fix: 🐛 post action

wow-actions · Sep 25, 2020 · 1af3528 · 1af3528
1 parent 1c1811e
commit 1af3528
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 33 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -17,4 +17,3 @@ jobs:
           APP_ID: ${{ secrets.APP_ID }}
           PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
           SECRET_NAME: APP_TOKEN
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/src/action.ts b/src/action.ts
@@ -1,35 +1,11 @@
 import * as core from '@actions/core'
-import * as github from '@actions/github'
-import { App } from '@octokit/app'
-import isBase64 from 'is-base64'
 import { Util } from './util'
 
 export namespace Action {
-  let token: string
-
   export async function run() {
     try {
-      const id = Number(core.getInput('APP_ID', { required: true }))
-      const privateKeyInput = core.getInput('PRIVATE_KEY', { required: true })
-      const privateKey = isBase64(privateKeyInput)
-        ? Buffer.from(privateKeyInput, 'base64').toString('utf8')
-        : privateKeyInput
-      const app = new App({ id, privateKey })
-      const jwt = app.getSignedJsonWebToken()
-      const octokit = github.getOctokit(jwt)
-      const {
-        data: { id: installationId },
-      } = await octokit.apps.getRepoInstallation(github.context.repo)
-
-      token = await app.getInstallationAccessToken({
-        installationId,
-      })
-
-      const secretName = core.getInput('SECRET_NAME')
-      if (secretName) {
-        await Util.createOrUpdateRepoSecret(token, secretName, token)
-      }
-
+      const token = await Util.getAppToken()
+      await Util.saveAppTokenToSecret(token)
       core.setSecret(token)
       core.setOutput('token', token)
       core.info('Token generated successfully!')
@@ -41,10 +17,7 @@ export namespace Action {
 
   export async function cleanup() {
     try {
-      const secretName = core.getInput('SECRET_NAME')
-      if (secretName) {
-        await Util.deleteSecret(token, secretName)
-      }
+      await Util.removeAppTokenFromSecret()
     } catch (e) {
       core.error(e)
       core.setFailed(e.message)

diff --git a/src/index.ts b/src/index.ts
@@ -2,6 +2,8 @@ import { Action } from './action'
 
 const isPost = !!process.env['STATE_isPost']
 
+console.log(JSON.stringify(process.env, null, 2))
+
 if (!isPost) {
   Action.run()
 } else {

diff --git a/src/util.ts b/src/util.ts
@@ -1,9 +1,45 @@
-import { context } from '@actions/github'
+import { context, getOctokit } from '@actions/github'
 import { Octokit } from '@octokit/core'
+import { getInput } from '@actions/core'
+import { App } from '@octokit/app'
+import isBase64 from 'is-base64'
 import sodium from 'tweetsodium'
 
 export namespace Util {
-  async function createSecret(octokit: Octokit, value: string) {
+  export async function getAppToken() {
+    const id = Number(getInput('APP_ID', { required: true }))
+    const privateKeyInput = getInput('PRIVATE_KEY', { required: true })
+    const privateKey = isBase64(privateKeyInput)
+      ? Buffer.from(privateKeyInput, 'base64').toString('utf8')
+      : privateKeyInput
+    const app = new App({ id, privateKey })
+    const jwt = app.getSignedJsonWebToken()
+    const octokit = getOctokit(jwt)
+    const {
+      data: { id: installationId },
+    } = await octokit.apps.getRepoInstallation(context.repo)
+
+    return app.getInstallationAccessToken({
+      installationId,
+    })
+  }
+
+  export async function saveAppTokenToSecret(token: string) {
+    const secretName = getInput('SECRET_NAME')
+    if (secretName) {
+      return createOrUpdateRepoSecret(token, secretName, token)
+    }
+  }
+
+  export async function removeAppTokenFromSecret() {
+    const secretName = getInput('SECRET_NAME')
+    if (secretName) {
+      const token = await getAppToken()
+      return Util.deleteSecret(token, secretName)
+    }
+  }
+
+  export async function createSecret(octokit: Octokit, value: string) {
     const repo = context.repo
     const res = await octokit.request(
       'GET /repos/:owner/:repo/actions/secrets/public-key',