Provider returns both IPv4 and IPv6 IPs as an array causing terraform security group resource to fail #883

davidg-sainsbury · 2021-08-18T10:00:32Z

Terraform Version

Terraform v0.15.4

Affected Resource(s)

terraform resource "aws_security_group"

Terraform Configuration Files

module..

data "github_ip_ranges" "gha_runner_scaling_api" {}

resource "aws_security_group" "gha_runner_scaling_api" {
  name                   = "gha-runners_api"
  description            = "Allow traffic to GHA Scaling runner API Gateway"
  vpc_id                 = var.vpc_id
  revoke_rules_on_delete = true

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = data.github_ip_ranges.gha_runner_scaling_api.hooks
    description = "HTTPS access from Github API"
  }

plan...
resource "aws_security_group" "gha_runner_scaling_api" {
        id                     = "sg-0415fc1dd10896cd0"
      ~ ingress                = [
          + {
              + cidr_blocks      = [
                  + "192.30.252.0/22",
                  + "140.82.112.0/20",
                  + "143.55.64.0/20",
                  + "185.199.108.0/22",
                  + "2a0a:a440::/29",
                  + "2606:50c0::/32",
                ]
              + description      = "HTTPS access from Github API"
              + from_port        = 443
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 443
            }

error..

Error authorizing security group ingress rules: InvalidParameterValue: CIDR block 2a0a:a440::/29 is malformed

Expected Behavior

The provider to handle separately both IPV4 and IPV6 addresses.

Actual Behavior

Error authorizing security group ingress rules: InvalidParameterValue: CIDR block 2a0a:a440::/29 is malformed

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply

The text was updated successfully, but these errors were encountered:

…anges data source Fixes integrations#883

…ranges data source Fixes integrations#883

mattes-mms · 2021-08-19T15:49:48Z

H, when there will be a fix for this pls.? Thx...

martinmosegaard · 2021-08-20T13:23:23Z

Perhaps you can do something like this as a workaround:

cidr_blocks      = [for block in data.github_ip_ranges.gha_runner_scaling_api.hooks : block if length(regexall("::", block)) == 0]
ipv6_cidr_blocks = [for block in data.github_ip_ranges.gha_runner_scaling_api.hooks : block if length(regexall("::", block)) > 0]

jiba21 · 2021-08-23T10:36:46Z

This issue is also in other versions. I'm using terraform 0.13

…source (#884) Fixes #883

The GitHub provider is returning IPv6 IPs in addition to IPv4 IPs for the hooks. This is not compatible with AWS security rules which require IPv4 and IPv6 IPs to be seperate. This is a [fixed bug](integrations/terraform-provider-github#883) in 4.14 version of the provider.

…ranges data source (integrations#884) Fixes integrations#883

davidg-sainsbury changed the title ~~Provider returns both IPv4 and IPv6 as an array causing terraform security group resource to fail~~ Provider returns both IPv4 and IPv6 IPs as an array causing terraform security group resource to fail Aug 18, 2021

rymir added a commit to rymir/terraform-provider-github that referenced this issue Aug 18, 2021

(Fix integrations#883) Additionally expose ipv4/6 cidr in github_ip_r…

195f1b5

…anges data source Fixes integrations#883

rymir mentioned this issue Aug 18, 2021

(Fix #883) Additionally expose ipv4/6 cidrs in github_ip_ranges data source #884

Merged

rymir added a commit to rymir/terraform-provider-github that referenced this issue Aug 18, 2021

(Fix integrations#883) Additionally expose ipv4/6 cidr in github_ip_r…

9a60870

…anges data source Fixes integrations#883

rymir added a commit to rymir/terraform-provider-github that referenced this issue Aug 18, 2021

(Fix integrations#883) Additionally expose ipv4/6 cidrs in github_ip_…

942e3af

…ranges data source Fixes integrations#883

rymir added a commit to rymir/terraform-provider-github that referenced this issue Aug 18, 2021

(Fix integrations#883) Additionally expose ipv4/6 cidrs in github_ip_…

e52dcd3

…ranges data source Fixes integrations#883

jcudit added Type: Bug Something isn't working as documented d/ip_ranges labels Aug 31, 2021

jcudit closed this as completed in #884 Sep 2, 2021

jcudit pushed a commit that referenced this issue Sep 2, 2021

(Fix #883) Additionally expose ipv4/6 cidrs in github_ip_ranges data …

3948033

…source (#884) Fixes #883

kfcampbell pushed a commit to kfcampbell/terraform-provider-github that referenced this issue Jul 26, 2022

(Fix integrations#883) Additionally expose ipv4/6 cidrs in github_ip_…

b4bb95c

…ranges data source (integrations#884) Fixes integrations#883

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Provider returns both IPv4 and IPv6 IPs as an array causing terraform security group resource to fail #883

Provider returns both IPv4 and IPv6 IPs as an array causing terraform security group resource to fail #883

davidg-sainsbury commented Aug 18, 2021

mattes-mms commented Aug 19, 2021

martinmosegaard commented Aug 20, 2021 •

edited

Loading

jiba21 commented Aug 23, 2021

Provider returns both IPv4 and IPv6 IPs as an array causing terraform security group resource to fail #883

Provider returns both IPv4 and IPv6 IPs as an array causing terraform security group resource to fail #883

Comments

davidg-sainsbury commented Aug 18, 2021

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Expected Behavior

Actual Behavior

Steps to Reproduce

mattes-mms commented Aug 19, 2021

martinmosegaard commented Aug 20, 2021 • edited Loading

jiba21 commented Aug 23, 2021

martinmosegaard commented Aug 20, 2021 •

edited

Loading