A publishable range of external IP addresses for Buildkite that isn’t all of Amazon. Eg Zendesk, Travis, Github etc.
Many organisations run egress firewalls that require whitelisting of CIDRs for external communications for security reasons. By having a publishable range of external IPs you make Buildkite palatable to the security engineers in those organisations.
Howdy @mtcmorris! Fancy seeing you here!!
Good call on this one. This is something we’ve been discussing internally for aaages. Amazon hasn’t really given us any good tools to address this, but I think that’s about to change.
[…REDACTED…]
I’ll do some poking internally and see where we’re up to with it.
Hi!
Are there any updates to this?
All webhook notifications are 401ing because I can’t whitelist Buildkite.
Hi @dnguyen,
It’s not documented anywhere yet, but we have an API endpoint here which might help:
https://api.buildkite.com/v2/meta
webhook_ips is a list of CIDRs which we will send webhooks from. Do you think that will work for you?
Nik
Yes it worked! Thank you @anon17095254
FYI (@dnguyen and anybody else interested):
The IP addresses returned from https://api.buildkite.com/v2/meta have changed as per New outbound IP addresses
We’ll be switching to the new IP addresses in the coming two weeks.