chore(jenkins-infra-azure-vm-agents) filters out ipv6 ips for github …

…`git` end points (#162) * chore(jenkins-infra-azure-vm-agents) filters out ipv6 ips for github end points Signed-off-by: jayfranco999 <[email protected]> * Apply suggestions from code review * Update terraform/modules/azure-jenkinsinfra-azurevm-agents/main.tf --------- Signed-off-by: jayfranco999 <[email protected]> Co-authored-by: Damien Duportal <[email protected]>
jenkins-infra · Dec 3, 2024 · 19c25dc · 19c25dc
1 parent 61205bc
commit 19c25dc
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/terraform/modules/azure-jenkinsinfra-azurevm-agents/main.tf b/terraform/modules/azure-jenkinsinfra-azurevm-agents/main.tf
@@ -78,7 +78,11 @@ resource "azurerm_network_security_rule" "allow_outbound_ssh_from_ephemeral_agen
   source_port_range           = "*"
   source_address_prefixes     = data.azurerm_subnet.ephemeral_agents.address_prefixes
   destination_port_range      = "22"
-  destination_address_prefixes = split(" ", local.github_destination_address_prefixes)
+  #Filter only for ipv4 ips
+  destination_address_prefixes = [
+    for ip in split(" ", local.github_destination_address_prefixes) : ip
+    if can(cidrnetmask(ip))
+  ]
   resource_group_name         = var.controller_rg_name
   network_security_group_name = azurerm_network_security_group.ephemeral_agents.name
 }