Compare commits
5 Commits
v2.2.1
...
v3.0.0-bet
| Author | SHA1 | Date | |
|---|---|---|---|
|
bf559f8544 | ||
|
|
cda91bf2b9 | ||
|
|
2ae58da528 | ||
|
|
fb1c7fda2b | ||
|
|
61789386cb |
@@ -12,6 +12,6 @@ jobs:
|
||||
id-token: write
|
||||
packages: write
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/checkout@v5
|
||||
- name: Publish Immutable Action
|
||||
uses: actions/publish-immutable-action@v0.0.4
|
||||
|
||||
6
.github/workflows/release.yml
vendored
6
.github/workflows/release.yml
vendored
@@ -18,14 +18,14 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# build local version to create token
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/checkout@v5
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- uses: actions/setup-node@v6
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: package.json
|
||||
|
||||
cache: 'npm'
|
||||
|
||||
- run: npm ci
|
||||
- run: npm run build
|
||||
|
||||
34
.github/workflows/stale.yml
vendored
34
.github/workflows/stale.yml
vendored
@@ -1,34 +0,0 @@
|
||||
# This workflow warns and then closes issues that have had no activity for a specified amount of time.
|
||||
# https://github.com/actions/stale
|
||||
|
||||
name: Stale
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
# 00:00 UTC on Mondays
|
||||
- cron: '0 0 * * 1'
|
||||
|
||||
permissions:
|
||||
issues: write
|
||||
pull-requests: write
|
||||
|
||||
env:
|
||||
DAYS_BEFORE_STALE: 180
|
||||
DAYS_BEFORE_CLOSE: 60
|
||||
STALE_LABEL: 'stale'
|
||||
STALE_LABEL_URL: ${{github.server_url}}/${{github.repository}}/labels/stale
|
||||
|
||||
jobs:
|
||||
stale:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/stale@v10
|
||||
with:
|
||||
operations-per-run: 100
|
||||
days-before-stale: ${{ env.DAYS_BEFORE_STALE }}
|
||||
days-before-close: ${{ env.DAYS_BEFORE_CLOSE }}
|
||||
stale-issue-label: ${{ env.STALE_LABEL }}
|
||||
stale-pr-label: ${{ env.STALE_LABEL }}
|
||||
stale-issue-message: 'This issue has been marked ${{ env.STALE_LABEL_URL }} because it has been open for ${{ env.DAYS_BEFORE_STALE }} days with no activity. Please close this issue if it is no longer needed. If this issue is still relevant and you would like it to remain open, simply update it within the next ${{ env.DAYS_BEFORE_CLOSE }} days.'
|
||||
stale-pr-message: 'This pull request has been marked ${{ env.STALE_LABEL_URL }} because it has been open for ${{ env.DAYS_BEFORE_STALE }} days with no activity. Please close this pull request if it is no longer needed. If this pull request is still relevant and you would like it to remain open, simply update it within the next ${{ env.DAYS_BEFORE_CLOSE }} days.'
|
||||
17
.github/workflows/test.yml
vendored
17
.github/workflows/test.yml
vendored
@@ -5,7 +5,6 @@ on:
|
||||
branches:
|
||||
- main
|
||||
pull_request:
|
||||
merge_group:
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency:
|
||||
@@ -17,28 +16,30 @@ permissions:
|
||||
|
||||
jobs:
|
||||
integration:
|
||||
name: integration
|
||||
name: Integration
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/checkout@v5
|
||||
|
||||
- uses: actions/setup-node@v6
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: package.json
|
||||
cache: 'npm'
|
||||
|
||||
- run: npm ci
|
||||
- run: npm test
|
||||
|
||||
end-to-end:
|
||||
name: end-to-end
|
||||
name: End-to-End
|
||||
runs-on: ubuntu-latest
|
||||
# do not run from forks, as forks don’t have access to repository secrets
|
||||
if: github.event_name == 'merge_group' || github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
|
||||
if: github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/setup-node@v6
|
||||
- uses: actions/checkout@v5
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: package.json
|
||||
cache: 'npm'
|
||||
- run: npm ci
|
||||
- run: npm run build
|
||||
- uses: ./ # Uses the action in the root directory
|
||||
|
||||
19
.github/workflows/update-permission-inputs.yml
vendored
19
.github/workflows/update-permission-inputs.yml
vendored
@@ -13,30 +13,21 @@ concurrency:
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
update-permission-inputs:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
COMMIT_MESSAGE: 'feat: update permission inputs'
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: actions/setup-node@v6
|
||||
- uses: actions/checkout@v5
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: package.json
|
||||
cache: 'npm'
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
- name: Run permission inputs update script
|
||||
run: node scripts/update-permission-inputs.js
|
||||
- name: Commit changes
|
||||
id: auto-commit
|
||||
uses: stefanzweifel/git-auto-commit-action@778341af668090896ca464160c2def5d1d1a3eb0 # v6.0.1
|
||||
uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0
|
||||
with:
|
||||
commit_message: ${{ env.COMMIT_MESSAGE }}
|
||||
- name: Update PR title
|
||||
if: github.event_name == 'pull_request' && steps.auto-commit.outputs.changes_detected == 'true'
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
gh pr edit ${{ github.event.pull_request.number }} --title "${{ env.COMMIT_MESSAGE }}"
|
||||
commit_message: 'feat: update permission inputs'
|
||||
|
||||
24
README.md
24
README.md
@@ -28,7 +28,7 @@ jobs:
|
||||
hello-world:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
@@ -47,13 +47,13 @@ jobs:
|
||||
auto-format:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
# required
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
private-key: ${{ secrets.PRIVATE_KEY }}
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/checkout@v5
|
||||
with:
|
||||
token: ${{ steps.app-token.outputs.token }}
|
||||
ref: ${{ github.head_ref }}
|
||||
@@ -73,7 +73,7 @@ jobs:
|
||||
auto-format:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
# required
|
||||
@@ -98,7 +98,7 @@ jobs:
|
||||
auto-format:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
# required
|
||||
@@ -135,7 +135,7 @@ jobs:
|
||||
hello-world:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
@@ -157,7 +157,7 @@ jobs:
|
||||
hello-world:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
@@ -182,7 +182,7 @@ jobs:
|
||||
hello-world:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
@@ -207,7 +207,7 @@ jobs:
|
||||
hello-world:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
@@ -249,7 +249,7 @@ jobs:
|
||||
owners-and-repos: ${{ fromJson(needs.set-matrix.outputs.matrix) }}
|
||||
|
||||
steps:
|
||||
- uses: actions/create-github-app-token@v2
|
||||
- uses: actions/create-github-app-token@v3
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
@@ -279,7 +279,7 @@ jobs:
|
||||
steps:
|
||||
- name: Create GitHub App token
|
||||
id: create_token
|
||||
uses: actions/create-github-app-token@v2
|
||||
uses: actions/create-github-app-token@v3
|
||||
with:
|
||||
app-id: ${{ vars.GHES_APP_ID }}
|
||||
private-key: ${{ secrets.GHES_APP_PRIVATE_KEY }}
|
||||
@@ -318,7 +318,7 @@ steps:
|
||||
echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
|
||||
- name: Generate GitHub App Token
|
||||
id: app-token
|
||||
uses: actions/create-github-app-token@v2
|
||||
uses: actions/create-github-app-token@v3
|
||||
with:
|
||||
app-id: ${{ vars.APP_ID }}
|
||||
private-key: ${{ steps.decode.outputs.private-key }}
|
||||
|
||||
@@ -37,16 +37,12 @@ inputs:
|
||||
description: "The level of permission to grant the access token to create, edit, delete, and list Codespaces. Can be set to 'read' or 'write'."
|
||||
permission-contents:
|
||||
description: "The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be set to 'read' or 'write'."
|
||||
permission-custom-properties-for-organizations:
|
||||
description: "The level of permission to grant the access token to view and edit custom properties for an organization, when allowed by the property. Can be set to 'read' or 'write'."
|
||||
permission-dependabot-secrets:
|
||||
description: "The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."
|
||||
permission-deployments:
|
||||
description: "The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'."
|
||||
permission-email-addresses:
|
||||
description: "The level of permission to grant the access token to manage the email addresses belonging to a user. Can be set to 'read' or 'write'."
|
||||
permission-enterprise-custom-properties-for-organizations:
|
||||
description: "The level of permission to grant the access token for organization custom properties management at the enterprise level. Can be set to 'read', 'write', or 'admin'."
|
||||
permission-environments:
|
||||
description: "The level of permission to grant the access token for managing repository environments. Can be set to 'read' or 'write'."
|
||||
permission-followers:
|
||||
@@ -72,7 +68,7 @@ inputs:
|
||||
permission-organization-custom-org-roles:
|
||||
description: "The level of permission to grant the access token for custom organization roles management. Can be set to 'read' or 'write'."
|
||||
permission-organization-custom-properties:
|
||||
description: "The level of permission to grant the access token for repository custom properties management at the organization level. Can be set to 'read', 'write', or 'admin'."
|
||||
description: "The level of permission to grant the access token for custom property management. Can be set to 'read', 'write', or 'admin'."
|
||||
permission-organization-custom-roles:
|
||||
description: "The level of permission to grant the access token for custom repository roles management. Can be set to 'read' or 'write'."
|
||||
permission-organization-events:
|
||||
@@ -136,6 +132,6 @@ outputs:
|
||||
app-slug:
|
||||
description: "GitHub App slug"
|
||||
runs:
|
||||
using: "node20"
|
||||
using: "node24"
|
||||
main: "dist/main.cjs"
|
||||
post: "dist/post.cjs"
|
||||
|
||||
23051
dist/main.cjs
vendored
23051
dist/main.cjs
vendored
File diff suppressed because one or more lines are too long
22661
dist/post.cjs
vendored
22661
dist/post.cjs
vendored
File diff suppressed because one or more lines are too long
10
lib/main.js
10
lib/main.js
@@ -89,12 +89,12 @@ export async function main(
|
||||
permissions
|
||||
),
|
||||
{
|
||||
shouldRetry: ({ error }) => error.status >= 500,
|
||||
onFailedAttempt: (context) => {
|
||||
shouldRetry: (error) => error.status >= 500,
|
||||
onFailedAttempt: (error) => {
|
||||
core.info(
|
||||
`Failed to create token for "${parsedRepositoryNames.join(
|
||||
","
|
||||
)}" (attempt ${context.attemptNumber}): ${context.error.message}`
|
||||
)}" (attempt ${error.attemptNumber}): ${error.message}`
|
||||
);
|
||||
},
|
||||
retries: 3,
|
||||
@@ -105,9 +105,9 @@ export async function main(
|
||||
({ authentication, installationId, appSlug } = await pRetry(
|
||||
() => getTokenFromOwner(request, auth, parsedOwner, permissions),
|
||||
{
|
||||
onFailedAttempt: (context) => {
|
||||
onFailedAttempt: (error) => {
|
||||
core.info(
|
||||
`Failed to create token for "${parsedOwner}" (attempt ${context.attemptNumber}): ${context.error.message}`
|
||||
`Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
|
||||
);
|
||||
},
|
||||
retries: 3,
|
||||
|
||||
@@ -1,41 +1,11 @@
|
||||
import core from "@actions/core";
|
||||
import { request } from "@octokit/request";
|
||||
import { ProxyAgent, fetch as undiciFetch } from "undici";
|
||||
|
||||
// Get the GitHub API URL from the action input and remove any trailing slash
|
||||
const baseUrl = core.getInput("github-api-url").replace(/\/$/, "");
|
||||
|
||||
// https://docs.github.com/actions/hosting-your-own-runners/managing-self-hosted-runners/using-a-proxy-server-with-self-hosted-runners
|
||||
const proxyUrl =
|
||||
process.env.https_proxy ||
|
||||
process.env.HTTPS_PROXY ||
|
||||
process.env.http_proxy ||
|
||||
process.env.HTTP_PROXY;
|
||||
|
||||
/* c8 ignore start */
|
||||
// Native support for proxies in Undici is under consideration: https://github.com/nodejs/undici/issues/1650
|
||||
// Until then, we need to use a custom fetch function to add proxy support.
|
||||
const proxyFetch = (url, options) => {
|
||||
const urlHost = new URL(url).hostname;
|
||||
const noProxy = (process.env.no_proxy || process.env.NO_PROXY || "").split(
|
||||
",",
|
||||
);
|
||||
|
||||
if (!noProxy.includes(urlHost)) {
|
||||
options = {
|
||||
...options,
|
||||
dispatcher: new ProxyAgent(String(proxyUrl)),
|
||||
};
|
||||
}
|
||||
|
||||
return undiciFetch(url, options);
|
||||
};
|
||||
/* c8 ignore stop */
|
||||
|
||||
// Configure the default settings for GitHub API requests
|
||||
export default request.defaults({
|
||||
headers: {
|
||||
"user-agent": "actions/create-github-app-token",
|
||||
},
|
||||
headers: { "user-agent": "actions/create-github-app-token" },
|
||||
baseUrl,
|
||||
/* c8 ignore next */
|
||||
request: proxyUrl ? { fetch: proxyFetch } : {},
|
||||
});
|
||||
|
||||
1260
package-lock.json
generated
1260
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
24
package.json
24
package.json
@@ -2,14 +2,13 @@
|
||||
"name": "create-github-app-token",
|
||||
"private": true,
|
||||
"type": "module",
|
||||
"version": "2.2.1",
|
||||
"version": "3.0.0-beta.2",
|
||||
"description": "GitHub Action for creating a GitHub App Installation Access Token",
|
||||
"engines": {
|
||||
"node": ">=20"
|
||||
"node": ">=24.4.0"
|
||||
},
|
||||
"packageManager": "npm@10.9.4",
|
||||
"scripts": {
|
||||
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",
|
||||
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --packages=bundle",
|
||||
"test": "c8 --100 ava tests/index.js",
|
||||
"coverage": "c8 report --reporter html",
|
||||
"postcoverage": "open-cli coverage/index.html"
|
||||
@@ -17,20 +16,20 @@
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.11.1",
|
||||
"@octokit/auth-app": "^8.1.2",
|
||||
"@octokit/request": "^10.0.3",
|
||||
"p-retry": "^7.1.0",
|
||||
"undici": "^7.16.0"
|
||||
"@octokit/auth-app": "^7.2.1",
|
||||
"@octokit/request": "^9.2.2",
|
||||
"p-retry": "^6.2.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@octokit/openapi": "^21.0.0",
|
||||
"@sinonjs/fake-timers": "^15.0.0",
|
||||
"@octokit/openapi": "^19.1.0",
|
||||
"@sinonjs/fake-timers": "^14.0.0",
|
||||
"ava": "^6.4.1",
|
||||
"c8": "^10.1.3",
|
||||
"dotenv": "^17.2.3",
|
||||
"esbuild": "^0.25.10",
|
||||
"dotenv": "^17.2.1",
|
||||
"esbuild": "^0.25.8",
|
||||
"execa": "^9.6.0",
|
||||
"open-cli": "^8.0.0",
|
||||
"undici": "^7.13.0",
|
||||
"yaml": "^2.8.1"
|
||||
},
|
||||
"release": {
|
||||
@@ -47,7 +46,6 @@
|
||||
"@semantic-release/release-notes-generator",
|
||||
"@semantic-release/github",
|
||||
"@semantic-release/npm",
|
||||
"semantic-release-plugin-github-breaking-version-tag",
|
||||
[
|
||||
"@semantic-release/git",
|
||||
{
|
||||
|
||||
@@ -187,14 +187,6 @@
|
||||
"write"
|
||||
]
|
||||
},
|
||||
"custom_properties_for_organizations": {
|
||||
"type": "string",
|
||||
"description": "The level of permission to grant the access token to view and edit custom properties for an organization, when allowed by the property.",
|
||||
"enum": [
|
||||
"read",
|
||||
"write"
|
||||
]
|
||||
},
|
||||
"members": {
|
||||
"type": "string",
|
||||
"description": "The level of permission to grant the access token for organization teams and members.",
|
||||
@@ -229,7 +221,7 @@
|
||||
},
|
||||
"organization_custom_properties": {
|
||||
"type": "string",
|
||||
"description": "The level of permission to grant the access token for repository custom properties management at the organization level.",
|
||||
"description": "The level of permission to grant the access token for custom property management.",
|
||||
"enum": [
|
||||
"read",
|
||||
"write",
|
||||
@@ -392,15 +384,6 @@
|
||||
"read",
|
||||
"write"
|
||||
]
|
||||
},
|
||||
"enterprise_custom_properties_for_organizations": {
|
||||
"type": "string",
|
||||
"description": "The level of permission to grant the access token for organization custom properties management at the enterprise level.",
|
||||
"enum": [
|
||||
"read",
|
||||
"write",
|
||||
"admin"
|
||||
]
|
||||
}
|
||||
},
|
||||
"example": {
|
||||
|
||||
Binary file not shown.
Reference in New Issue
Block a user