphql/queries/{6-org-with-alias.graphql => org-with-alias.graphql} (100%) rename graphql/queries/{7-org-with-variables.graphql => org-with-variables.graphql} (100%) rename graphql/queries/{10-query-issue-comment-get-issue.graphql => repos-get-last-issue-comment.graphql} (100%) diff --git a/graphql/queries/scim-emu-list-enterprise-scim-identities.graphql b/graphql/queries/emu-scim-list-scim-identities.graphql similarity index 100% rename from graphql/queries/scim-emu-list-enterprise-scim-identities.graphql rename to graphql/queries/emu-scim-list-scim-identities.graphql diff --git a/graphql/queries/scim-emu-enterprises-list-scim-identities.graphql b/graphql/queries/emu-scim-oidc-list-scim-identities.graphql similarity index 100% rename from graphql/queries/scim-emu-enterprises-list-scim-identities.graphql rename to graphql/queries/emu-scim-oidc-list-scim-identities.graphql diff --git a/graphql/queries/saml-identities-enterprise-level.graphql b/graphql/queries/enterprise-saml-identities.graphql similarity index 100% rename from graphql/queries/saml-identities-enterprise-level.graphql rename to graphql/queries/enterprise-saml-identities.graphql diff --git a/graphql/queries/scim-identities-all-orgs-in-enterprise.graphql b/graphql/queries/enterprise-scim-identities-all-orgs.graphql similarity index 100% rename from graphql/queries/scim-identities-all-orgs-in-enterprise.graphql rename to graphql/queries/enterprise-scim-identities-all-orgs.graphql diff --git a/graphql/queries/11-mutation-issue-comment-add.graphql b/graphql/queries/issue-add-comment.graphql similarity index 68% rename from graphql/queries/11-mutation-issue-comment-add.graphql rename to graphql/queries/issue-add-comment.graphql index 58a19361d..864f55a83 100644 --- a/graphql/queries/11-mutation-issue-comment-add.graphql +++ b/graphql/queries/issue-add-comment.graphql @@ -1,4 +1,4 @@ -# Get ISSUE_ID from graphql/queries/10-query-issue-comment-get-issue.graphql +# Get ISSUE_ID from graphql/queries/repos-get-last-issue-comment.graphql mutation { addComment ( diff --git a/graphql/queries/search-for-issue-or-bug-requests.graphql b/graphql/queries/issue-search-for-issue-or-bug-requests.graphql similarity index 100% rename from graphql/queries/search-for-issue-or-bug-requests.graphql rename to graphql/queries/issue-search-for-issue-or-bug-requests.graphql diff --git a/graphql/queries/branches-and-commits-by-repository.graphql b/graphql/queries/org-branches-and-commits-by-repository.graphql similarity index 100% rename from graphql/queries/branches-and-commits-by-repository.graphql rename to graphql/queries/org-branches-and-commits-by-repository.graphql diff --git a/graphql/queries/3-org-members-commit-msgs.graphql b/graphql/queries/org-members-commit-msgs.graphql similarity index 100% rename from graphql/queries/3-org-members-commit-msgs.graphql rename to graphql/queries/org-members-commit-msgs.graphql diff --git a/graphql/queries/2-org-members-variable.graphql b/graphql/queries/org-members-with-role.graphql similarity index 100% rename from graphql/queries/2-org-members-variable.graphql rename to graphql/queries/org-members-with-role.graphql diff --git a/graphql/queries/1-org-members.graphql b/graphql/queries/org-members.graphql similarity index 100% rename from graphql/queries/1-org-members.graphql rename to graphql/queries/org-members.graphql diff --git a/graphql/queries/pr-merged-info-by-repository.graphql b/graphql/queries/org-pr-merged-info-by-repository.graphql similarity index 100% rename from graphql/queries/pr-merged-info-by-repository.graphql rename to graphql/queries/org-pr-merged-info-by-repository.graphql diff --git a/graphql/queries/5-org-repos-fragment-2.graphql b/graphql/queries/org-repos-fragment-2.graphql similarity index 100% rename from graphql/queries/5-org-repos-fragment-2.graphql rename to graphql/queries/org-repos-fragment-2.graphql diff --git a/graphql/queries/9-org-repos-fragment-directive-2.graphql b/graphql/queries/org-repos-fragment-directive-2.graphql similarity index 100% rename from graphql/queries/9-org-repos-fragment-directive-2.graphql rename to graphql/queries/org-repos-fragment-directive-2.graphql diff --git a/graphql/queries/8-org-repos-fragment-directive.graphql b/graphql/queries/org-repos-fragment-directive.graphql similarity index 100% rename from graphql/queries/8-org-repos-fragment-directive.graphql rename to graphql/queries/org-repos-fragment-directive.graphql diff --git a/graphql/queries/4-org-repos-fragment.graphql b/graphql/queries/org-repos-fragment.graphql similarity index 100% rename from graphql/queries/4-org-repos-fragment.graphql rename to graphql/queries/org-repos-fragment.graphql diff --git a/graphql/queries/saml-identities-single-organization.graphql b/graphql/queries/org-saml-identities.graphql similarity index 100% rename from graphql/queries/saml-identities-single-organization.graphql rename to graphql/queries/org-saml-identities.graphql diff --git a/graphql/queries/scim-identities-single-organization.graphql b/graphql/queries/org-scim-identities.graphql similarity index 100% rename from graphql/queries/scim-identities-single-organization.graphql rename to graphql/queries/org-scim-identities.graphql diff --git a/graphql/queries/6-org-with-alias.graphql b/graphql/queries/org-with-alias.graphql similarity index 100% rename from graphql/queries/6-org-with-alias.graphql rename to graphql/queries/org-with-alias.graphql diff --git a/graphql/queries/7-org-with-variables.graphql b/graphql/queries/org-with-variables.graphql similarity index 100% rename from graphql/queries/7-org-with-variables.graphql rename to graphql/queries/org-with-variables.graphql diff --git a/graphql/queries/10-query-issue-comment-get-issue.graphql b/graphql/queries/repos-get-last-issue-comment.graphql similarity index 100% rename from graphql/queries/10-query-issue-comment-get-issue.graphql rename to graphql/queries/repos-get-last-issue-comment.graphql From 0862276bd0e8ef9a6b13df876cbea013fb3285ba Mon Sep 17 00:00:00 2001 From: Justin Alex Paramanandan <1155821+jusuchin85@users.noreply.github.com> Date: Tue, 19 Nov 2024 13:38:33 +1100 Subject: [PATCH 3/6] Use generic variables for orgs and enterprises The existing variables are too specific to the GitHub org. This commit addresses this in the following files: - org-repos-fragment-directive-2.graphql - org-repos-fragment-directive.graphql --- In addition, the following files have references to variable usage, but was not explicitly declared anywhere: - enterprise-saml-identities.graphql - org-branches-and-commits-by-repository.graphql - org-members-by-team.graphql - org-pr-merged-info-by-repository.graphql - repo-get-all-branches.graphql - repos-get-last-issue-comment.graphql I've updated the above files to just use simple strings to replace prior to using the queries in them. --- graphql/queries/enterprise-saml-identities.graphql | 4 ++-- .../queries/org-branches-and-commits-by-repository.graphql | 6 +++--- graphql/queries/org-members-by-team.graphql | 6 +++--- graphql/queries/org-pr-merged-info-by-repository.graphql | 4 ++-- graphql/queries/org-repos-fragment-directive-2.graphql | 2 +- graphql/queries/org-repos-fragment-directive.graphql | 2 +- graphql/queries/repo-get-all-branches.graphql | 6 +++--- graphql/queries/repos-get-last-issue-comment.graphql | 4 ++-- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/graphql/queries/enterprise-saml-identities.graphql b/graphql/queries/enterprise-saml-identities.graphql index 22a7b4b94..fb136c86e 100644 --- a/graphql/queries/enterprise-saml-identities.graphql +++ b/graphql/queries/enterprise-saml-identities.graphql @@ -3,8 +3,8 @@ # If the Identity Provider has sent an `emails` attribute/value in a previous SAML response for enterprise member(s), it also possible to add the `emails` attribute in the `samlIdentity` section right below `nameID` and query for this SAML identity attribute value as well. # If there are a large number of identities/users (greater than 100), pagination will need to be used. See https://graphql.org/learn/pagination/ for details on pagination. There is an example of pagination in simple-pagination-example.graphql. -query listSSOUserIdentities($enterpriseSlug: String!) { - enterprise(slug: $enterpriseSlug) { +query listSSOUserIdentities { + enterprise(slug: "ENTERPRISE_SLUG") { ownerInfo { samlIdentityProvider { externalIdentities(first: 100) { diff --git a/graphql/queries/org-branches-and-commits-by-repository.graphql b/graphql/queries/org-branches-and-commits-by-repository.graphql index e22788236..a4d2b2c70 100644 --- a/graphql/queries/org-branches-and-commits-by-repository.graphql +++ b/graphql/queries/org-branches-and-commits-by-repository.graphql @@ -1,7 +1,7 @@ -query getCommitsByBranchByRepo($orgName:String!, $repoName:String!) { - organization(login:$orgName) { +query getCommitsByBranchByRepo { + organization(login: "ORGANIZATION_SLUG") { name - repository(name:$repoName) { + repository(name: "REPO_NAME") { name refs(refPrefix: "refs/heads/", first: 10) { nodes { diff --git a/graphql/queries/org-members-by-team.graphql b/graphql/queries/org-members-by-team.graphql index 2083c785f..bca2d3468 100644 --- a/graphql/queries/org-members-by-team.graphql +++ b/graphql/queries/org-members-by-team.graphql @@ -1,8 +1,8 @@ -query getMembersByTeam($orgName: String!, $teamName: String!) { - organization(login: $orgName) { +query getMembersByTeam { + organization(login: "ORGANIZATION_SLUG") { id name - teams(first: 1, query: $teamName) { + teams(first: 1, query: "TEAM_NAME") { edges { node { id diff --git a/graphql/queries/org-pr-merged-info-by-repository.graphql b/graphql/queries/org-pr-merged-info-by-repository.graphql index 5a2f74c4a..0dfaf6e50 100644 --- a/graphql/queries/org-pr-merged-info-by-repository.graphql +++ b/graphql/queries/org-pr-merged-info-by-repository.graphql @@ -1,5 +1,5 @@ -query getRepoMergedPRDetails($orgName: String!, $repoName: String!) { - repository(owner: $orgName, name: $repoName) { +query getRepoMergedPRDetails { + repository(owner: "ORGANIZATION_SLUG, name: "REPO_NAME") { pullRequests(first: 100, states: MERGED) { pageInfo { endCursor #use this value in the pullRequests argument list diff --git a/graphql/queries/org-repos-fragment-directive-2.graphql b/graphql/queries/org-repos-fragment-directive-2.graphql index 170e7836f..6828a4f17 100644 --- a/graphql/queries/org-repos-fragment-directive-2.graphql +++ b/graphql/queries/org-repos-fragment-directive-2.graphql @@ -1,5 +1,5 @@ query orgInfo($showRepoInfo: Boolean!) { - organization(login: "github") { + organization(login: "ORGANIZATION_SLUG") { ...orgFrag } } diff --git a/graphql/queries/org-repos-fragment-directive.graphql b/graphql/queries/org-repos-fragment-directive.graphql index 12e5bed4a..91b564213 100644 --- a/graphql/queries/org-repos-fragment-directive.graphql +++ b/graphql/queries/org-repos-fragment-directive.graphql @@ -1,5 +1,5 @@ query orgInfo($showRepoInfo: Boolean!) { - organization(login: "github") { + organization(login: "ORGANIZATION_SLUG") { login name repositories @include(if: $showRepoInfo) { diff --git a/graphql/queries/repo-get-all-branches.graphql b/graphql/queries/repo-get-all-branches.graphql index 5563877ee..72e40977a 100644 --- a/graphql/queries/repo-get-all-branches.graphql +++ b/graphql/queries/repo-get-all-branches.graphql @@ -1,6 +1,6 @@ -query getExistingRepoBranches($orgName: String!, $repoName: String!) { - organization(login: $orgName) { - repository(name: $repoName) { +query getExistingRepoBranches { + organization(login: "ORGANIZATION_SLUG") { + repository(name: "REPO_NAME") { id name refs(refPrefix: "refs/heads/", first: 10) { diff --git a/graphql/queries/repos-get-last-issue-comment.graphql b/graphql/queries/repos-get-last-issue-comment.graphql index 96a19cc3c..d202d4fe5 100644 --- a/graphql/queries/repos-get-last-issue-comment.graphql +++ b/graphql/queries/repos-get-last-issue-comment.graphql @@ -1,5 +1,5 @@ -query getRepoIssue($orgName: String!, $repoName: String!) { - repository(owner: $orgName, name: $repoName) { +query getRepoIssue { + repository(owner: "ORGANIZATION_SLUG", name: "REPO_NAME") { issues(last: 1) { edges { node { From aff3f7efa962f74ce329b0a8877f86044e2940a5 Mon Sep 17 00:00:00 2001 From: Justin Alex Paramanandan <1155821+jusuchin85@users.noreply.github.com> Date: Tue, 19 Nov 2024 13:47:20 +1100 Subject: [PATCH 4/6] Update to use a standard organization variable I noticed from another PR that we are using `ORG_NAME` for generic organization variables. This commit updates all the queries to use `ORG_NAME` instead of `ORGANIZATION_SLUG` to be consistent with the rest of the codebase. --- graphql/queries/org-branches-and-commits-by-repository.graphql | 2 +- graphql/queries/org-get-ip-allow-list.graphql | 2 +- graphql/queries/org-members-by-team.graphql | 2 +- graphql/queries/org-pr-merged-info-by-repository.graphql | 2 +- graphql/queries/org-repos-fragment-directive-2.graphql | 2 +- graphql/queries/org-repos-fragment-directive.graphql | 2 +- graphql/queries/repo-get-all-branches.graphql | 2 +- graphql/queries/repos-get-last-issue-comment.graphql | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/graphql/queries/org-branches-and-commits-by-repository.graphql b/graphql/queries/org-branches-and-commits-by-repository.graphql index a4d2b2c70..63f0c7865 100644 --- a/graphql/queries/org-branches-and-commits-by-repository.graphql +++ b/graphql/queries/org-branches-and-commits-by-repository.graphql @@ -1,5 +1,5 @@ query getCommitsByBranchByRepo { - organization(login: "ORGANIZATION_SLUG") { + organization(login: "ORG_NAME") { name repository(name: "REPO_NAME") { name diff --git a/graphql/queries/org-get-ip-allow-list.graphql b/graphql/queries/org-get-ip-allow-list.graphql index c3f5cc7b9..98fb7823b 100644 --- a/graphql/queries/org-get-ip-allow-list.graphql +++ b/graphql/queries/org-get-ip-allow-list.graphql @@ -5,7 +5,7 @@ # - The IP allow list for GitHub Apps enabled setting query GetOrganizationIPAllowList { - organization(login: "ORGANIZATION_SLUG") { + organization(login: "ORG_NAME") { owner_id: id organization_slug: login is_ip_allow_list_enabled: ipAllowListEnabledSetting diff --git a/graphql/queries/org-members-by-team.graphql b/graphql/queries/org-members-by-team.graphql index bca2d3468..e2410b000 100644 --- a/graphql/queries/org-members-by-team.graphql +++ b/graphql/queries/org-members-by-team.graphql @@ -1,5 +1,5 @@ query getMembersByTeam { - organization(login: "ORGANIZATION_SLUG") { + organization(login: "ORG_NAME") { id name teams(first: 1, query: "TEAM_NAME") { diff --git a/graphql/queries/org-pr-merged-info-by-repository.graphql b/graphql/queries/org-pr-merged-info-by-repository.graphql index 0dfaf6e50..c7912af54 100644 --- a/graphql/queries/org-pr-merged-info-by-repository.graphql +++ b/graphql/queries/org-pr-merged-info-by-repository.graphql @@ -1,5 +1,5 @@ query getRepoMergedPRDetails { - repository(owner: "ORGANIZATION_SLUG, name: "REPO_NAME") { + repository(owner: "ORG_NAME, name: "REPO_NAME") { pullRequests(first: 100, states: MERGED) { pageInfo { endCursor #use this value in the pullRequests argument list diff --git a/graphql/queries/org-repos-fragment-directive-2.graphql b/graphql/queries/org-repos-fragment-directive-2.graphql index 6828a4f17..a5927ed56 100644 --- a/graphql/queries/org-repos-fragment-directive-2.graphql +++ b/graphql/queries/org-repos-fragment-directive-2.graphql @@ -1,5 +1,5 @@ query orgInfo($showRepoInfo: Boolean!) { - organization(login: "ORGANIZATION_SLUG") { + organization(login: "ORG_NAME") { ...orgFrag } } diff --git a/graphql/queries/org-repos-fragment-directive.graphql b/graphql/queries/org-repos-fragment-directive.graphql index 91b564213..465df0653 100644 --- a/graphql/queries/org-repos-fragment-directive.graphql +++ b/graphql/queries/org-repos-fragment-directive.graphql @@ -1,5 +1,5 @@ query orgInfo($showRepoInfo: Boolean!) { - organization(login: "ORGANIZATION_SLUG") { + organization(login: "ORG_NAME") { login name repositories @include(if: $showRepoInfo) { diff --git a/graphql/queries/repo-get-all-branches.graphql b/graphql/queries/repo-get-all-branches.graphql index 72e40977a..2fccaf98d 100644 --- a/graphql/queries/repo-get-all-branches.graphql +++ b/graphql/queries/repo-get-all-branches.graphql @@ -1,5 +1,5 @@ query getExistingRepoBranches { - organization(login: "ORGANIZATION_SLUG") { + organization(login: "ORG_NAME") { repository(name: "REPO_NAME") { id name diff --git a/graphql/queries/repos-get-last-issue-comment.graphql b/graphql/queries/repos-get-last-issue-comment.graphql index d202d4fe5..5d5f52264 100644 --- a/graphql/queries/repos-get-last-issue-comment.graphql +++ b/graphql/queries/repos-get-last-issue-comment.graphql @@ -1,5 +1,5 @@ query getRepoIssue { - repository(owner: "ORGANIZATION_SLUG", name: "REPO_NAME") { + repository(owner: "ORG_NAME", name: "REPO_NAME") { issues(last: 1) { edges { node { From 10b3fb70d911117866ee71c446118860f71ee9f3 Mon Sep 17 00:00:00 2001 From: Justin Alex Paramanandan <1155821+jusuchin85@users.noreply.github.com> Date: Wed, 20 Nov 2024 10:31:20 +1100 Subject: [PATCH 5/6] Remove setting the clientMutationId variable This variable is always added, so it is not necessary to set it manually. Reference doc: https://graphql-ruby.org/api-doc/1.8.13/GraphQL/Schema/RelayClassicMutation Thanks to @sn2b for pointing this out! --- .../enterprise-get-ip-allow-list.graphql | 30 ++++++++-------- graphql/queries/ip-allow-list-add-ip.graphql | 34 +++++++++---------- graphql/queries/ip-allow-list-disable.graphql | 23 +++++++------ graphql/queries/ip-allow-list-enable.graphql | 21 ++++++------ .../ip-allow-list-remove-ip-entry.graphql | 8 ++--- graphql/queries/org-get-ip-allow-list.graphql | 30 ++++++++-------- 6 files changed, 72 insertions(+), 74 deletions(-) diff --git a/graphql/queries/enterprise-get-ip-allow-list.graphql b/graphql/queries/enterprise-get-ip-allow-list.graphql index 92d68fdba..1ad6a35c9 100644 --- a/graphql/queries/enterprise-get-ip-allow-list.graphql +++ b/graphql/queries/enterprise-get-ip-allow-list.graphql @@ -5,21 +5,21 @@ # - The IP allow list for GitHub Apps enabled setting query GetEnterpriseIPAllowList { - enterprise(slug: "ENTERPRISE_SLUG") { - owner_id: id - enterprise_slug: slug - enterprise_owner_info: ownerInfo { - is_ip_allow_list_enabled: ipAllowListEnabledSetting - is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting - ipAllowListEntries(first: 100) { - nodes { - ip_allow_list_entry_id: id - ip_allow_list_entry_name: name - ip_allow_list_entry_value: allowListValue - ip_allow_list_entry_created: createdAt - is_ip_allow_list_entry_active: isActive - } - } + enterprise(slug: "ENTERPRISE_SLUG") { + owner_id: id + enterprise_slug: slug + enterprise_owner_info: ownerInfo { + is_ip_allow_list_enabled: ipAllowListEnabledSetting + is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting + ipAllowListEntries(first: 100) { + nodes { + ip_allow_list_entry_id: id + ip_allow_list_entry_name: name + ip_allow_list_entry_value: allowListValue + ip_allow_list_entry_created: createdAt + is_ip_allow_list_entry_active: isActive } + } } + } } diff --git a/graphql/queries/ip-allow-list-add-ip.graphql b/graphql/queries/ip-allow-list-add-ip.graphql index 510289b7e..ab977164f 100644 --- a/graphql/queries/ip-allow-list-add-ip.graphql +++ b/graphql/queries/ip-allow-list-add-ip.graphql @@ -9,23 +9,21 @@ # - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql mutation AddIPAddressToIPAllowList { - createIpAllowListEntry( - input: { - clientMutationId: "true" - ownerId: "OWNER_ID" - name: "DESCRIPTION_OF_IP_ADDRESS" - allowListValue: "IP_ADDRESS" - isActive: true - } - ) { - clientMutationId - ipAllowListEntry { - ip_allow_list_entry_id: id - ip_allow_list_entry_name: name - ip_allow_list_entry_ip_address: allowListValue - ip_allow_list_entry_created: createdAt - ip_allow_list_entry_updated: updatedAt - is_ip_allow_list_entry_active: isActive - } + createIpAllowListEntry( + input: { + ownerId: "OWNER_ID" + name: "DESCRIPTION_OF_IP_ADDRESS" + allowListValue: "IP_ADDRESS" + isActive: true } + ) { + ipAllowListEntry { + ip_allow_list_entry_id: id + ip_allow_list_entry_name: name + ip_allow_list_entry_ip_address: allowListValue + ip_allow_list_entry_created: createdAt + ip_allow_list_entry_updated: updatedAt + is_ip_allow_list_entry_active: isActive + } + } } diff --git a/graphql/queries/ip-allow-list-disable.graphql b/graphql/queries/ip-allow-list-disable.graphql index df984b56e..2b1ecab85 100644 --- a/graphql/queries/ip-allow-list-disable.graphql +++ b/graphql/queries/ip-allow-list-disable.graphql @@ -1,4 +1,4 @@ -# This query is used to disable the IP allow list feature. +# This query is used to disable the IP allow list feature. This will apply to both IP addresses and GitHub Apps. # This can be used on both organizations and enterprise accounts. # # The `OWNER_ID` is the ID of the organization or enterprise account. You can @@ -8,14 +8,15 @@ # - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql # - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql -mutation EnableIPAllowList { - updateIpAllowListEnabledSetting( - input: { - clientMutationId: "true" - ownerId: "OWNER_ID" - settingValue: DISABLED - } - ) { - clientMutationId - } +mutation DisableIPAllowList { + updateIpAllowListEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: DISABLED } + ) { + clientMutationId + } + updateIpAllowListForInstalledAppsEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: DISABLED } + ) { + clientMutationId + } } diff --git a/graphql/queries/ip-allow-list-enable.graphql b/graphql/queries/ip-allow-list-enable.graphql index 68b0809d3..293062536 100644 --- a/graphql/queries/ip-allow-list-enable.graphql +++ b/graphql/queries/ip-allow-list-enable.graphql @@ -1,4 +1,4 @@ -# This query is used to enable the IP allow list feature. +# This query is used to enable the IP allow list feature. This will apply to both IP addresses and GitHub Apps. # This can be used on both organizations and enterprise accounts. # # The `OWNER_ID` is the ID of the organization or enterprise account. You can @@ -9,13 +9,14 @@ # - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql mutation EnableIPAllowList { - updateIpAllowListEnabledSetting( - input: { - clientMutationId: "true" - ownerId: "OWNER_ID" - settingValue: ENABLED - } - ) { - clientMutationId - } + updateIpAllowListEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: ENABLED } + ) { + clientMutationId + } + updateIpAllowListForInstalledAppsEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: ENABLED } + ) { + clientMutationId + } } diff --git a/graphql/queries/ip-allow-list-remove-ip-entry.graphql b/graphql/queries/ip-allow-list-remove-ip-entry.graphql index c3cd64484..fb900a9ed 100644 --- a/graphql/queries/ip-allow-list-remove-ip-entry.graphql +++ b/graphql/queries/ip-allow-list-remove-ip-entry.graphql @@ -9,9 +9,7 @@ # - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql mutation DeleteIPAddressFromIPAllowList { - deleteIpAllowListEntry( - input: { clientMutationId: "true", ipAllowListEntryId: "IP_ENTRY_ID" } - ) { - clientMutationId - } + deleteIpAllowListEntry(input: { ipAllowListEntryId: "IP_ENTRY_ID" }) { + clientMutationId + } } diff --git a/graphql/queries/org-get-ip-allow-list.graphql b/graphql/queries/org-get-ip-allow-list.graphql index 98fb7823b..3921d569d 100644 --- a/graphql/queries/org-get-ip-allow-list.graphql +++ b/graphql/queries/org-get-ip-allow-list.graphql @@ -5,20 +5,20 @@ # - The IP allow list for GitHub Apps enabled setting query GetOrganizationIPAllowList { - organization(login: "ORG_NAME") { - owner_id: id - organization_slug: login - is_ip_allow_list_enabled: ipAllowListEnabledSetting - is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting - ipAllowListEntries(first: 100) { - totalCount - nodes { - ip_allow_list_entry_id: id - ip_allow_list_entry_name: name - ip_allow_list_entry_ip_address: allowListValue - ip_allow_list_entry_created: createdAt - is_ip_allow_list_entry_active: isActive - } - } + organization(login: "ORG_NAME") { + owner_id: id + organization_slug: login + is_ip_allow_list_enabled: ipAllowListEnabledSetting + is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting + ipAllowListEntries(first: 100) { + totalCount + nodes { + ip_allow_list_entry_id: id + ip_allow_list_entry_name: name + ip_allow_list_entry_ip_address: allowListValue + ip_allow_list_entry_created: createdAt + is_ip_allow_list_entry_active: isActive + } } + } } From 68de17190ed7d680005da1aeeed9c078682f0e91 Mon Sep 17 00:00:00 2001 From: Justin Alex Paramanandan <1155821+jusuchin85@users.noreply.github.com> Date: Wed, 20 Nov 2024 10:33:18 +1100 Subject: [PATCH 6/6] Add additional enabling/disabling IP allow lists Added new queries to separately enable and disable IP allow lists for GitHub Apps only and IP addresses only. --- ...-allow-list-disable-github-apps-only.graphql | 17 +++++++++++++++++ ...p-allow-list-disable-ip-address-only.graphql | 17 +++++++++++++++++ ...p-allow-list-enable-github-apps-only.graphql | 17 +++++++++++++++++ ...ip-allow-list-enable-ip-address-only.graphql | 17 +++++++++++++++++ 4 files changed, 68 insertions(+) create mode 100644 graphql/queries/ip-allow-list-disable-github-apps-only.graphql create mode 100644 graphql/queries/ip-allow-list-disable-ip-address-only.graphql create mode 100644 graphql/queries/ip-allow-list-enable-github-apps-only.graphql create mode 100644 graphql/queries/ip-allow-list-enable-ip-address-only.graphql diff --git a/graphql/queries/ip-allow-list-disable-github-apps-only.graphql b/graphql/queries/ip-allow-list-disable-github-apps-only.graphql new file mode 100644 index 000000000..0a27a261e --- /dev/null +++ b/graphql/queries/ip-allow-list-disable-github-apps-only.graphql @@ -0,0 +1,17 @@ +# This query is used to disable the IP allow list feature. This will apply to GitHub Apps only. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation DisableIPAllowListForGitHubAppsOnly { + updateIpAllowListForInstalledAppsEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: DISABLED } + ) { + clientMutationId + } +} diff --git a/graphql/queries/ip-allow-list-disable-ip-address-only.graphql b/graphql/queries/ip-allow-list-disable-ip-address-only.graphql new file mode 100644 index 000000000..0fe79f496 --- /dev/null +++ b/graphql/queries/ip-allow-list-disable-ip-address-only.graphql @@ -0,0 +1,17 @@ +# This query is used to disable the IP allow list feature. This will apply to IP addresses only. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation DisableAllowListForIpsOnly { + updateIpAllowListEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: DISABLED } + ) { + clientMutationId + } +} diff --git a/graphql/queries/ip-allow-list-enable-github-apps-only.graphql b/graphql/queries/ip-allow-list-enable-github-apps-only.graphql new file mode 100644 index 000000000..8d3e1ead2 --- /dev/null +++ b/graphql/queries/ip-allow-list-enable-github-apps-only.graphql @@ -0,0 +1,17 @@ +# This query is used to enable the IP allow list feature. This will apply to GitHub Apps only. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation EnableIPAllowListForGitHubAppsOnly { + updateIpAllowListForInstalledAppsEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: ENABLED } + ) { + clientMutationId + } +} diff --git a/graphql/queries/ip-allow-list-enable-ip-address-only.graphql b/graphql/queries/ip-allow-list-enable-ip-address-only.graphql new file mode 100644 index 000000000..e1eff4e79 --- /dev/null +++ b/graphql/queries/ip-allow-list-enable-ip-address-only.graphql @@ -0,0 +1,17 @@ +# This query is used to enable the IP allow list feature. This will apply to IP addresses only. +# This can be used on both organizations and enterprise accounts. +# +# The `OWNER_ID` is the ID of the organization or enterprise account. You can +# get the ID of an organization or enterprise account by executing either of +# the following queries and referring to the value from `owner_id` field: +# +# - organizations: https://github.com/github/platform-samples/blob/master/graphql/queries/org-get-ip-allow-list.graphql +# - enterprise accounts: https://github.com/github/platform-samples/blob/master/graphql/queries/enterprise-get-ip-allow-list.graphql + +mutation EnableAllowListForIpsOnly { + updateIpAllowListEnabledSetting( + input: { ownerId: "OWNER_ID", settingValue: ENABLED } + ) { + clientMutationId + } +}