Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add permissions input #40

Merged
merged 4 commits into from
Jul 12, 2022
Merged

Add permissions input #40

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5e8b311
Add permissions input
temsa Apr 28, 2022
5ddfb23
Make some changes
tibdex Jul 9, 2022
82fcd6c
fixup! Make some changes
tibdex Jul 12, 2022
95c3cbf
fixup! Make some changes
tibdex Jul 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,20 @@ jobs:
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.PRIVATE_KEY }}

# Optional (defaults to ID of the repository's installation).
# installation_id: 1337

# Optional (defaults to all the Github App permissions).
# Using a YAML multiline string to avoid escaping the JSON quotes.
# permissions: >-
# {"members": "read"}

private_key: ${{ secrets.PRIVATE_KEY }}

# Optional (defaults to the current repository).
# repository: "owner/repo"

- name: Use token
env:
TOKEN: ${{ steps.generate_token.outputs.token }}
Expand Down
2 changes: 2 additions & 0 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ inputs:
description: The ID of the installation for which the token will be requested (defaults to the ID of the repository's installation).
repository:
description: The full name of the repository for which the token will be requested (defaults to the current repository).
permissions:
description: The JSON-stringified permissions granted to the token (defaults to all the GitHub app permissions, see https://docs.github.com/en/rest/apps/apps#create-an-installation-access-token-for-an-app).
outputs:
token:
description: An installation token for the GitHub App on the requested repository.
Expand Down
20 changes: 10 additions & 10 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "github-app-token",
"version": "1.5.2",
"version": "1.6.0",
"license": "MIT",
"type": "module",
"files": [
Expand All @@ -14,26 +14,26 @@
"xo": "xo"
},
"dependencies": {
"@actions/core": "^1.6.0",
"@actions/github": "^5.0.1",
"@octokit/auth-app": "^3.6.1",
"@octokit/request": "^5.6.3",
"@actions/core": "^1.9.0",
"@actions/github": "^5.0.3",
"@octokit/auth-app": "^4.0.4",
"@octokit/request": "^6.0.2",
"ensure-error": "^4.0.0",
"is-base64": "^1.1.0"
},
"devDependencies": {
"@types/error-cause": "^1.0.1",
"@types/is-base64": "^1.1.1",
"@types/node": "^16.11.26",
"@vercel/ncc": "^0.33.3",
"@vercel/ncc": "^0.34.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-import": "^2.26.0",
"eslint-plugin-sort-destructure-keys": "^1.4.0",
"eslint-plugin-typescript-sort-keys": "^2.1.0",
"prettier": "^2.6.2",
"prettier-plugin-packagejson": "^2.2.17",
"typescript": "^4.7.0-beta",
"xo": "^0.48.0",
"yarn-deduplicate": "^4.0.0"
"prettier-plugin-packagejson": "^2.2.18",
"typescript": "^4.7.4",
"xo": "^0.50.0",
"yarn-deduplicate": "^5.0.0"
}
}
8 changes: 7 additions & 1 deletion src/fetch-installation-token.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,14 @@ export const fetchInstallationToken = async ({
appId,
installationId,
owner,
permissions,
privateKey,
repo,
}: Readonly<{
appId: string;
installationId?: number;
owner: string;
permissions?: Record<string, string>;
privateKey: string;
repo: string;
}>): Promise<string> => {
Expand Down Expand Up @@ -42,6 +44,10 @@ export const fetchInstallationToken = async ({
}
}

const installation = await app({ installationId, type: "installation" });
const installation = await app({
installationId,
permissions,
type: "installation",
});
return installation.token;
};
15 changes: 13 additions & 2 deletions src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,21 +8,32 @@ import { fetchInstallationToken } from "./fetch-installation-token.js";
const run = async () => {
try {
const appId = getInput("app_id", { required: true });

const installationIdInput = getInput("installation_id");
const installationId = installationIdInput
? Number(installationIdInput)
: undefined;

const permissionsInput = getInput("permissions");
const permissions = permissionsInput
? (JSON.parse(permissionsInput) as Record<string, string>)
: undefined;

const privateKeyInput = getInput("private_key", { required: true });
const privateKey = isBase64(privateKeyInput)
? Buffer.from(privateKeyInput, "base64").toString("utf8")
: privateKeyInput;

const installationId = getInput("installation_id");
const repositoryInput = getInput("repository");
const [owner, repo] = repositoryInput
? repositoryInput.split("/")
: [context.repo.owner, context.repo.repo];

const installationToken = await fetchInstallationToken({
appId,
installationId: installationId ? Number(installationId) : undefined,
installationId,
owner,
permissions,
privateKey,
repo,
});
Expand Down
Loading