From 6f3f59186f3e78b27267a0aa8e315bd891917808 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Fri, 4 Apr 2025 03:41:15 +0900 Subject: [PATCH 1/4] docs: delete unused badge (#222) It seems that there is an unused badge in this repository. This badge was introduced in https://github.com/actions/create-github-app-token/pull/70, but after some trial and error, it was removed from the README (https://github.com/actions/create-github-app-token/pull/70/commits/f28f8958a77a5e1e1f036ad308ffa00c25948a97 in the PR). However, the badge itself was not deleted. Therefore, this badge appears to be unnecessary. This patch removes it. --- badges/coverage.svg | 25 ------------------------- 1 file changed, 25 deletions(-) delete mode 100644 badges/coverage.svg diff --git a/badges/coverage.svg b/badges/coverage.svg deleted file mode 100644 index 5c93d2c..0000000 --- a/badges/coverage.svg +++ /dev/null @@ -1,25 +0,0 @@ - - Coverage: 100% - - - - - - - - - - - - - - - Coverage - - 100% - - From 23b44b2c8e8fb45e411a8deb65c23f237dcceffd Mon Sep 17 00:00:00 2001 From: Parker Brown <17183625+parkerbxyz@users.noreply.github.com> Date: Thu, 3 Apr 2025 12:08:57 -0700 Subject: [PATCH 2/4] build: update package-lock.json on release (#227) This pull request updates the release configuration to include package-lock.json. This should ensure the action version is update in package-lock.json when the release workflow runs. --- package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/package.json b/package.json index fe1c992..bde815b 100644 --- a/package.json +++ b/package.json @@ -45,6 +45,7 @@ { "assets": [ "package.json", + "package-lock.json", "dist/*" ], "message": "build(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" From 5cc811bc40176329bb642bff9e5d9e356099ad2a Mon Sep 17 00:00:00 2001 From: Parker Brown <17183625+parkerbxyz@users.noreply.github.com> Date: Thu, 3 Apr 2025 12:09:57 -0700 Subject: [PATCH 3/4] feat!: remove deprecated inputs (#213) BREAKING CHANGE: Removed deprecated inputs (`app_id`, `private_key`, `skip_token_revoke`) and made `app-id` and `private-key` required in the action configuration. --- action.yml | 16 ++-------------- lib/post.js | 7 ++----- main.js | 18 ++++-------------- package-lock.json | 4 ++-- tests/main-missing-app-id.test.js | 9 --------- tests/main-missing-private-key.test.js | 10 ---------- tests/snapshots/index.js.md | 24 +----------------------- tests/snapshots/index.js.snap | Bin 1511 -> 1349 bytes 8 files changed, 11 insertions(+), 77 deletions(-) delete mode 100644 tests/main-missing-app-id.test.js delete mode 100644 tests/main-missing-private-key.test.js diff --git a/action.yml b/action.yml index aab57bc..38b6dc7 100644 --- a/action.yml +++ b/action.yml @@ -7,18 +7,10 @@ branding: inputs: app-id: description: "GitHub App ID" - required: false # TODO: When 'app_id' is removed, make 'app-id' required - app_id: - description: "GitHub App ID" - required: false - deprecationMessage: "'app_id' is deprecated and will be removed in a future version. Use 'app-id' instead." + required: true private-key: description: "GitHub App private key" - required: false # TODO: When 'private_key' is removed, make 'private-key' required - private_key: - description: "GitHub App private key" - required: false - deprecationMessage: "'private_key' is deprecated and will be removed in a future version. Use 'private-key' instead." + required: true owner: description: "The owner of the GitHub App installation (defaults to current repository owner)" required: false @@ -28,10 +20,6 @@ inputs: skip-token-revoke: description: "If truthy, the token will not be revoked when the current job is complete" required: false - skip_token_revoke: - description: "If truthy, the token will not be revoked when the current job is complete" - required: false - deprecationMessage: "'skip_token_revoke' is deprecated and will be removed in a future version. Use 'skip-token-revoke' instead." # Make GitHub API configurable to support non-GitHub Cloud use cases # see https://github.com/actions/create-github-app-token/issues/77 github-api-url: diff --git a/lib/post.js b/lib/post.js index 9b294ae..f21174d 100644 --- a/lib/post.js +++ b/lib/post.js @@ -5,9 +5,7 @@ * @param {import("@octokit/request").request} request */ export async function post(core, request) { - const skipTokenRevoke = Boolean( - core.getInput("skip-token-revoke") || core.getInput("skip_token_revoke") - ); + const skipTokenRevoke = Boolean(core.getInput("skip-token-revoke")); if (skipTokenRevoke) { core.info("Token revocation was skipped"); @@ -35,8 +33,7 @@ export async function post(core, request) { }); core.info("Token revoked"); } catch (error) { - core.warning( - `Token revocation failed: ${error.message}`) + core.warning(`Token revocation failed: ${error.message}`); } } diff --git a/main.js b/main.js index 81b7767..ac3a7c5 100644 --- a/main.js +++ b/main.js @@ -3,9 +3,9 @@ import core from "@actions/core"; import { createAppAuth } from "@octokit/auth-app"; +import { getPermissionsFromInputs } from "./lib/get-permissions-from-inputs.js"; import { main } from "./lib/main.js"; import request from "./lib/request.js"; -import { getPermissionsFromInputs } from "./lib/get-permissions-from-inputs.js"; if (!process.env.GITHUB_REPOSITORY) { throw new Error("GITHUB_REPOSITORY missing, must be set to '/'"); @@ -15,16 +15,8 @@ if (!process.env.GITHUB_REPOSITORY_OWNER) { throw new Error("GITHUB_REPOSITORY_OWNER missing, must be set to ''"); } -const appId = core.getInput("app-id") || core.getInput("app_id"); -if (!appId) { - // The 'app_id' input was previously required, but it and 'app-id' are both optional now, until the former is removed. Still, we want to ensure that at least one of them is set. - throw new Error("Input required and not supplied: app-id"); -} -const privateKey = core.getInput("private-key") || core.getInput("private_key"); -if (!privateKey) { - // The 'private_key' input was previously required, but it and 'private-key' are both optional now, until the former is removed. Still, we want to ensure that at least one of them is set. - throw new Error("Input required and not supplied: private-key"); -} +const appId = core.getInput("app-id"); +const privateKey = core.getInput("private-key"); const owner = core.getInput("owner"); const repositories = core .getInput("repositories") @@ -32,9 +24,7 @@ const repositories = core .map((s) => s.trim()) .filter((x) => x !== ""); -const skipTokenRevoke = Boolean( - core.getInput("skip-token-revoke") || core.getInput("skip_token_revoke"), -); +const skipTokenRevoke = Boolean(core.getInput("skip-token-revoke")); const permissions = getPermissionsFromInputs(process.env); diff --git a/package-lock.json b/package-lock.json index 42a7c74..954ed1f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "create-github-app-token", - "version": "1.11.6", + "version": "1.12.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "create-github-app-token", - "version": "1.11.6", + "version": "1.12.0", "license": "MIT", "dependencies": { "@actions/core": "^1.11.1", diff --git a/tests/main-missing-app-id.test.js b/tests/main-missing-app-id.test.js deleted file mode 100644 index 9382b44..0000000 --- a/tests/main-missing-app-id.test.js +++ /dev/null @@ -1,9 +0,0 @@ -process.env.GITHUB_REPOSITORY_OWNER = "actions"; -process.env.GITHUB_REPOSITORY = "actions/create-github-app-token"; - -// Verify `main` exits with an error when neither the `app-id` nor `app_id` input is set. -try { - await import("../main.js"); -} catch (error) { - console.error(error.message); -} diff --git a/tests/main-missing-private-key.test.js b/tests/main-missing-private-key.test.js deleted file mode 100644 index a78b1c7..0000000 --- a/tests/main-missing-private-key.test.js +++ /dev/null @@ -1,10 +0,0 @@ -process.env.GITHUB_REPOSITORY_OWNER = "actions"; -process.env.GITHUB_REPOSITORY = "actions/create-github-app-token"; -process.env["INPUT_APP-ID"] = "123456"; - -// Verify `main` exits with an error when neither the `private-key` nor `private_key` input is set. -try { - await import("../main.js"); -} catch (error) { - console.error(error.message); -} diff --git a/tests/snapshots/index.js.md b/tests/snapshots/index.js.md index f085f87..eeb7387 100644 --- a/tests/snapshots/index.js.md +++ b/tests/snapshots/index.js.md @@ -12,9 +12,7 @@ Generated by [AVA](https://avajs.dev). > stdout - `app_id — 'app_id' is deprecated and will be removed in a future version. Use 'app-id' instead.␊ - private_key — 'private_key' is deprecated and will be removed in a future version. Use 'private-key' instead.␊ - skip_token_revoke — 'skip_token_revoke' is deprecated and will be removed in a future version. Use 'skip-token-revoke' instead.` + '' ## main-custom-github-api-url.test.js @@ -39,16 +37,6 @@ Generated by [AVA](https://avajs.dev). POST /api/v3/app/installations/123456/access_tokens␊ {"repositories":["create-github-app-token"]}` -## main-missing-app-id.test.js - -> stderr - - 'Input required and not supplied: app-id' - -> stdout - - '' - ## main-missing-owner.test.js > stderr @@ -59,16 +47,6 @@ Generated by [AVA](https://avajs.dev). '' -## main-missing-private-key.test.js - -> stderr - - 'Input required and not supplied: private-key' - -> stdout - - '' - ## main-missing-repository.test.js > stderr diff --git a/tests/snapshots/index.js.snap b/tests/snapshots/index.js.snap index 2291b3afed0274a2edb7b728e95da7287556f135..14f1a6cf97064fb740225c1f800358562db9872b 100644 GIT binary patch literal 1349 zcmV-L1-kk{RzVx`Z)Seq z8ILEww_A>9_4seEKrrFJGeRxFJXg2D55S@VY@NA&D0oo-7sa1A<1Y1i*Ax7gSGG+B z{qBvWx0dAJ@|#QVErCN@;Iz50AqdVd;DzF}Rjp5%t6L!#USIDp(G6QV^_d<9&h^_p zTIt1$to*Rz4P6Kbb!`%W?{Ox)fB`2QM1fcVP{G^|5nc~m()NO6Ax#y4sXAX*B{d?W z+N3oiS~PZC%b6y%ZM{!<&onz-eqyYDQ-@mRUS+dlt#2BYM!jy7t&QqNwN~E(qrP#s zMsrvTmFPGuINrpiefUzfkS+vsxuA|i)vPkxG>uBN_Qm?FqOwoi2|L)}xRX(TWKlW* z9Rmrtp0KkK;F-??;9J5pD`jI{FV}U$XjUqwQ8SJ5lbo*WWWVw7QRAR_K=2~B-Dr{$ zLQxu2OKN6HV|k@HGgFFpJ@;VmU|Ju`B);XPXjCwy1)QI#`aJhsizA?!Pv=5#{9-28 zA1JQ-jB_MQSNP54`EWZ<>+;1=~U zYq>CVm}8UjA@BF*k>ZE)XjW0&vB&(ul0iC21{79*asIDYC|`q>F(f zTE@_M4~Fxd_jiKJzn1d5oQJpuQIRK>Ls_4!<{4hBO`Jzvvg-=yfLhgX=#WPRD&i?v zAOCf!P*;?52xKS8kaEIQ;9~CS*PeyanJCc^O@=)=CfiKxge|i5U^faOeZfauK!1E4 z0I^xS4GMl-AFE}wiRHOAFOq!_!AL3y;O7wgNu+s|fYT}#MzAa|MA^2qQgNn5Au$x+ zr(5FNlsT9>d`n}(ztuTnOpbK@w?S=^%qNJY>)a?B-qx*UC38LM(18-z3q z5Kqu;uUvZB!Tu)MmNz?WfL})r(Rd%9`yJ47_f${ix*TPzSd>X2vPuQ|+84xFGvmgW z8t4Ec(3S(4KNjVW5OXpwjb~$qC(il)N3$^SS(|NZPWcLw{SUu=JVKGz{`14J66-%cR? z&+-j!d^37)XSaGv?*ewCv*}aNP4a3Q`hHB%_i&t0&tezdpAvS-Ov>EJkw6q-bpmDf z_W$+Gsrp4!r_QR`c~(aBZ4#};i1r~+=fT)o+VuQu0^^q%#u>&pgmFQOVXB$WHFf@p zpR{4X1mK3x$7hn0@tLK(kCANc#ccfZ*s4t30}MWP!417AKddBvd-17h4r$;b;-=YD zjLSwXH7F!{S80;jKTuH;BW=;_*(p@5CseIQQpRBmg!h>5Pi;7rIP)w#CM;FDIQ%dn z>YeHM^uWGwOqAwSWAa&|`H#*_k33}`w=z@B`!O{s9{>(NPH1^I(!wU0GSU9OM^4g6 H8Yln&BPNd& literal 1511 zcmVR~0A_R(r1n&?-aI%onK`v?1u3fEx*ihG1h;_6b zbQ@E+*iVup&YijEoUEEAA@&Ur;ysi227Dr3@C|suJGir(*lOH%bvq>Hyh@z&bN_qp z_kYgz`PXhIklp})c?O#603H$MX)XozAynWo4L;=}j5O9Ypss(190d!pFE#%7%=ejQ zU%WE++MM~!zdHBU90aTbK^L_TO2rNC&9iiqg`Ig8hHdVXKYsX`RO9be!jVk-Buw~Z z%!7b*fG8Ns5%`1)!bmsLkpeOTgpkjTfs;UAnx_Z;bMK8aMXsQlW>WGY1(C^59iVuGA^hWp_W71cd1))T)rQ(1DLDz_kXeuKeMw$pVgpX|x#X^|8vmjvBE8KV8W@~xn%Id79W=t4FJ=Z-PWIP_z zl#PI*W*W{W>}Ujd6mkW4UAt~;skus*)@ZZ2*J`=V6}P!`zd|V`I~!l#-PqmRC6v<2 z=Efdru#h)K%MCj-jYM7}XJ#7dp;zu~?@rHWVVLNOkx zlj_-|l8n?;S<4sfW(3zx%w#I)*)+bN(Kw;z7>Tzs65S&?Ju#b&Yo?pCCbez_r^Zdk zT=yxU$3pO_fN{VD6j@6b?q{m+=XurF&O}ZH)_oveq!b7}J?Vff=KAn*S$Z$3^cJYO zFQnLxEYT(g#Q}`-o%dIU%RlF;TZoY<3%W|Yfbk(&ta7HSmnY6+f@}#5J+RjV3J^pL zY9EN^Lm;}(wEe{pL7734F+;*_;Cki3r_$4Mz;%N~x^G7EkZf{&E9#KzcedgX#us>i z8ivVl1;ppwE?D?G2V{APAb3*vSSLH6)qzo9Y8s#>#=KU*;VB*v=6Ny_=Hjg@Reh#K zA(M))id`Ue84tj>Gf-X>{ddkxO+(g=&(pS`bJHl~TpGm-P<)TjGdVZtQImahGF5<~ z6bMBYAk5J1FPwVWVL^~(+Z^oi5eO1H#KEET1_3ygn|7pTU5=|&D$1l0S!7znFw~@Z z*-abYXka781J((k^v6Z{BSKKvNM>V(Cyx35xqKj^AehPeaxUw3xjHxCf6oB_+r^gi zy4$r$ftRL?f^F>QKWa8lPR;7qk!LwYaZZge(%7P?7YEkfV78T!6V3hGhp;^R}oPFYF0m~08e z5f&#fff^&LMzTe8cd+~wmj+qi% z^jvq(GHyEcY*I-4tkNa3U!t)RV{P&5<-gr?vZ~dLs>N7J61GOnD|O-2hEs_%_rg=c z3YClfOBqpbO!G4U|HPbF&4qIEVW#_ck4%r*WlwsUspjpJnt~Sq`|oA6ycuiZlS-NC N{~wy7L-4LD002Tg_Xz+1 From 064492a9a1762067169d50c792a7dc02bc3d1254 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Thu, 3 Apr 2025 19:10:30 +0000 Subject: [PATCH 4/4] build(release): 2.0.0 [skip ci] # [2.0.0](https://github.com/actions/create-github-app-token/compare/v1.12.0...v2.0.0) (2025-04-03) * feat!: remove deprecated inputs ([#213](https://github.com/actions/create-github-app-token/issues/213)) ([5cc811b](https://github.com/actions/create-github-app-token/commit/5cc811bc40176329bb642bff9e5d9e356099ad2a)) ### BREAKING CHANGES * Removed deprecated inputs (`app_id`, `private_key`, `skip_token_revoke`) and made `app-id` and `private-key` required in the action configuration. --- dist/main.cjs | 46 +++++++++++++++++++--------------------------- dist/post.cjs | 8 ++------ package-lock.json | 4 ++-- package.json | 2 +- 4 files changed, 24 insertions(+), 36 deletions(-) diff --git a/dist/main.cjs b/dist/main.cjs index 0b417b0..2ea882c 100644 --- a/dist/main.cjs +++ b/dist/main.cjs @@ -42271,6 +42271,22 @@ function createAppAuth(options) { }); } +// lib/get-permissions-from-inputs.js +function getPermissionsFromInputs(env) { + return Object.entries(env).reduce((permissions2, [key, value]) => { + if (!key.startsWith("INPUT_PERMISSION_")) return permissions2; + const permission = key.slice("INPUT_PERMISSION_".length).toLowerCase(); + if (permissions2 === void 0) { + return { [permission]: value }; + } + return { + // @ts-expect-error - needs to be typed correctly + ...permissions2, + [permission]: value + }; + }, void 0); +} + // node_modules/p-retry/index.js var import_retry = __toESM(require_retry2(), 1); @@ -42527,22 +42543,6 @@ var request_default = request.defaults({ request: proxyUrl ? { fetch: proxyFetch } : {} }); -// lib/get-permissions-from-inputs.js -function getPermissionsFromInputs(env) { - return Object.entries(env).reduce((permissions2, [key, value]) => { - if (!key.startsWith("INPUT_PERMISSION_")) return permissions2; - const permission = key.slice("INPUT_PERMISSION_".length).toLowerCase(); - if (permissions2 === void 0) { - return { [permission]: value }; - } - return { - // @ts-expect-error - needs to be typed correctly - ...permissions2, - [permission]: value - }; - }, void 0); -} - // main.js if (!process.env.GITHUB_REPOSITORY) { throw new Error("GITHUB_REPOSITORY missing, must be set to '/'"); @@ -42550,19 +42550,11 @@ if (!process.env.GITHUB_REPOSITORY) { if (!process.env.GITHUB_REPOSITORY_OWNER) { throw new Error("GITHUB_REPOSITORY_OWNER missing, must be set to ''"); } -var appId = import_core2.default.getInput("app-id") || import_core2.default.getInput("app_id"); -if (!appId) { - throw new Error("Input required and not supplied: app-id"); -} -var privateKey = import_core2.default.getInput("private-key") || import_core2.default.getInput("private_key"); -if (!privateKey) { - throw new Error("Input required and not supplied: private-key"); -} +var appId = import_core2.default.getInput("app-id"); +var privateKey = import_core2.default.getInput("private-key"); var owner = import_core2.default.getInput("owner"); var repositories = import_core2.default.getInput("repositories").split(/[\n,]+/).map((s) => s.trim()).filter((x) => x !== ""); -var skipTokenRevoke = Boolean( - import_core2.default.getInput("skip-token-revoke") || import_core2.default.getInput("skip_token_revoke") -); +var skipTokenRevoke = Boolean(import_core2.default.getInput("skip-token-revoke")); var permissions = getPermissionsFromInputs(process.env); var main_default = main( appId, diff --git a/dist/post.cjs b/dist/post.cjs index 657b01c..852c27e 100644 --- a/dist/post.cjs +++ b/dist/post.cjs @@ -40202,9 +40202,7 @@ var import_core2 = __toESM(require_core(), 1); // lib/post.js async function post(core3, request2) { - const skipTokenRevoke = Boolean( - core3.getInput("skip-token-revoke") || core3.getInput("skip_token_revoke") - ); + const skipTokenRevoke = Boolean(core3.getInput("skip-token-revoke")); if (skipTokenRevoke) { core3.info("Token revocation was skipped"); return; @@ -40227,9 +40225,7 @@ async function post(core3, request2) { }); core3.info("Token revoked"); } catch (error) { - core3.warning( - `Token revocation failed: ${error.message}` - ); + core3.warning(`Token revocation failed: ${error.message}`); } } function tokenExpiresIn(expiresAt) { diff --git a/package-lock.json b/package-lock.json index 954ed1f..60e64f5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "create-github-app-token", - "version": "1.12.0", + "version": "2.0.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "create-github-app-token", - "version": "1.12.0", + "version": "2.0.0", "license": "MIT", "dependencies": { "@actions/core": "^1.11.1", diff --git a/package.json b/package.json index bde815b..d074ecc 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "create-github-app-token", "private": true, "type": "module", - "version": "1.12.0", + "version": "2.0.0", "description": "GitHub Action for creating a GitHub App Installation Access Token", "scripts": { "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",