Add github_organization_ip_allow_list_entry resource

[allandegnan]

Resolves #1067

---

Before the change?

• The provider exposes github_organization_ip_allow_list as a data source
  only. There is no managed resource for organization-scoped IP allow list
  entries — only the enterprise-scoped equivalent
  (github_enterprise_ip_allow_list_entry, added in feat: Adding github_enterprise_ip_allow_list_entry resource #2649). Practitioners on
  plans without enterprise access have had to fall back to the third-party
  form3tech-oss/githubipallowlist provider or to null_resource +
  gh api graphql shims.

After the change?

• New managed resource github_organization_ip_allow_list_entry that creates,
  updates, deletes, and imports organization-scoped IP allow list entries.
• Organization is taken implicitly from the provider's owner, matching the
  existing github_organization_ip_allow_list data source.
• Uses the GraphQL createIpAllowListEntry / updateIpAllowListEntry /
  deleteIpAllowListEntry mutations — same mutations the enterprise resource
  uses, with the organization node ID as ownerId.
• Adds a getOrganizationID helper in util_v4.go (mirrors getEnterpriseID).
• Docs generated via tfplugindocs from
  templates/resources/organization_ip_allow_list_entry.md.tmpl; example at
  examples/resources/organization_ip_allow_list_entry/example_1.tf.

Pull request checklist

• Schema migrations have been created if needed — N/A, brand-new resource
• Tests for the changes have been added (for bug fixes / features)
• Docs have been reviewed and added / updated if needed

Does this introduce a breaking change?

• Yes
• No

---

Implementation notes

Near-mechanical adaptation of #2649:

Element	Enterprise (#2649)	This PR
Resource file	resource_github_enterprise_ip_allow_list_entry.go	resource_github_organization_ip_allow_list_entry.go
Owner ID source	enterprise_slug schema arg → getEnterpriseID	implicit from provider owner → new getOrganizationID
Read/Import GraphQL fragment	... on Enterprise { Slug }	... on Organization { Login }
Mutations	createIpAllowListEntry / updateIpAllowListEntry / deleteIpAllowListEntry	same — only ownerId differs

Acceptance test coverage mirrors #2649: a basic subtest (apply +
ImportStateVerify) and an update subtest.

Test plan

• go build ./... clean
• go vet ./... clean
• gofmt -l github/ clean
• make validatedocs exits 0
• TF_ACC=1 go test ./github -run TestAccGithubOrganizationIpAllowListEntry — verified against an org with IP allow list enabled

Design note

The resource takes its organization implicitly from the provider's owner,
with no per-resource owner argument. This matches the
github_organization_ip_allow_list data source and most other org-scoped
resources. The alternative (explicit owner field, as
form3tech-oss/githubipallowlist does) was considered; happy to switch if
reviewers prefer.

Related: #3154 (IP-allow-list trifecta: enterprise / org / GitHub App).

[github-actions]

👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with Status: Up for grabs. You & others like you are the reason all of this works! So thank you & happy coding! 🚀