From 2c823083d0d9699ebc5c7517b2adf4a4e7818fc8 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Mon, 23 Feb 2026 12:08:28 +0100 Subject: [PATCH 01/21] audit_log_stream Signed-off-by: amreshh <20923769+amreshh@users.noreply.github.com> --- github/enterprise_audit_log_stream.go | 266 +++++++++++++++++++++ github/enterprise_audit_log_stream_test.go | 160 +++++++++++++ github/github-accessors.go | 24 ++ github/github-accessors_test.go | 33 +++ 4 files changed, 483 insertions(+) create mode 100644 github/enterprise_audit_log_stream.go create mode 100644 github/enterprise_audit_log_stream_test.go diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go new file mode 100644 index 00000000000..b54e970f50b --- /dev/null +++ b/github/enterprise_audit_log_stream.go @@ -0,0 +1,266 @@ +// Copyright 2026 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +import ( + "context" + "encoding/json" + "fmt" +) + +// AuditLogStream represents an audit log stream configuration for an enterprise. +type AuditLogStream struct { + ID *int64 `json:"id,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + StreamDetails json.RawMessage `json:"stream_details,omitempty"` + Enabled *bool `json:"enabled,omitempty"` + CreatedAt *Timestamp `json:"created_at,omitempty"` + UpdatedAt *Timestamp `json:"updated_at,omitempty"` + PausedAt *Timestamp `json:"paused_at,omitempty"` +} + +// AuditLogStreamConfig represents a configuration for creating/updating an audit log stream. +type AuditLogStreamConfig struct { + Enabled *bool `json:"enabled,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + VendorSpecific AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` +} + +// AuditLogStreamVendorConfig is a marker interface for vendor-specific audit log +// stream configurations. +type AuditLogStreamVendorConfig interface { + isAuditLogStreamVendorConfig() +} + +// AzureBlobConfig represents vendor specific config for Azure Blob Storage. +type AzureBlobConfig struct { + KeyID *string `json:"key_id,omitempty"` + EncryptedSASURL *string `json:"encrypted_sas_url,omitempty"` + Container *string `json:"container,omitempty"` +} + +// AzureHubConfig represents vendor specific config for Azure Event Hubs. +type AzureHubConfig struct { + Name *string `json:"name,omitempty"` + EncryptedConnString *string `json:"encrypted_connstring,omitempty"` + KeyID *string `json:"key_id,omitempty"` +} + +// AmazonS3OIDCConfig represents vendor specific config for Amazon S3 with OIDC authentication. +type AmazonS3OIDCConfig struct { + Bucket *string `json:"bucket,omitempty"` + Region *string `json:"region,omitempty"` + KeyID *string `json:"key_id,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` + ARNRole *string `json:"arn_role,omitempty"` +} + +// AmazonS3AccessKeysConfig represents vendor specific config for Amazon S3 with access keys authentication. +type AmazonS3AccessKeysConfig struct { + Bucket *string `json:"bucket,omitempty"` + Region *string `json:"region,omitempty"` + KeyID *string `json:"key_id,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` + EncryptedSecretKey *string `json:"encrypted_secret_key,omitempty"` + EncryptedAccessKeyID *string `json:"encrypted_access_key_id,omitempty"` +} + +// SplunkConfig represents vendor specific config for Splunk. +type SplunkConfig struct { + Domain *string `json:"domain,omitempty"` + Port *uint16 `json:"port,omitempty"` + KeyID *string `json:"key_id,omitempty"` + EncryptedToken *string `json:"encrypted_token,omitempty"` + SSLVerify *bool `json:"ssl_verify,omitempty"` +} + +// HecConfig represents vendor specific config for HTTPS Event Collector. +type HecConfig struct { + Domain *string `json:"domain,omitempty"` + Port *uint16 `json:"port,omitempty"` + KeyID *string `json:"key_id,omitempty"` + EncryptedToken *string `json:"encrypted_token,omitempty"` + Path *string `json:"path,omitempty"` + SSLVerify *bool `json:"ssl_verify,omitempty"` +} + +// GoogleCloudConfig represents vendor specific config for Google Cloud Storage. +type GoogleCloudConfig struct { + Bucket *string `json:"bucket,omitempty"` + KeyID *string `json:"key_id,omitempty"` + EncryptedJSONCredentials *string `json:"encrypted_json_credentials,omitempty"` +} + +// DatadogConfig represents vendor specific config for Datadog. +type DatadogConfig struct { + EncryptedToken *string `json:"encrypted_token,omitempty"` + Site *string `json:"site,omitempty"` // Can be one of: US, US3, US5, EU1, US1-FED, AP1 + KeyID *string `json:"key_id,omitempty"` +} + +// Implement the marker interface for all vendor config types. +func (*AzureBlobConfig) isAuditLogStreamVendorConfig() {} +func (*AzureHubConfig) isAuditLogStreamVendorConfig() {} +func (*AmazonS3OIDCConfig) isAuditLogStreamVendorConfig() {} +func (*AmazonS3AccessKeysConfig) isAuditLogStreamVendorConfig() {} +func (*SplunkConfig) isAuditLogStreamVendorConfig() {} +func (*HecConfig) isAuditLogStreamVendorConfig() {} +func (*GoogleCloudConfig) isAuditLogStreamVendorConfig() {} +func (*DatadogConfig) isAuditLogStreamVendorConfig() {} + +// Helper functions for constructing AuditLogStreamConfig per vendor type. + +// NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. +func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { + streamType := "AzureBlobStorage" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. +func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { + streamType := "AzureHubs" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. +func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { + streamType := "AmazonS3" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access keys auth. +func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { + streamType := "AmazonS3" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewSplunkStreamConfig returns an AuditLogStreamConfig for Splunk. +func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfig { + streamType := "Splunk" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewHecStreamConfig returns an AuditLogStreamConfig for HTTPS Event Collector. +func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { + streamType := "Hec" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. +func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { + streamType := "GoogleCloudStorage" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewDatadogStreamConfig returns an AuditLogStreamConfig for Datadog. +func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamConfig { + streamType := "Datadog" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// ListAuditLogStreams lists the audit log stream configurations for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#list-audit-log-stream-configurations-for-an-enterprise +// +//meta:operation GET /enterprises/{enterprise}/audit-log/streams +func (s *EnterpriseService) ListAuditLogStreams(ctx context.Context, enterprise string) ([]*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + var streams []*AuditLogStream + resp, err := s.client.Do(ctx, req, &streams) + if err != nil { + return nil, resp, err + } + + return streams, resp, nil +} + +// CreateAuditLogStream creates an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation POST /enterprises/{enterprise}/audit-log/streams +func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) + + req, err := s.client.NewRequest("POST", u, config) + if err != nil { + return nil, nil, err + } + + var stream *AuditLogStream + resp, err := s.client.Do(ctx, req, &stream) + if err != nil { + return nil, resp, err + } + + return stream, resp, nil +} + +// GetAuditLogStream gets an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + var stream *AuditLogStream + resp, err := s.client.Do(ctx, req, &stream) + if err != nil { + return nil, resp, err + } + + return stream, resp, nil +} + +// UpdateAuditLogStream updates an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation PATCH /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise string, streamID int64, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) + + req, err := s.client.NewRequest("PATCH", u, config) + if err != nil { + return nil, nil, err + } + + var stream *AuditLogStream + resp, err := s.client.Do(ctx, req, &stream) + if err != nil { + return nil, resp, err + } + + return stream, resp, nil +} + +// DeleteAuditLogStream deletes an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#delete-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation DELETE /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) DeleteAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) + + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } + + return s.client.Do(ctx, req, nil) +} diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go new file mode 100644 index 00000000000..b0f59441690 --- /dev/null +++ b/github/enterprise_audit_log_stream_test.go @@ -0,0 +1,160 @@ +// Copyright 2021 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +// func TestEnterpriseService_CreateAuditStream(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "POST") + +// fmt.Fprint(w, `{ +// "id": 1, +// "stream_type": "Azure Blob Storage", +// "stream_details": "US", +// "enabled": true, +// "created_at": "2024-06-06T08:00:00Z", +// "updated_at": "2024-06-06T08:00:00Z", +// "paused_at": null +// }`) +// }) + +// ctx := context.Background() +// config := &AuditStreamConfig{ +// Enabled: true, +// StreamType: "Azure Blob Storage", +// VendorSpecific: AzureBlobConfig{ +// KeyID: "123", +// EncryptedSASURL: "base64-encrypted-sas-url", +// }, +// } + +// stream, resp, err := client.Enterprise.CreateAuditStream(ctx, "e", config) +// if err != nil { +// t.Fatalf("CreateAuditStream returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil HTTP response") +// } +// if stream == nil { +// t.Fatal("expected non-nil AuditStreamEntry") +// } +// if stream.ID != 1 { +// t.Errorf("ID = %d, want 1", stream.ID) +// } +// if stream.StreamType != "Azure Blob Storage" { +// t.Errorf("StreamType = %q, want %q", stream.StreamType, "Azure Blob Storage") +// } +// if !stream.Enabled { +// t.Errorf("Enabled = %v, want true", stream.Enabled) +// } +// } + +// func TestEnterpriseService_GetAuditStream(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "GET") +// testHeader(t, r, "Accept", "application/vnd.github+json") +// fmt.Fprint(w, `{"id":42,"stream_type":"Azure Blob Storage","enabled":true}`) +// }) + +// got, resp, err := client.Enterprise.GetAuditStream(context.Background(), "e", 42) +// if err != nil { +// t.Fatalf("GetAuditStream returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil response") +// } +// if got == nil || got.ID != 42 || !got.Enabled || got.StreamType != "Azure Blob Storage" { +// t.Fatalf("unexpected stream: %+v", got) +// } +// } + +// func TestEnterpriseService_ListAuditStreams(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "GET") +// fmt.Fprint(w, `[ +// { +// "id": 1, +// "stream_type": "Azure Blob Storage", +// "stream_details": "US", +// "enabled": true, +// "created_at": "2024-06-06T08:00:00Z", +// "updated_at": "2024-06-06T08:00:00Z", +// "paused_at": null, +// "vendor_specific": { +// "key_id": "k1", +// "encrypted_sas_url": "enc1" +// } +// }, +// { +// "id": 2, +// "stream_type": "Azure Blob Storage", +// "stream_details": "EU", +// "enabled": false, +// "created_at": "2024-06-07T08:00:00Z", +// "updated_at": "2024-06-07T08:00:00Z", +// "paused_at": null, +// "vendor_specific": { +// "key_id": "k2", +// "encrypted_sas_url": "enc2" +// } +// } +// ]`) +// }) + +// ctx := context.Background() +// got, resp, err := client.Enterprise.ListAuditStreams(ctx, "e") +// if err != nil { +// t.Fatalf("ListAuditStreams returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil response") +// } +// if len(got) != 2 { +// t.Fatalf("len(streams) = %d, want 2", len(got)) +// } +// if got[0].ID != 1 { +// t.Errorf("streams[0].ID = %d, want 1", got[0].ID) +// } +// if got[0].StreamType != "Azure Blob Storage" { +// t.Errorf("streams[0].StreamType = %q, want %q", got[0].StreamType, "Azure Blob Storage") +// } +// if !got[0].Enabled { +// t.Errorf("streams[0].Enabled = %v, want true", got[0].Enabled) +// } +// if got[1].Enabled { +// t.Errorf("streams[1].Enabled = %v, want false", got[1].Enabled) +// } +// } + +// func TestEnterpriseService_DeleteAuditStream(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "DELETE") +// w.WriteHeader(http.StatusNoContent) // 204 +// }) + +// ctx := context.Background() +// resp, err := client.Enterprise.DeleteAuditStream(ctx, "e", 42) +// if err != nil { +// t.Fatalf("DeleteAuditStream returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil response") +// } +// if resp.Response.StatusCode != http.StatusNoContent { +// t.Errorf("StatusCode = %d, want %d", resp.Response.StatusCode, http.StatusNoContent) +// } +// } diff --git a/github/github-accessors.go b/github/github-accessors.go index 73ff2a4f3fa..e6b5980508a 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -1654,6 +1654,30 @@ func (a *AuditEntry) GetUserID() int64 { return *a.UserID } +// GetID returns the ID field if it's non-nil, zero value otherwise. +func (a *AuditStream) GetID() int { + if a == nil || a.ID == nil { + return 0 + } + return *a.ID +} + +// GetPausedAt returns the PausedAt field if it's non-nil, zero value otherwise. +func (a *AuditStream) GetPausedAt() time.Time { + if a == nil || a.PausedAt == nil { + return time.Time{} + } + return *a.PausedAt +} + +// GetVendorSpecific returns the VendorSpecific field if it's non-nil, zero value otherwise. +func (a *AuditStream) GetVendorSpecific() map[string]string { + if a == nil || a.VendorSpecific == nil { + return map[string]string{} + } + return *a.VendorSpecific +} + // GetApp returns the App field. func (a *Authorization) GetApp() *AuthorizationApp { if a == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index ef28f61d699..3b2c8bb6ef5 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -2177,6 +2177,39 @@ func TestAuditEntry_GetUserID(tt *testing.T) { a.GetUserID() } +func TestAuditStream_GetID(tt *testing.T) { + tt.Parallel() + var zeroValue int + a := &AuditStream{ID: &zeroValue} + a.GetID() + a = &AuditStream{} + a.GetID() + a = nil + a.GetID() +} + +func TestAuditStream_GetPausedAt(tt *testing.T) { + tt.Parallel() + var zeroValue time.Time + a := &AuditStream{PausedAt: &zeroValue} + a.GetPausedAt() + a = &AuditStream{} + a.GetPausedAt() + a = nil + a.GetPausedAt() +} + +func TestAuditStream_GetVendorSpecific(tt *testing.T) { + tt.Parallel() + var zeroValue map[string]string + a := &AuditStream{VendorSpecific: &zeroValue} + a.GetVendorSpecific() + a = &AuditStream{} + a.GetVendorSpecific() + a = nil + a.GetVendorSpecific() +} + func TestAuthorization_GetApp(tt *testing.T) { tt.Parallel() a := &Authorization{} From 754bdeedb911bd5cfa34e78f7c1104e567d2bd23 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Mon, 23 Feb 2026 13:16:02 +0100 Subject: [PATCH 02/21] example added for azure blob storage, accessors re-generated / openapi operations updated --- example/auditlogstream/main.go | 180 ++++++++ github/enterprise_audit_log_stream.go | 117 +++-- github/enterprise_audit_log_stream_test.go | 431 +++++++++++------- github/github-accessors.go | 352 ++++++++++++++- github/github-accessors_test.go | 486 ++++++++++++++++++++- 5 files changed, 1346 insertions(+), 220 deletions(-) create mode 100644 example/auditlogstream/main.go diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go new file mode 100644 index 00000000000..939a3c131fa --- /dev/null +++ b/example/auditlogstream/main.go @@ -0,0 +1,180 @@ +// Copyright 2026 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// The auditlogstream command demonstrates managing enterprise audit log +// streams for Azure Blob Storage using the go-github library. +// +// Usage — create (github.com): +// +// export GITHUB_AUTH_TOKEN= +// go run main.go create \ +// -enterprise=my-enterprise \ +// -container=my-container \ +// -sas-url= +// +// Usage — create (GitHub Enterprise Server): +// +// export GITHUB_AUTH_TOKEN= +// go run main.go create \ +// -base-url=https://github.example.com/api/v3/ \ +// -enterprise=my-enterprise \ +// -container=my-container \ +// -sas-url= +// +// Usage — delete: +// +// export GITHUB_AUTH_TOKEN= +// go run main.go delete \ +// -base-url=https://github.example.com/api/v3/ \ +// -enterprise=my-enterprise \ +// -stream-id=42 +package main + +import ( + "context" + "crypto/rand" + "encoding/base64" + "flag" + "fmt" + "log" + "os" + + "github.com/google/go-github/v83/github" + "golang.org/x/crypto/nacl/box" +) + +// encryptSecret encrypts a plain-text secret using libsodium's sealed box +// (crypto_box_seal), which is what GitHub's API expects for encrypted credentials. +func encryptSecret(publicKeyB64, secret string) (string, error) { + publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKeyB64) + if err != nil { + return "", fmt.Errorf("decoding public key: %w", err) + } + if len(publicKeyBytes) != 32 { + return "", fmt.Errorf("public key must be 32 bytes, got %d", len(publicKeyBytes)) + } + var publicKey [32]byte + copy(publicKey[:], publicKeyBytes) + + encrypted, err := box.SealAnonymous(nil, []byte(secret), &publicKey, rand.Reader) + if err != nil { + return "", fmt.Errorf("encrypting secret: %w", err) + } + + return base64.StdEncoding.EncodeToString(encrypted), nil +} + +func main() { + if len(os.Args) < 2 { + fmt.Fprintf(os.Stderr, "Usage: %s [flags]\n", os.Args[0]) + os.Exit(1) + } + + switch os.Args[1] { + case "create": + runCreate(os.Args[2:]) + case "delete": + runDelete(os.Args[2:]) + default: + fmt.Fprintf(os.Stderr, "Unknown command %q. Must be one of: create, delete\n", os.Args[1]) + os.Exit(1) + } +} + +func runCreate(args []string) { + fs := flag.NewFlagSet("create", flag.ExitOnError) + baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") + enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + container := fs.String("container", "", "Azure Blob Storage container name (required).") + sasURL := fs.String("sas-url", "", "Plain-text Azure SAS URL to encrypt and submit (required).") + enabled := fs.Bool("enabled", true, "Whether the stream should be enabled immediately.") + fs.Parse(args) + + token := requireEnv("GITHUB_AUTH_TOKEN") + requireFlag("enterprise", *enterprise) + requireFlag("container", *container) + requireFlag("sas-url", *sasURL) + + ctx := context.Background() + client := newClient(token, *baseURL) + + // Step 1: Fetch the enterprise's public streaming key. + streamKey, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, *enterprise) + if err != nil { + log.Fatalf("Error fetching audit log stream key: %v", err) + } + fmt.Printf("Retrieved stream key ID: %s\n", streamKey.GetKeyID()) + + // Step 2: Encrypt the SAS URL using the public key (sealed box / crypto_box_seal). + encryptedSASURL, err := encryptSecret(streamKey.GetPublicKey(), *sasURL) + if err != nil { + log.Fatalf("Error encrypting SAS URL: %v", err) + } + fmt.Println("SAS URL encrypted successfully.") + + // Step 3: Create the audit log stream. + config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ + KeyID: streamKey.KeyID, + Container: github.Ptr(*container), + EncryptedSASURL: github.Ptr(encryptedSASURL), + }) + + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, *enterprise, config) + if err != nil { + log.Fatalf("Error creating audit log stream: %v", err) + } + + fmt.Printf("Successfully created audit log stream:\n") + fmt.Printf(" ID: %d\n", stream.GetID()) + fmt.Printf(" Type: %s\n", stream.GetStreamType()) + fmt.Printf(" Enabled: %v\n", stream.GetEnabled()) + fmt.Printf(" Created at: %v\n", stream.GetCreatedAt()) +} + +func runDelete(args []string) { + fs := flag.NewFlagSet("delete", flag.ExitOnError) + baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") + enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + streamID := fs.Int64("stream-id", 0, "ID of the audit log stream to delete (required).") + fs.Parse(args) + + token := requireEnv("GITHUB_AUTH_TOKEN") + requireFlag("enterprise", *enterprise) + if *streamID == 0 { + log.Fatal("flag -stream-id is required") + } + + ctx := context.Background() + client := newClient(token, *baseURL) + + _, err := client.Enterprise.DeleteAuditLogStream(ctx, *enterprise, *streamID) + if err != nil { + log.Fatalf("Error deleting audit log stream: %v", err) + } + + fmt.Printf("Successfully deleted audit log stream %d.\n", *streamID) +} + +func newClient(token, baseURL string) *github.Client { + client, err := github.NewClient(nil).WithAuthToken(token).WithEnterpriseURLs(baseURL, baseURL) + if err != nil { + log.Fatalf("Error creating GitHub client: %v", err) + } + return client +} + +func requireEnv(name string) string { + val := os.Getenv(name) + if val == "" { + log.Fatalf("environment variable %s is not set", name) + } + return val +} + +func requireFlag(name, val string) { + if val == "" { + log.Fatalf("flag -%s is required", name) + } +} diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index b54e970f50b..6e18b9f558b 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -7,22 +7,21 @@ package github import ( "context" - "encoding/json" "fmt" ) // AuditLogStream represents an audit log stream configuration for an enterprise. type AuditLogStream struct { - ID *int64 `json:"id,omitempty"` - StreamType *string `json:"stream_type,omitempty"` - StreamDetails json.RawMessage `json:"stream_details,omitempty"` - Enabled *bool `json:"enabled,omitempty"` - CreatedAt *Timestamp `json:"created_at,omitempty"` - UpdatedAt *Timestamp `json:"updated_at,omitempty"` - PausedAt *Timestamp `json:"paused_at,omitempty"` + ID *int64 `json:"id,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + StreamDetails *string `json:"stream_details,omitempty"` + Enabled *bool `json:"enabled,omitempty"` + CreatedAt *Timestamp `json:"created_at,omitempty"` + UpdatedAt *Timestamp `json:"updated_at,omitempty"` + PausedAt *Timestamp `json:"paused_at,omitempty"` } -// AuditLogStreamConfig represents a configuration for creating/updating an audit log stream. +// AuditLogStreamConfig represents a configuration for creating or updating an audit log stream. type AuditLogStreamConfig struct { Enabled *bool `json:"enabled,omitempty"` StreamType *string `json:"stream_type,omitempty"` @@ -35,40 +34,46 @@ type AuditLogStreamVendorConfig interface { isAuditLogStreamVendorConfig() } -// AzureBlobConfig represents vendor specific config for Azure Blob Storage. +// AuditLogStreamKey represents the public key used to encrypt secrets for audit log streaming. +type AuditLogStreamKey struct { + KeyID *string `json:"key_id,omitempty"` + PublicKey *string `json:"key,omitempty"` +} + +// AzureBlobConfig represents vendor-specific config for Azure Blob Storage. type AzureBlobConfig struct { KeyID *string `json:"key_id,omitempty"` EncryptedSASURL *string `json:"encrypted_sas_url,omitempty"` Container *string `json:"container,omitempty"` } -// AzureHubConfig represents vendor specific config for Azure Event Hubs. +// AzureHubConfig represents vendor-specific config for Azure Event Hubs. type AzureHubConfig struct { Name *string `json:"name,omitempty"` EncryptedConnString *string `json:"encrypted_connstring,omitempty"` KeyID *string `json:"key_id,omitempty"` } -// AmazonS3OIDCConfig represents vendor specific config for Amazon S3 with OIDC authentication. +// AmazonS3OIDCConfig represents vendor-specific config for Amazon S3 with OIDC authentication. type AmazonS3OIDCConfig struct { Bucket *string `json:"bucket,omitempty"` Region *string `json:"region,omitempty"` KeyID *string `json:"key_id,omitempty"` - AuthenticationType *string `json:"authentication_type,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "oidc" ARNRole *string `json:"arn_role,omitempty"` } -// AmazonS3AccessKeysConfig represents vendor specific config for Amazon S3 with access keys authentication. +// AmazonS3AccessKeysConfig represents vendor-specific config for Amazon S3 with access key authentication. type AmazonS3AccessKeysConfig struct { Bucket *string `json:"bucket,omitempty"` Region *string `json:"region,omitempty"` KeyID *string `json:"key_id,omitempty"` - AuthenticationType *string `json:"authentication_type,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "access_keys" EncryptedSecretKey *string `json:"encrypted_secret_key,omitempty"` EncryptedAccessKeyID *string `json:"encrypted_access_key_id,omitempty"` } -// SplunkConfig represents vendor specific config for Splunk. +// SplunkConfig represents vendor-specific config for Splunk. type SplunkConfig struct { Domain *string `json:"domain,omitempty"` Port *uint16 `json:"port,omitempty"` @@ -77,7 +82,7 @@ type SplunkConfig struct { SSLVerify *bool `json:"ssl_verify,omitempty"` } -// HecConfig represents vendor specific config for HTTPS Event Collector. +// HecConfig represents vendor-specific config for an HTTPS Event Collector (HEC) endpoint. type HecConfig struct { Domain *string `json:"domain,omitempty"` Port *uint16 `json:"port,omitempty"` @@ -87,17 +92,17 @@ type HecConfig struct { SSLVerify *bool `json:"ssl_verify,omitempty"` } -// GoogleCloudConfig represents vendor specific config for Google Cloud Storage. +// GoogleCloudConfig represents vendor-specific config for Google Cloud Storage. type GoogleCloudConfig struct { Bucket *string `json:"bucket,omitempty"` KeyID *string `json:"key_id,omitempty"` EncryptedJSONCredentials *string `json:"encrypted_json_credentials,omitempty"` } -// DatadogConfig represents vendor specific config for Datadog. +// DatadogConfig represents vendor-specific config for Datadog. type DatadogConfig struct { EncryptedToken *string `json:"encrypted_token,omitempty"` - Site *string `json:"site,omitempty"` // Can be one of: US, US3, US5, EU1, US1-FED, AP1 + Site *string `json:"site,omitempty"` // One of: US, US3, US5, EU1, US1-FED, AP1 KeyID *string `json:"key_id,omitempty"` } @@ -111,29 +116,29 @@ func (*HecConfig) isAuditLogStreamVendorConfig() {} func (*GoogleCloudConfig) isAuditLogStreamVendorConfig() {} func (*DatadogConfig) isAuditLogStreamVendorConfig() {} -// Helper functions for constructing AuditLogStreamConfig per vendor type. +// Helper constructors for AuditLogStreamConfig. // NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { - streamType := "AzureBlobStorage" + streamType := "Azure Blob Storage" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } // NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { - streamType := "AzureHubs" + streamType := "Azure Event Hubs" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } // NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { - streamType := "AmazonS3" + streamType := "Amazon S3" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } -// NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access keys auth. +// NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access key auth. func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { - streamType := "AmazonS3" + streamType := "Amazon S3" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } @@ -143,15 +148,15 @@ func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfi return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } -// NewHecStreamConfig returns an AuditLogStreamConfig for HTTPS Event Collector. +// NewHecStreamConfig returns an AuditLogStreamConfig for an HTTPS Event Collector endpoint. func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { - streamType := "Hec" + streamType := "HTTPS Event Collector" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } // NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { - streamType := "GoogleCloudStorage" + streamType := "Google Cloud Storage" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } @@ -161,6 +166,30 @@ func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamCon return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } +// GetAuditLogStreamKey retrieves the public key used to encrypt secrets for audit log streaming. +// Credentials must be encrypted with this key before being submitted via CreateAuditLogStream +// or UpdateAuditLogStream. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-streaming-key-for-an-enterprise +// +//meta:operation GET /enterprises/{enterprise}/audit-log/stream-key +func (s *EnterpriseService) GetAuditLogStreamKey(ctx context.Context, enterprise string) (*AuditLogStreamKey, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/stream-key", enterprise) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + var key *AuditLogStreamKey + resp, err := s.client.Do(ctx, req, &key) + if err != nil { + return nil, resp, err + } + + return key, resp, nil +} + // ListAuditLogStreams lists the audit log stream configurations for an enterprise. // // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#list-audit-log-stream-configurations-for-an-enterprise @@ -183,15 +212,15 @@ func (s *EnterpriseService) ListAuditLogStreams(ctx context.Context, enterprise return streams, resp, nil } -// CreateAuditLogStream creates an audit log streaming configuration for an enterprise. +// GetAuditLogStream gets a single audit log stream configuration for an enterprise. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise // -//meta:operation POST /enterprises/{enterprise}/audit-log/streams -func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { - u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) +//meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) - req, err := s.client.NewRequest("POST", u, config) + req, err := s.client.NewRequest("GET", u, nil) if err != nil { return nil, nil, err } @@ -205,15 +234,16 @@ func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise return stream, resp, nil } -// GetAuditLogStream gets an audit log streaming configuration for an enterprise. +// CreateAuditLogStream creates an audit log streaming configuration for an enterprise. +// Credentials in the config must be encrypted using the key returned by GetAuditLogStreamKey. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise // -//meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} -func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { - u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) +//meta:operation POST /enterprises/{enterprise}/audit-log/streams +func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) - req, err := s.client.NewRequest("GET", u, nil) + req, err := s.client.NewRequest("POST", u, config) if err != nil { return nil, nil, err } @@ -227,7 +257,8 @@ func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise st return stream, resp, nil } -// UpdateAuditLogStream updates an audit log streaming configuration for an enterprise. +// UpdateAuditLogStream updates an existing audit log stream configuration for an enterprise. +// Credentials in the config must be encrypted using the key returned by GetAuditLogStreamKey. // // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-audit-log-streaming-configuration-for-an-enterprise // @@ -249,7 +280,7 @@ func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise return stream, resp, nil } -// DeleteAuditLogStream deletes an audit log streaming configuration for an enterprise. +// DeleteAuditLogStream deletes an audit log stream configuration for an enterprise. // // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#delete-an-audit-log-streaming-configuration-for-an-enterprise // diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index b0f59441690..d29cf8c02f9 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -1,160 +1,283 @@ -// Copyright 2021 The go-github AUTHORS. All rights reserved. +// Copyright 2026 The go-github AUTHORS. All rights reserved. // // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package github -// func TestEnterpriseService_CreateAuditStream(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "POST") - -// fmt.Fprint(w, `{ -// "id": 1, -// "stream_type": "Azure Blob Storage", -// "stream_details": "US", -// "enabled": true, -// "created_at": "2024-06-06T08:00:00Z", -// "updated_at": "2024-06-06T08:00:00Z", -// "paused_at": null -// }`) -// }) - -// ctx := context.Background() -// config := &AuditStreamConfig{ -// Enabled: true, -// StreamType: "Azure Blob Storage", -// VendorSpecific: AzureBlobConfig{ -// KeyID: "123", -// EncryptedSASURL: "base64-encrypted-sas-url", -// }, -// } - -// stream, resp, err := client.Enterprise.CreateAuditStream(ctx, "e", config) -// if err != nil { -// t.Fatalf("CreateAuditStream returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil HTTP response") -// } -// if stream == nil { -// t.Fatal("expected non-nil AuditStreamEntry") -// } -// if stream.ID != 1 { -// t.Errorf("ID = %d, want 1", stream.ID) -// } -// if stream.StreamType != "Azure Blob Storage" { -// t.Errorf("StreamType = %q, want %q", stream.StreamType, "Azure Blob Storage") -// } -// if !stream.Enabled { -// t.Errorf("Enabled = %v, want true", stream.Enabled) -// } -// } - -// func TestEnterpriseService_GetAuditStream(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "GET") -// testHeader(t, r, "Accept", "application/vnd.github+json") -// fmt.Fprint(w, `{"id":42,"stream_type":"Azure Blob Storage","enabled":true}`) -// }) - -// got, resp, err := client.Enterprise.GetAuditStream(context.Background(), "e", 42) -// if err != nil { -// t.Fatalf("GetAuditStream returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil response") -// } -// if got == nil || got.ID != 42 || !got.Enabled || got.StreamType != "Azure Blob Storage" { -// t.Fatalf("unexpected stream: %+v", got) -// } -// } - -// func TestEnterpriseService_ListAuditStreams(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "GET") -// fmt.Fprint(w, `[ -// { -// "id": 1, -// "stream_type": "Azure Blob Storage", -// "stream_details": "US", -// "enabled": true, -// "created_at": "2024-06-06T08:00:00Z", -// "updated_at": "2024-06-06T08:00:00Z", -// "paused_at": null, -// "vendor_specific": { -// "key_id": "k1", -// "encrypted_sas_url": "enc1" -// } -// }, -// { -// "id": 2, -// "stream_type": "Azure Blob Storage", -// "stream_details": "EU", -// "enabled": false, -// "created_at": "2024-06-07T08:00:00Z", -// "updated_at": "2024-06-07T08:00:00Z", -// "paused_at": null, -// "vendor_specific": { -// "key_id": "k2", -// "encrypted_sas_url": "enc2" -// } -// } -// ]`) -// }) - -// ctx := context.Background() -// got, resp, err := client.Enterprise.ListAuditStreams(ctx, "e") -// if err != nil { -// t.Fatalf("ListAuditStreams returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil response") -// } -// if len(got) != 2 { -// t.Fatalf("len(streams) = %d, want 2", len(got)) -// } -// if got[0].ID != 1 { -// t.Errorf("streams[0].ID = %d, want 1", got[0].ID) -// } -// if got[0].StreamType != "Azure Blob Storage" { -// t.Errorf("streams[0].StreamType = %q, want %q", got[0].StreamType, "Azure Blob Storage") -// } -// if !got[0].Enabled { -// t.Errorf("streams[0].Enabled = %v, want true", got[0].Enabled) -// } -// if got[1].Enabled { -// t.Errorf("streams[1].Enabled = %v, want false", got[1].Enabled) -// } -// } - -// func TestEnterpriseService_DeleteAuditStream(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "DELETE") -// w.WriteHeader(http.StatusNoContent) // 204 -// }) - -// ctx := context.Background() -// resp, err := client.Enterprise.DeleteAuditStream(ctx, "e", 42) -// if err != nil { -// t.Fatalf("DeleteAuditStream returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil response") -// } -// if resp.Response.StatusCode != http.StatusNoContent { -// t.Errorf("StatusCode = %d, want %d", resp.Response.StatusCode, http.StatusNoContent) -// } -// } +import ( + "context" + "fmt" + "net/http" + "testing" + + "github.com/google/go-cmp/cmp" +) + +func TestEnterpriseService_GetAuditLogStreamKey(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/stream-key", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `{"key_id":"1234","key":"2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"}`) + }) + + ctx := context.Background() + key, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, "e") + if err != nil { + t.Errorf("Enterprise.GetAuditLogStreamKey returned error: %v", err) + } + + want := &AuditLogStreamKey{ + KeyID: Ptr("1234"), + PublicKey: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), + } + if !cmp.Equal(key, want) { + t.Errorf("Enterprise.GetAuditLogStreamKey returned %+v, want %+v", key, want) + } + + const methodName = "GetAuditLogStreamKey" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.GetAuditLogStreamKey(ctx, "\n") + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.GetAuditLogStreamKey(ctx, "e") + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_ListAuditLogStreams(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `[{"id":1,"stream_type":"Splunk","stream_details":"US","enabled":true}]`) + }) + + ctx := context.Background() + streams, _, err := client.Enterprise.ListAuditLogStreams(ctx, "e") + if err != nil { + t.Errorf("Enterprise.ListAuditLogStreams returned error: %v", err) + } + + want := []*AuditLogStream{ + { + ID: Ptr(int64(1)), + StreamType: Ptr("Splunk"), + StreamDetails: Ptr("US"), + Enabled: Ptr(true), + }, + } + if !cmp.Equal(streams, want) { + t.Errorf("Enterprise.ListAuditLogStreams returned %+v, want %+v", streams, want) + } + + const methodName = "ListAuditLogStreams" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.ListAuditLogStreams(ctx, "\n") + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.ListAuditLogStreams(ctx, "e") + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_GetAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `{"id":1,"stream_type":"Datadog","stream_details":"US","enabled":true}`) + }) + + ctx := context.Background() + stream, _, err := client.Enterprise.GetAuditLogStream(ctx, "e", 1) + if err != nil { + t.Errorf("Enterprise.GetAuditLogStream returned error: %v", err) + } + + want := &AuditLogStream{ + ID: Ptr(int64(1)), + StreamType: Ptr("Datadog"), + StreamDetails: Ptr("US"), + Enabled: Ptr(true), + } + if !cmp.Equal(stream, want) { + t.Errorf("Enterprise.GetAuditLogStream returned %+v, want %+v", stream, want) + } + + const methodName = "GetAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.GetAuditLogStream(ctx, "\n", 1) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.GetAuditLogStream(ctx, "e", 1) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "POST") + fmt.Fprint(w, `{"id":2,"stream_type":"Datadog","stream_details":"US3","enabled":false}`) + }) + + input := NewDatadogStreamConfig(false, &DatadogConfig{ + EncryptedToken: Ptr("ENCRYPTED"), + Site: Ptr("US3"), + KeyID: Ptr("v1"), + }) + + ctx := context.Background() + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) + if err != nil { + t.Errorf("Enterprise.CreateAuditLogStream returned error: %v", err) + } + + want := &AuditLogStream{ + ID: Ptr(int64(2)), + StreamType: Ptr("Datadog"), + StreamDetails: Ptr("US3"), + Enabled: Ptr(false), + } + if !cmp.Equal(stream, want) { + t.Errorf("Enterprise.CreateAuditLogStream returned %+v, want %+v", stream, want) + } + + const methodName = "CreateAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.CreateAuditLogStream(ctx, "\n", input) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PATCH") + fmt.Fprint(w, `{"id":1,"stream_type":"Splunk","stream_details":"splunk.example.com","enabled":true}`) + }) + + input := NewSplunkStreamConfig(true, &SplunkConfig{ + Domain: Ptr("splunk.example.com"), + Port: Ptr(uint16(8089)), + KeyID: Ptr("v1"), + EncryptedToken: Ptr("ENCRYPTED"), + SSLVerify: Ptr(true), + }) + + ctx := context.Background() + stream, _, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) + if err != nil { + t.Errorf("Enterprise.UpdateAuditLogStream returned error: %v", err) + } + + want := &AuditLogStream{ + ID: Ptr(int64(1)), + StreamType: Ptr("Splunk"), + StreamDetails: Ptr("splunk.example.com"), + Enabled: Ptr(true), + } + if !cmp.Equal(stream, want) { + t.Errorf("Enterprise.UpdateAuditLogStream returned %+v, want %+v", stream, want) + } + + const methodName = "UpdateAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.UpdateAuditLogStream(ctx, "\n", 1, input) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_DeleteAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + }) + + ctx := context.Background() + _, err := client.Enterprise.DeleteAuditLogStream(ctx, "e", 1) + if err != nil { + t.Errorf("Enterprise.DeleteAuditLogStream returned error: %v", err) + } + + const methodName = "DeleteAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, err = client.Enterprise.DeleteAuditLogStream(ctx, "\n", 1) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Enterprise.DeleteAuditLogStream(ctx, "e", 1) + }) +} + +func TestNewAzureBlobStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AzureBlobConfig{ + KeyID: Ptr("v1"), + EncryptedSASURL: Ptr("ENCRYPTED"), + Container: Ptr("my-container"), + } + got := NewAzureBlobStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Azure Blob Storage" { + t.Errorf("NewAzureBlobStreamConfig StreamType = %v, want Azure Blob Storage", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific != cfg { + t.Errorf("NewAzureBlobStreamConfig VendorSpecific = %v, want %v", got.VendorSpecific, cfg) + } +} + +func TestNewDatadogStreamConfig(t *testing.T) { + t.Parallel() + cfg := &DatadogConfig{ + EncryptedToken: Ptr("ENCRYPTED"), + Site: Ptr("US"), + KeyID: Ptr("v1"), + } + got := NewDatadogStreamConfig(false, cfg) + if got.StreamType == nil || *got.StreamType != "Datadog" { + t.Errorf("NewDatadogStreamConfig StreamType = %v, want Datadog", got.StreamType) + } + if got.Enabled == nil || *got.Enabled { + t.Errorf("NewDatadogStreamConfig Enabled = %v, want false", got.Enabled) + } +} diff --git a/github/github-accessors.go b/github/github-accessors.go index e6b5980508a..d445d8a9560 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -766,6 +766,94 @@ func (a *AllowForkSyncing) GetEnabled() bool { return *a.Enabled } +// GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetAuthenticationType() string { + if a == nil || a.AuthenticationType == nil { + return "" + } + return *a.AuthenticationType +} + +// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetBucket() string { + if a == nil || a.Bucket == nil { + return "" + } + return *a.Bucket +} + +// GetEncryptedAccessKeyID returns the EncryptedAccessKeyID field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetEncryptedAccessKeyID() string { + if a == nil || a.EncryptedAccessKeyID == nil { + return "" + } + return *a.EncryptedAccessKeyID +} + +// GetEncryptedSecretKey returns the EncryptedSecretKey field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetEncryptedSecretKey() string { + if a == nil || a.EncryptedSecretKey == nil { + return "" + } + return *a.EncryptedSecretKey +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetRegion returns the Region field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetRegion() string { + if a == nil || a.Region == nil { + return "" + } + return *a.Region +} + +// GetARNRole returns the ARNRole field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetARNRole() string { + if a == nil || a.ARNRole == nil { + return "" + } + return *a.ARNRole +} + +// GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetAuthenticationType() string { + if a == nil || a.AuthenticationType == nil { + return "" + } + return *a.AuthenticationType +} + +// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetBucket() string { + if a == nil || a.Bucket == nil { + return "" + } + return *a.Bucket +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetRegion returns the Region field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetRegion() string { + if a == nil || a.Region == nil { + return "" + } + return *a.Region +} + // GetRef returns the Ref field if it's non-nil, zero value otherwise. func (a *AnalysesListOptions) GetRef() string { if a == nil || a.Ref == nil { @@ -1654,8 +1742,24 @@ func (a *AuditEntry) GetUserID() int64 { return *a.UserID } +// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetCreatedAt() Timestamp { + if a == nil || a.CreatedAt == nil { + return Timestamp{} + } + return *a.CreatedAt +} + +// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetEnabled() bool { + if a == nil || a.Enabled == nil { + return false + } + return *a.Enabled +} + // GetID returns the ID field if it's non-nil, zero value otherwise. -func (a *AuditStream) GetID() int { +func (a *AuditLogStream) GetID() int64 { if a == nil || a.ID == nil { return 0 } @@ -1663,19 +1767,67 @@ func (a *AuditStream) GetID() int { } // GetPausedAt returns the PausedAt field if it's non-nil, zero value otherwise. -func (a *AuditStream) GetPausedAt() time.Time { +func (a *AuditLogStream) GetPausedAt() Timestamp { if a == nil || a.PausedAt == nil { - return time.Time{} + return Timestamp{} } return *a.PausedAt } -// GetVendorSpecific returns the VendorSpecific field if it's non-nil, zero value otherwise. -func (a *AuditStream) GetVendorSpecific() map[string]string { - if a == nil || a.VendorSpecific == nil { - return map[string]string{} +// GetStreamDetails returns the StreamDetails field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetStreamDetails() string { + if a == nil || a.StreamDetails == nil { + return "" } - return *a.VendorSpecific + return *a.StreamDetails +} + +// GetStreamType returns the StreamType field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetStreamType() string { + if a == nil || a.StreamType == nil { + return "" + } + return *a.StreamType +} + +// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetUpdatedAt() Timestamp { + if a == nil || a.UpdatedAt == nil { + return Timestamp{} + } + return *a.UpdatedAt +} + +// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamConfig) GetEnabled() bool { + if a == nil || a.Enabled == nil { + return false + } + return *a.Enabled +} + +// GetStreamType returns the StreamType field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamConfig) GetStreamType() string { + if a == nil || a.StreamType == nil { + return "" + } + return *a.StreamType +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetPublicKey returns the PublicKey field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetPublicKey() string { + if a == nil || a.PublicKey == nil { + return "" + } + return *a.PublicKey } // GetApp returns the App field. @@ -1966,6 +2118,54 @@ func (a *AutoTriggerCheck) GetSetting() bool { return *a.Setting } +// GetContainer returns the Container field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetContainer() string { + if a == nil || a.Container == nil { + return "" + } + return *a.Container +} + +// GetEncryptedSASURL returns the EncryptedSASURL field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetEncryptedSASURL() string { + if a == nil || a.EncryptedSASURL == nil { + return "" + } + return *a.EncryptedSASURL +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetEncryptedConnString returns the EncryptedConnString field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetEncryptedConnString() string { + if a == nil || a.EncryptedConnString == nil { + return "" + } + return *a.EncryptedConnString +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetName returns the Name field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetName() string { + if a == nil || a.Name == nil { + return "" + } + return *a.Name +} + // GetContent returns the Content field if it's non-nil, zero value otherwise. func (b *Blob) GetContent() string { if b == nil || b.Content == nil { @@ -7678,6 +7878,30 @@ func (c *CustomRepoRoles) GetUpdatedAt() Timestamp { return *c.UpdatedAt } +// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. +func (d *DatadogConfig) GetEncryptedToken() string { + if d == nil || d.EncryptedToken == nil { + return "" + } + return *d.EncryptedToken +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (d *DatadogConfig) GetKeyID() string { + if d == nil || d.KeyID == nil { + return "" + } + return *d.KeyID +} + +// GetSite returns the Site field if it's non-nil, zero value otherwise. +func (d *DatadogConfig) GetSite() string { + if d == nil || d.Site == nil { + return "" + } + return *d.Site +} + // GetQuerySuite returns the QuerySuite field if it's non-nil, zero value otherwise. func (d *DefaultSetupConfiguration) GetQuerySuite() string { if d == nil || d.QuerySuite == nil { @@ -11118,6 +11342,30 @@ func (g *GollumEvent) GetSender() *User { return g.Sender } +// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. +func (g *GoogleCloudConfig) GetBucket() string { + if g == nil || g.Bucket == nil { + return "" + } + return *g.Bucket +} + +// GetEncryptedJSONCredentials returns the EncryptedJSONCredentials field if it's non-nil, zero value otherwise. +func (g *GoogleCloudConfig) GetEncryptedJSONCredentials() string { + if g == nil || g.EncryptedJSONCredentials == nil { + return "" + } + return *g.EncryptedJSONCredentials +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (g *GoogleCloudConfig) GetKeyID() string { + if g == nil || g.KeyID == nil { + return "" + } + return *g.KeyID +} + // GetEmail returns the Email field if it's non-nil, zero value otherwise. func (g *GPGEmail) GetEmail() string { if g == nil || g.Email == nil { @@ -11334,6 +11582,54 @@ func (h *HeadCommit) GetURL() string { return *h.URL } +// GetDomain returns the Domain field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetDomain() string { + if h == nil || h.Domain == nil { + return "" + } + return *h.Domain +} + +// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetEncryptedToken() string { + if h == nil || h.EncryptedToken == nil { + return "" + } + return *h.EncryptedToken +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetKeyID() string { + if h == nil || h.KeyID == nil { + return "" + } + return *h.KeyID +} + +// GetPath returns the Path field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetPath() string { + if h == nil || h.Path == nil { + return "" + } + return *h.Path +} + +// GetPort returns the Port field. +func (h *HecConfig) GetPort() *uint16 { + if h == nil { + return nil + } + return h.Port +} + +// GetSSLVerify returns the SSLVerify field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetSSLVerify() bool { + if h == nil || h.SSLVerify == nil { + return false + } + return *h.SSLVerify +} + // GetActive returns the Active field if it's non-nil, zero value otherwise. func (h *Hook) GetActive() bool { if h == nil || h.Active == nil { @@ -28654,6 +28950,46 @@ func (s *SourceImportAuthor) GetURL() string { return *s.URL } +// GetDomain returns the Domain field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetDomain() string { + if s == nil || s.Domain == nil { + return "" + } + return *s.Domain +} + +// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetEncryptedToken() string { + if s == nil || s.EncryptedToken == nil { + return "" + } + return *s.EncryptedToken +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetKeyID() string { + if s == nil || s.KeyID == nil { + return "" + } + return *s.KeyID +} + +// GetPort returns the Port field. +func (s *SplunkConfig) GetPort() *uint16 { + if s == nil { + return nil + } + return s.Port +} + +// GetSSLVerify returns the SSLVerify field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetSSLVerify() bool { + if s == nil || s.SSLVerify == nil { + return false + } + return *s.SSLVerify +} + // GetPrivacyLevel returns the PrivacyLevel field if it's non-nil, zero value otherwise. func (s *SponsorshipChanges) GetPrivacyLevel() string { if s == nil || s.PrivacyLevel == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index 3b2c8bb6ef5..0455769026d 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -980,6 +980,127 @@ func TestAllowForkSyncing_GetEnabled(tt *testing.T) { a.GetEnabled() } +func TestAmazonS3AccessKeysConfig_GetAuthenticationType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{AuthenticationType: &zeroValue} + a.GetAuthenticationType() + a = &AmazonS3AccessKeysConfig{} + a.GetAuthenticationType() + a = nil + a.GetAuthenticationType() +} + +func TestAmazonS3AccessKeysConfig_GetBucket(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{Bucket: &zeroValue} + a.GetBucket() + a = &AmazonS3AccessKeysConfig{} + a.GetBucket() + a = nil + a.GetBucket() +} + +func TestAmazonS3AccessKeysConfig_GetEncryptedAccessKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{EncryptedAccessKeyID: &zeroValue} + a.GetEncryptedAccessKeyID() + a = &AmazonS3AccessKeysConfig{} + a.GetEncryptedAccessKeyID() + a = nil + a.GetEncryptedAccessKeyID() +} + +func TestAmazonS3AccessKeysConfig_GetEncryptedSecretKey(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{EncryptedSecretKey: &zeroValue} + a.GetEncryptedSecretKey() + a = &AmazonS3AccessKeysConfig{} + a.GetEncryptedSecretKey() + a = nil + a.GetEncryptedSecretKey() +} + +func TestAmazonS3AccessKeysConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AmazonS3AccessKeysConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAmazonS3AccessKeysConfig_GetRegion(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{Region: &zeroValue} + a.GetRegion() + a = &AmazonS3AccessKeysConfig{} + a.GetRegion() + a = nil + a.GetRegion() +} + +func TestAmazonS3OIDCConfig_GetARNRole(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{ARNRole: &zeroValue} + a.GetARNRole() + a = &AmazonS3OIDCConfig{} + a.GetARNRole() + a = nil + a.GetARNRole() +} + +func TestAmazonS3OIDCConfig_GetAuthenticationType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{AuthenticationType: &zeroValue} + a.GetAuthenticationType() + a = &AmazonS3OIDCConfig{} + a.GetAuthenticationType() + a = nil + a.GetAuthenticationType() +} + +func TestAmazonS3OIDCConfig_GetBucket(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{Bucket: &zeroValue} + a.GetBucket() + a = &AmazonS3OIDCConfig{} + a.GetBucket() + a = nil + a.GetBucket() +} + +func TestAmazonS3OIDCConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AmazonS3OIDCConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAmazonS3OIDCConfig_GetRegion(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{Region: &zeroValue} + a.GetRegion() + a = &AmazonS3OIDCConfig{} + a.GetRegion() + a = nil + a.GetRegion() +} + func TestAnalysesListOptions_GetRef(tt *testing.T) { tt.Parallel() var zeroValue string @@ -2177,37 +2298,125 @@ func TestAuditEntry_GetUserID(tt *testing.T) { a.GetUserID() } -func TestAuditStream_GetID(tt *testing.T) { +func TestAuditLogStream_GetCreatedAt(tt *testing.T) { tt.Parallel() - var zeroValue int - a := &AuditStream{ID: &zeroValue} + var zeroValue Timestamp + a := &AuditLogStream{CreatedAt: &zeroValue} + a.GetCreatedAt() + a = &AuditLogStream{} + a.GetCreatedAt() + a = nil + a.GetCreatedAt() +} + +func TestAuditLogStream_GetEnabled(tt *testing.T) { + tt.Parallel() + var zeroValue bool + a := &AuditLogStream{Enabled: &zeroValue} + a.GetEnabled() + a = &AuditLogStream{} + a.GetEnabled() + a = nil + a.GetEnabled() +} + +func TestAuditLogStream_GetID(tt *testing.T) { + tt.Parallel() + var zeroValue int64 + a := &AuditLogStream{ID: &zeroValue} a.GetID() - a = &AuditStream{} + a = &AuditLogStream{} a.GetID() a = nil a.GetID() } -func TestAuditStream_GetPausedAt(tt *testing.T) { +func TestAuditLogStream_GetPausedAt(tt *testing.T) { tt.Parallel() - var zeroValue time.Time - a := &AuditStream{PausedAt: &zeroValue} + var zeroValue Timestamp + a := &AuditLogStream{PausedAt: &zeroValue} a.GetPausedAt() - a = &AuditStream{} + a = &AuditLogStream{} a.GetPausedAt() a = nil a.GetPausedAt() } -func TestAuditStream_GetVendorSpecific(tt *testing.T) { +func TestAuditLogStream_GetStreamDetails(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStream{StreamDetails: &zeroValue} + a.GetStreamDetails() + a = &AuditLogStream{} + a.GetStreamDetails() + a = nil + a.GetStreamDetails() +} + +func TestAuditLogStream_GetStreamType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStream{StreamType: &zeroValue} + a.GetStreamType() + a = &AuditLogStream{} + a.GetStreamType() + a = nil + a.GetStreamType() +} + +func TestAuditLogStream_GetUpdatedAt(tt *testing.T) { + tt.Parallel() + var zeroValue Timestamp + a := &AuditLogStream{UpdatedAt: &zeroValue} + a.GetUpdatedAt() + a = &AuditLogStream{} + a.GetUpdatedAt() + a = nil + a.GetUpdatedAt() +} + +func TestAuditLogStreamConfig_GetEnabled(tt *testing.T) { tt.Parallel() - var zeroValue map[string]string - a := &AuditStream{VendorSpecific: &zeroValue} - a.GetVendorSpecific() - a = &AuditStream{} - a.GetVendorSpecific() + var zeroValue bool + a := &AuditLogStreamConfig{Enabled: &zeroValue} + a.GetEnabled() + a = &AuditLogStreamConfig{} + a.GetEnabled() + a = nil + a.GetEnabled() +} + +func TestAuditLogStreamConfig_GetStreamType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStreamConfig{StreamType: &zeroValue} + a.GetStreamType() + a = &AuditLogStreamConfig{} + a.GetStreamType() a = nil - a.GetVendorSpecific() + a.GetStreamType() +} + +func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStreamKey{KeyID: &zeroValue} + a.GetKeyID() + a = &AuditLogStreamKey{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAuditLogStreamKey_GetPublicKey(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStreamKey{PublicKey: &zeroValue} + a.GetPublicKey() + a = &AuditLogStreamKey{} + a.GetPublicKey() + a = nil + a.GetPublicKey() } func TestAuthorization_GetApp(tt *testing.T) { @@ -2600,6 +2809,72 @@ func TestAutoTriggerCheck_GetSetting(tt *testing.T) { a.GetSetting() } +func TestAzureBlobConfig_GetContainer(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureBlobConfig{Container: &zeroValue} + a.GetContainer() + a = &AzureBlobConfig{} + a.GetContainer() + a = nil + a.GetContainer() +} + +func TestAzureBlobConfig_GetEncryptedSASURL(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureBlobConfig{EncryptedSASURL: &zeroValue} + a.GetEncryptedSASURL() + a = &AzureBlobConfig{} + a.GetEncryptedSASURL() + a = nil + a.GetEncryptedSASURL() +} + +func TestAzureBlobConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureBlobConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AzureBlobConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAzureHubConfig_GetEncryptedConnString(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureHubConfig{EncryptedConnString: &zeroValue} + a.GetEncryptedConnString() + a = &AzureHubConfig{} + a.GetEncryptedConnString() + a = nil + a.GetEncryptedConnString() +} + +func TestAzureHubConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureHubConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AzureHubConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAzureHubConfig_GetName(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureHubConfig{Name: &zeroValue} + a.GetName() + a = &AzureHubConfig{} + a.GetName() + a = nil + a.GetName() +} + func TestBlob_GetContent(tt *testing.T) { tt.Parallel() var zeroValue string @@ -10043,6 +10318,39 @@ func TestCustomRepoRoles_GetUpdatedAt(tt *testing.T) { c.GetUpdatedAt() } +func TestDatadogConfig_GetEncryptedToken(tt *testing.T) { + tt.Parallel() + var zeroValue string + d := &DatadogConfig{EncryptedToken: &zeroValue} + d.GetEncryptedToken() + d = &DatadogConfig{} + d.GetEncryptedToken() + d = nil + d.GetEncryptedToken() +} + +func TestDatadogConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + d := &DatadogConfig{KeyID: &zeroValue} + d.GetKeyID() + d = &DatadogConfig{} + d.GetKeyID() + d = nil + d.GetKeyID() +} + +func TestDatadogConfig_GetSite(tt *testing.T) { + tt.Parallel() + var zeroValue string + d := &DatadogConfig{Site: &zeroValue} + d.GetSite() + d = &DatadogConfig{} + d.GetSite() + d = nil + d.GetSite() +} + func TestDefaultSetupConfiguration_GetQuerySuite(tt *testing.T) { tt.Parallel() var zeroValue string @@ -14443,6 +14751,39 @@ func TestGollumEvent_GetSender(tt *testing.T) { g.GetSender() } +func TestGoogleCloudConfig_GetBucket(tt *testing.T) { + tt.Parallel() + var zeroValue string + g := &GoogleCloudConfig{Bucket: &zeroValue} + g.GetBucket() + g = &GoogleCloudConfig{} + g.GetBucket() + g = nil + g.GetBucket() +} + +func TestGoogleCloudConfig_GetEncryptedJSONCredentials(tt *testing.T) { + tt.Parallel() + var zeroValue string + g := &GoogleCloudConfig{EncryptedJSONCredentials: &zeroValue} + g.GetEncryptedJSONCredentials() + g = &GoogleCloudConfig{} + g.GetEncryptedJSONCredentials() + g = nil + g.GetEncryptedJSONCredentials() +} + +func TestGoogleCloudConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + g := &GoogleCloudConfig{KeyID: &zeroValue} + g.GetKeyID() + g = &GoogleCloudConfig{} + g.GetKeyID() + g = nil + g.GetKeyID() +} + func TestGPGEmail_GetEmail(tt *testing.T) { tt.Parallel() var zeroValue string @@ -14731,6 +15072,69 @@ func TestHeadCommit_GetURL(tt *testing.T) { h.GetURL() } +func TestHecConfig_GetDomain(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{Domain: &zeroValue} + h.GetDomain() + h = &HecConfig{} + h.GetDomain() + h = nil + h.GetDomain() +} + +func TestHecConfig_GetEncryptedToken(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{EncryptedToken: &zeroValue} + h.GetEncryptedToken() + h = &HecConfig{} + h.GetEncryptedToken() + h = nil + h.GetEncryptedToken() +} + +func TestHecConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{KeyID: &zeroValue} + h.GetKeyID() + h = &HecConfig{} + h.GetKeyID() + h = nil + h.GetKeyID() +} + +func TestHecConfig_GetPath(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{Path: &zeroValue} + h.GetPath() + h = &HecConfig{} + h.GetPath() + h = nil + h.GetPath() +} + +func TestHecConfig_GetPort(tt *testing.T) { + tt.Parallel() + h := &HecConfig{} + h.GetPort() + h = nil + h.GetPort() +} + +func TestHecConfig_GetSSLVerify(tt *testing.T) { + tt.Parallel() + var zeroValue bool + h := &HecConfig{SSLVerify: &zeroValue} + h.GetSSLVerify() + h = &HecConfig{} + h.GetSSLVerify() + h = nil + h.GetSSLVerify() +} + func TestHook_GetActive(tt *testing.T) { tt.Parallel() var zeroValue bool @@ -36959,6 +37363,58 @@ func TestSourceImportAuthor_GetURL(tt *testing.T) { s.GetURL() } +func TestSplunkConfig_GetDomain(tt *testing.T) { + tt.Parallel() + var zeroValue string + s := &SplunkConfig{Domain: &zeroValue} + s.GetDomain() + s = &SplunkConfig{} + s.GetDomain() + s = nil + s.GetDomain() +} + +func TestSplunkConfig_GetEncryptedToken(tt *testing.T) { + tt.Parallel() + var zeroValue string + s := &SplunkConfig{EncryptedToken: &zeroValue} + s.GetEncryptedToken() + s = &SplunkConfig{} + s.GetEncryptedToken() + s = nil + s.GetEncryptedToken() +} + +func TestSplunkConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + s := &SplunkConfig{KeyID: &zeroValue} + s.GetKeyID() + s = &SplunkConfig{} + s.GetKeyID() + s = nil + s.GetKeyID() +} + +func TestSplunkConfig_GetPort(tt *testing.T) { + tt.Parallel() + s := &SplunkConfig{} + s.GetPort() + s = nil + s.GetPort() +} + +func TestSplunkConfig_GetSSLVerify(tt *testing.T) { + tt.Parallel() + var zeroValue bool + s := &SplunkConfig{SSLVerify: &zeroValue} + s.GetSSLVerify() + s = &SplunkConfig{} + s.GetSSLVerify() + s = nil + s.GetSSLVerify() +} + func TestSponsorshipChanges_GetPrivacyLevel(tt *testing.T) { tt.Parallel() var zeroValue string From 948070db70460db7909ee4a321b98527e79be5a5 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Mon, 23 Feb 2026 14:26:21 +0100 Subject: [PATCH 03/21] feature for api. and /api --- example/auditlogstream/main.go | 62 +++++++++++----------- github/enterprise_audit_log_stream.go | 40 ++++++++------ github/enterprise_audit_log_stream_test.go | 24 ++++----- github/github-accessors.go | 48 ++++++++++------- github/github-accessors_test.go | 58 +++++++++++--------- 5 files changed, 126 insertions(+), 106 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index 939a3c131fa..a5ba6d33c78 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -6,19 +6,15 @@ // The auditlogstream command demonstrates managing enterprise audit log // streams for Azure Blob Storage using the go-github library. // -// Usage — create (github.com): +// The GitHub API base URL is read from the GITHUB_API_URL environment +// variable. When running inside a GitHub Actions workflow this is set +// automatically. // -// export GITHUB_AUTH_TOKEN= -// go run main.go create \ -// -enterprise=my-enterprise \ -// -container=my-container \ -// -sas-url= -// -// Usage — create (GitHub Enterprise Server): +// Usage — create: // // export GITHUB_AUTH_TOKEN= +// export GITHUB_API_URL=https://api..ghe.com/ or https://domain/api/v3/ // go run main.go create \ -// -base-url=https://github.example.com/api/v3/ \ // -enterprise=my-enterprise \ // -container=my-container \ // -sas-url= @@ -26,8 +22,8 @@ // Usage — delete: // // export GITHUB_AUTH_TOKEN= +// export GITHUB_API_URL=https://api..ghe.com/ or https://domain/api/v3/ // go run main.go delete \ -// -base-url=https://github.example.com/api/v3/ \ // -enterprise=my-enterprise \ // -stream-id=42 package main @@ -53,7 +49,7 @@ func encryptSecret(publicKeyB64, secret string) (string, error) { return "", fmt.Errorf("decoding public key: %w", err) } if len(publicKeyBytes) != 32 { - return "", fmt.Errorf("public key must be 32 bytes, got %d", len(publicKeyBytes)) + return "", fmt.Errorf("public key must be 32 bytes, got %v", len(publicKeyBytes)) } var publicKey [32]byte copy(publicKey[:], publicKeyBytes) @@ -68,7 +64,7 @@ func encryptSecret(publicKeyB64, secret string) (string, error) { func main() { if len(os.Args) < 2 { - fmt.Fprintf(os.Stderr, "Usage: %s [flags]\n", os.Args[0]) + fmt.Fprintf(os.Stderr, "Usage: %v [flags]\n", os.Args[0]) os.Exit(1) } @@ -85,30 +81,32 @@ func main() { func runCreate(args []string) { fs := flag.NewFlagSet("create", flag.ExitOnError) - baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") - enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + enterprise := fs.String("enterprise", "", "Enterprise slug (required).") container := fs.String("container", "", "Azure Blob Storage container name (required).") sasURL := fs.String("sas-url", "", "Plain-text Azure SAS URL to encrypt and submit (required).") enabled := fs.Bool("enabled", true, "Whether the stream should be enabled immediately.") - fs.Parse(args) + if err := fs.Parse(args); err != nil { + log.Fatalf("Error parsing flags: %v", err) + } token := requireEnv("GITHUB_AUTH_TOKEN") + apiURL := requireEnv("GITHUB_API_URL") requireFlag("enterprise", *enterprise) requireFlag("container", *container) requireFlag("sas-url", *sasURL) ctx := context.Background() - client := newClient(token, *baseURL) + client := newClient(token, apiURL) // Step 1: Fetch the enterprise's public streaming key. streamKey, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, *enterprise) if err != nil { log.Fatalf("Error fetching audit log stream key: %v", err) } - fmt.Printf("Retrieved stream key ID: %s\n", streamKey.GetKeyID()) + fmt.Printf("Retrieved stream key ID: %v\n", streamKey.GetKeyID()) // Step 2: Encrypt the SAS URL using the public key (sealed box / crypto_box_seal). - encryptedSASURL, err := encryptSecret(streamKey.GetPublicKey(), *sasURL) + encryptedSASURL, err := encryptSecret(streamKey.GetKey(), *sasURL) if err != nil { log.Fatalf("Error encrypting SAS URL: %v", err) } @@ -118,7 +116,7 @@ func runCreate(args []string) { config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ KeyID: streamKey.KeyID, Container: github.Ptr(*container), - EncryptedSASURL: github.Ptr(encryptedSASURL), + EncryptedSasURL: github.Ptr(encryptedSASURL), }) stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, *enterprise, config) @@ -126,39 +124,41 @@ func runCreate(args []string) { log.Fatalf("Error creating audit log stream: %v", err) } - fmt.Printf("Successfully created audit log stream:\n") - fmt.Printf(" ID: %d\n", stream.GetID()) - fmt.Printf(" Type: %s\n", stream.GetStreamType()) + fmt.Println("Successfully created audit log stream:") + fmt.Printf(" ID: %v\n", stream.GetID()) + fmt.Printf(" Type: %v\n", stream.GetStreamType()) fmt.Printf(" Enabled: %v\n", stream.GetEnabled()) fmt.Printf(" Created at: %v\n", stream.GetCreatedAt()) } func runDelete(args []string) { fs := flag.NewFlagSet("delete", flag.ExitOnError) - baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") - enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + enterprise := fs.String("enterprise", "", "Enterprise slug (required).") streamID := fs.Int64("stream-id", 0, "ID of the audit log stream to delete (required).") - fs.Parse(args) + if err := fs.Parse(args); err != nil { + log.Fatalf("Error parsing flags: %v", err) + } token := requireEnv("GITHUB_AUTH_TOKEN") + apiURL := requireEnv("GITHUB_API_URL") requireFlag("enterprise", *enterprise) if *streamID == 0 { log.Fatal("flag -stream-id is required") } ctx := context.Background() - client := newClient(token, *baseURL) + client := newClient(token, apiURL) _, err := client.Enterprise.DeleteAuditLogStream(ctx, *enterprise, *streamID) if err != nil { log.Fatalf("Error deleting audit log stream: %v", err) } - fmt.Printf("Successfully deleted audit log stream %d.\n", *streamID) + fmt.Printf("Successfully deleted audit log stream %v.\n", *streamID) } -func newClient(token, baseURL string) *github.Client { - client, err := github.NewClient(nil).WithAuthToken(token).WithEnterpriseURLs(baseURL, baseURL) +func newClient(token, apiURL string) *github.Client { + client, err := github.NewClient(nil).WithAuthToken(token).WithEnterpriseURLs(apiURL, apiURL) if err != nil { log.Fatalf("Error creating GitHub client: %v", err) } @@ -168,13 +168,13 @@ func newClient(token, baseURL string) *github.Client { func requireEnv(name string) string { val := os.Getenv(name) if val == "" { - log.Fatalf("environment variable %s is not set", name) + log.Fatalf("environment variable %v is not set", name) } return val } func requireFlag(name, val string) { if val == "" { - log.Fatalf("flag -%s is required", name) + log.Fatalf("flag -%v is required", name) } } diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 6e18b9f558b..29cb69a9c1c 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -23,9 +23,9 @@ type AuditLogStream struct { // AuditLogStreamConfig represents a configuration for creating or updating an audit log stream. type AuditLogStreamConfig struct { - Enabled *bool `json:"enabled,omitempty"` - StreamType *string `json:"stream_type,omitempty"` - VendorSpecific AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` + Enabled *bool `json:"enabled,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + VendorSpecific *AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` } // AuditLogStreamVendorConfig is a marker interface for vendor-specific audit log @@ -36,21 +36,21 @@ type AuditLogStreamVendorConfig interface { // AuditLogStreamKey represents the public key used to encrypt secrets for audit log streaming. type AuditLogStreamKey struct { - KeyID *string `json:"key_id,omitempty"` - PublicKey *string `json:"key,omitempty"` + KeyID *string `json:"key_id,omitempty"` + Key *string `json:"key,omitempty"` } // AzureBlobConfig represents vendor-specific config for Azure Blob Storage. type AzureBlobConfig struct { KeyID *string `json:"key_id,omitempty"` - EncryptedSASURL *string `json:"encrypted_sas_url,omitempty"` + EncryptedSasURL *string `json:"encrypted_sas_url,omitempty"` Container *string `json:"container,omitempty"` } // AzureHubConfig represents vendor-specific config for Azure Event Hubs. type AzureHubConfig struct { Name *string `json:"name,omitempty"` - EncryptedConnString *string `json:"encrypted_connstring,omitempty"` + EncryptedConnstring *string `json:"encrypted_connstring,omitempty"` KeyID *string `json:"key_id,omitempty"` } @@ -60,7 +60,7 @@ type AmazonS3OIDCConfig struct { Region *string `json:"region,omitempty"` KeyID *string `json:"key_id,omitempty"` AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "oidc" - ARNRole *string `json:"arn_role,omitempty"` + ArnRole *string `json:"arn_role,omitempty"` } // AmazonS3AccessKeysConfig represents vendor-specific config for Amazon S3 with access key authentication. @@ -121,49 +121,57 @@ func (*DatadogConfig) isAuditLogStreamVendorConfig() {} // NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { streamType := "Azure Blob Storage" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { streamType := "Azure Event Hubs" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { streamType := "Amazon S3" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access key auth. func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { streamType := "Amazon S3" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewSplunkStreamConfig returns an AuditLogStreamConfig for Splunk. func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfig { streamType := "Splunk" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewHecStreamConfig returns an AuditLogStreamConfig for an HTTPS Event Collector endpoint. func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { streamType := "HTTPS Event Collector" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { streamType := "Google Cloud Storage" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewDatadogStreamConfig returns an AuditLogStreamConfig for Datadog. func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamConfig { streamType := "Datadog" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // GetAuditLogStreamKey retrieves the public key used to encrypt secrets for audit log streaming. diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index d29cf8c02f9..c85198a05d3 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -6,7 +6,6 @@ package github import ( - "context" "fmt" "net/http" "testing" @@ -23,15 +22,15 @@ func TestEnterpriseService_GetAuditLogStreamKey(t *testing.T) { fmt.Fprint(w, `{"key_id":"1234","key":"2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"}`) }) - ctx := context.Background() + ctx := t.Context() key, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, "e") if err != nil { t.Errorf("Enterprise.GetAuditLogStreamKey returned error: %v", err) } want := &AuditLogStreamKey{ - KeyID: Ptr("1234"), - PublicKey: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), + KeyID: Ptr("1234"), + Key: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), } if !cmp.Equal(key, want) { t.Errorf("Enterprise.GetAuditLogStreamKey returned %+v, want %+v", key, want) @@ -60,7 +59,7 @@ func TestEnterpriseService_ListAuditLogStreams(t *testing.T) { fmt.Fprint(w, `[{"id":1,"stream_type":"Splunk","stream_details":"US","enabled":true}]`) }) - ctx := context.Background() + ctx := t.Context() streams, _, err := client.Enterprise.ListAuditLogStreams(ctx, "e") if err != nil { t.Errorf("Enterprise.ListAuditLogStreams returned error: %v", err) @@ -101,7 +100,7 @@ func TestEnterpriseService_GetAuditLogStream(t *testing.T) { fmt.Fprint(w, `{"id":1,"stream_type":"Datadog","stream_details":"US","enabled":true}`) }) - ctx := context.Background() + ctx := t.Context() stream, _, err := client.Enterprise.GetAuditLogStream(ctx, "e", 1) if err != nil { t.Errorf("Enterprise.GetAuditLogStream returned error: %v", err) @@ -146,7 +145,7 @@ func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { KeyID: Ptr("v1"), }) - ctx := context.Background() + ctx := t.Context() stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) if err != nil { t.Errorf("Enterprise.CreateAuditLogStream returned error: %v", err) @@ -193,7 +192,7 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { SSLVerify: Ptr(true), }) - ctx := context.Background() + ctx := t.Context() stream, _, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) if err != nil { t.Errorf("Enterprise.UpdateAuditLogStream returned error: %v", err) @@ -227,11 +226,11 @@ func TestEnterpriseService_DeleteAuditLogStream(t *testing.T) { t.Parallel() client, mux, _ := setup(t) - mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(_ http.ResponseWriter, r *http.Request) { testMethod(t, r, "DELETE") }) - ctx := context.Background() + ctx := t.Context() _, err := client.Enterprise.DeleteAuditLogStream(ctx, "e", 1) if err != nil { t.Errorf("Enterprise.DeleteAuditLogStream returned error: %v", err) @@ -251,7 +250,7 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { t.Parallel() cfg := &AzureBlobConfig{ KeyID: Ptr("v1"), - EncryptedSASURL: Ptr("ENCRYPTED"), + EncryptedSasURL: Ptr("ENCRYPTED"), Container: Ptr("my-container"), } got := NewAzureBlobStreamConfig(true, cfg) @@ -261,9 +260,6 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { if got.Enabled == nil || !*got.Enabled { t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) } - if got.VendorSpecific != cfg { - t.Errorf("NewAzureBlobStreamConfig VendorSpecific = %v, want %v", got.VendorSpecific, cfg) - } } func TestNewDatadogStreamConfig(t *testing.T) { diff --git a/github/github-accessors.go b/github/github-accessors.go index d445d8a9560..ba9d8f93cb8 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -814,12 +814,12 @@ func (a *AmazonS3AccessKeysConfig) GetRegion() string { return *a.Region } -// GetARNRole returns the ARNRole field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetARNRole() string { - if a == nil || a.ARNRole == nil { +// GetArnRole returns the ArnRole field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetArnRole() string { + if a == nil || a.ArnRole == nil { return "" } - return *a.ARNRole + return *a.ArnRole } // GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. @@ -1814,20 +1814,28 @@ func (a *AuditLogStreamConfig) GetStreamType() string { return *a.StreamType } -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamKey) GetKeyID() string { - if a == nil || a.KeyID == nil { +// GetVendorSpecific returns the VendorSpecific field. +func (a *AuditLogStreamConfig) GetVendorSpecific() *AuditLogStreamVendorConfig { + if a == nil { + return nil + } + return a.VendorSpecific +} + +// GetKey returns the Key field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetKey() string { + if a == nil || a.Key == nil { return "" } - return *a.KeyID + return *a.Key } -// GetPublicKey returns the PublicKey field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamKey) GetPublicKey() string { - if a == nil || a.PublicKey == nil { +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetKeyID() string { + if a == nil || a.KeyID == nil { return "" } - return *a.PublicKey + return *a.KeyID } // GetApp returns the App field. @@ -2126,12 +2134,12 @@ func (a *AzureBlobConfig) GetContainer() string { return *a.Container } -// GetEncryptedSASURL returns the EncryptedSASURL field if it's non-nil, zero value otherwise. -func (a *AzureBlobConfig) GetEncryptedSASURL() string { - if a == nil || a.EncryptedSASURL == nil { +// GetEncryptedSasURL returns the EncryptedSasURL field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetEncryptedSasURL() string { + if a == nil || a.EncryptedSasURL == nil { return "" } - return *a.EncryptedSASURL + return *a.EncryptedSasURL } // GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. @@ -2142,12 +2150,12 @@ func (a *AzureBlobConfig) GetKeyID() string { return *a.KeyID } -// GetEncryptedConnString returns the EncryptedConnString field if it's non-nil, zero value otherwise. -func (a *AzureHubConfig) GetEncryptedConnString() string { - if a == nil || a.EncryptedConnString == nil { +// GetEncryptedConnstring returns the EncryptedConnstring field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetEncryptedConnstring() string { + if a == nil || a.EncryptedConnstring == nil { return "" } - return *a.EncryptedConnString + return *a.EncryptedConnstring } // GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index 0455769026d..fae4fcb75dd 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -1046,15 +1046,15 @@ func TestAmazonS3AccessKeysConfig_GetRegion(tt *testing.T) { a.GetRegion() } -func TestAmazonS3OIDCConfig_GetARNRole(tt *testing.T) { +func TestAmazonS3OIDCConfig_GetArnRole(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AmazonS3OIDCConfig{ARNRole: &zeroValue} - a.GetARNRole() + a := &AmazonS3OIDCConfig{ArnRole: &zeroValue} + a.GetArnRole() a = &AmazonS3OIDCConfig{} - a.GetARNRole() + a.GetArnRole() a = nil - a.GetARNRole() + a.GetArnRole() } func TestAmazonS3OIDCConfig_GetAuthenticationType(tt *testing.T) { @@ -2397,26 +2397,34 @@ func TestAuditLogStreamConfig_GetStreamType(tt *testing.T) { a.GetStreamType() } -func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { +func TestAuditLogStreamConfig_GetVendorSpecific(tt *testing.T) { + tt.Parallel() + a := &AuditLogStreamConfig{} + a.GetVendorSpecific() + a = nil + a.GetVendorSpecific() +} + +func TestAuditLogStreamKey_GetKey(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AuditLogStreamKey{KeyID: &zeroValue} - a.GetKeyID() + a := &AuditLogStreamKey{Key: &zeroValue} + a.GetKey() a = &AuditLogStreamKey{} - a.GetKeyID() + a.GetKey() a = nil - a.GetKeyID() + a.GetKey() } -func TestAuditLogStreamKey_GetPublicKey(tt *testing.T) { +func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AuditLogStreamKey{PublicKey: &zeroValue} - a.GetPublicKey() + a := &AuditLogStreamKey{KeyID: &zeroValue} + a.GetKeyID() a = &AuditLogStreamKey{} - a.GetPublicKey() + a.GetKeyID() a = nil - a.GetPublicKey() + a.GetKeyID() } func TestAuthorization_GetApp(tt *testing.T) { @@ -2820,15 +2828,15 @@ func TestAzureBlobConfig_GetContainer(tt *testing.T) { a.GetContainer() } -func TestAzureBlobConfig_GetEncryptedSASURL(tt *testing.T) { +func TestAzureBlobConfig_GetEncryptedSasURL(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AzureBlobConfig{EncryptedSASURL: &zeroValue} - a.GetEncryptedSASURL() + a := &AzureBlobConfig{EncryptedSasURL: &zeroValue} + a.GetEncryptedSasURL() a = &AzureBlobConfig{} - a.GetEncryptedSASURL() + a.GetEncryptedSasURL() a = nil - a.GetEncryptedSASURL() + a.GetEncryptedSasURL() } func TestAzureBlobConfig_GetKeyID(tt *testing.T) { @@ -2842,15 +2850,15 @@ func TestAzureBlobConfig_GetKeyID(tt *testing.T) { a.GetKeyID() } -func TestAzureHubConfig_GetEncryptedConnString(tt *testing.T) { +func TestAzureHubConfig_GetEncryptedConnstring(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AzureHubConfig{EncryptedConnString: &zeroValue} - a.GetEncryptedConnString() + a := &AzureHubConfig{EncryptedConnstring: &zeroValue} + a.GetEncryptedConnstring() a = &AzureHubConfig{} - a.GetEncryptedConnString() + a.GetEncryptedConnstring() a = nil - a.GetEncryptedConnString() + a.GetEncryptedConnstring() } func TestAzureHubConfig_GetKeyID(tt *testing.T) { From 55149e29914e953ef7e21b65e83b66130003d413 Mon Sep 17 00:00:00 2001 From: amreshh Date: Thu, 26 Feb 2026 16:48:14 +0100 Subject: [PATCH 04/21] fix: linting issues - fixed linter issues where api docs were not correct in the comments for audit log streams --- github/enterprise_audit_log_stream.go | 10 +++++----- github/enterprise_audit_log_stream_test.go | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 29cb69a9c1c..0a4c6588969 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -178,7 +178,7 @@ func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamCon // Credentials must be encrypted with this key before being submitted via CreateAuditLogStream // or UpdateAuditLogStream. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-streaming-key-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-stream-key-for-encrypting-secrets // //meta:operation GET /enterprises/{enterprise}/audit-log/stream-key func (s *EnterpriseService) GetAuditLogStreamKey(ctx context.Context, enterprise string) (*AuditLogStreamKey, *Response, error) { @@ -222,7 +222,7 @@ func (s *EnterpriseService) ListAuditLogStreams(ctx context.Context, enterprise // GetAuditLogStream gets a single audit log stream configuration for an enterprise. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#list-one-audit-log-streaming-configuration-via-a-stream-id // //meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { @@ -268,13 +268,13 @@ func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise // UpdateAuditLogStream updates an existing audit log stream configuration for an enterprise. // Credentials in the config must be encrypted using the key returned by GetAuditLogStreamKey. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-existing-audit-log-stream-configuration // -//meta:operation PATCH /enterprises/{enterprise}/audit-log/streams/{stream_id} +//meta:operation PUT /enterprises/{enterprise}/audit-log/streams/{stream_id} func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise string, streamID int64, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) - req, err := s.client.NewRequest("PATCH", u, config) + req, err := s.client.NewRequest("PUT", u, config) if err != nil { return nil, nil, err } diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index c85198a05d3..433f1f631cb 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -180,7 +180,7 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { client, mux, _ := setup(t) mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "PATCH") + testMethod(t, r, "PUT") fmt.Fprint(w, `{"id":1,"stream_type":"Splunk","stream_details":"splunk.example.com","enabled":true}`) }) From 84f5b25c6f376d1be44615e712f44a77bac636f1 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Fri, 27 Feb 2026 13:28:59 +0100 Subject: [PATCH 05/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_audit_log_stream.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 0a4c6588969..2735d13b1fe 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -106,7 +106,7 @@ type DatadogConfig struct { KeyID *string `json:"key_id,omitempty"` } -// Implement the marker interface for all vendor config types. +// Implement the sealed marker interface for all vendor config types. func (*AzureBlobConfig) isAuditLogStreamVendorConfig() {} func (*AzureHubConfig) isAuditLogStreamVendorConfig() {} func (*AmazonS3OIDCConfig) isAuditLogStreamVendorConfig() {} From cf3de7575b3dbd43ced6245b422eb4feff8cb7fa Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Fri, 27 Feb 2026 13:29:14 +0100 Subject: [PATCH 06/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_audit_log_stream.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 2735d13b1fe..cf676df1d6e 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -28,8 +28,8 @@ type AuditLogStreamConfig struct { VendorSpecific *AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` } -// AuditLogStreamVendorConfig is a marker interface for vendor-specific audit log -// stream configurations. +// AuditLogStreamVendorConfig is a sealed marker interface for vendor-specific audit log +// stream configurations. Only this package can define implementations. type AuditLogStreamVendorConfig interface { isAuditLogStreamVendorConfig() } From f7e95dd7b0c767806b77e0b78f9fea30eab3f855 Mon Sep 17 00:00:00 2001 From: amreshh Date: Fri, 27 Feb 2026 13:33:30 +0100 Subject: [PATCH 07/21] test: added testcases for enterprise_audit_log_stream - Added testcases for each vendor config TestNewAzureHubStreamConfig TestNewAmazonS3OIDCStreamConfig TestNewAmazonAccessKeysStreamConfig TestNewSplunkStreamConfig TestNewHecStreamConfig TestNewGoogleCloudStreamConfig --- github/enterprise_audit_log_stream_test.go | 130 +++++++++++++++++++++ 1 file changed, 130 insertions(+) diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index 433f1f631cb..4b1aa3c4b85 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -260,6 +260,133 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { if got.Enabled == nil || !*got.Enabled { t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) } + if got.VendorSpecific == nil { + t.Fatal("NewAzureBlobStreamConfig VendorSpecific is nil") + } +} + +func TestNewAzureHubStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AzureHubConfig{ + Name: Ptr("my-hub"), + EncryptedConnstring: Ptr("ENCRYPTED"), + KeyID: Ptr("v1"), + } + got := NewAzureHubStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Azure Event Hubs" { + t.Errorf("NewAzureHubStreamConfig StreamType = %v, want Azure Event Hubs", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewAzureHubStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewAzureHubStreamConfig VendorSpecific is nil") + } +} + +func TestNewAmazonS3OIDCStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AmazonS3OIDCConfig{ + Bucket: Ptr("my-bucket"), + Region: Ptr("us-east-1"), + KeyID: Ptr("v1"), + AuthenticationType: Ptr("oidc"), + ArnRole: Ptr("arn:aws:iam::role/my-role"), + } + got := NewAmazonS3OIDCStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Amazon S3" { + t.Errorf("NewAmazonS3OIDCStreamConfig StreamType = %v, want Amazon S3", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewAmazonS3OIDCStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewAmazonS3OIDCStreamConfig VendorSpecific is nil") + } +} + +func TestNewAmazonS3AccessKeysStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AmazonS3AccessKeysConfig{ + Bucket: Ptr("my-bucket"), + Region: Ptr("us-west-2"), + KeyID: Ptr("v1"), + AuthenticationType: Ptr("access_keys"), + EncryptedSecretKey: Ptr("ENCRYPTED_SECRET"), + EncryptedAccessKeyID: Ptr("ENCRYPTED_KEY_ID"), + } + got := NewAmazonS3AccessKeysStreamConfig(false, cfg) + if got.StreamType == nil || *got.StreamType != "Amazon S3" { + t.Errorf("NewAmazonS3AccessKeysStreamConfig StreamType = %v, want Amazon S3", got.StreamType) + } + if got.Enabled == nil || *got.Enabled { + t.Errorf("NewAmazonS3AccessKeysStreamConfig Enabled = %v, want false", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewAmazonS3AccessKeysStreamConfig VendorSpecific is nil") + } +} + +func TestNewSplunkStreamConfig(t *testing.T) { + t.Parallel() + cfg := &SplunkConfig{ + Domain: Ptr("splunk.example.com"), + Port: Ptr(uint16(8089)), + KeyID: Ptr("v1"), + EncryptedToken: Ptr("ENCRYPTED"), + SSLVerify: Ptr(true), + } + got := NewSplunkStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Splunk" { + t.Errorf("NewSplunkStreamConfig StreamType = %v, want Splunk", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewSplunkStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewSplunkStreamConfig VendorSpecific is nil") + } +} + +func TestNewHecStreamConfig(t *testing.T) { + t.Parallel() + cfg := &HecConfig{ + Domain: Ptr("hec.example.com"), + Port: Ptr(uint16(443)), + KeyID: Ptr("v1"), + EncryptedToken: Ptr("ENCRYPTED"), + Path: Ptr("/services/collector"), + SSLVerify: Ptr(true), + } + got := NewHecStreamConfig(false, cfg) + if got.StreamType == nil || *got.StreamType != "HTTPS Event Collector" { + t.Errorf("NewHecStreamConfig StreamType = %v, want HTTPS Event Collector", got.StreamType) + } + if got.Enabled == nil || *got.Enabled { + t.Errorf("NewHecStreamConfig Enabled = %v, want false", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewHecStreamConfig VendorSpecific is nil") + } +} + +func TestNewGoogleCloudStreamConfig(t *testing.T) { + t.Parallel() + cfg := &GoogleCloudConfig{ + Bucket: Ptr("my-gcs-bucket"), + KeyID: Ptr("v1"), + EncryptedJSONCredentials: Ptr("ENCRYPTED"), + } + got := NewGoogleCloudStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Google Cloud Storage" { + t.Errorf("NewGoogleCloudStreamConfig StreamType = %v, want Google Cloud Storage", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewGoogleCloudStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewGoogleCloudStreamConfig VendorSpecific is nil") + } } func TestNewDatadogStreamConfig(t *testing.T) { @@ -276,4 +403,7 @@ func TestNewDatadogStreamConfig(t *testing.T) { if got.Enabled == nil || *got.Enabled { t.Errorf("NewDatadogStreamConfig Enabled = %v, want false", got.Enabled) } + if got.VendorSpecific == nil { + t.Fatal("NewDatadogStreamConfig VendorSpecific is nil") + } } From 246e60b08fbcc84de0b340826aa97731d8d041f2 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sat, 28 Feb 2026 19:40:12 +0100 Subject: [PATCH 08/21] Update example/auditlogstream/main.go Co-authored-by: Oleksandr Redko --- example/auditlogstream/main.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index a5ba6d33c78..e6d18546591 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -51,8 +51,7 @@ func encryptSecret(publicKeyB64, secret string) (string, error) { if len(publicKeyBytes) != 32 { return "", fmt.Errorf("public key must be 32 bytes, got %v", len(publicKeyBytes)) } - var publicKey [32]byte - copy(publicKey[:], publicKeyBytes) + publicKey := [32]byte(publicKeyBytes encrypted, err := box.SealAnonymous(nil, []byte(secret), &publicKey, rand.Reader) if err != nil { From 63eda1c3ab9a349aeac5a1e2dfa0a428b854a0d9 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sat, 28 Feb 2026 19:40:25 +0100 Subject: [PATCH 09/21] Update example/auditlogstream/main.go Co-authored-by: Oleksandr Redko --- example/auditlogstream/main.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index e6d18546591..644d8887e66 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -114,8 +114,8 @@ func runCreate(args []string) { // Step 3: Create the audit log stream. config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ KeyID: streamKey.KeyID, - Container: github.Ptr(*container), - EncryptedSasURL: github.Ptr(encryptedSASURL), + Container: container, + EncryptedSasURL: &encryptedSASURL, }) stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, *enterprise, config) From cdf7a8bffaf7033519ac4063d649927aa52711a4 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sat, 28 Feb 2026 20:14:16 +0100 Subject: [PATCH 10/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index cf676df1d6e..9130bf6e376 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -36,8 +36,8 @@ type AuditLogStreamVendorConfig interface { // AuditLogStreamKey represents the public key used to encrypt secrets for audit log streaming. type AuditLogStreamKey struct { - KeyID *string `json:"key_id,omitempty"` - Key *string `json:"key,omitempty"` + KeyID string `json:"key_id"` + Key string `json:"key"` } // AzureBlobConfig represents vendor-specific config for Azure Blob Storage. From 3ff53421f2a32c5c5e32537811f31e1d269a0d62 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sat, 28 Feb 2026 20:14:32 +0100 Subject: [PATCH 11/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 9130bf6e376..f7af6a0b2c7 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -23,9 +23,9 @@ type AuditLogStream struct { // AuditLogStreamConfig represents a configuration for creating or updating an audit log stream. type AuditLogStreamConfig struct { - Enabled *bool `json:"enabled,omitempty"` - StreamType *string `json:"stream_type,omitempty"` - VendorSpecific *AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` + Enabled bool `json:"enabled"` + StreamType string `json:"stream_type"` + VendorSpecific AuditLogStreamVendorConfig `json:"vendor_specific"` } // AuditLogStreamVendorConfig is a sealed marker interface for vendor-specific audit log From 46bb8843358f4945f8ec9716a3321e02aef5eb09 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sat, 28 Feb 2026 20:14:45 +0100 Subject: [PATCH 12/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index f7af6a0b2c7..02e2e981af8 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -12,12 +12,12 @@ import ( // AuditLogStream represents an audit log stream configuration for an enterprise. type AuditLogStream struct { - ID *int64 `json:"id,omitempty"` - StreamType *string `json:"stream_type,omitempty"` - StreamDetails *string `json:"stream_details,omitempty"` - Enabled *bool `json:"enabled,omitempty"` - CreatedAt *Timestamp `json:"created_at,omitempty"` - UpdatedAt *Timestamp `json:"updated_at,omitempty"` + ID int64 `json:"id"` + StreamType string `json:"stream_type"` + StreamDetails string `json:"stream_details"` + Enabled bool `json:"enabled"` + CreatedAt Timestamp `json:"created_at"` + UpdatedAt Timestamp `json:"updated_at"` PausedAt *Timestamp `json:"paused_at,omitempty"` } From 2321b8ac4c13f3b9b03064b26317cec8b49f9826 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sat, 28 Feb 2026 20:14:56 +0100 Subject: [PATCH 13/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 02e2e981af8..f0aa69db467 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -42,9 +42,9 @@ type AuditLogStreamKey struct { // AzureBlobConfig represents vendor-specific config for Azure Blob Storage. type AzureBlobConfig struct { - KeyID *string `json:"key_id,omitempty"` - EncryptedSasURL *string `json:"encrypted_sas_url,omitempty"` - Container *string `json:"container,omitempty"` + KeyID string `json:"key_id"` + EncryptedSasURL string `json:"encrypted_sas_url"` + Container string `json:"container"` } // AzureHubConfig represents vendor-specific config for Azure Event Hubs. From eb191dd8e46b55c47500ac7a88f7cc93877b7938 Mon Sep 17 00:00:00 2001 From: amreshh Date: Sat, 28 Feb 2026 20:13:33 +0100 Subject: [PATCH 14/21] fix: example/auditlogstream - common initialization moved to parseAndInit, which does the validation, client creation and reading the env vars --- example/auditlogstream/main.go | 68 ++++++++++++++++++---------------- 1 file changed, 37 insertions(+), 31 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index 644d8887e66..e6633378317 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -37,7 +37,7 @@ import ( "log" "os" - "github.com/google/go-github/v83/github" + "github.com/google/go-github/v84/github" "golang.org/x/crypto/nacl/box" ) @@ -51,7 +51,7 @@ func encryptSecret(publicKeyB64, secret string) (string, error) { if len(publicKeyBytes) != 32 { return "", fmt.Errorf("public key must be 32 bytes, got %v", len(publicKeyBytes)) } - publicKey := [32]byte(publicKeyBytes + publicKey := [32]byte(publicKeyBytes) encrypted, err := box.SealAnonymous(nil, []byte(secret), &publicKey, rand.Reader) if err != nil { @@ -78,47 +78,58 @@ func main() { } } -func runCreate(args []string) { - fs := flag.NewFlagSet("create", flag.ExitOnError) +// newFlagSet creates a FlagSet with the common -enterprise flag pre-registered. +func newFlagSet(name string) (*flag.FlagSet, *string) { + fs := flag.NewFlagSet(name, flag.ExitOnError) enterprise := fs.String("enterprise", "", "Enterprise slug (required).") - container := fs.String("container", "", "Azure Blob Storage container name (required).") - sasURL := fs.String("sas-url", "", "Plain-text Azure SAS URL to encrypt and submit (required).") - enabled := fs.Bool("enabled", true, "Whether the stream should be enabled immediately.") + return fs, enterprise +} + +// parseAndInit parses the FlagSet, validates the enterprise flag, reads +// environment variables, and returns a ready-to-use context, client, and +// enterprise slug. +func parseAndInit(fs *flag.FlagSet, enterprise *string, args []string) (context.Context, *github.Client, string) { if err := fs.Parse(args); err != nil { log.Fatalf("Error parsing flags: %v", err) } + requireFlag("enterprise", *enterprise) + token := requireEnv("GITHUB_AUTH_TOKEN") apiURL := requireEnv("GITHUB_API_URL") - requireFlag("enterprise", *enterprise) + + return context.Background(), newClient(token, apiURL), *enterprise +} + +func runCreate(args []string) { + fs, enterprise := newFlagSet("create") + container := fs.String("container", "", "Azure Blob Storage container name (required).") + sasURL := fs.String("sas-url", "", "Plain-text Azure SAS URL to encrypt and submit (required).") + enabled := fs.Bool("enabled", true, "Whether the stream should be enabled immediately.") + + ctx, client, ent := parseAndInit(fs, enterprise, args) requireFlag("container", *container) requireFlag("sas-url", *sasURL) - ctx := context.Background() - client := newClient(token, apiURL) - - // Step 1: Fetch the enterprise's public streaming key. - streamKey, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, *enterprise) + streamKey, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, ent) if err != nil { log.Fatalf("Error fetching audit log stream key: %v", err) } fmt.Printf("Retrieved stream key ID: %v\n", streamKey.GetKeyID()) - // Step 2: Encrypt the SAS URL using the public key (sealed box / crypto_box_seal). encryptedSASURL, err := encryptSecret(streamKey.GetKey(), *sasURL) if err != nil { log.Fatalf("Error encrypting SAS URL: %v", err) } fmt.Println("SAS URL encrypted successfully.") - // Step 3: Create the audit log stream. config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ KeyID: streamKey.KeyID, Container: container, EncryptedSasURL: &encryptedSASURL, }) - stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, *enterprise, config) + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, ent, config) if err != nil { log.Fatalf("Error creating audit log stream: %v", err) } @@ -131,24 +142,13 @@ func runCreate(args []string) { } func runDelete(args []string) { - fs := flag.NewFlagSet("delete", flag.ExitOnError) - enterprise := fs.String("enterprise", "", "Enterprise slug (required).") + fs, enterprise := newFlagSet("delete") streamID := fs.Int64("stream-id", 0, "ID of the audit log stream to delete (required).") - if err := fs.Parse(args); err != nil { - log.Fatalf("Error parsing flags: %v", err) - } - token := requireEnv("GITHUB_AUTH_TOKEN") - apiURL := requireEnv("GITHUB_API_URL") - requireFlag("enterprise", *enterprise) - if *streamID == 0 { - log.Fatal("flag -stream-id is required") - } + ctx, client, ent := parseAndInit(fs, enterprise, args) + requireIntFlag("stream-id", *streamID) - ctx := context.Background() - client := newClient(token, apiURL) - - _, err := client.Enterprise.DeleteAuditLogStream(ctx, *enterprise, *streamID) + _, err := client.Enterprise.DeleteAuditLogStream(ctx, ent, *streamID) if err != nil { log.Fatalf("Error deleting audit log stream: %v", err) } @@ -177,3 +177,9 @@ func requireFlag(name, val string) { log.Fatalf("flag -%v is required", name) } } + +func requireIntFlag(name string, val int64) { + if val == 0 { + log.Fatalf("flag -%v is required", name) + } +} From 4c17774ab10327a1fa0b10e31f7a15de260be85a Mon Sep 17 00:00:00 2001 From: amreshh Date: Sun, 1 Mar 2026 09:43:26 +0100 Subject: [PATCH 15/21] fix: struct fields for audit log stream - fields in the vendor structs changed to required according to api spec --- example/auditlogstream/main.go | 16 +- github/enterprise_audit_log_stream.go | 94 ++-- github/enterprise_audit_log_stream_test.go | 152 +++---- github/github-accessors.go | 360 --------------- github/github-accessors_test.go | 486 --------------------- 5 files changed, 130 insertions(+), 978 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index e6633378317..5413d60e7f2 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -115,9 +115,9 @@ func runCreate(args []string) { if err != nil { log.Fatalf("Error fetching audit log stream key: %v", err) } - fmt.Printf("Retrieved stream key ID: %v\n", streamKey.GetKeyID()) + fmt.Printf("Retrieved stream key ID: %v\n", streamKey.KeyID) - encryptedSASURL, err := encryptSecret(streamKey.GetKey(), *sasURL) + encryptedSASURL, err := encryptSecret(streamKey.Key, *sasURL) if err != nil { log.Fatalf("Error encrypting SAS URL: %v", err) } @@ -125,8 +125,8 @@ func runCreate(args []string) { config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ KeyID: streamKey.KeyID, - Container: container, - EncryptedSasURL: &encryptedSASURL, + Container: *container, + EncryptedSASURL: encryptedSASURL, }) stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, ent, config) @@ -135,10 +135,10 @@ func runCreate(args []string) { } fmt.Println("Successfully created audit log stream:") - fmt.Printf(" ID: %v\n", stream.GetID()) - fmt.Printf(" Type: %v\n", stream.GetStreamType()) - fmt.Printf(" Enabled: %v\n", stream.GetEnabled()) - fmt.Printf(" Created at: %v\n", stream.GetCreatedAt()) + fmt.Printf(" ID: %v\n", stream.ID) + fmt.Printf(" Type: %v\n", stream.StreamType) + fmt.Printf(" Enabled: %v\n", stream.Enabled) + fmt.Printf(" Created at: %v\n", stream.CreatedAt) } func runDelete(args []string) { diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index f0aa69db467..ab7359dd2f7 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -12,12 +12,12 @@ import ( // AuditLogStream represents an audit log stream configuration for an enterprise. type AuditLogStream struct { - ID int64 `json:"id"` - StreamType string `json:"stream_type"` - StreamDetails string `json:"stream_details"` - Enabled bool `json:"enabled"` - CreatedAt Timestamp `json:"created_at"` - UpdatedAt Timestamp `json:"updated_at"` + ID int64 `json:"id"` + StreamType string `json:"stream_type"` + StreamDetails string `json:"stream_details"` + Enabled bool `json:"enabled"` + CreatedAt Timestamp `json:"created_at"` + UpdatedAt Timestamp `json:"updated_at"` PausedAt *Timestamp `json:"paused_at,omitempty"` } @@ -43,67 +43,67 @@ type AuditLogStreamKey struct { // AzureBlobConfig represents vendor-specific config for Azure Blob Storage. type AzureBlobConfig struct { KeyID string `json:"key_id"` - EncryptedSasURL string `json:"encrypted_sas_url"` + EncryptedSASURL string `json:"encrypted_sas_url"` Container string `json:"container"` } // AzureHubConfig represents vendor-specific config for Azure Event Hubs. type AzureHubConfig struct { - Name *string `json:"name,omitempty"` - EncryptedConnstring *string `json:"encrypted_connstring,omitempty"` - KeyID *string `json:"key_id,omitempty"` + Name string `json:"name"` + EncryptedConnstring string `json:"encrypted_connstring"` + KeyID string `json:"key_id"` } // AmazonS3OIDCConfig represents vendor-specific config for Amazon S3 with OIDC authentication. type AmazonS3OIDCConfig struct { - Bucket *string `json:"bucket,omitempty"` - Region *string `json:"region,omitempty"` - KeyID *string `json:"key_id,omitempty"` - AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "oidc" - ArnRole *string `json:"arn_role,omitempty"` + Bucket string `json:"bucket"` + Region string `json:"region"` + KeyID string `json:"key_id"` + AuthenticationType string `json:"authentication_type"` // Value: "oidc" + ArnRole string `json:"arn_role"` } // AmazonS3AccessKeysConfig represents vendor-specific config for Amazon S3 with access key authentication. type AmazonS3AccessKeysConfig struct { - Bucket *string `json:"bucket,omitempty"` - Region *string `json:"region,omitempty"` - KeyID *string `json:"key_id,omitempty"` - AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "access_keys" - EncryptedSecretKey *string `json:"encrypted_secret_key,omitempty"` - EncryptedAccessKeyID *string `json:"encrypted_access_key_id,omitempty"` + Bucket string `json:"bucket"` + Region string `json:"region"` + KeyID string `json:"key_id"` + AuthenticationType string `json:"authentication_type"` // Value: "access_keys" + EncryptedSecretKey string `json:"encrypted_secret_key"` + EncryptedAccessKeyID string `json:"encrypted_access_key_id"` } // SplunkConfig represents vendor-specific config for Splunk. type SplunkConfig struct { - Domain *string `json:"domain,omitempty"` - Port *uint16 `json:"port,omitempty"` - KeyID *string `json:"key_id,omitempty"` - EncryptedToken *string `json:"encrypted_token,omitempty"` - SSLVerify *bool `json:"ssl_verify,omitempty"` + Domain string `json:"domain"` + Port uint16 `json:"port"` + KeyID string `json:"key_id"` + EncryptedToken string `json:"encrypted_token"` + SSLVerify bool `json:"ssl_verify"` } // HecConfig represents vendor-specific config for an HTTPS Event Collector (HEC) endpoint. type HecConfig struct { - Domain *string `json:"domain,omitempty"` - Port *uint16 `json:"port,omitempty"` - KeyID *string `json:"key_id,omitempty"` - EncryptedToken *string `json:"encrypted_token,omitempty"` - Path *string `json:"path,omitempty"` - SSLVerify *bool `json:"ssl_verify,omitempty"` + Domain string `json:"domain"` + Port uint16 `json:"port"` + KeyID string `json:"key_id"` + EncryptedToken string `json:"encrypted_token"` + Path string `json:"path"` + SSLVerify bool `json:"ssl_verify"` } // GoogleCloudConfig represents vendor-specific config for Google Cloud Storage. type GoogleCloudConfig struct { - Bucket *string `json:"bucket,omitempty"` - KeyID *string `json:"key_id,omitempty"` - EncryptedJSONCredentials *string `json:"encrypted_json_credentials,omitempty"` + Bucket string `json:"bucket"` + KeyID string `json:"key_id"` + EncryptedJSONCredentials string `json:"encrypted_json_credentials"` } // DatadogConfig represents vendor-specific config for Datadog. type DatadogConfig struct { - EncryptedToken *string `json:"encrypted_token,omitempty"` - Site *string `json:"site,omitempty"` // One of: US, US3, US5, EU1, US1-FED, AP1 - KeyID *string `json:"key_id,omitempty"` + EncryptedToken string `json:"encrypted_token"` + Site string `json:"site"` // One of: US, US3, US5, EU1, US1-FED, AP1 + KeyID string `json:"key_id"` } // Implement the sealed marker interface for all vendor config types. @@ -116,62 +116,60 @@ func (*HecConfig) isAuditLogStreamVendorConfig() {} func (*GoogleCloudConfig) isAuditLogStreamVendorConfig() {} func (*DatadogConfig) isAuditLogStreamVendorConfig() {} -// Helper constructors for AuditLogStreamConfig. - // NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { streamType := "Azure Blob Storage" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { streamType := "Azure Event Hubs" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { streamType := "Amazon S3" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access key auth. func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { streamType := "Amazon S3" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewSplunkStreamConfig returns an AuditLogStreamConfig for Splunk. func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfig { streamType := "Splunk" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewHecStreamConfig returns an AuditLogStreamConfig for an HTTPS Event Collector endpoint. func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { streamType := "HTTPS Event Collector" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { streamType := "Google Cloud Storage" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // NewDatadogStreamConfig returns an AuditLogStreamConfig for Datadog. func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamConfig { streamType := "Datadog" v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} } // GetAuditLogStreamKey retrieves the public key used to encrypt secrets for audit log streaming. diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index 4b1aa3c4b85..5c47fe05c8d 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -29,8 +29,8 @@ func TestEnterpriseService_GetAuditLogStreamKey(t *testing.T) { } want := &AuditLogStreamKey{ - KeyID: Ptr("1234"), - Key: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), + KeyID: "1234", + Key: "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234", } if !cmp.Equal(key, want) { t.Errorf("Enterprise.GetAuditLogStreamKey returned %+v, want %+v", key, want) @@ -67,10 +67,10 @@ func TestEnterpriseService_ListAuditLogStreams(t *testing.T) { want := []*AuditLogStream{ { - ID: Ptr(int64(1)), - StreamType: Ptr("Splunk"), - StreamDetails: Ptr("US"), - Enabled: Ptr(true), + ID: 1, + StreamType: "Splunk", + StreamDetails: "US", + Enabled: true, }, } if !cmp.Equal(streams, want) { @@ -107,10 +107,10 @@ func TestEnterpriseService_GetAuditLogStream(t *testing.T) { } want := &AuditLogStream{ - ID: Ptr(int64(1)), - StreamType: Ptr("Datadog"), - StreamDetails: Ptr("US"), - Enabled: Ptr(true), + ID: 1, + StreamType: "Datadog", + StreamDetails: "US", + Enabled: true, } if !cmp.Equal(stream, want) { t.Errorf("Enterprise.GetAuditLogStream returned %+v, want %+v", stream, want) @@ -140,9 +140,9 @@ func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { }) input := NewDatadogStreamConfig(false, &DatadogConfig{ - EncryptedToken: Ptr("ENCRYPTED"), - Site: Ptr("US3"), - KeyID: Ptr("v1"), + EncryptedToken: "ENCRYPTED", + Site: "US3", + KeyID: "v1", }) ctx := t.Context() @@ -152,10 +152,10 @@ func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { } want := &AuditLogStream{ - ID: Ptr(int64(2)), - StreamType: Ptr("Datadog"), - StreamDetails: Ptr("US3"), - Enabled: Ptr(false), + ID: 2, + StreamType: "Datadog", + StreamDetails: "US3", + Enabled: false, } if !cmp.Equal(stream, want) { t.Errorf("Enterprise.CreateAuditLogStream returned %+v, want %+v", stream, want) @@ -185,11 +185,11 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { }) input := NewSplunkStreamConfig(true, &SplunkConfig{ - Domain: Ptr("splunk.example.com"), - Port: Ptr(uint16(8089)), - KeyID: Ptr("v1"), - EncryptedToken: Ptr("ENCRYPTED"), - SSLVerify: Ptr(true), + Domain: "splunk.example.com", + Port: 8089, + KeyID: "v1", + EncryptedToken: "ENCRYPTED", + SSLVerify: true, }) ctx := t.Context() @@ -199,10 +199,10 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { } want := &AuditLogStream{ - ID: Ptr(int64(1)), - StreamType: Ptr("Splunk"), - StreamDetails: Ptr("splunk.example.com"), - Enabled: Ptr(true), + ID: 1, + StreamType: "Splunk", + StreamDetails: "splunk.example.com", + Enabled: true, } if !cmp.Equal(stream, want) { t.Errorf("Enterprise.UpdateAuditLogStream returned %+v, want %+v", stream, want) @@ -249,15 +249,15 @@ func TestEnterpriseService_DeleteAuditLogStream(t *testing.T) { func TestNewAzureBlobStreamConfig(t *testing.T) { t.Parallel() cfg := &AzureBlobConfig{ - KeyID: Ptr("v1"), - EncryptedSasURL: Ptr("ENCRYPTED"), - Container: Ptr("my-container"), + KeyID: "v1", + EncryptedSASURL: "ENCRYPTED", + Container: "my-container", } got := NewAzureBlobStreamConfig(true, cfg) - if got.StreamType == nil || *got.StreamType != "Azure Blob Storage" { + if got.StreamType != "Azure Blob Storage" { t.Errorf("NewAzureBlobStreamConfig StreamType = %v, want Azure Blob Storage", got.StreamType) } - if got.Enabled == nil || !*got.Enabled { + if !got.Enabled { t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) } if got.VendorSpecific == nil { @@ -268,15 +268,15 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { func TestNewAzureHubStreamConfig(t *testing.T) { t.Parallel() cfg := &AzureHubConfig{ - Name: Ptr("my-hub"), - EncryptedConnstring: Ptr("ENCRYPTED"), - KeyID: Ptr("v1"), + Name: "my-hub", + EncryptedConnstring: "ENCRYPTED", + KeyID: "v1", } got := NewAzureHubStreamConfig(true, cfg) - if got.StreamType == nil || *got.StreamType != "Azure Event Hubs" { + if got.StreamType != "Azure Event Hubs" { t.Errorf("NewAzureHubStreamConfig StreamType = %v, want Azure Event Hubs", got.StreamType) } - if got.Enabled == nil || !*got.Enabled { + if !got.Enabled { t.Errorf("NewAzureHubStreamConfig Enabled = %v, want true", got.Enabled) } if got.VendorSpecific == nil { @@ -287,17 +287,17 @@ func TestNewAzureHubStreamConfig(t *testing.T) { func TestNewAmazonS3OIDCStreamConfig(t *testing.T) { t.Parallel() cfg := &AmazonS3OIDCConfig{ - Bucket: Ptr("my-bucket"), - Region: Ptr("us-east-1"), - KeyID: Ptr("v1"), - AuthenticationType: Ptr("oidc"), - ArnRole: Ptr("arn:aws:iam::role/my-role"), + Bucket: "my-bucket", + Region: "us-east-1", + KeyID: "v1", + AuthenticationType: "oidc", + ArnRole: "arn:aws:iam::role/my-role", } got := NewAmazonS3OIDCStreamConfig(true, cfg) - if got.StreamType == nil || *got.StreamType != "Amazon S3" { + if got.StreamType != "Amazon S3" { t.Errorf("NewAmazonS3OIDCStreamConfig StreamType = %v, want Amazon S3", got.StreamType) } - if got.Enabled == nil || !*got.Enabled { + if !got.Enabled { t.Errorf("NewAmazonS3OIDCStreamConfig Enabled = %v, want true", got.Enabled) } if got.VendorSpecific == nil { @@ -308,18 +308,18 @@ func TestNewAmazonS3OIDCStreamConfig(t *testing.T) { func TestNewAmazonS3AccessKeysStreamConfig(t *testing.T) { t.Parallel() cfg := &AmazonS3AccessKeysConfig{ - Bucket: Ptr("my-bucket"), - Region: Ptr("us-west-2"), - KeyID: Ptr("v1"), - AuthenticationType: Ptr("access_keys"), - EncryptedSecretKey: Ptr("ENCRYPTED_SECRET"), - EncryptedAccessKeyID: Ptr("ENCRYPTED_KEY_ID"), + Bucket: "my-bucket", + Region: "us-west-2", + KeyID: "v1", + AuthenticationType: "access_keys", + EncryptedSecretKey: "ENCRYPTED_SECRET", + EncryptedAccessKeyID: "ENCRYPTED_KEY_ID", } got := NewAmazonS3AccessKeysStreamConfig(false, cfg) - if got.StreamType == nil || *got.StreamType != "Amazon S3" { + if got.StreamType != "Amazon S3" { t.Errorf("NewAmazonS3AccessKeysStreamConfig StreamType = %v, want Amazon S3", got.StreamType) } - if got.Enabled == nil || *got.Enabled { + if got.Enabled { t.Errorf("NewAmazonS3AccessKeysStreamConfig Enabled = %v, want false", got.Enabled) } if got.VendorSpecific == nil { @@ -330,17 +330,17 @@ func TestNewAmazonS3AccessKeysStreamConfig(t *testing.T) { func TestNewSplunkStreamConfig(t *testing.T) { t.Parallel() cfg := &SplunkConfig{ - Domain: Ptr("splunk.example.com"), - Port: Ptr(uint16(8089)), - KeyID: Ptr("v1"), - EncryptedToken: Ptr("ENCRYPTED"), - SSLVerify: Ptr(true), + Domain: "splunk.example.com", + Port: 8089, + KeyID: "v1", + EncryptedToken: "ENCRYPTED", + SSLVerify: true, } got := NewSplunkStreamConfig(true, cfg) - if got.StreamType == nil || *got.StreamType != "Splunk" { + if got.StreamType != "Splunk" { t.Errorf("NewSplunkStreamConfig StreamType = %v, want Splunk", got.StreamType) } - if got.Enabled == nil || !*got.Enabled { + if !got.Enabled { t.Errorf("NewSplunkStreamConfig Enabled = %v, want true", got.Enabled) } if got.VendorSpecific == nil { @@ -351,18 +351,18 @@ func TestNewSplunkStreamConfig(t *testing.T) { func TestNewHecStreamConfig(t *testing.T) { t.Parallel() cfg := &HecConfig{ - Domain: Ptr("hec.example.com"), - Port: Ptr(uint16(443)), - KeyID: Ptr("v1"), - EncryptedToken: Ptr("ENCRYPTED"), - Path: Ptr("/services/collector"), - SSLVerify: Ptr(true), + Domain: "hec.example.com", + Port: 443, + KeyID: "v1", + EncryptedToken: "ENCRYPTED", + Path: "/services/collector", + SSLVerify: true, } got := NewHecStreamConfig(false, cfg) - if got.StreamType == nil || *got.StreamType != "HTTPS Event Collector" { + if got.StreamType != "HTTPS Event Collector" { t.Errorf("NewHecStreamConfig StreamType = %v, want HTTPS Event Collector", got.StreamType) } - if got.Enabled == nil || *got.Enabled { + if got.Enabled { t.Errorf("NewHecStreamConfig Enabled = %v, want false", got.Enabled) } if got.VendorSpecific == nil { @@ -373,15 +373,15 @@ func TestNewHecStreamConfig(t *testing.T) { func TestNewGoogleCloudStreamConfig(t *testing.T) { t.Parallel() cfg := &GoogleCloudConfig{ - Bucket: Ptr("my-gcs-bucket"), - KeyID: Ptr("v1"), - EncryptedJSONCredentials: Ptr("ENCRYPTED"), + Bucket: "my-gcs-bucket", + KeyID: "v1", + EncryptedJSONCredentials: "ENCRYPTED", } got := NewGoogleCloudStreamConfig(true, cfg) - if got.StreamType == nil || *got.StreamType != "Google Cloud Storage" { + if got.StreamType != "Google Cloud Storage" { t.Errorf("NewGoogleCloudStreamConfig StreamType = %v, want Google Cloud Storage", got.StreamType) } - if got.Enabled == nil || !*got.Enabled { + if !got.Enabled { t.Errorf("NewGoogleCloudStreamConfig Enabled = %v, want true", got.Enabled) } if got.VendorSpecific == nil { @@ -392,15 +392,15 @@ func TestNewGoogleCloudStreamConfig(t *testing.T) { func TestNewDatadogStreamConfig(t *testing.T) { t.Parallel() cfg := &DatadogConfig{ - EncryptedToken: Ptr("ENCRYPTED"), - Site: Ptr("US"), - KeyID: Ptr("v1"), + EncryptedToken: "ENCRYPTED", + Site: "US", + KeyID: "v1", } got := NewDatadogStreamConfig(false, cfg) - if got.StreamType == nil || *got.StreamType != "Datadog" { + if got.StreamType != "Datadog" { t.Errorf("NewDatadogStreamConfig StreamType = %v, want Datadog", got.StreamType) } - if got.Enabled == nil || *got.Enabled { + if got.Enabled { t.Errorf("NewDatadogStreamConfig Enabled = %v, want false", got.Enabled) } if got.VendorSpecific == nil { diff --git a/github/github-accessors.go b/github/github-accessors.go index bd4132a6b31..0042128b36d 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -766,94 +766,6 @@ func (a *AllowForkSyncing) GetEnabled() bool { return *a.Enabled } -// GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. -func (a *AmazonS3AccessKeysConfig) GetAuthenticationType() string { - if a == nil || a.AuthenticationType == nil { - return "" - } - return *a.AuthenticationType -} - -// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. -func (a *AmazonS3AccessKeysConfig) GetBucket() string { - if a == nil || a.Bucket == nil { - return "" - } - return *a.Bucket -} - -// GetEncryptedAccessKeyID returns the EncryptedAccessKeyID field if it's non-nil, zero value otherwise. -func (a *AmazonS3AccessKeysConfig) GetEncryptedAccessKeyID() string { - if a == nil || a.EncryptedAccessKeyID == nil { - return "" - } - return *a.EncryptedAccessKeyID -} - -// GetEncryptedSecretKey returns the EncryptedSecretKey field if it's non-nil, zero value otherwise. -func (a *AmazonS3AccessKeysConfig) GetEncryptedSecretKey() string { - if a == nil || a.EncryptedSecretKey == nil { - return "" - } - return *a.EncryptedSecretKey -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AmazonS3AccessKeysConfig) GetKeyID() string { - if a == nil || a.KeyID == nil { - return "" - } - return *a.KeyID -} - -// GetRegion returns the Region field if it's non-nil, zero value otherwise. -func (a *AmazonS3AccessKeysConfig) GetRegion() string { - if a == nil || a.Region == nil { - return "" - } - return *a.Region -} - -// GetArnRole returns the ArnRole field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetArnRole() string { - if a == nil || a.ArnRole == nil { - return "" - } - return *a.ArnRole -} - -// GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetAuthenticationType() string { - if a == nil || a.AuthenticationType == nil { - return "" - } - return *a.AuthenticationType -} - -// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetBucket() string { - if a == nil || a.Bucket == nil { - return "" - } - return *a.Bucket -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetKeyID() string { - if a == nil || a.KeyID == nil { - return "" - } - return *a.KeyID -} - -// GetRegion returns the Region field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetRegion() string { - if a == nil || a.Region == nil { - return "" - } - return *a.Region -} - // GetRef returns the Ref field if it's non-nil, zero value otherwise. func (a *AnalysesListOptions) GetRef() string { if a == nil || a.Ref == nil { @@ -1742,30 +1654,6 @@ func (a *AuditEntry) GetUserID() int64 { return *a.UserID } -// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise. -func (a *AuditLogStream) GetCreatedAt() Timestamp { - if a == nil || a.CreatedAt == nil { - return Timestamp{} - } - return *a.CreatedAt -} - -// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise. -func (a *AuditLogStream) GetEnabled() bool { - if a == nil || a.Enabled == nil { - return false - } - return *a.Enabled -} - -// GetID returns the ID field if it's non-nil, zero value otherwise. -func (a *AuditLogStream) GetID() int64 { - if a == nil || a.ID == nil { - return 0 - } - return *a.ID -} - // GetPausedAt returns the PausedAt field if it's non-nil, zero value otherwise. func (a *AuditLogStream) GetPausedAt() Timestamp { if a == nil || a.PausedAt == nil { @@ -1774,70 +1662,6 @@ func (a *AuditLogStream) GetPausedAt() Timestamp { return *a.PausedAt } -// GetStreamDetails returns the StreamDetails field if it's non-nil, zero value otherwise. -func (a *AuditLogStream) GetStreamDetails() string { - if a == nil || a.StreamDetails == nil { - return "" - } - return *a.StreamDetails -} - -// GetStreamType returns the StreamType field if it's non-nil, zero value otherwise. -func (a *AuditLogStream) GetStreamType() string { - if a == nil || a.StreamType == nil { - return "" - } - return *a.StreamType -} - -// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise. -func (a *AuditLogStream) GetUpdatedAt() Timestamp { - if a == nil || a.UpdatedAt == nil { - return Timestamp{} - } - return *a.UpdatedAt -} - -// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamConfig) GetEnabled() bool { - if a == nil || a.Enabled == nil { - return false - } - return *a.Enabled -} - -// GetStreamType returns the StreamType field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamConfig) GetStreamType() string { - if a == nil || a.StreamType == nil { - return "" - } - return *a.StreamType -} - -// GetVendorSpecific returns the VendorSpecific field. -func (a *AuditLogStreamConfig) GetVendorSpecific() *AuditLogStreamVendorConfig { - if a == nil { - return nil - } - return a.VendorSpecific -} - -// GetKey returns the Key field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamKey) GetKey() string { - if a == nil || a.Key == nil { - return "" - } - return *a.Key -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamKey) GetKeyID() string { - if a == nil || a.KeyID == nil { - return "" - } - return *a.KeyID -} - // GetApp returns the App field. func (a *Authorization) GetApp() *AuthorizationApp { if a == nil { @@ -2126,54 +1950,6 @@ func (a *AutoTriggerCheck) GetSetting() bool { return *a.Setting } -// GetContainer returns the Container field if it's non-nil, zero value otherwise. -func (a *AzureBlobConfig) GetContainer() string { - if a == nil || a.Container == nil { - return "" - } - return *a.Container -} - -// GetEncryptedSasURL returns the EncryptedSasURL field if it's non-nil, zero value otherwise. -func (a *AzureBlobConfig) GetEncryptedSasURL() string { - if a == nil || a.EncryptedSasURL == nil { - return "" - } - return *a.EncryptedSasURL -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AzureBlobConfig) GetKeyID() string { - if a == nil || a.KeyID == nil { - return "" - } - return *a.KeyID -} - -// GetEncryptedConnstring returns the EncryptedConnstring field if it's non-nil, zero value otherwise. -func (a *AzureHubConfig) GetEncryptedConnstring() string { - if a == nil || a.EncryptedConnstring == nil { - return "" - } - return *a.EncryptedConnstring -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AzureHubConfig) GetKeyID() string { - if a == nil || a.KeyID == nil { - return "" - } - return *a.KeyID -} - -// GetName returns the Name field if it's non-nil, zero value otherwise. -func (a *AzureHubConfig) GetName() string { - if a == nil || a.Name == nil { - return "" - } - return *a.Name -} - // GetContent returns the Content field if it's non-nil, zero value otherwise. func (b *Blob) GetContent() string { if b == nil || b.Content == nil { @@ -7886,30 +7662,6 @@ func (c *CustomRepoRoles) GetUpdatedAt() Timestamp { return *c.UpdatedAt } -// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. -func (d *DatadogConfig) GetEncryptedToken() string { - if d == nil || d.EncryptedToken == nil { - return "" - } - return *d.EncryptedToken -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (d *DatadogConfig) GetKeyID() string { - if d == nil || d.KeyID == nil { - return "" - } - return *d.KeyID -} - -// GetSite returns the Site field if it's non-nil, zero value otherwise. -func (d *DatadogConfig) GetSite() string { - if d == nil || d.Site == nil { - return "" - } - return *d.Site -} - // GetQuerySuite returns the QuerySuite field if it's non-nil, zero value otherwise. func (d *DefaultSetupConfiguration) GetQuerySuite() string { if d == nil || d.QuerySuite == nil { @@ -11350,30 +11102,6 @@ func (g *GollumEvent) GetSender() *User { return g.Sender } -// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. -func (g *GoogleCloudConfig) GetBucket() string { - if g == nil || g.Bucket == nil { - return "" - } - return *g.Bucket -} - -// GetEncryptedJSONCredentials returns the EncryptedJSONCredentials field if it's non-nil, zero value otherwise. -func (g *GoogleCloudConfig) GetEncryptedJSONCredentials() string { - if g == nil || g.EncryptedJSONCredentials == nil { - return "" - } - return *g.EncryptedJSONCredentials -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (g *GoogleCloudConfig) GetKeyID() string { - if g == nil || g.KeyID == nil { - return "" - } - return *g.KeyID -} - // GetEmail returns the Email field if it's non-nil, zero value otherwise. func (g *GPGEmail) GetEmail() string { if g == nil || g.Email == nil { @@ -11590,54 +11318,6 @@ func (h *HeadCommit) GetURL() string { return *h.URL } -// GetDomain returns the Domain field if it's non-nil, zero value otherwise. -func (h *HecConfig) GetDomain() string { - if h == nil || h.Domain == nil { - return "" - } - return *h.Domain -} - -// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. -func (h *HecConfig) GetEncryptedToken() string { - if h == nil || h.EncryptedToken == nil { - return "" - } - return *h.EncryptedToken -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (h *HecConfig) GetKeyID() string { - if h == nil || h.KeyID == nil { - return "" - } - return *h.KeyID -} - -// GetPath returns the Path field if it's non-nil, zero value otherwise. -func (h *HecConfig) GetPath() string { - if h == nil || h.Path == nil { - return "" - } - return *h.Path -} - -// GetPort returns the Port field. -func (h *HecConfig) GetPort() *uint16 { - if h == nil { - return nil - } - return h.Port -} - -// GetSSLVerify returns the SSLVerify field if it's non-nil, zero value otherwise. -func (h *HecConfig) GetSSLVerify() bool { - if h == nil || h.SSLVerify == nil { - return false - } - return *h.SSLVerify -} - // GetActive returns the Active field if it's non-nil, zero value otherwise. func (h *Hook) GetActive() bool { if h == nil || h.Active == nil { @@ -28974,46 +28654,6 @@ func (s *SourceImportAuthor) GetURL() string { return *s.URL } -// GetDomain returns the Domain field if it's non-nil, zero value otherwise. -func (s *SplunkConfig) GetDomain() string { - if s == nil || s.Domain == nil { - return "" - } - return *s.Domain -} - -// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. -func (s *SplunkConfig) GetEncryptedToken() string { - if s == nil || s.EncryptedToken == nil { - return "" - } - return *s.EncryptedToken -} - -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (s *SplunkConfig) GetKeyID() string { - if s == nil || s.KeyID == nil { - return "" - } - return *s.KeyID -} - -// GetPort returns the Port field. -func (s *SplunkConfig) GetPort() *uint16 { - if s == nil { - return nil - } - return s.Port -} - -// GetSSLVerify returns the SSLVerify field if it's non-nil, zero value otherwise. -func (s *SplunkConfig) GetSSLVerify() bool { - if s == nil || s.SSLVerify == nil { - return false - } - return *s.SSLVerify -} - // GetPrivacyLevel returns the PrivacyLevel field if it's non-nil, zero value otherwise. func (s *SponsorshipChanges) GetPrivacyLevel() string { if s == nil || s.PrivacyLevel == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index cf4faaf7b3c..14f682db504 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -980,127 +980,6 @@ func TestAllowForkSyncing_GetEnabled(tt *testing.T) { a.GetEnabled() } -func TestAmazonS3AccessKeysConfig_GetAuthenticationType(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3AccessKeysConfig{AuthenticationType: &zeroValue} - a.GetAuthenticationType() - a = &AmazonS3AccessKeysConfig{} - a.GetAuthenticationType() - a = nil - a.GetAuthenticationType() -} - -func TestAmazonS3AccessKeysConfig_GetBucket(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3AccessKeysConfig{Bucket: &zeroValue} - a.GetBucket() - a = &AmazonS3AccessKeysConfig{} - a.GetBucket() - a = nil - a.GetBucket() -} - -func TestAmazonS3AccessKeysConfig_GetEncryptedAccessKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3AccessKeysConfig{EncryptedAccessKeyID: &zeroValue} - a.GetEncryptedAccessKeyID() - a = &AmazonS3AccessKeysConfig{} - a.GetEncryptedAccessKeyID() - a = nil - a.GetEncryptedAccessKeyID() -} - -func TestAmazonS3AccessKeysConfig_GetEncryptedSecretKey(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3AccessKeysConfig{EncryptedSecretKey: &zeroValue} - a.GetEncryptedSecretKey() - a = &AmazonS3AccessKeysConfig{} - a.GetEncryptedSecretKey() - a = nil - a.GetEncryptedSecretKey() -} - -func TestAmazonS3AccessKeysConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3AccessKeysConfig{KeyID: &zeroValue} - a.GetKeyID() - a = &AmazonS3AccessKeysConfig{} - a.GetKeyID() - a = nil - a.GetKeyID() -} - -func TestAmazonS3AccessKeysConfig_GetRegion(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3AccessKeysConfig{Region: &zeroValue} - a.GetRegion() - a = &AmazonS3AccessKeysConfig{} - a.GetRegion() - a = nil - a.GetRegion() -} - -func TestAmazonS3OIDCConfig_GetArnRole(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3OIDCConfig{ArnRole: &zeroValue} - a.GetArnRole() - a = &AmazonS3OIDCConfig{} - a.GetArnRole() - a = nil - a.GetArnRole() -} - -func TestAmazonS3OIDCConfig_GetAuthenticationType(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3OIDCConfig{AuthenticationType: &zeroValue} - a.GetAuthenticationType() - a = &AmazonS3OIDCConfig{} - a.GetAuthenticationType() - a = nil - a.GetAuthenticationType() -} - -func TestAmazonS3OIDCConfig_GetBucket(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3OIDCConfig{Bucket: &zeroValue} - a.GetBucket() - a = &AmazonS3OIDCConfig{} - a.GetBucket() - a = nil - a.GetBucket() -} - -func TestAmazonS3OIDCConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3OIDCConfig{KeyID: &zeroValue} - a.GetKeyID() - a = &AmazonS3OIDCConfig{} - a.GetKeyID() - a = nil - a.GetKeyID() -} - -func TestAmazonS3OIDCConfig_GetRegion(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AmazonS3OIDCConfig{Region: &zeroValue} - a.GetRegion() - a = &AmazonS3OIDCConfig{} - a.GetRegion() - a = nil - a.GetRegion() -} - func TestAnalysesListOptions_GetRef(tt *testing.T) { tt.Parallel() var zeroValue string @@ -2298,39 +2177,6 @@ func TestAuditEntry_GetUserID(tt *testing.T) { a.GetUserID() } -func TestAuditLogStream_GetCreatedAt(tt *testing.T) { - tt.Parallel() - var zeroValue Timestamp - a := &AuditLogStream{CreatedAt: &zeroValue} - a.GetCreatedAt() - a = &AuditLogStream{} - a.GetCreatedAt() - a = nil - a.GetCreatedAt() -} - -func TestAuditLogStream_GetEnabled(tt *testing.T) { - tt.Parallel() - var zeroValue bool - a := &AuditLogStream{Enabled: &zeroValue} - a.GetEnabled() - a = &AuditLogStream{} - a.GetEnabled() - a = nil - a.GetEnabled() -} - -func TestAuditLogStream_GetID(tt *testing.T) { - tt.Parallel() - var zeroValue int64 - a := &AuditLogStream{ID: &zeroValue} - a.GetID() - a = &AuditLogStream{} - a.GetID() - a = nil - a.GetID() -} - func TestAuditLogStream_GetPausedAt(tt *testing.T) { tt.Parallel() var zeroValue Timestamp @@ -2342,91 +2188,6 @@ func TestAuditLogStream_GetPausedAt(tt *testing.T) { a.GetPausedAt() } -func TestAuditLogStream_GetStreamDetails(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AuditLogStream{StreamDetails: &zeroValue} - a.GetStreamDetails() - a = &AuditLogStream{} - a.GetStreamDetails() - a = nil - a.GetStreamDetails() -} - -func TestAuditLogStream_GetStreamType(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AuditLogStream{StreamType: &zeroValue} - a.GetStreamType() - a = &AuditLogStream{} - a.GetStreamType() - a = nil - a.GetStreamType() -} - -func TestAuditLogStream_GetUpdatedAt(tt *testing.T) { - tt.Parallel() - var zeroValue Timestamp - a := &AuditLogStream{UpdatedAt: &zeroValue} - a.GetUpdatedAt() - a = &AuditLogStream{} - a.GetUpdatedAt() - a = nil - a.GetUpdatedAt() -} - -func TestAuditLogStreamConfig_GetEnabled(tt *testing.T) { - tt.Parallel() - var zeroValue bool - a := &AuditLogStreamConfig{Enabled: &zeroValue} - a.GetEnabled() - a = &AuditLogStreamConfig{} - a.GetEnabled() - a = nil - a.GetEnabled() -} - -func TestAuditLogStreamConfig_GetStreamType(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AuditLogStreamConfig{StreamType: &zeroValue} - a.GetStreamType() - a = &AuditLogStreamConfig{} - a.GetStreamType() - a = nil - a.GetStreamType() -} - -func TestAuditLogStreamConfig_GetVendorSpecific(tt *testing.T) { - tt.Parallel() - a := &AuditLogStreamConfig{} - a.GetVendorSpecific() - a = nil - a.GetVendorSpecific() -} - -func TestAuditLogStreamKey_GetKey(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AuditLogStreamKey{Key: &zeroValue} - a.GetKey() - a = &AuditLogStreamKey{} - a.GetKey() - a = nil - a.GetKey() -} - -func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AuditLogStreamKey{KeyID: &zeroValue} - a.GetKeyID() - a = &AuditLogStreamKey{} - a.GetKeyID() - a = nil - a.GetKeyID() -} - func TestAuthorization_GetApp(tt *testing.T) { tt.Parallel() a := &Authorization{} @@ -2817,72 +2578,6 @@ func TestAutoTriggerCheck_GetSetting(tt *testing.T) { a.GetSetting() } -func TestAzureBlobConfig_GetContainer(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AzureBlobConfig{Container: &zeroValue} - a.GetContainer() - a = &AzureBlobConfig{} - a.GetContainer() - a = nil - a.GetContainer() -} - -func TestAzureBlobConfig_GetEncryptedSasURL(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AzureBlobConfig{EncryptedSasURL: &zeroValue} - a.GetEncryptedSasURL() - a = &AzureBlobConfig{} - a.GetEncryptedSasURL() - a = nil - a.GetEncryptedSasURL() -} - -func TestAzureBlobConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AzureBlobConfig{KeyID: &zeroValue} - a.GetKeyID() - a = &AzureBlobConfig{} - a.GetKeyID() - a = nil - a.GetKeyID() -} - -func TestAzureHubConfig_GetEncryptedConnstring(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AzureHubConfig{EncryptedConnstring: &zeroValue} - a.GetEncryptedConnstring() - a = &AzureHubConfig{} - a.GetEncryptedConnstring() - a = nil - a.GetEncryptedConnstring() -} - -func TestAzureHubConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AzureHubConfig{KeyID: &zeroValue} - a.GetKeyID() - a = &AzureHubConfig{} - a.GetKeyID() - a = nil - a.GetKeyID() -} - -func TestAzureHubConfig_GetName(tt *testing.T) { - tt.Parallel() - var zeroValue string - a := &AzureHubConfig{Name: &zeroValue} - a.GetName() - a = &AzureHubConfig{} - a.GetName() - a = nil - a.GetName() -} - func TestBlob_GetContent(tt *testing.T) { tt.Parallel() var zeroValue string @@ -10326,39 +10021,6 @@ func TestCustomRepoRoles_GetUpdatedAt(tt *testing.T) { c.GetUpdatedAt() } -func TestDatadogConfig_GetEncryptedToken(tt *testing.T) { - tt.Parallel() - var zeroValue string - d := &DatadogConfig{EncryptedToken: &zeroValue} - d.GetEncryptedToken() - d = &DatadogConfig{} - d.GetEncryptedToken() - d = nil - d.GetEncryptedToken() -} - -func TestDatadogConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - d := &DatadogConfig{KeyID: &zeroValue} - d.GetKeyID() - d = &DatadogConfig{} - d.GetKeyID() - d = nil - d.GetKeyID() -} - -func TestDatadogConfig_GetSite(tt *testing.T) { - tt.Parallel() - var zeroValue string - d := &DatadogConfig{Site: &zeroValue} - d.GetSite() - d = &DatadogConfig{} - d.GetSite() - d = nil - d.GetSite() -} - func TestDefaultSetupConfiguration_GetQuerySuite(tt *testing.T) { tt.Parallel() var zeroValue string @@ -14759,39 +14421,6 @@ func TestGollumEvent_GetSender(tt *testing.T) { g.GetSender() } -func TestGoogleCloudConfig_GetBucket(tt *testing.T) { - tt.Parallel() - var zeroValue string - g := &GoogleCloudConfig{Bucket: &zeroValue} - g.GetBucket() - g = &GoogleCloudConfig{} - g.GetBucket() - g = nil - g.GetBucket() -} - -func TestGoogleCloudConfig_GetEncryptedJSONCredentials(tt *testing.T) { - tt.Parallel() - var zeroValue string - g := &GoogleCloudConfig{EncryptedJSONCredentials: &zeroValue} - g.GetEncryptedJSONCredentials() - g = &GoogleCloudConfig{} - g.GetEncryptedJSONCredentials() - g = nil - g.GetEncryptedJSONCredentials() -} - -func TestGoogleCloudConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - g := &GoogleCloudConfig{KeyID: &zeroValue} - g.GetKeyID() - g = &GoogleCloudConfig{} - g.GetKeyID() - g = nil - g.GetKeyID() -} - func TestGPGEmail_GetEmail(tt *testing.T) { tt.Parallel() var zeroValue string @@ -15080,69 +14709,6 @@ func TestHeadCommit_GetURL(tt *testing.T) { h.GetURL() } -func TestHecConfig_GetDomain(tt *testing.T) { - tt.Parallel() - var zeroValue string - h := &HecConfig{Domain: &zeroValue} - h.GetDomain() - h = &HecConfig{} - h.GetDomain() - h = nil - h.GetDomain() -} - -func TestHecConfig_GetEncryptedToken(tt *testing.T) { - tt.Parallel() - var zeroValue string - h := &HecConfig{EncryptedToken: &zeroValue} - h.GetEncryptedToken() - h = &HecConfig{} - h.GetEncryptedToken() - h = nil - h.GetEncryptedToken() -} - -func TestHecConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - h := &HecConfig{KeyID: &zeroValue} - h.GetKeyID() - h = &HecConfig{} - h.GetKeyID() - h = nil - h.GetKeyID() -} - -func TestHecConfig_GetPath(tt *testing.T) { - tt.Parallel() - var zeroValue string - h := &HecConfig{Path: &zeroValue} - h.GetPath() - h = &HecConfig{} - h.GetPath() - h = nil - h.GetPath() -} - -func TestHecConfig_GetPort(tt *testing.T) { - tt.Parallel() - h := &HecConfig{} - h.GetPort() - h = nil - h.GetPort() -} - -func TestHecConfig_GetSSLVerify(tt *testing.T) { - tt.Parallel() - var zeroValue bool - h := &HecConfig{SSLVerify: &zeroValue} - h.GetSSLVerify() - h = &HecConfig{} - h.GetSSLVerify() - h = nil - h.GetSSLVerify() -} - func TestHook_GetActive(tt *testing.T) { tt.Parallel() var zeroValue bool @@ -37393,58 +36959,6 @@ func TestSourceImportAuthor_GetURL(tt *testing.T) { s.GetURL() } -func TestSplunkConfig_GetDomain(tt *testing.T) { - tt.Parallel() - var zeroValue string - s := &SplunkConfig{Domain: &zeroValue} - s.GetDomain() - s = &SplunkConfig{} - s.GetDomain() - s = nil - s.GetDomain() -} - -func TestSplunkConfig_GetEncryptedToken(tt *testing.T) { - tt.Parallel() - var zeroValue string - s := &SplunkConfig{EncryptedToken: &zeroValue} - s.GetEncryptedToken() - s = &SplunkConfig{} - s.GetEncryptedToken() - s = nil - s.GetEncryptedToken() -} - -func TestSplunkConfig_GetKeyID(tt *testing.T) { - tt.Parallel() - var zeroValue string - s := &SplunkConfig{KeyID: &zeroValue} - s.GetKeyID() - s = &SplunkConfig{} - s.GetKeyID() - s = nil - s.GetKeyID() -} - -func TestSplunkConfig_GetPort(tt *testing.T) { - tt.Parallel() - s := &SplunkConfig{} - s.GetPort() - s = nil - s.GetPort() -} - -func TestSplunkConfig_GetSSLVerify(tt *testing.T) { - tt.Parallel() - var zeroValue bool - s := &SplunkConfig{SSLVerify: &zeroValue} - s.GetSSLVerify() - s = &SplunkConfig{} - s.GetSSLVerify() - s = nil - s.GetSSLVerify() -} - func TestSponsorshipChanges_GetPrivacyLevel(tt *testing.T) { tt.Parallel() var zeroValue string From 9d91f249864779dd782a534235195a661065e58e Mon Sep 17 00:00:00 2001 From: amreshh Date: Sun, 1 Mar 2026 11:12:21 +0100 Subject: [PATCH 16/21] refactor: inline vars in audit log stream constructor - vars in New*StreamConfig constructors have been removed, this implicitly gets converted --- github/enterprise_audit_log_stream.go | 32 +++++++-------------------- 1 file changed, 8 insertions(+), 24 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index ab7359dd2f7..18416d81548 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -118,58 +118,42 @@ func (*DatadogConfig) isAuditLogStreamVendorConfig() {} // NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { - streamType := "Azure Blob Storage" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Azure Blob Storage", VendorSpecific: cfg} } // NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { - streamType := "Azure Event Hubs" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Azure Event Hubs", VendorSpecific: cfg} } // NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { - streamType := "Amazon S3" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Amazon S3", VendorSpecific: cfg} } // NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access key auth. func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { - streamType := "Amazon S3" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Amazon S3", VendorSpecific: cfg} } // NewSplunkStreamConfig returns an AuditLogStreamConfig for Splunk. func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfig { - streamType := "Splunk" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Splunk", VendorSpecific: cfg} } // NewHecStreamConfig returns an AuditLogStreamConfig for an HTTPS Event Collector endpoint. func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { - streamType := "HTTPS Event Collector" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "HTTPS Event Collector", VendorSpecific: cfg} } // NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { - streamType := "Google Cloud Storage" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Google Cloud Storage", VendorSpecific: cfg} } // NewDatadogStreamConfig returns an AuditLogStreamConfig for Datadog. func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamConfig { - streamType := "Datadog" - v := AuditLogStreamVendorConfig(cfg) - return &AuditLogStreamConfig{Enabled: enabled, StreamType: streamType, VendorSpecific: v} + return &AuditLogStreamConfig{Enabled: enabled, StreamType: "Datadog", VendorSpecific: cfg} } // GetAuditLogStreamKey retrieves the public key used to encrypt secrets for audit log streaming. From 471ca8cb3ac2fea1dd398d23af4e1256e574a027 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sun, 1 Mar 2026 11:18:00 +0100 Subject: [PATCH 17/21] Apply suggestion from @alexandear Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 18416d81548..16e0285156a 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -230,7 +230,7 @@ func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise st // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise // //meta:operation POST /enterprises/{enterprise}/audit-log/streams -func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { +func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config AuditLogStreamConfig) (*AuditLogStream, *Response, error) { u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) req, err := s.client.NewRequest("POST", u, config) From 9cd1bf45b89e0df02b12bc987e8b8c179bd40dec Mon Sep 17 00:00:00 2001 From: amreshh Date: Sun, 1 Mar 2026 11:24:15 +0100 Subject: [PATCH 18/21] fix: update CreateAuditLogStream - CreateAuditLogStream signature changed to accept AuditLogStreamConfig by value instead of pointer. --- example/auditlogstream/main.go | 2 +- github/enterprise_audit_log_stream_test.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index 5413d60e7f2..29e7179fc55 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -129,7 +129,7 @@ func runCreate(args []string) { EncryptedSASURL: encryptedSASURL, }) - stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, ent, config) + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, ent, *config) if err != nil { log.Fatalf("Error creating audit log stream: %v", err) } diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index 5c47fe05c8d..304e1b4d85f 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -146,7 +146,7 @@ func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { }) ctx := t.Context() - stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, "e", *input) if err != nil { t.Errorf("Enterprise.CreateAuditLogStream returned error: %v", err) } @@ -163,11 +163,11 @@ func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { const methodName = "CreateAuditLogStream" testBadOptions(t, methodName, func() (err error) { - _, _, err = client.Enterprise.CreateAuditLogStream(ctx, "\n", input) + _, _, err = client.Enterprise.CreateAuditLogStream(ctx, "\n", *input) return err }) testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - got, resp, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) + got, resp, err := client.Enterprise.CreateAuditLogStream(ctx, "e", *input) if got != nil { t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) } From 71aad8acfa2369e645a9e944b898121b854f1fc6 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sun, 1 Mar 2026 14:09:35 +0100 Subject: [PATCH 19/21] Update github/enterprise_audit_log_stream.go Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 16e0285156a..478e63aec2c 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -253,7 +253,7 @@ func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-existing-audit-log-stream-configuration // //meta:operation PUT /enterprises/{enterprise}/audit-log/streams/{stream_id} -func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise string, streamID int64, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { +func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise string, streamID int64, config AuditLogStreamConfig) (*AuditLogStream, *Response, error) { u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) req, err := s.client.NewRequest("PUT", u, config) From 73109b3b9caeb743af7cb7882802275baa670749 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Sun, 1 Mar 2026 14:09:58 +0100 Subject: [PATCH 20/21] Update github/enterprise_audit_log_stream_test.go Co-authored-by: Oleksandr Redko --- github/enterprise_audit_log_stream_test.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index 304e1b4d85f..243b51c07b7 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -253,15 +253,16 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { EncryptedSASURL: "ENCRYPTED", Container: "my-container", } + got := NewAzureBlobStreamConfig(true, cfg) - if got.StreamType != "Azure Blob Storage" { - t.Errorf("NewAzureBlobStreamConfig StreamType = %v, want Azure Blob Storage", got.StreamType) - } - if !got.Enabled { - t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: true, + StreamType: "Azure Blob Storage", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewAzureBlobStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewAzureBlobStreamConfig = %+v, want %+v", got, want) } } From eaa4cde463fe28ee42ac419713ad046ec797383a Mon Sep 17 00:00:00 2001 From: amreshh Date: Sun, 1 Mar 2026 14:26:57 +0100 Subject: [PATCH 21/21] refactor: unit tests for audit log stream / usage of value params instead of pointers - unit tests have been modified for audit_log_stream to use cmp - value param used for UpdateAuditLogStream instead of pointers --- github/enterprise_audit_log_stream_test.go | 111 +++++++++++---------- 1 file changed, 59 insertions(+), 52 deletions(-) diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index 243b51c07b7..b715bc9cc96 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -193,7 +193,7 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { }) ctx := t.Context() - stream, _, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) + stream, _, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, *input) if err != nil { t.Errorf("Enterprise.UpdateAuditLogStream returned error: %v", err) } @@ -210,11 +210,11 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { const methodName = "UpdateAuditLogStream" testBadOptions(t, methodName, func() (err error) { - _, _, err = client.Enterprise.UpdateAuditLogStream(ctx, "\n", 1, input) + _, _, err = client.Enterprise.UpdateAuditLogStream(ctx, "\n", 1, *input) return err }) testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { - got, resp, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) + got, resp, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, *input) if got != nil { t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) } @@ -273,15 +273,16 @@ func TestNewAzureHubStreamConfig(t *testing.T) { EncryptedConnstring: "ENCRYPTED", KeyID: "v1", } + got := NewAzureHubStreamConfig(true, cfg) - if got.StreamType != "Azure Event Hubs" { - t.Errorf("NewAzureHubStreamConfig StreamType = %v, want Azure Event Hubs", got.StreamType) - } - if !got.Enabled { - t.Errorf("NewAzureHubStreamConfig Enabled = %v, want true", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: true, + StreamType: "Azure Event Hubs", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewAzureHubStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewAzureHubStreamConfig = %+v, want %+v", got, want) } } @@ -294,15 +295,16 @@ func TestNewAmazonS3OIDCStreamConfig(t *testing.T) { AuthenticationType: "oidc", ArnRole: "arn:aws:iam::role/my-role", } + got := NewAmazonS3OIDCStreamConfig(true, cfg) - if got.StreamType != "Amazon S3" { - t.Errorf("NewAmazonS3OIDCStreamConfig StreamType = %v, want Amazon S3", got.StreamType) - } - if !got.Enabled { - t.Errorf("NewAmazonS3OIDCStreamConfig Enabled = %v, want true", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: true, + StreamType: "Amazon S3", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewAmazonS3OIDCStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewAmazonS3OIDCStreamConfig = %+v, want %+v", got, want) } } @@ -316,15 +318,16 @@ func TestNewAmazonS3AccessKeysStreamConfig(t *testing.T) { EncryptedSecretKey: "ENCRYPTED_SECRET", EncryptedAccessKeyID: "ENCRYPTED_KEY_ID", } + got := NewAmazonS3AccessKeysStreamConfig(false, cfg) - if got.StreamType != "Amazon S3" { - t.Errorf("NewAmazonS3AccessKeysStreamConfig StreamType = %v, want Amazon S3", got.StreamType) - } - if got.Enabled { - t.Errorf("NewAmazonS3AccessKeysStreamConfig Enabled = %v, want false", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: false, + StreamType: "Amazon S3", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewAmazonS3AccessKeysStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewAmazonS3AccessKeysStreamConfig = %+v, want %+v", got, want) } } @@ -337,15 +340,16 @@ func TestNewSplunkStreamConfig(t *testing.T) { EncryptedToken: "ENCRYPTED", SSLVerify: true, } + got := NewSplunkStreamConfig(true, cfg) - if got.StreamType != "Splunk" { - t.Errorf("NewSplunkStreamConfig StreamType = %v, want Splunk", got.StreamType) - } - if !got.Enabled { - t.Errorf("NewSplunkStreamConfig Enabled = %v, want true", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: true, + StreamType: "Splunk", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewSplunkStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewSplunkStreamConfig = %+v, want %+v", got, want) } } @@ -359,15 +363,16 @@ func TestNewHecStreamConfig(t *testing.T) { Path: "/services/collector", SSLVerify: true, } + got := NewHecStreamConfig(false, cfg) - if got.StreamType != "HTTPS Event Collector" { - t.Errorf("NewHecStreamConfig StreamType = %v, want HTTPS Event Collector", got.StreamType) - } - if got.Enabled { - t.Errorf("NewHecStreamConfig Enabled = %v, want false", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: false, + StreamType: "HTTPS Event Collector", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewHecStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewHecStreamConfig = %+v, want %+v", got, want) } } @@ -378,15 +383,16 @@ func TestNewGoogleCloudStreamConfig(t *testing.T) { KeyID: "v1", EncryptedJSONCredentials: "ENCRYPTED", } + got := NewGoogleCloudStreamConfig(true, cfg) - if got.StreamType != "Google Cloud Storage" { - t.Errorf("NewGoogleCloudStreamConfig StreamType = %v, want Google Cloud Storage", got.StreamType) - } - if !got.Enabled { - t.Errorf("NewGoogleCloudStreamConfig Enabled = %v, want true", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: true, + StreamType: "Google Cloud Storage", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewGoogleCloudStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewGoogleCloudStreamConfig = %+v, want %+v", got, want) } } @@ -397,14 +403,15 @@ func TestNewDatadogStreamConfig(t *testing.T) { Site: "US", KeyID: "v1", } + got := NewDatadogStreamConfig(false, cfg) - if got.StreamType != "Datadog" { - t.Errorf("NewDatadogStreamConfig StreamType = %v, want Datadog", got.StreamType) - } - if got.Enabled { - t.Errorf("NewDatadogStreamConfig Enabled = %v, want false", got.Enabled) + + want := &AuditLogStreamConfig{ + Enabled: false, + StreamType: "Datadog", + VendorSpecific: cfg, } - if got.VendorSpecific == nil { - t.Fatal("NewDatadogStreamConfig VendorSpecific is nil") + if !cmp.Equal(got, want) { + t.Errorf("NewDatadogStreamConfig = %+v, want %+v", got, want) } }