From 2c823083d0d9699ebc5c7517b2adf4a4e7818fc8 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Mon, 23 Feb 2026 12:08:28 +0100 Subject: [PATCH 1/7] audit_log_stream Signed-off-by: amreshh <20923769+amreshh@users.noreply.github.com> --- github/enterprise_audit_log_stream.go | 266 +++++++++++++++++++++ github/enterprise_audit_log_stream_test.go | 160 +++++++++++++ github/github-accessors.go | 24 ++ github/github-accessors_test.go | 33 +++ 4 files changed, 483 insertions(+) create mode 100644 github/enterprise_audit_log_stream.go create mode 100644 github/enterprise_audit_log_stream_test.go diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go new file mode 100644 index 00000000000..b54e970f50b --- /dev/null +++ b/github/enterprise_audit_log_stream.go @@ -0,0 +1,266 @@ +// Copyright 2026 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +import ( + "context" + "encoding/json" + "fmt" +) + +// AuditLogStream represents an audit log stream configuration for an enterprise. +type AuditLogStream struct { + ID *int64 `json:"id,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + StreamDetails json.RawMessage `json:"stream_details,omitempty"` + Enabled *bool `json:"enabled,omitempty"` + CreatedAt *Timestamp `json:"created_at,omitempty"` + UpdatedAt *Timestamp `json:"updated_at,omitempty"` + PausedAt *Timestamp `json:"paused_at,omitempty"` +} + +// AuditLogStreamConfig represents a configuration for creating/updating an audit log stream. +type AuditLogStreamConfig struct { + Enabled *bool `json:"enabled,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + VendorSpecific AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` +} + +// AuditLogStreamVendorConfig is a marker interface for vendor-specific audit log +// stream configurations. +type AuditLogStreamVendorConfig interface { + isAuditLogStreamVendorConfig() +} + +// AzureBlobConfig represents vendor specific config for Azure Blob Storage. +type AzureBlobConfig struct { + KeyID *string `json:"key_id,omitempty"` + EncryptedSASURL *string `json:"encrypted_sas_url,omitempty"` + Container *string `json:"container,omitempty"` +} + +// AzureHubConfig represents vendor specific config for Azure Event Hubs. +type AzureHubConfig struct { + Name *string `json:"name,omitempty"` + EncryptedConnString *string `json:"encrypted_connstring,omitempty"` + KeyID *string `json:"key_id,omitempty"` +} + +// AmazonS3OIDCConfig represents vendor specific config for Amazon S3 with OIDC authentication. +type AmazonS3OIDCConfig struct { + Bucket *string `json:"bucket,omitempty"` + Region *string `json:"region,omitempty"` + KeyID *string `json:"key_id,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` + ARNRole *string `json:"arn_role,omitempty"` +} + +// AmazonS3AccessKeysConfig represents vendor specific config for Amazon S3 with access keys authentication. +type AmazonS3AccessKeysConfig struct { + Bucket *string `json:"bucket,omitempty"` + Region *string `json:"region,omitempty"` + KeyID *string `json:"key_id,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` + EncryptedSecretKey *string `json:"encrypted_secret_key,omitempty"` + EncryptedAccessKeyID *string `json:"encrypted_access_key_id,omitempty"` +} + +// SplunkConfig represents vendor specific config for Splunk. +type SplunkConfig struct { + Domain *string `json:"domain,omitempty"` + Port *uint16 `json:"port,omitempty"` + KeyID *string `json:"key_id,omitempty"` + EncryptedToken *string `json:"encrypted_token,omitempty"` + SSLVerify *bool `json:"ssl_verify,omitempty"` +} + +// HecConfig represents vendor specific config for HTTPS Event Collector. +type HecConfig struct { + Domain *string `json:"domain,omitempty"` + Port *uint16 `json:"port,omitempty"` + KeyID *string `json:"key_id,omitempty"` + EncryptedToken *string `json:"encrypted_token,omitempty"` + Path *string `json:"path,omitempty"` + SSLVerify *bool `json:"ssl_verify,omitempty"` +} + +// GoogleCloudConfig represents vendor specific config for Google Cloud Storage. +type GoogleCloudConfig struct { + Bucket *string `json:"bucket,omitempty"` + KeyID *string `json:"key_id,omitempty"` + EncryptedJSONCredentials *string `json:"encrypted_json_credentials,omitempty"` +} + +// DatadogConfig represents vendor specific config for Datadog. +type DatadogConfig struct { + EncryptedToken *string `json:"encrypted_token,omitempty"` + Site *string `json:"site,omitempty"` // Can be one of: US, US3, US5, EU1, US1-FED, AP1 + KeyID *string `json:"key_id,omitempty"` +} + +// Implement the marker interface for all vendor config types. +func (*AzureBlobConfig) isAuditLogStreamVendorConfig() {} +func (*AzureHubConfig) isAuditLogStreamVendorConfig() {} +func (*AmazonS3OIDCConfig) isAuditLogStreamVendorConfig() {} +func (*AmazonS3AccessKeysConfig) isAuditLogStreamVendorConfig() {} +func (*SplunkConfig) isAuditLogStreamVendorConfig() {} +func (*HecConfig) isAuditLogStreamVendorConfig() {} +func (*GoogleCloudConfig) isAuditLogStreamVendorConfig() {} +func (*DatadogConfig) isAuditLogStreamVendorConfig() {} + +// Helper functions for constructing AuditLogStreamConfig per vendor type. + +// NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. +func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { + streamType := "AzureBlobStorage" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. +func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { + streamType := "AzureHubs" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. +func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { + streamType := "AmazonS3" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access keys auth. +func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { + streamType := "AmazonS3" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewSplunkStreamConfig returns an AuditLogStreamConfig for Splunk. +func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfig { + streamType := "Splunk" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewHecStreamConfig returns an AuditLogStreamConfig for HTTPS Event Collector. +func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { + streamType := "Hec" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. +func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { + streamType := "GoogleCloudStorage" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// NewDatadogStreamConfig returns an AuditLogStreamConfig for Datadog. +func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamConfig { + streamType := "Datadog" + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} +} + +// ListAuditLogStreams lists the audit log stream configurations for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#list-audit-log-stream-configurations-for-an-enterprise +// +//meta:operation GET /enterprises/{enterprise}/audit-log/streams +func (s *EnterpriseService) ListAuditLogStreams(ctx context.Context, enterprise string) ([]*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + var streams []*AuditLogStream + resp, err := s.client.Do(ctx, req, &streams) + if err != nil { + return nil, resp, err + } + + return streams, resp, nil +} + +// CreateAuditLogStream creates an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation POST /enterprises/{enterprise}/audit-log/streams +func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) + + req, err := s.client.NewRequest("POST", u, config) + if err != nil { + return nil, nil, err + } + + var stream *AuditLogStream + resp, err := s.client.Do(ctx, req, &stream) + if err != nil { + return nil, resp, err + } + + return stream, resp, nil +} + +// GetAuditLogStream gets an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + var stream *AuditLogStream + resp, err := s.client.Do(ctx, req, &stream) + if err != nil { + return nil, resp, err + } + + return stream, resp, nil +} + +// UpdateAuditLogStream updates an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation PATCH /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise string, streamID int64, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) + + req, err := s.client.NewRequest("PATCH", u, config) + if err != nil { + return nil, nil, err + } + + var stream *AuditLogStream + resp, err := s.client.Do(ctx, req, &stream) + if err != nil { + return nil, resp, err + } + + return stream, resp, nil +} + +// DeleteAuditLogStream deletes an audit log streaming configuration for an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#delete-an-audit-log-streaming-configuration-for-an-enterprise +// +//meta:operation DELETE /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) DeleteAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) + + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } + + return s.client.Do(ctx, req, nil) +} diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go new file mode 100644 index 00000000000..b0f59441690 --- /dev/null +++ b/github/enterprise_audit_log_stream_test.go @@ -0,0 +1,160 @@ +// Copyright 2021 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package github + +// func TestEnterpriseService_CreateAuditStream(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "POST") + +// fmt.Fprint(w, `{ +// "id": 1, +// "stream_type": "Azure Blob Storage", +// "stream_details": "US", +// "enabled": true, +// "created_at": "2024-06-06T08:00:00Z", +// "updated_at": "2024-06-06T08:00:00Z", +// "paused_at": null +// }`) +// }) + +// ctx := context.Background() +// config := &AuditStreamConfig{ +// Enabled: true, +// StreamType: "Azure Blob Storage", +// VendorSpecific: AzureBlobConfig{ +// KeyID: "123", +// EncryptedSASURL: "base64-encrypted-sas-url", +// }, +// } + +// stream, resp, err := client.Enterprise.CreateAuditStream(ctx, "e", config) +// if err != nil { +// t.Fatalf("CreateAuditStream returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil HTTP response") +// } +// if stream == nil { +// t.Fatal("expected non-nil AuditStreamEntry") +// } +// if stream.ID != 1 { +// t.Errorf("ID = %d, want 1", stream.ID) +// } +// if stream.StreamType != "Azure Blob Storage" { +// t.Errorf("StreamType = %q, want %q", stream.StreamType, "Azure Blob Storage") +// } +// if !stream.Enabled { +// t.Errorf("Enabled = %v, want true", stream.Enabled) +// } +// } + +// func TestEnterpriseService_GetAuditStream(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "GET") +// testHeader(t, r, "Accept", "application/vnd.github+json") +// fmt.Fprint(w, `{"id":42,"stream_type":"Azure Blob Storage","enabled":true}`) +// }) + +// got, resp, err := client.Enterprise.GetAuditStream(context.Background(), "e", 42) +// if err != nil { +// t.Fatalf("GetAuditStream returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil response") +// } +// if got == nil || got.ID != 42 || !got.Enabled || got.StreamType != "Azure Blob Storage" { +// t.Fatalf("unexpected stream: %+v", got) +// } +// } + +// func TestEnterpriseService_ListAuditStreams(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "GET") +// fmt.Fprint(w, `[ +// { +// "id": 1, +// "stream_type": "Azure Blob Storage", +// "stream_details": "US", +// "enabled": true, +// "created_at": "2024-06-06T08:00:00Z", +// "updated_at": "2024-06-06T08:00:00Z", +// "paused_at": null, +// "vendor_specific": { +// "key_id": "k1", +// "encrypted_sas_url": "enc1" +// } +// }, +// { +// "id": 2, +// "stream_type": "Azure Blob Storage", +// "stream_details": "EU", +// "enabled": false, +// "created_at": "2024-06-07T08:00:00Z", +// "updated_at": "2024-06-07T08:00:00Z", +// "paused_at": null, +// "vendor_specific": { +// "key_id": "k2", +// "encrypted_sas_url": "enc2" +// } +// } +// ]`) +// }) + +// ctx := context.Background() +// got, resp, err := client.Enterprise.ListAuditStreams(ctx, "e") +// if err != nil { +// t.Fatalf("ListAuditStreams returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil response") +// } +// if len(got) != 2 { +// t.Fatalf("len(streams) = %d, want 2", len(got)) +// } +// if got[0].ID != 1 { +// t.Errorf("streams[0].ID = %d, want 1", got[0].ID) +// } +// if got[0].StreamType != "Azure Blob Storage" { +// t.Errorf("streams[0].StreamType = %q, want %q", got[0].StreamType, "Azure Blob Storage") +// } +// if !got[0].Enabled { +// t.Errorf("streams[0].Enabled = %v, want true", got[0].Enabled) +// } +// if got[1].Enabled { +// t.Errorf("streams[1].Enabled = %v, want false", got[1].Enabled) +// } +// } + +// func TestEnterpriseService_DeleteAuditStream(t *testing.T) { +// t.Parallel() +// client, mux, _ := setup(t) + +// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { +// testMethod(t, r, "DELETE") +// w.WriteHeader(http.StatusNoContent) // 204 +// }) + +// ctx := context.Background() +// resp, err := client.Enterprise.DeleteAuditStream(ctx, "e", 42) +// if err != nil { +// t.Fatalf("DeleteAuditStream returned error: %v", err) +// } +// if resp == nil { +// t.Fatal("expected non-nil response") +// } +// if resp.Response.StatusCode != http.StatusNoContent { +// t.Errorf("StatusCode = %d, want %d", resp.Response.StatusCode, http.StatusNoContent) +// } +// } diff --git a/github/github-accessors.go b/github/github-accessors.go index 73ff2a4f3fa..e6b5980508a 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -1654,6 +1654,30 @@ func (a *AuditEntry) GetUserID() int64 { return *a.UserID } +// GetID returns the ID field if it's non-nil, zero value otherwise. +func (a *AuditStream) GetID() int { + if a == nil || a.ID == nil { + return 0 + } + return *a.ID +} + +// GetPausedAt returns the PausedAt field if it's non-nil, zero value otherwise. +func (a *AuditStream) GetPausedAt() time.Time { + if a == nil || a.PausedAt == nil { + return time.Time{} + } + return *a.PausedAt +} + +// GetVendorSpecific returns the VendorSpecific field if it's non-nil, zero value otherwise. +func (a *AuditStream) GetVendorSpecific() map[string]string { + if a == nil || a.VendorSpecific == nil { + return map[string]string{} + } + return *a.VendorSpecific +} + // GetApp returns the App field. func (a *Authorization) GetApp() *AuthorizationApp { if a == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index ef28f61d699..3b2c8bb6ef5 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -2177,6 +2177,39 @@ func TestAuditEntry_GetUserID(tt *testing.T) { a.GetUserID() } +func TestAuditStream_GetID(tt *testing.T) { + tt.Parallel() + var zeroValue int + a := &AuditStream{ID: &zeroValue} + a.GetID() + a = &AuditStream{} + a.GetID() + a = nil + a.GetID() +} + +func TestAuditStream_GetPausedAt(tt *testing.T) { + tt.Parallel() + var zeroValue time.Time + a := &AuditStream{PausedAt: &zeroValue} + a.GetPausedAt() + a = &AuditStream{} + a.GetPausedAt() + a = nil + a.GetPausedAt() +} + +func TestAuditStream_GetVendorSpecific(tt *testing.T) { + tt.Parallel() + var zeroValue map[string]string + a := &AuditStream{VendorSpecific: &zeroValue} + a.GetVendorSpecific() + a = &AuditStream{} + a.GetVendorSpecific() + a = nil + a.GetVendorSpecific() +} + func TestAuthorization_GetApp(tt *testing.T) { tt.Parallel() a := &Authorization{} From 754bdeedb911bd5cfa34e78f7c1104e567d2bd23 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Mon, 23 Feb 2026 13:16:02 +0100 Subject: [PATCH 2/7] example added for azure blob storage, accessors re-generated / openapi operations updated --- example/auditlogstream/main.go | 180 ++++++++ github/enterprise_audit_log_stream.go | 117 +++-- github/enterprise_audit_log_stream_test.go | 431 +++++++++++------- github/github-accessors.go | 352 ++++++++++++++- github/github-accessors_test.go | 486 ++++++++++++++++++++- 5 files changed, 1346 insertions(+), 220 deletions(-) create mode 100644 example/auditlogstream/main.go diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go new file mode 100644 index 00000000000..939a3c131fa --- /dev/null +++ b/example/auditlogstream/main.go @@ -0,0 +1,180 @@ +// Copyright 2026 The go-github AUTHORS. All rights reserved. +// +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// The auditlogstream command demonstrates managing enterprise audit log +// streams for Azure Blob Storage using the go-github library. +// +// Usage — create (github.com): +// +// export GITHUB_AUTH_TOKEN= +// go run main.go create \ +// -enterprise=my-enterprise \ +// -container=my-container \ +// -sas-url= +// +// Usage — create (GitHub Enterprise Server): +// +// export GITHUB_AUTH_TOKEN= +// go run main.go create \ +// -base-url=https://github.example.com/api/v3/ \ +// -enterprise=my-enterprise \ +// -container=my-container \ +// -sas-url= +// +// Usage — delete: +// +// export GITHUB_AUTH_TOKEN= +// go run main.go delete \ +// -base-url=https://github.example.com/api/v3/ \ +// -enterprise=my-enterprise \ +// -stream-id=42 +package main + +import ( + "context" + "crypto/rand" + "encoding/base64" + "flag" + "fmt" + "log" + "os" + + "github.com/google/go-github/v83/github" + "golang.org/x/crypto/nacl/box" +) + +// encryptSecret encrypts a plain-text secret using libsodium's sealed box +// (crypto_box_seal), which is what GitHub's API expects for encrypted credentials. +func encryptSecret(publicKeyB64, secret string) (string, error) { + publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKeyB64) + if err != nil { + return "", fmt.Errorf("decoding public key: %w", err) + } + if len(publicKeyBytes) != 32 { + return "", fmt.Errorf("public key must be 32 bytes, got %d", len(publicKeyBytes)) + } + var publicKey [32]byte + copy(publicKey[:], publicKeyBytes) + + encrypted, err := box.SealAnonymous(nil, []byte(secret), &publicKey, rand.Reader) + if err != nil { + return "", fmt.Errorf("encrypting secret: %w", err) + } + + return base64.StdEncoding.EncodeToString(encrypted), nil +} + +func main() { + if len(os.Args) < 2 { + fmt.Fprintf(os.Stderr, "Usage: %s [flags]\n", os.Args[0]) + os.Exit(1) + } + + switch os.Args[1] { + case "create": + runCreate(os.Args[2:]) + case "delete": + runDelete(os.Args[2:]) + default: + fmt.Fprintf(os.Stderr, "Unknown command %q. Must be one of: create, delete\n", os.Args[1]) + os.Exit(1) + } +} + +func runCreate(args []string) { + fs := flag.NewFlagSet("create", flag.ExitOnError) + baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") + enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + container := fs.String("container", "", "Azure Blob Storage container name (required).") + sasURL := fs.String("sas-url", "", "Plain-text Azure SAS URL to encrypt and submit (required).") + enabled := fs.Bool("enabled", true, "Whether the stream should be enabled immediately.") + fs.Parse(args) + + token := requireEnv("GITHUB_AUTH_TOKEN") + requireFlag("enterprise", *enterprise) + requireFlag("container", *container) + requireFlag("sas-url", *sasURL) + + ctx := context.Background() + client := newClient(token, *baseURL) + + // Step 1: Fetch the enterprise's public streaming key. + streamKey, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, *enterprise) + if err != nil { + log.Fatalf("Error fetching audit log stream key: %v", err) + } + fmt.Printf("Retrieved stream key ID: %s\n", streamKey.GetKeyID()) + + // Step 2: Encrypt the SAS URL using the public key (sealed box / crypto_box_seal). + encryptedSASURL, err := encryptSecret(streamKey.GetPublicKey(), *sasURL) + if err != nil { + log.Fatalf("Error encrypting SAS URL: %v", err) + } + fmt.Println("SAS URL encrypted successfully.") + + // Step 3: Create the audit log stream. + config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ + KeyID: streamKey.KeyID, + Container: github.Ptr(*container), + EncryptedSASURL: github.Ptr(encryptedSASURL), + }) + + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, *enterprise, config) + if err != nil { + log.Fatalf("Error creating audit log stream: %v", err) + } + + fmt.Printf("Successfully created audit log stream:\n") + fmt.Printf(" ID: %d\n", stream.GetID()) + fmt.Printf(" Type: %s\n", stream.GetStreamType()) + fmt.Printf(" Enabled: %v\n", stream.GetEnabled()) + fmt.Printf(" Created at: %v\n", stream.GetCreatedAt()) +} + +func runDelete(args []string) { + fs := flag.NewFlagSet("delete", flag.ExitOnError) + baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") + enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + streamID := fs.Int64("stream-id", 0, "ID of the audit log stream to delete (required).") + fs.Parse(args) + + token := requireEnv("GITHUB_AUTH_TOKEN") + requireFlag("enterprise", *enterprise) + if *streamID == 0 { + log.Fatal("flag -stream-id is required") + } + + ctx := context.Background() + client := newClient(token, *baseURL) + + _, err := client.Enterprise.DeleteAuditLogStream(ctx, *enterprise, *streamID) + if err != nil { + log.Fatalf("Error deleting audit log stream: %v", err) + } + + fmt.Printf("Successfully deleted audit log stream %d.\n", *streamID) +} + +func newClient(token, baseURL string) *github.Client { + client, err := github.NewClient(nil).WithAuthToken(token).WithEnterpriseURLs(baseURL, baseURL) + if err != nil { + log.Fatalf("Error creating GitHub client: %v", err) + } + return client +} + +func requireEnv(name string) string { + val := os.Getenv(name) + if val == "" { + log.Fatalf("environment variable %s is not set", name) + } + return val +} + +func requireFlag(name, val string) { + if val == "" { + log.Fatalf("flag -%s is required", name) + } +} diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index b54e970f50b..6e18b9f558b 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -7,22 +7,21 @@ package github import ( "context" - "encoding/json" "fmt" ) // AuditLogStream represents an audit log stream configuration for an enterprise. type AuditLogStream struct { - ID *int64 `json:"id,omitempty"` - StreamType *string `json:"stream_type,omitempty"` - StreamDetails json.RawMessage `json:"stream_details,omitempty"` - Enabled *bool `json:"enabled,omitempty"` - CreatedAt *Timestamp `json:"created_at,omitempty"` - UpdatedAt *Timestamp `json:"updated_at,omitempty"` - PausedAt *Timestamp `json:"paused_at,omitempty"` + ID *int64 `json:"id,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + StreamDetails *string `json:"stream_details,omitempty"` + Enabled *bool `json:"enabled,omitempty"` + CreatedAt *Timestamp `json:"created_at,omitempty"` + UpdatedAt *Timestamp `json:"updated_at,omitempty"` + PausedAt *Timestamp `json:"paused_at,omitempty"` } -// AuditLogStreamConfig represents a configuration for creating/updating an audit log stream. +// AuditLogStreamConfig represents a configuration for creating or updating an audit log stream. type AuditLogStreamConfig struct { Enabled *bool `json:"enabled,omitempty"` StreamType *string `json:"stream_type,omitempty"` @@ -35,40 +34,46 @@ type AuditLogStreamVendorConfig interface { isAuditLogStreamVendorConfig() } -// AzureBlobConfig represents vendor specific config for Azure Blob Storage. +// AuditLogStreamKey represents the public key used to encrypt secrets for audit log streaming. +type AuditLogStreamKey struct { + KeyID *string `json:"key_id,omitempty"` + PublicKey *string `json:"key,omitempty"` +} + +// AzureBlobConfig represents vendor-specific config for Azure Blob Storage. type AzureBlobConfig struct { KeyID *string `json:"key_id,omitempty"` EncryptedSASURL *string `json:"encrypted_sas_url,omitempty"` Container *string `json:"container,omitempty"` } -// AzureHubConfig represents vendor specific config for Azure Event Hubs. +// AzureHubConfig represents vendor-specific config for Azure Event Hubs. type AzureHubConfig struct { Name *string `json:"name,omitempty"` EncryptedConnString *string `json:"encrypted_connstring,omitempty"` KeyID *string `json:"key_id,omitempty"` } -// AmazonS3OIDCConfig represents vendor specific config for Amazon S3 with OIDC authentication. +// AmazonS3OIDCConfig represents vendor-specific config for Amazon S3 with OIDC authentication. type AmazonS3OIDCConfig struct { Bucket *string `json:"bucket,omitempty"` Region *string `json:"region,omitempty"` KeyID *string `json:"key_id,omitempty"` - AuthenticationType *string `json:"authentication_type,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "oidc" ARNRole *string `json:"arn_role,omitempty"` } -// AmazonS3AccessKeysConfig represents vendor specific config for Amazon S3 with access keys authentication. +// AmazonS3AccessKeysConfig represents vendor-specific config for Amazon S3 with access key authentication. type AmazonS3AccessKeysConfig struct { Bucket *string `json:"bucket,omitempty"` Region *string `json:"region,omitempty"` KeyID *string `json:"key_id,omitempty"` - AuthenticationType *string `json:"authentication_type,omitempty"` + AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "access_keys" EncryptedSecretKey *string `json:"encrypted_secret_key,omitempty"` EncryptedAccessKeyID *string `json:"encrypted_access_key_id,omitempty"` } -// SplunkConfig represents vendor specific config for Splunk. +// SplunkConfig represents vendor-specific config for Splunk. type SplunkConfig struct { Domain *string `json:"domain,omitempty"` Port *uint16 `json:"port,omitempty"` @@ -77,7 +82,7 @@ type SplunkConfig struct { SSLVerify *bool `json:"ssl_verify,omitempty"` } -// HecConfig represents vendor specific config for HTTPS Event Collector. +// HecConfig represents vendor-specific config for an HTTPS Event Collector (HEC) endpoint. type HecConfig struct { Domain *string `json:"domain,omitempty"` Port *uint16 `json:"port,omitempty"` @@ -87,17 +92,17 @@ type HecConfig struct { SSLVerify *bool `json:"ssl_verify,omitempty"` } -// GoogleCloudConfig represents vendor specific config for Google Cloud Storage. +// GoogleCloudConfig represents vendor-specific config for Google Cloud Storage. type GoogleCloudConfig struct { Bucket *string `json:"bucket,omitempty"` KeyID *string `json:"key_id,omitempty"` EncryptedJSONCredentials *string `json:"encrypted_json_credentials,omitempty"` } -// DatadogConfig represents vendor specific config for Datadog. +// DatadogConfig represents vendor-specific config for Datadog. type DatadogConfig struct { EncryptedToken *string `json:"encrypted_token,omitempty"` - Site *string `json:"site,omitempty"` // Can be one of: US, US3, US5, EU1, US1-FED, AP1 + Site *string `json:"site,omitempty"` // One of: US, US3, US5, EU1, US1-FED, AP1 KeyID *string `json:"key_id,omitempty"` } @@ -111,29 +116,29 @@ func (*HecConfig) isAuditLogStreamVendorConfig() {} func (*GoogleCloudConfig) isAuditLogStreamVendorConfig() {} func (*DatadogConfig) isAuditLogStreamVendorConfig() {} -// Helper functions for constructing AuditLogStreamConfig per vendor type. +// Helper constructors for AuditLogStreamConfig. // NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { - streamType := "AzureBlobStorage" + streamType := "Azure Blob Storage" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } // NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { - streamType := "AzureHubs" + streamType := "Azure Event Hubs" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } // NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { - streamType := "AmazonS3" + streamType := "Amazon S3" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } -// NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access keys auth. +// NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access key auth. func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { - streamType := "AmazonS3" + streamType := "Amazon S3" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } @@ -143,15 +148,15 @@ func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfi return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } -// NewHecStreamConfig returns an AuditLogStreamConfig for HTTPS Event Collector. +// NewHecStreamConfig returns an AuditLogStreamConfig for an HTTPS Event Collector endpoint. func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { - streamType := "Hec" + streamType := "HTTPS Event Collector" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } // NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { - streamType := "GoogleCloudStorage" + streamType := "Google Cloud Storage" return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } @@ -161,6 +166,30 @@ func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamCon return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} } +// GetAuditLogStreamKey retrieves the public key used to encrypt secrets for audit log streaming. +// Credentials must be encrypted with this key before being submitted via CreateAuditLogStream +// or UpdateAuditLogStream. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-streaming-key-for-an-enterprise +// +//meta:operation GET /enterprises/{enterprise}/audit-log/stream-key +func (s *EnterpriseService) GetAuditLogStreamKey(ctx context.Context, enterprise string) (*AuditLogStreamKey, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/stream-key", enterprise) + + req, err := s.client.NewRequest("GET", u, nil) + if err != nil { + return nil, nil, err + } + + var key *AuditLogStreamKey + resp, err := s.client.Do(ctx, req, &key) + if err != nil { + return nil, resp, err + } + + return key, resp, nil +} + // ListAuditLogStreams lists the audit log stream configurations for an enterprise. // // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#list-audit-log-stream-configurations-for-an-enterprise @@ -183,15 +212,15 @@ func (s *EnterpriseService) ListAuditLogStreams(ctx context.Context, enterprise return streams, resp, nil } -// CreateAuditLogStream creates an audit log streaming configuration for an enterprise. +// GetAuditLogStream gets a single audit log stream configuration for an enterprise. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise // -//meta:operation POST /enterprises/{enterprise}/audit-log/streams -func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { - u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) +//meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} +func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) - req, err := s.client.NewRequest("POST", u, config) + req, err := s.client.NewRequest("GET", u, nil) if err != nil { return nil, nil, err } @@ -205,15 +234,16 @@ func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise return stream, resp, nil } -// GetAuditLogStream gets an audit log streaming configuration for an enterprise. +// CreateAuditLogStream creates an audit log streaming configuration for an enterprise. +// Credentials in the config must be encrypted using the key returned by GetAuditLogStreamKey. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#create-an-audit-log-streaming-configuration-for-an-enterprise // -//meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} -func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { - u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) +//meta:operation POST /enterprises/{enterprise}/audit-log/streams +func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise string, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { + u := fmt.Sprintf("enterprises/%v/audit-log/streams", enterprise) - req, err := s.client.NewRequest("GET", u, nil) + req, err := s.client.NewRequest("POST", u, config) if err != nil { return nil, nil, err } @@ -227,7 +257,8 @@ func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise st return stream, resp, nil } -// UpdateAuditLogStream updates an audit log streaming configuration for an enterprise. +// UpdateAuditLogStream updates an existing audit log stream configuration for an enterprise. +// Credentials in the config must be encrypted using the key returned by GetAuditLogStreamKey. // // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-audit-log-streaming-configuration-for-an-enterprise // @@ -249,7 +280,7 @@ func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise return stream, resp, nil } -// DeleteAuditLogStream deletes an audit log streaming configuration for an enterprise. +// DeleteAuditLogStream deletes an audit log stream configuration for an enterprise. // // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#delete-an-audit-log-streaming-configuration-for-an-enterprise // diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index b0f59441690..d29cf8c02f9 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -1,160 +1,283 @@ -// Copyright 2021 The go-github AUTHORS. All rights reserved. +// Copyright 2026 The go-github AUTHORS. All rights reserved. // // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package github -// func TestEnterpriseService_CreateAuditStream(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "POST") - -// fmt.Fprint(w, `{ -// "id": 1, -// "stream_type": "Azure Blob Storage", -// "stream_details": "US", -// "enabled": true, -// "created_at": "2024-06-06T08:00:00Z", -// "updated_at": "2024-06-06T08:00:00Z", -// "paused_at": null -// }`) -// }) - -// ctx := context.Background() -// config := &AuditStreamConfig{ -// Enabled: true, -// StreamType: "Azure Blob Storage", -// VendorSpecific: AzureBlobConfig{ -// KeyID: "123", -// EncryptedSASURL: "base64-encrypted-sas-url", -// }, -// } - -// stream, resp, err := client.Enterprise.CreateAuditStream(ctx, "e", config) -// if err != nil { -// t.Fatalf("CreateAuditStream returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil HTTP response") -// } -// if stream == nil { -// t.Fatal("expected non-nil AuditStreamEntry") -// } -// if stream.ID != 1 { -// t.Errorf("ID = %d, want 1", stream.ID) -// } -// if stream.StreamType != "Azure Blob Storage" { -// t.Errorf("StreamType = %q, want %q", stream.StreamType, "Azure Blob Storage") -// } -// if !stream.Enabled { -// t.Errorf("Enabled = %v, want true", stream.Enabled) -// } -// } - -// func TestEnterpriseService_GetAuditStream(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "GET") -// testHeader(t, r, "Accept", "application/vnd.github+json") -// fmt.Fprint(w, `{"id":42,"stream_type":"Azure Blob Storage","enabled":true}`) -// }) - -// got, resp, err := client.Enterprise.GetAuditStream(context.Background(), "e", 42) -// if err != nil { -// t.Fatalf("GetAuditStream returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil response") -// } -// if got == nil || got.ID != 42 || !got.Enabled || got.StreamType != "Azure Blob Storage" { -// t.Fatalf("unexpected stream: %+v", got) -// } -// } - -// func TestEnterpriseService_ListAuditStreams(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "GET") -// fmt.Fprint(w, `[ -// { -// "id": 1, -// "stream_type": "Azure Blob Storage", -// "stream_details": "US", -// "enabled": true, -// "created_at": "2024-06-06T08:00:00Z", -// "updated_at": "2024-06-06T08:00:00Z", -// "paused_at": null, -// "vendor_specific": { -// "key_id": "k1", -// "encrypted_sas_url": "enc1" -// } -// }, -// { -// "id": 2, -// "stream_type": "Azure Blob Storage", -// "stream_details": "EU", -// "enabled": false, -// "created_at": "2024-06-07T08:00:00Z", -// "updated_at": "2024-06-07T08:00:00Z", -// "paused_at": null, -// "vendor_specific": { -// "key_id": "k2", -// "encrypted_sas_url": "enc2" -// } -// } -// ]`) -// }) - -// ctx := context.Background() -// got, resp, err := client.Enterprise.ListAuditStreams(ctx, "e") -// if err != nil { -// t.Fatalf("ListAuditStreams returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil response") -// } -// if len(got) != 2 { -// t.Fatalf("len(streams) = %d, want 2", len(got)) -// } -// if got[0].ID != 1 { -// t.Errorf("streams[0].ID = %d, want 1", got[0].ID) -// } -// if got[0].StreamType != "Azure Blob Storage" { -// t.Errorf("streams[0].StreamType = %q, want %q", got[0].StreamType, "Azure Blob Storage") -// } -// if !got[0].Enabled { -// t.Errorf("streams[0].Enabled = %v, want true", got[0].Enabled) -// } -// if got[1].Enabled { -// t.Errorf("streams[1].Enabled = %v, want false", got[1].Enabled) -// } -// } - -// func TestEnterpriseService_DeleteAuditStream(t *testing.T) { -// t.Parallel() -// client, mux, _ := setup(t) - -// mux.HandleFunc("/enterprises/e/audit-log/streams/42", func(w http.ResponseWriter, r *http.Request) { -// testMethod(t, r, "DELETE") -// w.WriteHeader(http.StatusNoContent) // 204 -// }) - -// ctx := context.Background() -// resp, err := client.Enterprise.DeleteAuditStream(ctx, "e", 42) -// if err != nil { -// t.Fatalf("DeleteAuditStream returned error: %v", err) -// } -// if resp == nil { -// t.Fatal("expected non-nil response") -// } -// if resp.Response.StatusCode != http.StatusNoContent { -// t.Errorf("StatusCode = %d, want %d", resp.Response.StatusCode, http.StatusNoContent) -// } -// } +import ( + "context" + "fmt" + "net/http" + "testing" + + "github.com/google/go-cmp/cmp" +) + +func TestEnterpriseService_GetAuditLogStreamKey(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/stream-key", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `{"key_id":"1234","key":"2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"}`) + }) + + ctx := context.Background() + key, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, "e") + if err != nil { + t.Errorf("Enterprise.GetAuditLogStreamKey returned error: %v", err) + } + + want := &AuditLogStreamKey{ + KeyID: Ptr("1234"), + PublicKey: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), + } + if !cmp.Equal(key, want) { + t.Errorf("Enterprise.GetAuditLogStreamKey returned %+v, want %+v", key, want) + } + + const methodName = "GetAuditLogStreamKey" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.GetAuditLogStreamKey(ctx, "\n") + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.GetAuditLogStreamKey(ctx, "e") + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_ListAuditLogStreams(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `[{"id":1,"stream_type":"Splunk","stream_details":"US","enabled":true}]`) + }) + + ctx := context.Background() + streams, _, err := client.Enterprise.ListAuditLogStreams(ctx, "e") + if err != nil { + t.Errorf("Enterprise.ListAuditLogStreams returned error: %v", err) + } + + want := []*AuditLogStream{ + { + ID: Ptr(int64(1)), + StreamType: Ptr("Splunk"), + StreamDetails: Ptr("US"), + Enabled: Ptr(true), + }, + } + if !cmp.Equal(streams, want) { + t.Errorf("Enterprise.ListAuditLogStreams returned %+v, want %+v", streams, want) + } + + const methodName = "ListAuditLogStreams" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.ListAuditLogStreams(ctx, "\n") + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.ListAuditLogStreams(ctx, "e") + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_GetAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "GET") + fmt.Fprint(w, `{"id":1,"stream_type":"Datadog","stream_details":"US","enabled":true}`) + }) + + ctx := context.Background() + stream, _, err := client.Enterprise.GetAuditLogStream(ctx, "e", 1) + if err != nil { + t.Errorf("Enterprise.GetAuditLogStream returned error: %v", err) + } + + want := &AuditLogStream{ + ID: Ptr(int64(1)), + StreamType: Ptr("Datadog"), + StreamDetails: Ptr("US"), + Enabled: Ptr(true), + } + if !cmp.Equal(stream, want) { + t.Errorf("Enterprise.GetAuditLogStream returned %+v, want %+v", stream, want) + } + + const methodName = "GetAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.GetAuditLogStream(ctx, "\n", 1) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.GetAuditLogStream(ctx, "e", 1) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "POST") + fmt.Fprint(w, `{"id":2,"stream_type":"Datadog","stream_details":"US3","enabled":false}`) + }) + + input := NewDatadogStreamConfig(false, &DatadogConfig{ + EncryptedToken: Ptr("ENCRYPTED"), + Site: Ptr("US3"), + KeyID: Ptr("v1"), + }) + + ctx := context.Background() + stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) + if err != nil { + t.Errorf("Enterprise.CreateAuditLogStream returned error: %v", err) + } + + want := &AuditLogStream{ + ID: Ptr(int64(2)), + StreamType: Ptr("Datadog"), + StreamDetails: Ptr("US3"), + Enabled: Ptr(false), + } + if !cmp.Equal(stream, want) { + t.Errorf("Enterprise.CreateAuditLogStream returned %+v, want %+v", stream, want) + } + + const methodName = "CreateAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.CreateAuditLogStream(ctx, "\n", input) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "PATCH") + fmt.Fprint(w, `{"id":1,"stream_type":"Splunk","stream_details":"splunk.example.com","enabled":true}`) + }) + + input := NewSplunkStreamConfig(true, &SplunkConfig{ + Domain: Ptr("splunk.example.com"), + Port: Ptr(uint16(8089)), + KeyID: Ptr("v1"), + EncryptedToken: Ptr("ENCRYPTED"), + SSLVerify: Ptr(true), + }) + + ctx := context.Background() + stream, _, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) + if err != nil { + t.Errorf("Enterprise.UpdateAuditLogStream returned error: %v", err) + } + + want := &AuditLogStream{ + ID: Ptr(int64(1)), + StreamType: Ptr("Splunk"), + StreamDetails: Ptr("splunk.example.com"), + Enabled: Ptr(true), + } + if !cmp.Equal(stream, want) { + t.Errorf("Enterprise.UpdateAuditLogStream returned %+v, want %+v", stream, want) + } + + const methodName = "UpdateAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, _, err = client.Enterprise.UpdateAuditLogStream(ctx, "\n", 1, input) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + got, resp, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) + if got != nil { + t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got) + } + return resp, err + }) +} + +func TestEnterpriseService_DeleteAuditLogStream(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + }) + + ctx := context.Background() + _, err := client.Enterprise.DeleteAuditLogStream(ctx, "e", 1) + if err != nil { + t.Errorf("Enterprise.DeleteAuditLogStream returned error: %v", err) + } + + const methodName = "DeleteAuditLogStream" + testBadOptions(t, methodName, func() (err error) { + _, err = client.Enterprise.DeleteAuditLogStream(ctx, "\n", 1) + return err + }) + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Enterprise.DeleteAuditLogStream(ctx, "e", 1) + }) +} + +func TestNewAzureBlobStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AzureBlobConfig{ + KeyID: Ptr("v1"), + EncryptedSASURL: Ptr("ENCRYPTED"), + Container: Ptr("my-container"), + } + got := NewAzureBlobStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Azure Blob Storage" { + t.Errorf("NewAzureBlobStreamConfig StreamType = %v, want Azure Blob Storage", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific != cfg { + t.Errorf("NewAzureBlobStreamConfig VendorSpecific = %v, want %v", got.VendorSpecific, cfg) + } +} + +func TestNewDatadogStreamConfig(t *testing.T) { + t.Parallel() + cfg := &DatadogConfig{ + EncryptedToken: Ptr("ENCRYPTED"), + Site: Ptr("US"), + KeyID: Ptr("v1"), + } + got := NewDatadogStreamConfig(false, cfg) + if got.StreamType == nil || *got.StreamType != "Datadog" { + t.Errorf("NewDatadogStreamConfig StreamType = %v, want Datadog", got.StreamType) + } + if got.Enabled == nil || *got.Enabled { + t.Errorf("NewDatadogStreamConfig Enabled = %v, want false", got.Enabled) + } +} diff --git a/github/github-accessors.go b/github/github-accessors.go index e6b5980508a..d445d8a9560 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -766,6 +766,94 @@ func (a *AllowForkSyncing) GetEnabled() bool { return *a.Enabled } +// GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetAuthenticationType() string { + if a == nil || a.AuthenticationType == nil { + return "" + } + return *a.AuthenticationType +} + +// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetBucket() string { + if a == nil || a.Bucket == nil { + return "" + } + return *a.Bucket +} + +// GetEncryptedAccessKeyID returns the EncryptedAccessKeyID field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetEncryptedAccessKeyID() string { + if a == nil || a.EncryptedAccessKeyID == nil { + return "" + } + return *a.EncryptedAccessKeyID +} + +// GetEncryptedSecretKey returns the EncryptedSecretKey field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetEncryptedSecretKey() string { + if a == nil || a.EncryptedSecretKey == nil { + return "" + } + return *a.EncryptedSecretKey +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetRegion returns the Region field if it's non-nil, zero value otherwise. +func (a *AmazonS3AccessKeysConfig) GetRegion() string { + if a == nil || a.Region == nil { + return "" + } + return *a.Region +} + +// GetARNRole returns the ARNRole field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetARNRole() string { + if a == nil || a.ARNRole == nil { + return "" + } + return *a.ARNRole +} + +// GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetAuthenticationType() string { + if a == nil || a.AuthenticationType == nil { + return "" + } + return *a.AuthenticationType +} + +// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetBucket() string { + if a == nil || a.Bucket == nil { + return "" + } + return *a.Bucket +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetRegion returns the Region field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetRegion() string { + if a == nil || a.Region == nil { + return "" + } + return *a.Region +} + // GetRef returns the Ref field if it's non-nil, zero value otherwise. func (a *AnalysesListOptions) GetRef() string { if a == nil || a.Ref == nil { @@ -1654,8 +1742,24 @@ func (a *AuditEntry) GetUserID() int64 { return *a.UserID } +// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetCreatedAt() Timestamp { + if a == nil || a.CreatedAt == nil { + return Timestamp{} + } + return *a.CreatedAt +} + +// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetEnabled() bool { + if a == nil || a.Enabled == nil { + return false + } + return *a.Enabled +} + // GetID returns the ID field if it's non-nil, zero value otherwise. -func (a *AuditStream) GetID() int { +func (a *AuditLogStream) GetID() int64 { if a == nil || a.ID == nil { return 0 } @@ -1663,19 +1767,67 @@ func (a *AuditStream) GetID() int { } // GetPausedAt returns the PausedAt field if it's non-nil, zero value otherwise. -func (a *AuditStream) GetPausedAt() time.Time { +func (a *AuditLogStream) GetPausedAt() Timestamp { if a == nil || a.PausedAt == nil { - return time.Time{} + return Timestamp{} } return *a.PausedAt } -// GetVendorSpecific returns the VendorSpecific field if it's non-nil, zero value otherwise. -func (a *AuditStream) GetVendorSpecific() map[string]string { - if a == nil || a.VendorSpecific == nil { - return map[string]string{} +// GetStreamDetails returns the StreamDetails field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetStreamDetails() string { + if a == nil || a.StreamDetails == nil { + return "" } - return *a.VendorSpecific + return *a.StreamDetails +} + +// GetStreamType returns the StreamType field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetStreamType() string { + if a == nil || a.StreamType == nil { + return "" + } + return *a.StreamType +} + +// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise. +func (a *AuditLogStream) GetUpdatedAt() Timestamp { + if a == nil || a.UpdatedAt == nil { + return Timestamp{} + } + return *a.UpdatedAt +} + +// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamConfig) GetEnabled() bool { + if a == nil || a.Enabled == nil { + return false + } + return *a.Enabled +} + +// GetStreamType returns the StreamType field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamConfig) GetStreamType() string { + if a == nil || a.StreamType == nil { + return "" + } + return *a.StreamType +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetPublicKey returns the PublicKey field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetPublicKey() string { + if a == nil || a.PublicKey == nil { + return "" + } + return *a.PublicKey } // GetApp returns the App field. @@ -1966,6 +2118,54 @@ func (a *AutoTriggerCheck) GetSetting() bool { return *a.Setting } +// GetContainer returns the Container field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetContainer() string { + if a == nil || a.Container == nil { + return "" + } + return *a.Container +} + +// GetEncryptedSASURL returns the EncryptedSASURL field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetEncryptedSASURL() string { + if a == nil || a.EncryptedSASURL == nil { + return "" + } + return *a.EncryptedSASURL +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetEncryptedConnString returns the EncryptedConnString field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetEncryptedConnString() string { + if a == nil || a.EncryptedConnString == nil { + return "" + } + return *a.EncryptedConnString +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetKeyID() string { + if a == nil || a.KeyID == nil { + return "" + } + return *a.KeyID +} + +// GetName returns the Name field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetName() string { + if a == nil || a.Name == nil { + return "" + } + return *a.Name +} + // GetContent returns the Content field if it's non-nil, zero value otherwise. func (b *Blob) GetContent() string { if b == nil || b.Content == nil { @@ -7678,6 +7878,30 @@ func (c *CustomRepoRoles) GetUpdatedAt() Timestamp { return *c.UpdatedAt } +// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. +func (d *DatadogConfig) GetEncryptedToken() string { + if d == nil || d.EncryptedToken == nil { + return "" + } + return *d.EncryptedToken +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (d *DatadogConfig) GetKeyID() string { + if d == nil || d.KeyID == nil { + return "" + } + return *d.KeyID +} + +// GetSite returns the Site field if it's non-nil, zero value otherwise. +func (d *DatadogConfig) GetSite() string { + if d == nil || d.Site == nil { + return "" + } + return *d.Site +} + // GetQuerySuite returns the QuerySuite field if it's non-nil, zero value otherwise. func (d *DefaultSetupConfiguration) GetQuerySuite() string { if d == nil || d.QuerySuite == nil { @@ -11118,6 +11342,30 @@ func (g *GollumEvent) GetSender() *User { return g.Sender } +// GetBucket returns the Bucket field if it's non-nil, zero value otherwise. +func (g *GoogleCloudConfig) GetBucket() string { + if g == nil || g.Bucket == nil { + return "" + } + return *g.Bucket +} + +// GetEncryptedJSONCredentials returns the EncryptedJSONCredentials field if it's non-nil, zero value otherwise. +func (g *GoogleCloudConfig) GetEncryptedJSONCredentials() string { + if g == nil || g.EncryptedJSONCredentials == nil { + return "" + } + return *g.EncryptedJSONCredentials +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (g *GoogleCloudConfig) GetKeyID() string { + if g == nil || g.KeyID == nil { + return "" + } + return *g.KeyID +} + // GetEmail returns the Email field if it's non-nil, zero value otherwise. func (g *GPGEmail) GetEmail() string { if g == nil || g.Email == nil { @@ -11334,6 +11582,54 @@ func (h *HeadCommit) GetURL() string { return *h.URL } +// GetDomain returns the Domain field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetDomain() string { + if h == nil || h.Domain == nil { + return "" + } + return *h.Domain +} + +// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetEncryptedToken() string { + if h == nil || h.EncryptedToken == nil { + return "" + } + return *h.EncryptedToken +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetKeyID() string { + if h == nil || h.KeyID == nil { + return "" + } + return *h.KeyID +} + +// GetPath returns the Path field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetPath() string { + if h == nil || h.Path == nil { + return "" + } + return *h.Path +} + +// GetPort returns the Port field. +func (h *HecConfig) GetPort() *uint16 { + if h == nil { + return nil + } + return h.Port +} + +// GetSSLVerify returns the SSLVerify field if it's non-nil, zero value otherwise. +func (h *HecConfig) GetSSLVerify() bool { + if h == nil || h.SSLVerify == nil { + return false + } + return *h.SSLVerify +} + // GetActive returns the Active field if it's non-nil, zero value otherwise. func (h *Hook) GetActive() bool { if h == nil || h.Active == nil { @@ -28654,6 +28950,46 @@ func (s *SourceImportAuthor) GetURL() string { return *s.URL } +// GetDomain returns the Domain field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetDomain() string { + if s == nil || s.Domain == nil { + return "" + } + return *s.Domain +} + +// GetEncryptedToken returns the EncryptedToken field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetEncryptedToken() string { + if s == nil || s.EncryptedToken == nil { + return "" + } + return *s.EncryptedToken +} + +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetKeyID() string { + if s == nil || s.KeyID == nil { + return "" + } + return *s.KeyID +} + +// GetPort returns the Port field. +func (s *SplunkConfig) GetPort() *uint16 { + if s == nil { + return nil + } + return s.Port +} + +// GetSSLVerify returns the SSLVerify field if it's non-nil, zero value otherwise. +func (s *SplunkConfig) GetSSLVerify() bool { + if s == nil || s.SSLVerify == nil { + return false + } + return *s.SSLVerify +} + // GetPrivacyLevel returns the PrivacyLevel field if it's non-nil, zero value otherwise. func (s *SponsorshipChanges) GetPrivacyLevel() string { if s == nil || s.PrivacyLevel == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index 3b2c8bb6ef5..0455769026d 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -980,6 +980,127 @@ func TestAllowForkSyncing_GetEnabled(tt *testing.T) { a.GetEnabled() } +func TestAmazonS3AccessKeysConfig_GetAuthenticationType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{AuthenticationType: &zeroValue} + a.GetAuthenticationType() + a = &AmazonS3AccessKeysConfig{} + a.GetAuthenticationType() + a = nil + a.GetAuthenticationType() +} + +func TestAmazonS3AccessKeysConfig_GetBucket(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{Bucket: &zeroValue} + a.GetBucket() + a = &AmazonS3AccessKeysConfig{} + a.GetBucket() + a = nil + a.GetBucket() +} + +func TestAmazonS3AccessKeysConfig_GetEncryptedAccessKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{EncryptedAccessKeyID: &zeroValue} + a.GetEncryptedAccessKeyID() + a = &AmazonS3AccessKeysConfig{} + a.GetEncryptedAccessKeyID() + a = nil + a.GetEncryptedAccessKeyID() +} + +func TestAmazonS3AccessKeysConfig_GetEncryptedSecretKey(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{EncryptedSecretKey: &zeroValue} + a.GetEncryptedSecretKey() + a = &AmazonS3AccessKeysConfig{} + a.GetEncryptedSecretKey() + a = nil + a.GetEncryptedSecretKey() +} + +func TestAmazonS3AccessKeysConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AmazonS3AccessKeysConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAmazonS3AccessKeysConfig_GetRegion(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3AccessKeysConfig{Region: &zeroValue} + a.GetRegion() + a = &AmazonS3AccessKeysConfig{} + a.GetRegion() + a = nil + a.GetRegion() +} + +func TestAmazonS3OIDCConfig_GetARNRole(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{ARNRole: &zeroValue} + a.GetARNRole() + a = &AmazonS3OIDCConfig{} + a.GetARNRole() + a = nil + a.GetARNRole() +} + +func TestAmazonS3OIDCConfig_GetAuthenticationType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{AuthenticationType: &zeroValue} + a.GetAuthenticationType() + a = &AmazonS3OIDCConfig{} + a.GetAuthenticationType() + a = nil + a.GetAuthenticationType() +} + +func TestAmazonS3OIDCConfig_GetBucket(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{Bucket: &zeroValue} + a.GetBucket() + a = &AmazonS3OIDCConfig{} + a.GetBucket() + a = nil + a.GetBucket() +} + +func TestAmazonS3OIDCConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AmazonS3OIDCConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAmazonS3OIDCConfig_GetRegion(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AmazonS3OIDCConfig{Region: &zeroValue} + a.GetRegion() + a = &AmazonS3OIDCConfig{} + a.GetRegion() + a = nil + a.GetRegion() +} + func TestAnalysesListOptions_GetRef(tt *testing.T) { tt.Parallel() var zeroValue string @@ -2177,37 +2298,125 @@ func TestAuditEntry_GetUserID(tt *testing.T) { a.GetUserID() } -func TestAuditStream_GetID(tt *testing.T) { +func TestAuditLogStream_GetCreatedAt(tt *testing.T) { tt.Parallel() - var zeroValue int - a := &AuditStream{ID: &zeroValue} + var zeroValue Timestamp + a := &AuditLogStream{CreatedAt: &zeroValue} + a.GetCreatedAt() + a = &AuditLogStream{} + a.GetCreatedAt() + a = nil + a.GetCreatedAt() +} + +func TestAuditLogStream_GetEnabled(tt *testing.T) { + tt.Parallel() + var zeroValue bool + a := &AuditLogStream{Enabled: &zeroValue} + a.GetEnabled() + a = &AuditLogStream{} + a.GetEnabled() + a = nil + a.GetEnabled() +} + +func TestAuditLogStream_GetID(tt *testing.T) { + tt.Parallel() + var zeroValue int64 + a := &AuditLogStream{ID: &zeroValue} a.GetID() - a = &AuditStream{} + a = &AuditLogStream{} a.GetID() a = nil a.GetID() } -func TestAuditStream_GetPausedAt(tt *testing.T) { +func TestAuditLogStream_GetPausedAt(tt *testing.T) { tt.Parallel() - var zeroValue time.Time - a := &AuditStream{PausedAt: &zeroValue} + var zeroValue Timestamp + a := &AuditLogStream{PausedAt: &zeroValue} a.GetPausedAt() - a = &AuditStream{} + a = &AuditLogStream{} a.GetPausedAt() a = nil a.GetPausedAt() } -func TestAuditStream_GetVendorSpecific(tt *testing.T) { +func TestAuditLogStream_GetStreamDetails(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStream{StreamDetails: &zeroValue} + a.GetStreamDetails() + a = &AuditLogStream{} + a.GetStreamDetails() + a = nil + a.GetStreamDetails() +} + +func TestAuditLogStream_GetStreamType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStream{StreamType: &zeroValue} + a.GetStreamType() + a = &AuditLogStream{} + a.GetStreamType() + a = nil + a.GetStreamType() +} + +func TestAuditLogStream_GetUpdatedAt(tt *testing.T) { + tt.Parallel() + var zeroValue Timestamp + a := &AuditLogStream{UpdatedAt: &zeroValue} + a.GetUpdatedAt() + a = &AuditLogStream{} + a.GetUpdatedAt() + a = nil + a.GetUpdatedAt() +} + +func TestAuditLogStreamConfig_GetEnabled(tt *testing.T) { tt.Parallel() - var zeroValue map[string]string - a := &AuditStream{VendorSpecific: &zeroValue} - a.GetVendorSpecific() - a = &AuditStream{} - a.GetVendorSpecific() + var zeroValue bool + a := &AuditLogStreamConfig{Enabled: &zeroValue} + a.GetEnabled() + a = &AuditLogStreamConfig{} + a.GetEnabled() + a = nil + a.GetEnabled() +} + +func TestAuditLogStreamConfig_GetStreamType(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStreamConfig{StreamType: &zeroValue} + a.GetStreamType() + a = &AuditLogStreamConfig{} + a.GetStreamType() a = nil - a.GetVendorSpecific() + a.GetStreamType() +} + +func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStreamKey{KeyID: &zeroValue} + a.GetKeyID() + a = &AuditLogStreamKey{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAuditLogStreamKey_GetPublicKey(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AuditLogStreamKey{PublicKey: &zeroValue} + a.GetPublicKey() + a = &AuditLogStreamKey{} + a.GetPublicKey() + a = nil + a.GetPublicKey() } func TestAuthorization_GetApp(tt *testing.T) { @@ -2600,6 +2809,72 @@ func TestAutoTriggerCheck_GetSetting(tt *testing.T) { a.GetSetting() } +func TestAzureBlobConfig_GetContainer(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureBlobConfig{Container: &zeroValue} + a.GetContainer() + a = &AzureBlobConfig{} + a.GetContainer() + a = nil + a.GetContainer() +} + +func TestAzureBlobConfig_GetEncryptedSASURL(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureBlobConfig{EncryptedSASURL: &zeroValue} + a.GetEncryptedSASURL() + a = &AzureBlobConfig{} + a.GetEncryptedSASURL() + a = nil + a.GetEncryptedSASURL() +} + +func TestAzureBlobConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureBlobConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AzureBlobConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAzureHubConfig_GetEncryptedConnString(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureHubConfig{EncryptedConnString: &zeroValue} + a.GetEncryptedConnString() + a = &AzureHubConfig{} + a.GetEncryptedConnString() + a = nil + a.GetEncryptedConnString() +} + +func TestAzureHubConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureHubConfig{KeyID: &zeroValue} + a.GetKeyID() + a = &AzureHubConfig{} + a.GetKeyID() + a = nil + a.GetKeyID() +} + +func TestAzureHubConfig_GetName(tt *testing.T) { + tt.Parallel() + var zeroValue string + a := &AzureHubConfig{Name: &zeroValue} + a.GetName() + a = &AzureHubConfig{} + a.GetName() + a = nil + a.GetName() +} + func TestBlob_GetContent(tt *testing.T) { tt.Parallel() var zeroValue string @@ -10043,6 +10318,39 @@ func TestCustomRepoRoles_GetUpdatedAt(tt *testing.T) { c.GetUpdatedAt() } +func TestDatadogConfig_GetEncryptedToken(tt *testing.T) { + tt.Parallel() + var zeroValue string + d := &DatadogConfig{EncryptedToken: &zeroValue} + d.GetEncryptedToken() + d = &DatadogConfig{} + d.GetEncryptedToken() + d = nil + d.GetEncryptedToken() +} + +func TestDatadogConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + d := &DatadogConfig{KeyID: &zeroValue} + d.GetKeyID() + d = &DatadogConfig{} + d.GetKeyID() + d = nil + d.GetKeyID() +} + +func TestDatadogConfig_GetSite(tt *testing.T) { + tt.Parallel() + var zeroValue string + d := &DatadogConfig{Site: &zeroValue} + d.GetSite() + d = &DatadogConfig{} + d.GetSite() + d = nil + d.GetSite() +} + func TestDefaultSetupConfiguration_GetQuerySuite(tt *testing.T) { tt.Parallel() var zeroValue string @@ -14443,6 +14751,39 @@ func TestGollumEvent_GetSender(tt *testing.T) { g.GetSender() } +func TestGoogleCloudConfig_GetBucket(tt *testing.T) { + tt.Parallel() + var zeroValue string + g := &GoogleCloudConfig{Bucket: &zeroValue} + g.GetBucket() + g = &GoogleCloudConfig{} + g.GetBucket() + g = nil + g.GetBucket() +} + +func TestGoogleCloudConfig_GetEncryptedJSONCredentials(tt *testing.T) { + tt.Parallel() + var zeroValue string + g := &GoogleCloudConfig{EncryptedJSONCredentials: &zeroValue} + g.GetEncryptedJSONCredentials() + g = &GoogleCloudConfig{} + g.GetEncryptedJSONCredentials() + g = nil + g.GetEncryptedJSONCredentials() +} + +func TestGoogleCloudConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + g := &GoogleCloudConfig{KeyID: &zeroValue} + g.GetKeyID() + g = &GoogleCloudConfig{} + g.GetKeyID() + g = nil + g.GetKeyID() +} + func TestGPGEmail_GetEmail(tt *testing.T) { tt.Parallel() var zeroValue string @@ -14731,6 +15072,69 @@ func TestHeadCommit_GetURL(tt *testing.T) { h.GetURL() } +func TestHecConfig_GetDomain(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{Domain: &zeroValue} + h.GetDomain() + h = &HecConfig{} + h.GetDomain() + h = nil + h.GetDomain() +} + +func TestHecConfig_GetEncryptedToken(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{EncryptedToken: &zeroValue} + h.GetEncryptedToken() + h = &HecConfig{} + h.GetEncryptedToken() + h = nil + h.GetEncryptedToken() +} + +func TestHecConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{KeyID: &zeroValue} + h.GetKeyID() + h = &HecConfig{} + h.GetKeyID() + h = nil + h.GetKeyID() +} + +func TestHecConfig_GetPath(tt *testing.T) { + tt.Parallel() + var zeroValue string + h := &HecConfig{Path: &zeroValue} + h.GetPath() + h = &HecConfig{} + h.GetPath() + h = nil + h.GetPath() +} + +func TestHecConfig_GetPort(tt *testing.T) { + tt.Parallel() + h := &HecConfig{} + h.GetPort() + h = nil + h.GetPort() +} + +func TestHecConfig_GetSSLVerify(tt *testing.T) { + tt.Parallel() + var zeroValue bool + h := &HecConfig{SSLVerify: &zeroValue} + h.GetSSLVerify() + h = &HecConfig{} + h.GetSSLVerify() + h = nil + h.GetSSLVerify() +} + func TestHook_GetActive(tt *testing.T) { tt.Parallel() var zeroValue bool @@ -36959,6 +37363,58 @@ func TestSourceImportAuthor_GetURL(tt *testing.T) { s.GetURL() } +func TestSplunkConfig_GetDomain(tt *testing.T) { + tt.Parallel() + var zeroValue string + s := &SplunkConfig{Domain: &zeroValue} + s.GetDomain() + s = &SplunkConfig{} + s.GetDomain() + s = nil + s.GetDomain() +} + +func TestSplunkConfig_GetEncryptedToken(tt *testing.T) { + tt.Parallel() + var zeroValue string + s := &SplunkConfig{EncryptedToken: &zeroValue} + s.GetEncryptedToken() + s = &SplunkConfig{} + s.GetEncryptedToken() + s = nil + s.GetEncryptedToken() +} + +func TestSplunkConfig_GetKeyID(tt *testing.T) { + tt.Parallel() + var zeroValue string + s := &SplunkConfig{KeyID: &zeroValue} + s.GetKeyID() + s = &SplunkConfig{} + s.GetKeyID() + s = nil + s.GetKeyID() +} + +func TestSplunkConfig_GetPort(tt *testing.T) { + tt.Parallel() + s := &SplunkConfig{} + s.GetPort() + s = nil + s.GetPort() +} + +func TestSplunkConfig_GetSSLVerify(tt *testing.T) { + tt.Parallel() + var zeroValue bool + s := &SplunkConfig{SSLVerify: &zeroValue} + s.GetSSLVerify() + s = &SplunkConfig{} + s.GetSSLVerify() + s = nil + s.GetSSLVerify() +} + func TestSponsorshipChanges_GetPrivacyLevel(tt *testing.T) { tt.Parallel() var zeroValue string From 948070db70460db7909ee4a321b98527e79be5a5 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Mon, 23 Feb 2026 14:26:21 +0100 Subject: [PATCH 3/7] feature for api. and /api --- example/auditlogstream/main.go | 62 +++++++++++----------- github/enterprise_audit_log_stream.go | 40 ++++++++------ github/enterprise_audit_log_stream_test.go | 24 ++++----- github/github-accessors.go | 48 ++++++++++------- github/github-accessors_test.go | 58 +++++++++++--------- 5 files changed, 126 insertions(+), 106 deletions(-) diff --git a/example/auditlogstream/main.go b/example/auditlogstream/main.go index 939a3c131fa..a5ba6d33c78 100644 --- a/example/auditlogstream/main.go +++ b/example/auditlogstream/main.go @@ -6,19 +6,15 @@ // The auditlogstream command demonstrates managing enterprise audit log // streams for Azure Blob Storage using the go-github library. // -// Usage — create (github.com): +// The GitHub API base URL is read from the GITHUB_API_URL environment +// variable. When running inside a GitHub Actions workflow this is set +// automatically. // -// export GITHUB_AUTH_TOKEN= -// go run main.go create \ -// -enterprise=my-enterprise \ -// -container=my-container \ -// -sas-url= -// -// Usage — create (GitHub Enterprise Server): +// Usage — create: // // export GITHUB_AUTH_TOKEN= +// export GITHUB_API_URL=https://api..ghe.com/ or https://domain/api/v3/ // go run main.go create \ -// -base-url=https://github.example.com/api/v3/ \ // -enterprise=my-enterprise \ // -container=my-container \ // -sas-url= @@ -26,8 +22,8 @@ // Usage — delete: // // export GITHUB_AUTH_TOKEN= +// export GITHUB_API_URL=https://api..ghe.com/ or https://domain/api/v3/ // go run main.go delete \ -// -base-url=https://github.example.com/api/v3/ \ // -enterprise=my-enterprise \ // -stream-id=42 package main @@ -53,7 +49,7 @@ func encryptSecret(publicKeyB64, secret string) (string, error) { return "", fmt.Errorf("decoding public key: %w", err) } if len(publicKeyBytes) != 32 { - return "", fmt.Errorf("public key must be 32 bytes, got %d", len(publicKeyBytes)) + return "", fmt.Errorf("public key must be 32 bytes, got %v", len(publicKeyBytes)) } var publicKey [32]byte copy(publicKey[:], publicKeyBytes) @@ -68,7 +64,7 @@ func encryptSecret(publicKeyB64, secret string) (string, error) { func main() { if len(os.Args) < 2 { - fmt.Fprintf(os.Stderr, "Usage: %s [flags]\n", os.Args[0]) + fmt.Fprintf(os.Stderr, "Usage: %v [flags]\n", os.Args[0]) os.Exit(1) } @@ -85,30 +81,32 @@ func main() { func runCreate(args []string) { fs := flag.NewFlagSet("create", flag.ExitOnError) - baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") - enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + enterprise := fs.String("enterprise", "", "Enterprise slug (required).") container := fs.String("container", "", "Azure Blob Storage container name (required).") sasURL := fs.String("sas-url", "", "Plain-text Azure SAS URL to encrypt and submit (required).") enabled := fs.Bool("enabled", true, "Whether the stream should be enabled immediately.") - fs.Parse(args) + if err := fs.Parse(args); err != nil { + log.Fatalf("Error parsing flags: %v", err) + } token := requireEnv("GITHUB_AUTH_TOKEN") + apiURL := requireEnv("GITHUB_API_URL") requireFlag("enterprise", *enterprise) requireFlag("container", *container) requireFlag("sas-url", *sasURL) ctx := context.Background() - client := newClient(token, *baseURL) + client := newClient(token, apiURL) // Step 1: Fetch the enterprise's public streaming key. streamKey, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, *enterprise) if err != nil { log.Fatalf("Error fetching audit log stream key: %v", err) } - fmt.Printf("Retrieved stream key ID: %s\n", streamKey.GetKeyID()) + fmt.Printf("Retrieved stream key ID: %v\n", streamKey.GetKeyID()) // Step 2: Encrypt the SAS URL using the public key (sealed box / crypto_box_seal). - encryptedSASURL, err := encryptSecret(streamKey.GetPublicKey(), *sasURL) + encryptedSASURL, err := encryptSecret(streamKey.GetKey(), *sasURL) if err != nil { log.Fatalf("Error encrypting SAS URL: %v", err) } @@ -118,7 +116,7 @@ func runCreate(args []string) { config := github.NewAzureBlobStreamConfig(*enabled, &github.AzureBlobConfig{ KeyID: streamKey.KeyID, Container: github.Ptr(*container), - EncryptedSASURL: github.Ptr(encryptedSASURL), + EncryptedSasURL: github.Ptr(encryptedSASURL), }) stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, *enterprise, config) @@ -126,39 +124,41 @@ func runCreate(args []string) { log.Fatalf("Error creating audit log stream: %v", err) } - fmt.Printf("Successfully created audit log stream:\n") - fmt.Printf(" ID: %d\n", stream.GetID()) - fmt.Printf(" Type: %s\n", stream.GetStreamType()) + fmt.Println("Successfully created audit log stream:") + fmt.Printf(" ID: %v\n", stream.GetID()) + fmt.Printf(" Type: %v\n", stream.GetStreamType()) fmt.Printf(" Enabled: %v\n", stream.GetEnabled()) fmt.Printf(" Created at: %v\n", stream.GetCreatedAt()) } func runDelete(args []string) { fs := flag.NewFlagSet("delete", flag.ExitOnError) - baseURL := fs.String("base-url", "https://api.github.com/", "GitHub API base URL. For GitHub Enterprise Server use https://HOSTNAME/api/v3/.") - enterprise := fs.String("enterprise", "", "Name of the GitHub enterprise slug (required).") + enterprise := fs.String("enterprise", "", "Enterprise slug (required).") streamID := fs.Int64("stream-id", 0, "ID of the audit log stream to delete (required).") - fs.Parse(args) + if err := fs.Parse(args); err != nil { + log.Fatalf("Error parsing flags: %v", err) + } token := requireEnv("GITHUB_AUTH_TOKEN") + apiURL := requireEnv("GITHUB_API_URL") requireFlag("enterprise", *enterprise) if *streamID == 0 { log.Fatal("flag -stream-id is required") } ctx := context.Background() - client := newClient(token, *baseURL) + client := newClient(token, apiURL) _, err := client.Enterprise.DeleteAuditLogStream(ctx, *enterprise, *streamID) if err != nil { log.Fatalf("Error deleting audit log stream: %v", err) } - fmt.Printf("Successfully deleted audit log stream %d.\n", *streamID) + fmt.Printf("Successfully deleted audit log stream %v.\n", *streamID) } -func newClient(token, baseURL string) *github.Client { - client, err := github.NewClient(nil).WithAuthToken(token).WithEnterpriseURLs(baseURL, baseURL) +func newClient(token, apiURL string) *github.Client { + client, err := github.NewClient(nil).WithAuthToken(token).WithEnterpriseURLs(apiURL, apiURL) if err != nil { log.Fatalf("Error creating GitHub client: %v", err) } @@ -168,13 +168,13 @@ func newClient(token, baseURL string) *github.Client { func requireEnv(name string) string { val := os.Getenv(name) if val == "" { - log.Fatalf("environment variable %s is not set", name) + log.Fatalf("environment variable %v is not set", name) } return val } func requireFlag(name, val string) { if val == "" { - log.Fatalf("flag -%s is required", name) + log.Fatalf("flag -%v is required", name) } } diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 6e18b9f558b..29cb69a9c1c 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -23,9 +23,9 @@ type AuditLogStream struct { // AuditLogStreamConfig represents a configuration for creating or updating an audit log stream. type AuditLogStreamConfig struct { - Enabled *bool `json:"enabled,omitempty"` - StreamType *string `json:"stream_type,omitempty"` - VendorSpecific AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` + Enabled *bool `json:"enabled,omitempty"` + StreamType *string `json:"stream_type,omitempty"` + VendorSpecific *AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` } // AuditLogStreamVendorConfig is a marker interface for vendor-specific audit log @@ -36,21 +36,21 @@ type AuditLogStreamVendorConfig interface { // AuditLogStreamKey represents the public key used to encrypt secrets for audit log streaming. type AuditLogStreamKey struct { - KeyID *string `json:"key_id,omitempty"` - PublicKey *string `json:"key,omitempty"` + KeyID *string `json:"key_id,omitempty"` + Key *string `json:"key,omitempty"` } // AzureBlobConfig represents vendor-specific config for Azure Blob Storage. type AzureBlobConfig struct { KeyID *string `json:"key_id,omitempty"` - EncryptedSASURL *string `json:"encrypted_sas_url,omitempty"` + EncryptedSasURL *string `json:"encrypted_sas_url,omitempty"` Container *string `json:"container,omitempty"` } // AzureHubConfig represents vendor-specific config for Azure Event Hubs. type AzureHubConfig struct { Name *string `json:"name,omitempty"` - EncryptedConnString *string `json:"encrypted_connstring,omitempty"` + EncryptedConnstring *string `json:"encrypted_connstring,omitempty"` KeyID *string `json:"key_id,omitempty"` } @@ -60,7 +60,7 @@ type AmazonS3OIDCConfig struct { Region *string `json:"region,omitempty"` KeyID *string `json:"key_id,omitempty"` AuthenticationType *string `json:"authentication_type,omitempty"` // Value: "oidc" - ARNRole *string `json:"arn_role,omitempty"` + ArnRole *string `json:"arn_role,omitempty"` } // AmazonS3AccessKeysConfig represents vendor-specific config for Amazon S3 with access key authentication. @@ -121,49 +121,57 @@ func (*DatadogConfig) isAuditLogStreamVendorConfig() {} // NewAzureBlobStreamConfig returns an AuditLogStreamConfig for Azure Blob Storage. func NewAzureBlobStreamConfig(enabled bool, cfg *AzureBlobConfig) *AuditLogStreamConfig { streamType := "Azure Blob Storage" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewAzureHubStreamConfig returns an AuditLogStreamConfig for Azure Event Hubs. func NewAzureHubStreamConfig(enabled bool, cfg *AzureHubConfig) *AuditLogStreamConfig { streamType := "Azure Event Hubs" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewAmazonS3OIDCStreamConfig returns an AuditLogStreamConfig for Amazon S3 with OIDC auth. func NewAmazonS3OIDCStreamConfig(enabled bool, cfg *AmazonS3OIDCConfig) *AuditLogStreamConfig { streamType := "Amazon S3" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewAmazonS3AccessKeysStreamConfig returns an AuditLogStreamConfig for Amazon S3 with access key auth. func NewAmazonS3AccessKeysStreamConfig(enabled bool, cfg *AmazonS3AccessKeysConfig) *AuditLogStreamConfig { streamType := "Amazon S3" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewSplunkStreamConfig returns an AuditLogStreamConfig for Splunk. func NewSplunkStreamConfig(enabled bool, cfg *SplunkConfig) *AuditLogStreamConfig { streamType := "Splunk" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewHecStreamConfig returns an AuditLogStreamConfig for an HTTPS Event Collector endpoint. func NewHecStreamConfig(enabled bool, cfg *HecConfig) *AuditLogStreamConfig { streamType := "HTTPS Event Collector" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewGoogleCloudStreamConfig returns an AuditLogStreamConfig for Google Cloud Storage. func NewGoogleCloudStreamConfig(enabled bool, cfg *GoogleCloudConfig) *AuditLogStreamConfig { streamType := "Google Cloud Storage" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // NewDatadogStreamConfig returns an AuditLogStreamConfig for Datadog. func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamConfig { streamType := "Datadog" - return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: cfg} + v := AuditLogStreamVendorConfig(cfg) + return &AuditLogStreamConfig{Enabled: &enabled, StreamType: &streamType, VendorSpecific: &v} } // GetAuditLogStreamKey retrieves the public key used to encrypt secrets for audit log streaming. diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index d29cf8c02f9..c85198a05d3 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -6,7 +6,6 @@ package github import ( - "context" "fmt" "net/http" "testing" @@ -23,15 +22,15 @@ func TestEnterpriseService_GetAuditLogStreamKey(t *testing.T) { fmt.Fprint(w, `{"key_id":"1234","key":"2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"}`) }) - ctx := context.Background() + ctx := t.Context() key, _, err := client.Enterprise.GetAuditLogStreamKey(ctx, "e") if err != nil { t.Errorf("Enterprise.GetAuditLogStreamKey returned error: %v", err) } want := &AuditLogStreamKey{ - KeyID: Ptr("1234"), - PublicKey: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), + KeyID: Ptr("1234"), + Key: Ptr("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234"), } if !cmp.Equal(key, want) { t.Errorf("Enterprise.GetAuditLogStreamKey returned %+v, want %+v", key, want) @@ -60,7 +59,7 @@ func TestEnterpriseService_ListAuditLogStreams(t *testing.T) { fmt.Fprint(w, `[{"id":1,"stream_type":"Splunk","stream_details":"US","enabled":true}]`) }) - ctx := context.Background() + ctx := t.Context() streams, _, err := client.Enterprise.ListAuditLogStreams(ctx, "e") if err != nil { t.Errorf("Enterprise.ListAuditLogStreams returned error: %v", err) @@ -101,7 +100,7 @@ func TestEnterpriseService_GetAuditLogStream(t *testing.T) { fmt.Fprint(w, `{"id":1,"stream_type":"Datadog","stream_details":"US","enabled":true}`) }) - ctx := context.Background() + ctx := t.Context() stream, _, err := client.Enterprise.GetAuditLogStream(ctx, "e", 1) if err != nil { t.Errorf("Enterprise.GetAuditLogStream returned error: %v", err) @@ -146,7 +145,7 @@ func TestEnterpriseService_CreateAuditLogStream(t *testing.T) { KeyID: Ptr("v1"), }) - ctx := context.Background() + ctx := t.Context() stream, _, err := client.Enterprise.CreateAuditLogStream(ctx, "e", input) if err != nil { t.Errorf("Enterprise.CreateAuditLogStream returned error: %v", err) @@ -193,7 +192,7 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { SSLVerify: Ptr(true), }) - ctx := context.Background() + ctx := t.Context() stream, _, err := client.Enterprise.UpdateAuditLogStream(ctx, "e", 1, input) if err != nil { t.Errorf("Enterprise.UpdateAuditLogStream returned error: %v", err) @@ -227,11 +226,11 @@ func TestEnterpriseService_DeleteAuditLogStream(t *testing.T) { t.Parallel() client, mux, _ := setup(t) - mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { + mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(_ http.ResponseWriter, r *http.Request) { testMethod(t, r, "DELETE") }) - ctx := context.Background() + ctx := t.Context() _, err := client.Enterprise.DeleteAuditLogStream(ctx, "e", 1) if err != nil { t.Errorf("Enterprise.DeleteAuditLogStream returned error: %v", err) @@ -251,7 +250,7 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { t.Parallel() cfg := &AzureBlobConfig{ KeyID: Ptr("v1"), - EncryptedSASURL: Ptr("ENCRYPTED"), + EncryptedSasURL: Ptr("ENCRYPTED"), Container: Ptr("my-container"), } got := NewAzureBlobStreamConfig(true, cfg) @@ -261,9 +260,6 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { if got.Enabled == nil || !*got.Enabled { t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) } - if got.VendorSpecific != cfg { - t.Errorf("NewAzureBlobStreamConfig VendorSpecific = %v, want %v", got.VendorSpecific, cfg) - } } func TestNewDatadogStreamConfig(t *testing.T) { diff --git a/github/github-accessors.go b/github/github-accessors.go index d445d8a9560..ba9d8f93cb8 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -814,12 +814,12 @@ func (a *AmazonS3AccessKeysConfig) GetRegion() string { return *a.Region } -// GetARNRole returns the ARNRole field if it's non-nil, zero value otherwise. -func (a *AmazonS3OIDCConfig) GetARNRole() string { - if a == nil || a.ARNRole == nil { +// GetArnRole returns the ArnRole field if it's non-nil, zero value otherwise. +func (a *AmazonS3OIDCConfig) GetArnRole() string { + if a == nil || a.ArnRole == nil { return "" } - return *a.ARNRole + return *a.ArnRole } // GetAuthenticationType returns the AuthenticationType field if it's non-nil, zero value otherwise. @@ -1814,20 +1814,28 @@ func (a *AuditLogStreamConfig) GetStreamType() string { return *a.StreamType } -// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamKey) GetKeyID() string { - if a == nil || a.KeyID == nil { +// GetVendorSpecific returns the VendorSpecific field. +func (a *AuditLogStreamConfig) GetVendorSpecific() *AuditLogStreamVendorConfig { + if a == nil { + return nil + } + return a.VendorSpecific +} + +// GetKey returns the Key field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetKey() string { + if a == nil || a.Key == nil { return "" } - return *a.KeyID + return *a.Key } -// GetPublicKey returns the PublicKey field if it's non-nil, zero value otherwise. -func (a *AuditLogStreamKey) GetPublicKey() string { - if a == nil || a.PublicKey == nil { +// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. +func (a *AuditLogStreamKey) GetKeyID() string { + if a == nil || a.KeyID == nil { return "" } - return *a.PublicKey + return *a.KeyID } // GetApp returns the App field. @@ -2126,12 +2134,12 @@ func (a *AzureBlobConfig) GetContainer() string { return *a.Container } -// GetEncryptedSASURL returns the EncryptedSASURL field if it's non-nil, zero value otherwise. -func (a *AzureBlobConfig) GetEncryptedSASURL() string { - if a == nil || a.EncryptedSASURL == nil { +// GetEncryptedSasURL returns the EncryptedSasURL field if it's non-nil, zero value otherwise. +func (a *AzureBlobConfig) GetEncryptedSasURL() string { + if a == nil || a.EncryptedSasURL == nil { return "" } - return *a.EncryptedSASURL + return *a.EncryptedSasURL } // GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. @@ -2142,12 +2150,12 @@ func (a *AzureBlobConfig) GetKeyID() string { return *a.KeyID } -// GetEncryptedConnString returns the EncryptedConnString field if it's non-nil, zero value otherwise. -func (a *AzureHubConfig) GetEncryptedConnString() string { - if a == nil || a.EncryptedConnString == nil { +// GetEncryptedConnstring returns the EncryptedConnstring field if it's non-nil, zero value otherwise. +func (a *AzureHubConfig) GetEncryptedConnstring() string { + if a == nil || a.EncryptedConnstring == nil { return "" } - return *a.EncryptedConnString + return *a.EncryptedConnstring } // GetKeyID returns the KeyID field if it's non-nil, zero value otherwise. diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index 0455769026d..fae4fcb75dd 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -1046,15 +1046,15 @@ func TestAmazonS3AccessKeysConfig_GetRegion(tt *testing.T) { a.GetRegion() } -func TestAmazonS3OIDCConfig_GetARNRole(tt *testing.T) { +func TestAmazonS3OIDCConfig_GetArnRole(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AmazonS3OIDCConfig{ARNRole: &zeroValue} - a.GetARNRole() + a := &AmazonS3OIDCConfig{ArnRole: &zeroValue} + a.GetArnRole() a = &AmazonS3OIDCConfig{} - a.GetARNRole() + a.GetArnRole() a = nil - a.GetARNRole() + a.GetArnRole() } func TestAmazonS3OIDCConfig_GetAuthenticationType(tt *testing.T) { @@ -2397,26 +2397,34 @@ func TestAuditLogStreamConfig_GetStreamType(tt *testing.T) { a.GetStreamType() } -func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { +func TestAuditLogStreamConfig_GetVendorSpecific(tt *testing.T) { + tt.Parallel() + a := &AuditLogStreamConfig{} + a.GetVendorSpecific() + a = nil + a.GetVendorSpecific() +} + +func TestAuditLogStreamKey_GetKey(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AuditLogStreamKey{KeyID: &zeroValue} - a.GetKeyID() + a := &AuditLogStreamKey{Key: &zeroValue} + a.GetKey() a = &AuditLogStreamKey{} - a.GetKeyID() + a.GetKey() a = nil - a.GetKeyID() + a.GetKey() } -func TestAuditLogStreamKey_GetPublicKey(tt *testing.T) { +func TestAuditLogStreamKey_GetKeyID(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AuditLogStreamKey{PublicKey: &zeroValue} - a.GetPublicKey() + a := &AuditLogStreamKey{KeyID: &zeroValue} + a.GetKeyID() a = &AuditLogStreamKey{} - a.GetPublicKey() + a.GetKeyID() a = nil - a.GetPublicKey() + a.GetKeyID() } func TestAuthorization_GetApp(tt *testing.T) { @@ -2820,15 +2828,15 @@ func TestAzureBlobConfig_GetContainer(tt *testing.T) { a.GetContainer() } -func TestAzureBlobConfig_GetEncryptedSASURL(tt *testing.T) { +func TestAzureBlobConfig_GetEncryptedSasURL(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AzureBlobConfig{EncryptedSASURL: &zeroValue} - a.GetEncryptedSASURL() + a := &AzureBlobConfig{EncryptedSasURL: &zeroValue} + a.GetEncryptedSasURL() a = &AzureBlobConfig{} - a.GetEncryptedSASURL() + a.GetEncryptedSasURL() a = nil - a.GetEncryptedSASURL() + a.GetEncryptedSasURL() } func TestAzureBlobConfig_GetKeyID(tt *testing.T) { @@ -2842,15 +2850,15 @@ func TestAzureBlobConfig_GetKeyID(tt *testing.T) { a.GetKeyID() } -func TestAzureHubConfig_GetEncryptedConnString(tt *testing.T) { +func TestAzureHubConfig_GetEncryptedConnstring(tt *testing.T) { tt.Parallel() var zeroValue string - a := &AzureHubConfig{EncryptedConnString: &zeroValue} - a.GetEncryptedConnString() + a := &AzureHubConfig{EncryptedConnstring: &zeroValue} + a.GetEncryptedConnstring() a = &AzureHubConfig{} - a.GetEncryptedConnString() + a.GetEncryptedConnstring() a = nil - a.GetEncryptedConnString() + a.GetEncryptedConnstring() } func TestAzureHubConfig_GetKeyID(tt *testing.T) { From 55149e29914e953ef7e21b65e83b66130003d413 Mon Sep 17 00:00:00 2001 From: amreshh Date: Thu, 26 Feb 2026 16:48:14 +0100 Subject: [PATCH 4/7] fix: linting issues - fixed linter issues where api docs were not correct in the comments for audit log streams --- github/enterprise_audit_log_stream.go | 10 +++++----- github/enterprise_audit_log_stream_test.go | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 29cb69a9c1c..0a4c6588969 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -178,7 +178,7 @@ func NewDatadogStreamConfig(enabled bool, cfg *DatadogConfig) *AuditLogStreamCon // Credentials must be encrypted with this key before being submitted via CreateAuditLogStream // or UpdateAuditLogStream. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-streaming-key-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-stream-key-for-encrypting-secrets // //meta:operation GET /enterprises/{enterprise}/audit-log/stream-key func (s *EnterpriseService) GetAuditLogStreamKey(ctx context.Context, enterprise string) (*AuditLogStreamKey, *Response, error) { @@ -222,7 +222,7 @@ func (s *EnterpriseService) ListAuditLogStreams(ctx context.Context, enterprise // GetAuditLogStream gets a single audit log stream configuration for an enterprise. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#list-one-audit-log-streaming-configuration-via-a-stream-id // //meta:operation GET /enterprises/{enterprise}/audit-log/streams/{stream_id} func (s *EnterpriseService) GetAuditLogStream(ctx context.Context, enterprise string, streamID int64) (*AuditLogStream, *Response, error) { @@ -268,13 +268,13 @@ func (s *EnterpriseService) CreateAuditLogStream(ctx context.Context, enterprise // UpdateAuditLogStream updates an existing audit log stream configuration for an enterprise. // Credentials in the config must be encrypted using the key returned by GetAuditLogStreamKey. // -// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-audit-log-streaming-configuration-for-an-enterprise +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#update-an-existing-audit-log-stream-configuration // -//meta:operation PATCH /enterprises/{enterprise}/audit-log/streams/{stream_id} +//meta:operation PUT /enterprises/{enterprise}/audit-log/streams/{stream_id} func (s *EnterpriseService) UpdateAuditLogStream(ctx context.Context, enterprise string, streamID int64, config *AuditLogStreamConfig) (*AuditLogStream, *Response, error) { u := fmt.Sprintf("enterprises/%v/audit-log/streams/%v", enterprise, streamID) - req, err := s.client.NewRequest("PATCH", u, config) + req, err := s.client.NewRequest("PUT", u, config) if err != nil { return nil, nil, err } diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index c85198a05d3..433f1f631cb 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -180,7 +180,7 @@ func TestEnterpriseService_UpdateAuditLogStream(t *testing.T) { client, mux, _ := setup(t) mux.HandleFunc("/enterprises/e/audit-log/streams/1", func(w http.ResponseWriter, r *http.Request) { - testMethod(t, r, "PATCH") + testMethod(t, r, "PUT") fmt.Fprint(w, `{"id":1,"stream_type":"Splunk","stream_details":"splunk.example.com","enabled":true}`) }) From 84f5b25c6f376d1be44615e712f44a77bac636f1 Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Fri, 27 Feb 2026 13:28:59 +0100 Subject: [PATCH 5/7] Update github/enterprise_audit_log_stream.go Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_audit_log_stream.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 0a4c6588969..2735d13b1fe 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -106,7 +106,7 @@ type DatadogConfig struct { KeyID *string `json:"key_id,omitempty"` } -// Implement the marker interface for all vendor config types. +// Implement the sealed marker interface for all vendor config types. func (*AzureBlobConfig) isAuditLogStreamVendorConfig() {} func (*AzureHubConfig) isAuditLogStreamVendorConfig() {} func (*AmazonS3OIDCConfig) isAuditLogStreamVendorConfig() {} From cf3de7575b3dbd43ced6245b422eb4feff8cb7fa Mon Sep 17 00:00:00 2001 From: amreshh <20923769+amreshh@users.noreply.github.com> Date: Fri, 27 Feb 2026 13:29:14 +0100 Subject: [PATCH 6/7] Update github/enterprise_audit_log_stream.go Co-authored-by: Glenn Lewis <6598971+gmlewis@users.noreply.github.com> --- github/enterprise_audit_log_stream.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/github/enterprise_audit_log_stream.go b/github/enterprise_audit_log_stream.go index 2735d13b1fe..cf676df1d6e 100644 --- a/github/enterprise_audit_log_stream.go +++ b/github/enterprise_audit_log_stream.go @@ -28,8 +28,8 @@ type AuditLogStreamConfig struct { VendorSpecific *AuditLogStreamVendorConfig `json:"vendor_specific,omitempty"` } -// AuditLogStreamVendorConfig is a marker interface for vendor-specific audit log -// stream configurations. +// AuditLogStreamVendorConfig is a sealed marker interface for vendor-specific audit log +// stream configurations. Only this package can define implementations. type AuditLogStreamVendorConfig interface { isAuditLogStreamVendorConfig() } From f7e95dd7b0c767806b77e0b78f9fea30eab3f855 Mon Sep 17 00:00:00 2001 From: amreshh Date: Fri, 27 Feb 2026 13:33:30 +0100 Subject: [PATCH 7/7] test: added testcases for enterprise_audit_log_stream - Added testcases for each vendor config TestNewAzureHubStreamConfig TestNewAmazonS3OIDCStreamConfig TestNewAmazonAccessKeysStreamConfig TestNewSplunkStreamConfig TestNewHecStreamConfig TestNewGoogleCloudStreamConfig --- github/enterprise_audit_log_stream_test.go | 130 +++++++++++++++++++++ 1 file changed, 130 insertions(+) diff --git a/github/enterprise_audit_log_stream_test.go b/github/enterprise_audit_log_stream_test.go index 433f1f631cb..4b1aa3c4b85 100644 --- a/github/enterprise_audit_log_stream_test.go +++ b/github/enterprise_audit_log_stream_test.go @@ -260,6 +260,133 @@ func TestNewAzureBlobStreamConfig(t *testing.T) { if got.Enabled == nil || !*got.Enabled { t.Errorf("NewAzureBlobStreamConfig Enabled = %v, want true", got.Enabled) } + if got.VendorSpecific == nil { + t.Fatal("NewAzureBlobStreamConfig VendorSpecific is nil") + } +} + +func TestNewAzureHubStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AzureHubConfig{ + Name: Ptr("my-hub"), + EncryptedConnstring: Ptr("ENCRYPTED"), + KeyID: Ptr("v1"), + } + got := NewAzureHubStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Azure Event Hubs" { + t.Errorf("NewAzureHubStreamConfig StreamType = %v, want Azure Event Hubs", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewAzureHubStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewAzureHubStreamConfig VendorSpecific is nil") + } +} + +func TestNewAmazonS3OIDCStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AmazonS3OIDCConfig{ + Bucket: Ptr("my-bucket"), + Region: Ptr("us-east-1"), + KeyID: Ptr("v1"), + AuthenticationType: Ptr("oidc"), + ArnRole: Ptr("arn:aws:iam::role/my-role"), + } + got := NewAmazonS3OIDCStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Amazon S3" { + t.Errorf("NewAmazonS3OIDCStreamConfig StreamType = %v, want Amazon S3", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewAmazonS3OIDCStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewAmazonS3OIDCStreamConfig VendorSpecific is nil") + } +} + +func TestNewAmazonS3AccessKeysStreamConfig(t *testing.T) { + t.Parallel() + cfg := &AmazonS3AccessKeysConfig{ + Bucket: Ptr("my-bucket"), + Region: Ptr("us-west-2"), + KeyID: Ptr("v1"), + AuthenticationType: Ptr("access_keys"), + EncryptedSecretKey: Ptr("ENCRYPTED_SECRET"), + EncryptedAccessKeyID: Ptr("ENCRYPTED_KEY_ID"), + } + got := NewAmazonS3AccessKeysStreamConfig(false, cfg) + if got.StreamType == nil || *got.StreamType != "Amazon S3" { + t.Errorf("NewAmazonS3AccessKeysStreamConfig StreamType = %v, want Amazon S3", got.StreamType) + } + if got.Enabled == nil || *got.Enabled { + t.Errorf("NewAmazonS3AccessKeysStreamConfig Enabled = %v, want false", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewAmazonS3AccessKeysStreamConfig VendorSpecific is nil") + } +} + +func TestNewSplunkStreamConfig(t *testing.T) { + t.Parallel() + cfg := &SplunkConfig{ + Domain: Ptr("splunk.example.com"), + Port: Ptr(uint16(8089)), + KeyID: Ptr("v1"), + EncryptedToken: Ptr("ENCRYPTED"), + SSLVerify: Ptr(true), + } + got := NewSplunkStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Splunk" { + t.Errorf("NewSplunkStreamConfig StreamType = %v, want Splunk", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewSplunkStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewSplunkStreamConfig VendorSpecific is nil") + } +} + +func TestNewHecStreamConfig(t *testing.T) { + t.Parallel() + cfg := &HecConfig{ + Domain: Ptr("hec.example.com"), + Port: Ptr(uint16(443)), + KeyID: Ptr("v1"), + EncryptedToken: Ptr("ENCRYPTED"), + Path: Ptr("/services/collector"), + SSLVerify: Ptr(true), + } + got := NewHecStreamConfig(false, cfg) + if got.StreamType == nil || *got.StreamType != "HTTPS Event Collector" { + t.Errorf("NewHecStreamConfig StreamType = %v, want HTTPS Event Collector", got.StreamType) + } + if got.Enabled == nil || *got.Enabled { + t.Errorf("NewHecStreamConfig Enabled = %v, want false", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewHecStreamConfig VendorSpecific is nil") + } +} + +func TestNewGoogleCloudStreamConfig(t *testing.T) { + t.Parallel() + cfg := &GoogleCloudConfig{ + Bucket: Ptr("my-gcs-bucket"), + KeyID: Ptr("v1"), + EncryptedJSONCredentials: Ptr("ENCRYPTED"), + } + got := NewGoogleCloudStreamConfig(true, cfg) + if got.StreamType == nil || *got.StreamType != "Google Cloud Storage" { + t.Errorf("NewGoogleCloudStreamConfig StreamType = %v, want Google Cloud Storage", got.StreamType) + } + if got.Enabled == nil || !*got.Enabled { + t.Errorf("NewGoogleCloudStreamConfig Enabled = %v, want true", got.Enabled) + } + if got.VendorSpecific == nil { + t.Fatal("NewGoogleCloudStreamConfig VendorSpecific is nil") + } } func TestNewDatadogStreamConfig(t *testing.T) { @@ -276,4 +403,7 @@ func TestNewDatadogStreamConfig(t *testing.T) { if got.Enabled == nil || *got.Enabled { t.Errorf("NewDatadogStreamConfig Enabled = %v, want false", got.Enabled) } + if got.VendorSpecific == nil { + t.Fatal("NewDatadogStreamConfig VendorSpecific is nil") + } }