diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index 6c0cbe9..2c81bd5 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -39,6 +39,26 @@ jobs: - name: Verify log-in run: doctl compute region list + test_no_auth: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + steps: + - uses: actions/checkout@master + + - name: Install doctl + uses: ./ + with: + no_auth: true + + - name: Verify installation + run: doctl version + + - name: Verify not authenticated + run: | + doctl compute region list 2>&1 | grep -qi "Unable to initialize DigitalOcean API client: access token is required" + test_custom_version_linux_and_mac: runs-on: ${{ matrix.os }} strategy: diff --git a/README.md b/README.md index 8ff9ad5..9a4ea98 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,9 @@ See [this repository](https://github.com/do-community/example-doctl-action) for - `token` – (**Required**) A DigitalOcean personal access token ([more info](https://docs.digitalocean.com/reference/api/create-personal-access-token/)). - `version` – (Optional) The version of `doctl` to install. If excluded, the latest release will be used. +- `no_auth` – (Optional) Set to `true` to skip the authentication step. The API `token` parameter is _Optional_ in this case. + - _Note:_ This can be useful when running in workflows in untrusted environments, or where auth isn't necessary (e.g. `doctl app spec validate --schema-only`) + - This depends on `doctl >= v1.101.0` (digitalocean/doctl#1450) ## Contributing diff --git a/action.yml b/action.yml index e47ce09..5ac2a22 100644 --- a/action.yml +++ b/action.yml @@ -8,9 +8,12 @@ inputs: version: description: 'Version of doctl to install' default: 'latest' + no_auth: + description: 'Skip authentication' + default: 'false' token: description: 'DigitalOcean API Token' - required: true + default: '' runs: using: 'node16' main: 'dist/index.js' \ No newline at end of file diff --git a/dist/index.js b/dist/index.js index 5b9924d..bd86496 100644 --- a/dist/index.js +++ b/dist/index.js @@ -17538,6 +17538,14 @@ Failed to retrieve latest version; falling back to: ${fallbackVersion}`); core.addPath(path); core.info(`>>> doctl version v${version} installed to ${path}`); + // Skip authentication if requested + // for workflows where auth isn't necessary (e.g. doctl app spec validate --schema-only) + var no_auth = core.getInput('no_auth'); + if (no_auth.toLowerCase() === 'true') { + core.info('>>> Skipping doctl auth'); + return; + } + var token = core.getInput('token', { required: true }); core.setSecret(token); await exec.exec('doctl auth init -t', [token]); diff --git a/main.js b/main.js index 44e620a..30cb2a2 100644 --- a/main.js +++ b/main.js @@ -81,6 +81,14 @@ Failed to retrieve latest version; falling back to: ${fallbackVersion}`); core.addPath(path); core.info(`>>> doctl version v${version} installed to ${path}`); + // Skip authentication if requested + // for workflows where auth isn't necessary (e.g. doctl app spec validate --schema-only) + var no_auth = core.getInput('no_auth'); + if (no_auth.toLowerCase() === 'true') { + core.info('>>> Skipping doctl auth'); + return; + } + var token = core.getInput('token', { required: true }); core.setSecret(token); await exec.exec('doctl auth init -t', [token]);