Update GitHub IP Whitelist #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Update GitHub IP Whitelist" | |
| on: | |
| schedule: | |
| - cron: "0 0 * * *" # Every day at midnight | |
| workflow_dispatch: | |
| permissions: | |
| contents: write # Needed to push changes back to the repo | |
| jobs: | |
| update-ips: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v3 | |
| - name: Fetch GitHub meta | |
| run: | | |
| echo "Fetching GitHub IP ranges..." | |
| meta_json=$(curl -s https://api.github.com/meta) | |
| echo "$meta_json" | jq . > github-ips.json | |
| echo "$meta_json" | jq '.hooks' > github-hooks-ips.json | |
| - name: Commit changes | |
| run: | | |
| # Configure Git (username & email to show in commit history) | |
| git config user.name "github-actions" | |
| git config user.email "[email protected]" | |
| # Stage changes | |
| git add github-ips.json | |
| # If there's nothing new to commit, don't fail | |
| git commit -m "Update GitHub IP ranges [skip ci]" || echo "No changes to commit" | |
| # Push changes (uses GITHUB_TOKEN with 'contents: write' permission) | |
| git push |