Integrate Netework Access IP Whitelist with GitHub Actions
I'm trying to setup CI for my project using GitHub actions, while restricting Network Access. The problem is that GitHub's machines have weekly changing IPs: https://help.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners#ip-addresses-of-runners-on-github-hosted-machines
Is there any way to automatically integrate that list of IPs in the Network Access IP Whitelist? This feature would benefit all users of GitHub Actions.
We have found self-hosted GitHub Actions use ephemeral ports (large port-range) towards cloud.mongodb.com (@ tcp-443). I don't see any proper FAQ, Blogs, How-to-documentation on: What ports need to whitelist at Customer side (at GitHub Actions side) and What are all sub-domains under "cloud.mongodb.com" need to whitelist. All layer 7 firewall are not intelligent and some of the mentioned parameters need to define explicitly.
This is a great idea. While we do not have near-term plans to do something like this, we're definitely thinking about how to provide better end to end CI/CD experiences, and I expect a product manager will likely want to speak to you in the future.