Update GitHub IP Whitelist #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Update GitHub IP Whitelist" | |
| on: | |
| schedule: | |
| - cron: "0 0 * * *" # Every day at midnight | |
| workflow_dispatch: | |
| permissions: | |
| contents: write # Needed to push changes back to the repo | |
| jobs: | |
| update-ips: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v3 | |
| - name: Fetch GitHub meta | |
| run: | | |
| echo "Fetching GitHub IP ranges..." | |
| META_JSON=$(curl -s https://api.github.com/meta) | |
| # Pretty-print the entire meta JSON to github-ips.json | |
| echo "$META_JSON" | jq . > github-ips.json | |
| # Extract just the ".hooks" array to github-hooks-ips.json | |
| echo "$META_JSON" | jq '.hooks' > github-hooks-ips.json | |
| # Print the contents of both files to the console | |
| cat github-ips.json | |
| cat github-hooks-ips.json | |
| - name: Commit changes | |
| run: | | |
| # Configure Git (username & email to show in commit history) | |
| git config user.name "github-actions" | |
| git config user.email "[email protected]" | |
| # Stage changes | |
| git add github-ips.json | |
| git add github-hooks-ips.json | |
| # If there's nothing new to commit, don't fail | |
| git commit -m "Update GitHub IP ranges [skip ci]" || echo "No changes to commit" | |
| # Push changes (uses GITHUB_TOKEN with 'contents: write' permission) | |
| git push |