diff --git a/README.md b/README.md index 9255b09d..12e194fc 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ Acceptable values are latest or any semantic version string like v3.5.0 Use this - uses: azure/setup-helm@v3 with: version: '' # default is latest (stable) + token: ${{ secrets.GITHUB_TOKEN }} # only needed if version is 'latest' id: install ``` diff --git a/action.yml b/action.yml index f6ed113e..78fa3852 100644 --- a/action.yml +++ b/action.yml @@ -5,6 +5,9 @@ inputs: description: 'Version of helm' required: true default: 'latest' + token: + description: GitHub token. Required only if 'version' == 'latest' + required: false outputs: helm-path: description: 'Path to the cached helm binary' diff --git a/lib/index.js b/lib/index.js index 18ac48c6..d4b1fa92 100644 --- a/lib/index.js +++ b/lib/index.js @@ -3449,6 +3449,104 @@ function _evaluateVersions(versions, versionSpec) { } //# sourceMappingURL=tool-cache.js.map +/***/ }), + +/***/ 1586: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ value: true })); + +var authToken = __nccwpck_require__(3948); + +const createActionAuth = function createActionAuth() { + if (!process.env.GITHUB_ACTION) { + throw new Error("[@octokit/auth-action] `GITHUB_ACTION` environment variable is not set. @octokit/auth-action is meant to be used in GitHub Actions only."); + } + + const definitions = [process.env.GITHUB_TOKEN, process.env.INPUT_GITHUB_TOKEN, process.env.INPUT_TOKEN].filter(Boolean); + + if (definitions.length === 0) { + throw new Error("[@octokit/auth-action] `GITHUB_TOKEN` variable is not set. It must be set on either `env:` or `with:`. See https://github.com/octokit/auth-action.js#createactionauth"); + } + + if (definitions.length > 1) { + throw new Error("[@octokit/auth-action] The token variable is specified more than once. Use either `with.token`, `with.GITHUB_TOKEN`, or `env.GITHUB_TOKEN`. See https://github.com/octokit/auth-action.js#createactionauth"); + } + + const token = definitions.pop(); + return authToken.createTokenAuth(token); +}; + +exports.createActionAuth = createActionAuth; +//# sourceMappingURL=index.js.map + + +/***/ }), + +/***/ 3948: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ value: true })); + +const REGEX_IS_INSTALLATION_LEGACY = /^v1\./; +const REGEX_IS_INSTALLATION = /^ghs_/; +const REGEX_IS_USER_TO_SERVER = /^ghu_/; +async function auth(token) { + const isApp = token.split(/\./).length === 3; + const isInstallation = REGEX_IS_INSTALLATION_LEGACY.test(token) || REGEX_IS_INSTALLATION.test(token); + const isUserToServer = REGEX_IS_USER_TO_SERVER.test(token); + const tokenType = isApp ? "app" : isInstallation ? "installation" : isUserToServer ? "user-to-server" : "oauth"; + return { + type: "token", + token: token, + tokenType + }; +} + +/** + * Prefix token for usage in the Authorization header + * + * @param token OAuth token or JSON Web Token + */ +function withAuthorizationPrefix(token) { + if (token.split(/\./).length === 3) { + return `bearer ${token}`; + } + + return `token ${token}`; +} + +async function hook(token, request, route, parameters) { + const endpoint = request.endpoint.merge(route, parameters); + endpoint.headers.authorization = withAuthorizationPrefix(token); + return request(endpoint); +} + +const createTokenAuth = function createTokenAuth(token) { + if (!token) { + throw new Error("[@octokit/auth-token] No token passed to createTokenAuth"); + } + + if (typeof token !== "string") { + throw new Error("[@octokit/auth-token] Token passed to createTokenAuth is not a string"); + } + + token = token.replace(/^(token|bearer) +/i, ""); + return Object.assign(auth.bind(null, token), { + hook: hook.bind(null, token) + }); +}; + +exports.createTokenAuth = createTokenAuth; +//# sourceMappingURL=index.js.map + + /***/ }), /***/ 7509: @@ -13103,6 +13201,7 @@ const fs = __nccwpck_require__(7147); const toolCache = __nccwpck_require__(3594); const core = __nccwpck_require__(6024); const graphql_1 = __nccwpck_require__(1660); +const auth_action_1 = __nccwpck_require__(1586); const helmToolName = 'helm'; const stableHelmVersion = 'v3.9.0'; function run() { @@ -13140,7 +13239,11 @@ exports.getValidVersion = getValidVersion; function getLatestHelmVersion() { return __awaiter(this, void 0, void 0, function* () { try { - const { repository } = yield graphql_1.graphql(` + const auth = auth_action_1.createActionAuth(); + const graphqlAuthenticated = graphql_1.graphql.defaults({ + request: { hook: auth.hook } + }); + const { repository } = yield graphqlAuthenticated(` { repository(name: "helm", owner: "helm") { releases(last: 100) { diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 0d917d25..e0ccf8c2 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -899,6 +899,29 @@ "@jridgewell/sourcemap-codec": "^1.4.10" } }, + "node_modules/@octokit/auth-action": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-action/-/auth-action-2.0.0.tgz", + "integrity": "sha512-mH6i1qVLGAqIb0eh4CrX19MS90B638snykXwDeUiPn+WHc0ATddyJwD3nr/bsKaBtDPl48zrx1lg1ueLXKYybQ==", + "dependencies": { + "@octokit/auth-token": "^3.0.0", + "@octokit/types": "^6.0.3" + }, + "engines": { + "node": ">= 14" + } + }, + "node_modules/@octokit/auth-token": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-3.0.0.tgz", + "integrity": "sha512-MDNFUBcJIptB9At7HiV7VCvU3NcL4GnfCQaP8C5lrxWrRPMJBnemYtehaKSOlaM7AYxeRyj9etenu8LVpSpVaQ==", + "dependencies": { + "@octokit/types": "^6.0.3" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/@octokit/endpoint": { "version": "6.0.12", "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-6.0.12.tgz", diff --git a/node_modules/@octokit/auth-action/LICENSE b/node_modules/@octokit/auth-action/LICENSE new file mode 100644 index 00000000..ef2c18ee --- /dev/null +++ b/node_modules/@octokit/auth-action/LICENSE @@ -0,0 +1,21 @@ +The MIT License + +Copyright (c) 2019 Octokit contributors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/@octokit/auth-action/README.md b/node_modules/@octokit/auth-action/README.md new file mode 100644 index 00000000..2a5a989f --- /dev/null +++ b/node_modules/@octokit/auth-action/README.md @@ -0,0 +1,179 @@ +# auth-action.js + +> GitHub API token authentication for GitHub Actions + +[![@latest](https://img.shields.io/npm/v/@octokit/auth-action.svg)](https://www.npmjs.com/package/@octokit/auth-action) +[![Build Status](https://github.com/octokit/auth-action.js/workflows/Test/badge.svg)](https://github.com/octokit/auth-action.js/actions?query=workflow%3ATest) + +`@octokit/auth-action` is one of [GitHub’s authentication strategies](https://github.com/octokit/auth.js). + +It does not require any configuration, but instead reads [the `GITHUB_TOKEN` environment variable](https://help.github.com/en/articles/virtual-environments-for-github-actions#github_token-secret) that is provided to GitHub Actions. + + + +- [Usage](#usage) +- [`createActionAuth()`](#createactionauth) +- [`auth()`](#auth) +- [Authentication object](#authentication-object) +- [`auth.hook(request, route, options)` or `auth.hook(request, options)`](#authhookrequest-route-options-or-authhookrequest-options) +- [Find more information](#find-more-information) +- [License](#license) + + + +## Usage + +Install with npm install @octokit/auth-action + +```js +const { createActionAuth } = require("@octokit/auth-action"); +// or: import { createActionAuth } from "@octokit/auth-action"; + +const auth = createActionAuth(); +const authentication = await auth(); +// { +// type: 'token', +// token: 'v1.1234567890abcdef1234567890abcdef12345678', +// tokenType: 'oauth' +// } +``` + +## `createActionAuth()` + +The `createActionAuth()` method has no options. + +It expects the `GITHUB_TOKEN` variable to be set which is provided to GitHub Actions, but [has to be configured explicitly](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token). + +`GITHUB_TOKEN` can be passed as environment variable using [`env:`](https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#env) + +```yml +steps: + - name: My action + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +``` + +or using [`with:`](https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepswith) + +```yml +steps: + - name: My action + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +``` + +or named `token` using [`with:`](https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepswith) + +```yml +steps: + - name: My action + with: + token: ${{ secrets.GITHUB_TOKEN }} +``` + +`GITHUB_TOKEN` can be set to any of the repository's secret, e.g. if you want to use a personal access token. + +```yml +steps: + - name: My first action + env: + GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} +``` + +`createActionAuth()` is also checking for the `GITHUB_ACTION` variable to be present to make sure that it runs within a GitHub Action. + +If `GITHUB_ACTION` or neither `GITHUB_TOKEN`, `INPUT_GITHUB_TOKEN` or `INPUT_TOKEN` are set an error is thrown. + +## `auth()` + +The `auth()` method has no options. It returns a promise which resolves with the the authentication object. + +## Authentication object + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ name + + type + + description +
+ type + + string + + "token" +
+ token + + string + + The provided token. +
+ tokenType + + string + + Can be either "oauth" for personal access tokens and OAuth tokens, or "installation" for installation access tokens (includes GITHUB_TOKEN provided to GitHub Actions) +
+ +## `auth.hook(request, route, options)` or `auth.hook(request, options)` + +`auth.hook()` hooks directly into the request life cycle. It authenticates the request using the provided token. + +The `request` option is an instance of [`@octokit/request`](https://github.com/octokit/request.js#readme). The `route`/`options` parameters are the same as for the [`request()` method](https://github.com/octokit/request.js#request). + +`auth.hook()` can be called directly to send an authenticated request + +```js +const { data: authorizations } = await auth.hook( + request, + "GET /authorizations" +); +``` + +Or it can be passed as option to [`request()`](https://github.com/octokit/request.js#request). + +```js +const requestWithAuth = request.defaults({ + request: { + hook: auth.hook, + }, +}); + +const { data: authorizations } = await requestWithAuth("GET /authorizations"); +``` + +## Find more information + +`auth()` does not send any requests, it only retrieves the token from the environment variable and transforms the provided token string into an authentication object. + +The `GITHUB_TOKEN` provided to GitHub Actions is an installation token with all permissions provided. You can use it for `git` commands, too. Learn more about the differences in token authentication at [@octokit/auth-action](https://github.com/octokit/auth-action.js#find-more-information). + +## License + +[MIT](LICENSE) diff --git a/node_modules/@octokit/auth-action/dist-node/index.js b/node_modules/@octokit/auth-action/dist-node/index.js new file mode 100644 index 00000000..13ce5b03 --- /dev/null +++ b/node_modules/@octokit/auth-action/dist-node/index.js @@ -0,0 +1,27 @@ +'use strict'; + +Object.defineProperty(exports, '__esModule', { value: true }); + +var authToken = require('@octokit/auth-token'); + +const createActionAuth = function createActionAuth() { + if (!process.env.GITHUB_ACTION) { + throw new Error("[@octokit/auth-action] `GITHUB_ACTION` environment variable is not set. @octokit/auth-action is meant to be used in GitHub Actions only."); + } + + const definitions = [process.env.GITHUB_TOKEN, process.env.INPUT_GITHUB_TOKEN, process.env.INPUT_TOKEN].filter(Boolean); + + if (definitions.length === 0) { + throw new Error("[@octokit/auth-action] `GITHUB_TOKEN` variable is not set. It must be set on either `env:` or `with:`. See https://github.com/octokit/auth-action.js#createactionauth"); + } + + if (definitions.length > 1) { + throw new Error("[@octokit/auth-action] The token variable is specified more than once. Use either `with.token`, `with.GITHUB_TOKEN`, or `env.GITHUB_TOKEN`. See https://github.com/octokit/auth-action.js#createactionauth"); + } + + const token = definitions.pop(); + return authToken.createTokenAuth(token); +}; + +exports.createActionAuth = createActionAuth; +//# sourceMappingURL=index.js.map diff --git a/node_modules/@octokit/auth-action/dist-node/index.js.map b/node_modules/@octokit/auth-action/dist-node/index.js.map new file mode 100644 index 00000000..8323b228 --- /dev/null +++ b/node_modules/@octokit/auth-action/dist-node/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sources":["../dist-src/index.js"],"sourcesContent":["import { createTokenAuth } from \"@octokit/auth-token\";\nexport const createActionAuth = function createActionAuth() {\n if (!process.env.GITHUB_ACTION) {\n throw new Error(\"[@octokit/auth-action] `GITHUB_ACTION` environment variable is not set. @octokit/auth-action is meant to be used in GitHub Actions only.\");\n }\n const definitions = [\n process.env.GITHUB_TOKEN,\n process.env.INPUT_GITHUB_TOKEN,\n process.env.INPUT_TOKEN,\n ].filter(Boolean);\n if (definitions.length === 0) {\n throw new Error(\"[@octokit/auth-action] `GITHUB_TOKEN` variable is not set. It must be set on either `env:` or `with:`. See https://github.com/octokit/auth-action.js#createactionauth\");\n }\n if (definitions.length > 1) {\n throw new Error(\"[@octokit/auth-action] The token variable is specified more than once. Use either `with.token`, `with.GITHUB_TOKEN`, or `env.GITHUB_TOKEN`. See https://github.com/octokit/auth-action.js#createactionauth\");\n }\n const token = definitions.pop();\n return createTokenAuth(token);\n};\n"],"names":["createActionAuth","process","env","GITHUB_ACTION","Error","definitions","GITHUB_TOKEN","INPUT_GITHUB_TOKEN","INPUT_TOKEN","filter","Boolean","length","token","pop","createTokenAuth"],"mappings":";;;;;;MACaA,gBAAgB,GAAG,SAASA,gBAAT,GAA4B;AACxD,MAAI,CAACC,OAAO,CAACC,GAAR,CAAYC,aAAjB,EAAgC;AAC5B,UAAM,IAAIC,KAAJ,CAAU,0IAAV,CAAN;AACH;;AACD,QAAMC,WAAW,GAAG,CAChBJ,OAAO,CAACC,GAAR,CAAYI,YADI,EAEhBL,OAAO,CAACC,GAAR,CAAYK,kBAFI,EAGhBN,OAAO,CAACC,GAAR,CAAYM,WAHI,EAIlBC,MAJkB,CAIXC,OAJW,CAApB;;AAKA,MAAIL,WAAW,CAACM,MAAZ,KAAuB,CAA3B,EAA8B;AAC1B,UAAM,IAAIP,KAAJ,CAAU,uKAAV,CAAN;AACH;;AACD,MAAIC,WAAW,CAACM,MAAZ,GAAqB,CAAzB,EAA4B;AACxB,UAAM,IAAIP,KAAJ,CAAU,4MAAV,CAAN;AACH;;AACD,QAAMQ,KAAK,GAAGP,WAAW,CAACQ,GAAZ,EAAd;AACA,SAAOC,yBAAe,CAACF,KAAD,CAAtB;AACH;;;;"} \ No newline at end of file diff --git a/node_modules/@octokit/auth-action/dist-src/index.js b/node_modules/@octokit/auth-action/dist-src/index.js new file mode 100644 index 00000000..31f4318d --- /dev/null +++ b/node_modules/@octokit/auth-action/dist-src/index.js @@ -0,0 +1,19 @@ +import { createTokenAuth } from "@octokit/auth-token"; +export const createActionAuth = function createActionAuth() { + if (!process.env.GITHUB_ACTION) { + throw new Error("[@octokit/auth-action] `GITHUB_ACTION` environment variable is not set. @octokit/auth-action is meant to be used in GitHub Actions only."); + } + const definitions = [ + process.env.GITHUB_TOKEN, + process.env.INPUT_GITHUB_TOKEN, + process.env.INPUT_TOKEN, + ].filter(Boolean); + if (definitions.length === 0) { + throw new Error("[@octokit/auth-action] `GITHUB_TOKEN` variable is not set. It must be set on either `env:` or `with:`. See https://github.com/octokit/auth-action.js#createactionauth"); + } + if (definitions.length > 1) { + throw new Error("[@octokit/auth-action] The token variable is specified more than once. Use either `with.token`, `with.GITHUB_TOKEN`, or `env.GITHUB_TOKEN`. See https://github.com/octokit/auth-action.js#createactionauth"); + } + const token = definitions.pop(); + return createTokenAuth(token); +}; diff --git a/node_modules/@octokit/auth-action/dist-types/index.d.ts b/node_modules/@octokit/auth-action/dist-types/index.d.ts new file mode 100644 index 00000000..e4bff18b --- /dev/null +++ b/node_modules/@octokit/auth-action/dist-types/index.d.ts @@ -0,0 +1,10 @@ +import { Types as AuthTokenTypes } from "@octokit/auth-token"; +import { StrategyInterface } from "@octokit/types"; +export declare type Types = { + StrategyOptions: never; + AuthOptions: never; + Authentication: AuthTokenTypes["Authentication"]; +}; +export declare const createActionAuth: StrategyInterface<[ +], [ +], Types["Authentication"]>; diff --git a/node_modules/@octokit/auth-action/package.json b/node_modules/@octokit/auth-action/package.json new file mode 100644 index 00000000..d339673d --- /dev/null +++ b/node_modules/@octokit/auth-action/package.json @@ -0,0 +1,46 @@ +{ + "name": "@octokit/auth-action", + "description": "GitHub API token authentication for GitHub Actions", + "version": "2.0.0", + "license": "MIT", + "files": [ + "dist-*/", + "bin/" + ], + "pika": true, + "sideEffects": false, + "keywords": [ + "github", + "octokit", + "authentication", + "github-action", + "api" + ], + "repository": "github:octokit/auth-action.js", + "dependencies": { + "@octokit/auth-token": "^3.0.0", + "@octokit/types": "^6.0.3" + }, + "devDependencies": { + "@octokit/request": "^6.0.0", + "@pika/pack": "^0.5.0", + "@pika/plugin-build-node": "^0.9.0", + "@pika/plugin-ts-standard-pkg": "^0.9.0", + "@types/fetch-mock": "^7.3.1", + "@types/jest": "^27.0.0", + "fetch-mock": "^9.0.0", + "jest": "^27.0.0", + "prettier": "2.7.1", + "ts-jest": "^27.0.0-next.12", + "typescript": "^4.0.2" + }, + "engines": { + "node": ">= 14" + }, + "publishConfig": { + "access": "public" + }, + "source": "dist-src/index.js", + "types": "dist-types/index.d.ts", + "main": "dist-node/index.js" +} diff --git a/node_modules/@octokit/auth-token/LICENSE b/node_modules/@octokit/auth-token/LICENSE new file mode 100644 index 00000000..ef2c18ee --- /dev/null +++ b/node_modules/@octokit/auth-token/LICENSE @@ -0,0 +1,21 @@ +The MIT License + +Copyright (c) 2019 Octokit contributors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/@octokit/auth-token/README.md b/node_modules/@octokit/auth-token/README.md new file mode 100644 index 00000000..a1f6d359 --- /dev/null +++ b/node_modules/@octokit/auth-token/README.md @@ -0,0 +1,290 @@ +# auth-token.js + +> GitHub API token authentication for browsers and Node.js + +[![@latest](https://img.shields.io/npm/v/@octokit/auth-token.svg)](https://www.npmjs.com/package/@octokit/auth-token) +[![Build Status](https://github.com/octokit/auth-token.js/workflows/Test/badge.svg)](https://github.com/octokit/auth-token.js/actions?query=workflow%3ATest) + +`@octokit/auth-token` is the simplest of [GitHub’s authentication strategies](https://github.com/octokit/auth.js). + +It is useful if you want to support multiple authentication strategies, as it’s API is compatible with its sibling packages for [basic](https://github.com/octokit/auth-basic.js), [GitHub App](https://github.com/octokit/auth-app.js) and [OAuth app](https://github.com/octokit/auth.js) authentication. + + + +- [Usage](#usage) +- [`createTokenAuth(token) options`](#createtokenauthtoken-options) +- [`auth()`](#auth) +- [Authentication object](#authentication-object) +- [`auth.hook(request, route, options)` or `auth.hook(request, options)`](#authhookrequest-route-options-or-authhookrequest-options) +- [Find more information](#find-more-information) + - [Find out what scopes are enabled for oauth tokens](#find-out-what-scopes-are-enabled-for-oauth-tokens) + - [Find out if token is a personal access token or if it belongs to an OAuth app](#find-out-if-token-is-a-personal-access-token-or-if-it-belongs-to-an-oauth-app) + - [Find out what permissions are enabled for a repository](#find-out-what-permissions-are-enabled-for-a-repository) + - [Use token for git operations](#use-token-for-git-operations) +- [License](#license) + + + +## Usage + + + + + + +
+Browsers + + +Load `@octokit/auth-token` directly from [cdn.skypack.dev](https://cdn.skypack.dev) + +```html + +``` + +
+Node + + +Install with npm install @octokit/auth-token + +```js +const { createTokenAuth } = require("@octokit/auth-token"); +// or: import { createTokenAuth } from "@octokit/auth-token"; +``` + +
+ +```js +const auth = createTokenAuth("ghp_PersonalAccessToken01245678900000000"); +const authentication = await auth(); +// { +// type: 'token', +// token: 'ghp_PersonalAccessToken01245678900000000', +// tokenType: 'oauth' +// } +``` + +## `createTokenAuth(token) options` + +The `createTokenAuth` method accepts a single argument of type string, which is the token. The passed token can be one of the following: + +- [Personal access token](https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line) +- [OAuth access token](https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/) +- [GITHUB_TOKEN provided to GitHub Actions](https://developer.github.com/actions/creating-github-actions/accessing-the-runtime-environment/#environment-variables) +- Installation access token ([server-to-server](https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-an-installation)) +- User authentication for installation ([user-to-server](https://docs.github.com/en/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps)) + +Examples + +```js +// Personal access token or OAuth access token +createTokenAuth("ghp_PersonalAccessToken01245678900000000"); +// { +// type: 'token', +// token: 'ghp_PersonalAccessToken01245678900000000', +// tokenType: 'oauth' +// } + +// Installation access token or GitHub Action token +createTokenAuth("ghs_InstallallationOrActionToken00000000"); +// { +// type: 'token', +// token: 'ghs_InstallallationOrActionToken00000000', +// tokenType: 'installation' +// } + +// Installation access token or GitHub Action token +createTokenAuth("ghu_InstallationUserToServer000000000000"); +// { +// type: 'token', +// token: 'ghu_InstallationUserToServer000000000000', +// tokenType: 'user-to-server' +// } +``` + +## `auth()` + +The `auth()` method has no options. It returns a promise which resolves with the the authentication object. + +## Authentication object + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ name + + type + + description +
+ type + + string + + "token" +
+ token + + string + + The provided token. +
+ tokenType + + string + + Can be either "oauth" for personal access tokens and OAuth tokens, "installation" for installation access tokens (includes GITHUB_TOKEN provided to GitHub Actions), "app" for a GitHub App JSON Web Token, or "user-to-server" for a user authentication token through an app installation. +
+ +## `auth.hook(request, route, options)` or `auth.hook(request, options)` + +`auth.hook()` hooks directly into the request life cycle. It authenticates the request using the provided token. + +The `request` option is an instance of [`@octokit/request`](https://github.com/octokit/request.js#readme). The `route`/`options` parameters are the same as for the [`request()` method](https://github.com/octokit/request.js#request). + +`auth.hook()` can be called directly to send an authenticated request + +```js +const { data: authorizations } = await auth.hook( + request, + "GET /authorizations" +); +``` + +Or it can be passed as option to [`request()`](https://github.com/octokit/request.js#request). + +```js +const requestWithAuth = request.defaults({ + request: { + hook: auth.hook, + }, +}); + +const { data: authorizations } = await requestWithAuth("GET /authorizations"); +``` + +## Find more information + +`auth()` does not send any requests, it only transforms the provided token string into an authentication object. + +Here is a list of things you can do to retrieve further information + +### Find out what scopes are enabled for oauth tokens + +Note that this does not work for installations. There is no way to retrieve permissions based on an installation access tokens. + +```js +const TOKEN = "ghp_PersonalAccessToken01245678900000000"; + +const auth = createTokenAuth(TOKEN); +const authentication = await auth(); + +const response = await request("HEAD /", { + headers: authentication.headers, +}); +const scopes = response.headers["x-oauth-scopes"].split(/,\s+/); + +if (scopes.length) { + console.log( + `"${TOKEN}" has ${scopes.length} scopes enabled: ${scopes.join(", ")}` + ); +} else { + console.log(`"${TOKEN}" has no scopes enabled`); +} +``` + +### Find out if token is a personal access token or if it belongs to an OAuth app + +```js +const TOKEN = "ghp_PersonalAccessToken01245678900000000"; + +const auth = createTokenAuth(TOKEN); +const authentication = await auth(); + +const response = await request("HEAD /", { + headers: authentication.headers, +}); +const clientId = response.headers["x-oauth-client-id"]; + +if (clientId) { + console.log( + `"${token}" is an OAuth token, its app’s client_id is ${clientId}.` + ); +} else { + console.log(`"${token}" is a personal access token`); +} +``` + +### Find out what permissions are enabled for a repository + +Note that the `permissions` key is not set when authenticated using an installation access token. + +```js +const TOKEN = "ghp_PersonalAccessToken01245678900000000"; + +const auth = createTokenAuth(TOKEN); +const authentication = await auth(); + +const response = await request("GET /repos/{owner}/{repo}", { + owner: 'octocat', + repo: 'hello-world' + headers: authentication.headers +}); + +console.log(response.data.permissions) +// { +// admin: true, +// push: true, +// pull: true +// } +``` + +### Use token for git operations + +Both OAuth and installation access tokens can be used for git operations. However, when using with an installation, [the token must be prefixed with `x-access-token`](https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#http-based-git-access-by-an-installation). + +This example is using the [`execa`](https://github.com/sindresorhus/execa) package to run a `git push` command. + +```js +const TOKEN = "ghp_PersonalAccessToken01245678900000000"; + +const auth = createTokenAuth(TOKEN); +const { token, tokenType } = await auth(); +const tokenWithPrefix = + tokenType === "installation" ? `x-access-token:${token}` : token; + +const repositoryUrl = `https://${tokenWithPrefix}@github.com/octocat/hello-world.git`; + +const { stdout } = await execa("git", ["push", repositoryUrl]); +console.log(stdout); +``` + +## License + +[MIT](LICENSE) diff --git a/node_modules/@octokit/auth-token/dist-node/index.js b/node_modules/@octokit/auth-token/dist-node/index.js new file mode 100644 index 00000000..af0f0a62 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-node/index.js @@ -0,0 +1,55 @@ +'use strict'; + +Object.defineProperty(exports, '__esModule', { value: true }); + +const REGEX_IS_INSTALLATION_LEGACY = /^v1\./; +const REGEX_IS_INSTALLATION = /^ghs_/; +const REGEX_IS_USER_TO_SERVER = /^ghu_/; +async function auth(token) { + const isApp = token.split(/\./).length === 3; + const isInstallation = REGEX_IS_INSTALLATION_LEGACY.test(token) || REGEX_IS_INSTALLATION.test(token); + const isUserToServer = REGEX_IS_USER_TO_SERVER.test(token); + const tokenType = isApp ? "app" : isInstallation ? "installation" : isUserToServer ? "user-to-server" : "oauth"; + return { + type: "token", + token: token, + tokenType + }; +} + +/** + * Prefix token for usage in the Authorization header + * + * @param token OAuth token or JSON Web Token + */ +function withAuthorizationPrefix(token) { + if (token.split(/\./).length === 3) { + return `bearer ${token}`; + } + + return `token ${token}`; +} + +async function hook(token, request, route, parameters) { + const endpoint = request.endpoint.merge(route, parameters); + endpoint.headers.authorization = withAuthorizationPrefix(token); + return request(endpoint); +} + +const createTokenAuth = function createTokenAuth(token) { + if (!token) { + throw new Error("[@octokit/auth-token] No token passed to createTokenAuth"); + } + + if (typeof token !== "string") { + throw new Error("[@octokit/auth-token] Token passed to createTokenAuth is not a string"); + } + + token = token.replace(/^(token|bearer) +/i, ""); + return Object.assign(auth.bind(null, token), { + hook: hook.bind(null, token) + }); +}; + +exports.createTokenAuth = createTokenAuth; +//# sourceMappingURL=index.js.map diff --git a/node_modules/@octokit/auth-token/dist-node/index.js.map b/node_modules/@octokit/auth-token/dist-node/index.js.map new file mode 100644 index 00000000..af0c2e20 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-node/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sources":["../dist-src/auth.js","../dist-src/with-authorization-prefix.js","../dist-src/hook.js","../dist-src/index.js"],"sourcesContent":["const REGEX_IS_INSTALLATION_LEGACY = /^v1\\./;\nconst REGEX_IS_INSTALLATION = /^ghs_/;\nconst REGEX_IS_USER_TO_SERVER = /^ghu_/;\nexport async function auth(token) {\n const isApp = token.split(/\\./).length === 3;\n const isInstallation = REGEX_IS_INSTALLATION_LEGACY.test(token) ||\n REGEX_IS_INSTALLATION.test(token);\n const isUserToServer = REGEX_IS_USER_TO_SERVER.test(token);\n const tokenType = isApp\n ? \"app\"\n : isInstallation\n ? \"installation\"\n : isUserToServer\n ? \"user-to-server\"\n : \"oauth\";\n return {\n type: \"token\",\n token: token,\n tokenType,\n };\n}\n","/**\n * Prefix token for usage in the Authorization header\n *\n * @param token OAuth token or JSON Web Token\n */\nexport function withAuthorizationPrefix(token) {\n if (token.split(/\\./).length === 3) {\n return `bearer ${token}`;\n }\n return `token ${token}`;\n}\n","import { withAuthorizationPrefix } from \"./with-authorization-prefix\";\nexport async function hook(token, request, route, parameters) {\n const endpoint = request.endpoint.merge(route, parameters);\n endpoint.headers.authorization = withAuthorizationPrefix(token);\n return request(endpoint);\n}\n","import { auth } from \"./auth\";\nimport { hook } from \"./hook\";\nexport const createTokenAuth = function createTokenAuth(token) {\n if (!token) {\n throw new Error(\"[@octokit/auth-token] No token passed to createTokenAuth\");\n }\n if (typeof token !== \"string\") {\n throw new Error(\"[@octokit/auth-token] Token passed to createTokenAuth is not a string\");\n }\n token = token.replace(/^(token|bearer) +/i, \"\");\n return Object.assign(auth.bind(null, token), {\n hook: hook.bind(null, token),\n });\n};\n"],"names":["REGEX_IS_INSTALLATION_LEGACY","REGEX_IS_INSTALLATION","REGEX_IS_USER_TO_SERVER","auth","token","isApp","split","length","isInstallation","test","isUserToServer","tokenType","type","withAuthorizationPrefix","hook","request","route","parameters","endpoint","merge","headers","authorization","createTokenAuth","Error","replace","Object","assign","bind"],"mappings":";;;;AAAA,MAAMA,4BAA4B,GAAG,OAArC;AACA,MAAMC,qBAAqB,GAAG,OAA9B;AACA,MAAMC,uBAAuB,GAAG,OAAhC;AACO,eAAeC,IAAf,CAAoBC,KAApB,EAA2B;AAC9B,QAAMC,KAAK,GAAGD,KAAK,CAACE,KAAN,CAAY,IAAZ,EAAkBC,MAAlB,KAA6B,CAA3C;AACA,QAAMC,cAAc,GAAGR,4BAA4B,CAACS,IAA7B,CAAkCL,KAAlC,KACnBH,qBAAqB,CAACQ,IAAtB,CAA2BL,KAA3B,CADJ;AAEA,QAAMM,cAAc,GAAGR,uBAAuB,CAACO,IAAxB,CAA6BL,KAA7B,CAAvB;AACA,QAAMO,SAAS,GAAGN,KAAK,GACjB,KADiB,GAEjBG,cAAc,GACV,cADU,GAEVE,cAAc,GACV,gBADU,GAEV,OANd;AAOA,SAAO;AACHE,IAAAA,IAAI,EAAE,OADH;AAEHR,IAAAA,KAAK,EAAEA,KAFJ;AAGHO,IAAAA;AAHG,GAAP;AAKH;;ACpBD;AACA;AACA;AACA;AACA;AACA,AAAO,SAASE,uBAAT,CAAiCT,KAAjC,EAAwC;AAC3C,MAAIA,KAAK,CAACE,KAAN,CAAY,IAAZ,EAAkBC,MAAlB,KAA6B,CAAjC,EAAoC;AAChC,WAAQ,UAASH,KAAM,EAAvB;AACH;;AACD,SAAQ,SAAQA,KAAM,EAAtB;AACH;;ACTM,eAAeU,IAAf,CAAoBV,KAApB,EAA2BW,OAA3B,EAAoCC,KAApC,EAA2CC,UAA3C,EAAuD;AAC1D,QAAMC,QAAQ,GAAGH,OAAO,CAACG,QAAR,CAAiBC,KAAjB,CAAuBH,KAAvB,EAA8BC,UAA9B,CAAjB;AACAC,EAAAA,QAAQ,CAACE,OAAT,CAAiBC,aAAjB,GAAiCR,uBAAuB,CAACT,KAAD,CAAxD;AACA,SAAOW,OAAO,CAACG,QAAD,CAAd;AACH;;MCHYI,eAAe,GAAG,SAASA,eAAT,CAAyBlB,KAAzB,EAAgC;AAC3D,MAAI,CAACA,KAAL,EAAY;AACR,UAAM,IAAImB,KAAJ,CAAU,0DAAV,CAAN;AACH;;AACD,MAAI,OAAOnB,KAAP,KAAiB,QAArB,EAA+B;AAC3B,UAAM,IAAImB,KAAJ,CAAU,uEAAV,CAAN;AACH;;AACDnB,EAAAA,KAAK,GAAGA,KAAK,CAACoB,OAAN,CAAc,oBAAd,EAAoC,EAApC,CAAR;AACA,SAAOC,MAAM,CAACC,MAAP,CAAcvB,IAAI,CAACwB,IAAL,CAAU,IAAV,EAAgBvB,KAAhB,CAAd,EAAsC;AACzCU,IAAAA,IAAI,EAAEA,IAAI,CAACa,IAAL,CAAU,IAAV,EAAgBvB,KAAhB;AADmC,GAAtC,CAAP;AAGH,CAXM;;;;"} \ No newline at end of file diff --git a/node_modules/@octokit/auth-token/dist-src/auth.js b/node_modules/@octokit/auth-token/dist-src/auth.js new file mode 100644 index 00000000..b22ce98f --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-src/auth.js @@ -0,0 +1,21 @@ +const REGEX_IS_INSTALLATION_LEGACY = /^v1\./; +const REGEX_IS_INSTALLATION = /^ghs_/; +const REGEX_IS_USER_TO_SERVER = /^ghu_/; +export async function auth(token) { + const isApp = token.split(/\./).length === 3; + const isInstallation = REGEX_IS_INSTALLATION_LEGACY.test(token) || + REGEX_IS_INSTALLATION.test(token); + const isUserToServer = REGEX_IS_USER_TO_SERVER.test(token); + const tokenType = isApp + ? "app" + : isInstallation + ? "installation" + : isUserToServer + ? "user-to-server" + : "oauth"; + return { + type: "token", + token: token, + tokenType, + }; +} diff --git a/node_modules/@octokit/auth-token/dist-src/hook.js b/node_modules/@octokit/auth-token/dist-src/hook.js new file mode 100644 index 00000000..f8e47f0c --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-src/hook.js @@ -0,0 +1,6 @@ +import { withAuthorizationPrefix } from "./with-authorization-prefix"; +export async function hook(token, request, route, parameters) { + const endpoint = request.endpoint.merge(route, parameters); + endpoint.headers.authorization = withAuthorizationPrefix(token); + return request(endpoint); +} diff --git a/node_modules/@octokit/auth-token/dist-src/index.js b/node_modules/@octokit/auth-token/dist-src/index.js new file mode 100644 index 00000000..f2ddd639 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-src/index.js @@ -0,0 +1,14 @@ +import { auth } from "./auth"; +import { hook } from "./hook"; +export const createTokenAuth = function createTokenAuth(token) { + if (!token) { + throw new Error("[@octokit/auth-token] No token passed to createTokenAuth"); + } + if (typeof token !== "string") { + throw new Error("[@octokit/auth-token] Token passed to createTokenAuth is not a string"); + } + token = token.replace(/^(token|bearer) +/i, ""); + return Object.assign(auth.bind(null, token), { + hook: hook.bind(null, token), + }); +}; diff --git a/node_modules/@octokit/auth-token/dist-src/types.js b/node_modules/@octokit/auth-token/dist-src/types.js new file mode 100644 index 00000000..cb0ff5c3 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-src/types.js @@ -0,0 +1 @@ +export {}; diff --git a/node_modules/@octokit/auth-token/dist-src/with-authorization-prefix.js b/node_modules/@octokit/auth-token/dist-src/with-authorization-prefix.js new file mode 100644 index 00000000..90358136 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-src/with-authorization-prefix.js @@ -0,0 +1,11 @@ +/** + * Prefix token for usage in the Authorization header + * + * @param token OAuth token or JSON Web Token + */ +export function withAuthorizationPrefix(token) { + if (token.split(/\./).length === 3) { + return `bearer ${token}`; + } + return `token ${token}`; +} diff --git a/node_modules/@octokit/auth-token/dist-types/auth.d.ts b/node_modules/@octokit/auth-token/dist-types/auth.d.ts new file mode 100644 index 00000000..dc418358 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-types/auth.d.ts @@ -0,0 +1,2 @@ +import { Token, Authentication } from "./types"; +export declare function auth(token: Token): Promise; diff --git a/node_modules/@octokit/auth-token/dist-types/hook.d.ts b/node_modules/@octokit/auth-token/dist-types/hook.d.ts new file mode 100644 index 00000000..21e4b6fc --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-types/hook.d.ts @@ -0,0 +1,2 @@ +import { AnyResponse, EndpointOptions, RequestInterface, RequestParameters, Route, Token } from "./types"; +export declare function hook(token: Token, request: RequestInterface, route: Route | EndpointOptions, parameters?: RequestParameters): Promise; diff --git a/node_modules/@octokit/auth-token/dist-types/index.d.ts b/node_modules/@octokit/auth-token/dist-types/index.d.ts new file mode 100644 index 00000000..59994293 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-types/index.d.ts @@ -0,0 +1,7 @@ +import { StrategyInterface, Token, Authentication } from "./types"; +export declare type Types = { + StrategyOptions: Token; + AuthOptions: never; + Authentication: Authentication; +}; +export declare const createTokenAuth: StrategyInterface; diff --git a/node_modules/@octokit/auth-token/dist-types/types.d.ts b/node_modules/@octokit/auth-token/dist-types/types.d.ts new file mode 100644 index 00000000..0ae24de8 --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-types/types.d.ts @@ -0,0 +1,33 @@ +import * as OctokitTypes from "@octokit/types"; +export declare type AnyResponse = OctokitTypes.OctokitResponse; +export declare type StrategyInterface = OctokitTypes.StrategyInterface<[ + Token +], [ +], Authentication>; +export declare type EndpointDefaults = OctokitTypes.EndpointDefaults; +export declare type EndpointOptions = OctokitTypes.EndpointOptions; +export declare type RequestParameters = OctokitTypes.RequestParameters; +export declare type RequestInterface = OctokitTypes.RequestInterface; +export declare type Route = OctokitTypes.Route; +export declare type Token = string; +export declare type OAuthTokenAuthentication = { + type: "token"; + tokenType: "oauth"; + token: Token; +}; +export declare type InstallationTokenAuthentication = { + type: "token"; + tokenType: "installation"; + token: Token; +}; +export declare type AppAuthentication = { + type: "token"; + tokenType: "app"; + token: Token; +}; +export declare type UserToServerAuthentication = { + type: "token"; + tokenType: "user-to-server"; + token: Token; +}; +export declare type Authentication = OAuthTokenAuthentication | InstallationTokenAuthentication | AppAuthentication | UserToServerAuthentication; diff --git a/node_modules/@octokit/auth-token/dist-types/with-authorization-prefix.d.ts b/node_modules/@octokit/auth-token/dist-types/with-authorization-prefix.d.ts new file mode 100644 index 00000000..2e52c31d --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-types/with-authorization-prefix.d.ts @@ -0,0 +1,6 @@ +/** + * Prefix token for usage in the Authorization header + * + * @param token OAuth token or JSON Web Token + */ +export declare function withAuthorizationPrefix(token: string): string; diff --git a/node_modules/@octokit/auth-token/dist-web/index.js b/node_modules/@octokit/auth-token/dist-web/index.js new file mode 100644 index 00000000..8b1cd7df --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-web/index.js @@ -0,0 +1,55 @@ +const REGEX_IS_INSTALLATION_LEGACY = /^v1\./; +const REGEX_IS_INSTALLATION = /^ghs_/; +const REGEX_IS_USER_TO_SERVER = /^ghu_/; +async function auth(token) { + const isApp = token.split(/\./).length === 3; + const isInstallation = REGEX_IS_INSTALLATION_LEGACY.test(token) || + REGEX_IS_INSTALLATION.test(token); + const isUserToServer = REGEX_IS_USER_TO_SERVER.test(token); + const tokenType = isApp + ? "app" + : isInstallation + ? "installation" + : isUserToServer + ? "user-to-server" + : "oauth"; + return { + type: "token", + token: token, + tokenType, + }; +} + +/** + * Prefix token for usage in the Authorization header + * + * @param token OAuth token or JSON Web Token + */ +function withAuthorizationPrefix(token) { + if (token.split(/\./).length === 3) { + return `bearer ${token}`; + } + return `token ${token}`; +} + +async function hook(token, request, route, parameters) { + const endpoint = request.endpoint.merge(route, parameters); + endpoint.headers.authorization = withAuthorizationPrefix(token); + return request(endpoint); +} + +const createTokenAuth = function createTokenAuth(token) { + if (!token) { + throw new Error("[@octokit/auth-token] No token passed to createTokenAuth"); + } + if (typeof token !== "string") { + throw new Error("[@octokit/auth-token] Token passed to createTokenAuth is not a string"); + } + token = token.replace(/^(token|bearer) +/i, ""); + return Object.assign(auth.bind(null, token), { + hook: hook.bind(null, token), + }); +}; + +export { createTokenAuth }; +//# sourceMappingURL=index.js.map diff --git a/node_modules/@octokit/auth-token/dist-web/index.js.map b/node_modules/@octokit/auth-token/dist-web/index.js.map new file mode 100644 index 00000000..1d6197bf --- /dev/null +++ b/node_modules/@octokit/auth-token/dist-web/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sources":["../dist-src/auth.js","../dist-src/with-authorization-prefix.js","../dist-src/hook.js","../dist-src/index.js"],"sourcesContent":["const REGEX_IS_INSTALLATION_LEGACY = /^v1\\./;\nconst REGEX_IS_INSTALLATION = /^ghs_/;\nconst REGEX_IS_USER_TO_SERVER = /^ghu_/;\nexport async function auth(token) {\n const isApp = token.split(/\\./).length === 3;\n const isInstallation = REGEX_IS_INSTALLATION_LEGACY.test(token) ||\n REGEX_IS_INSTALLATION.test(token);\n const isUserToServer = REGEX_IS_USER_TO_SERVER.test(token);\n const tokenType = isApp\n ? \"app\"\n : isInstallation\n ? \"installation\"\n : isUserToServer\n ? \"user-to-server\"\n : \"oauth\";\n return {\n type: \"token\",\n token: token,\n tokenType,\n };\n}\n","/**\n * Prefix token for usage in the Authorization header\n *\n * @param token OAuth token or JSON Web Token\n */\nexport function withAuthorizationPrefix(token) {\n if (token.split(/\\./).length === 3) {\n return `bearer ${token}`;\n }\n return `token ${token}`;\n}\n","import { withAuthorizationPrefix } from \"./with-authorization-prefix\";\nexport async function hook(token, request, route, parameters) {\n const endpoint = request.endpoint.merge(route, parameters);\n endpoint.headers.authorization = withAuthorizationPrefix(token);\n return request(endpoint);\n}\n","import { auth } from \"./auth\";\nimport { hook } from \"./hook\";\nexport const createTokenAuth = function createTokenAuth(token) {\n if (!token) {\n throw new Error(\"[@octokit/auth-token] No token passed to createTokenAuth\");\n }\n if (typeof token !== \"string\") {\n throw new Error(\"[@octokit/auth-token] Token passed to createTokenAuth is not a string\");\n }\n token = token.replace(/^(token|bearer) +/i, \"\");\n return Object.assign(auth.bind(null, token), {\n hook: hook.bind(null, token),\n });\n};\n"],"names":[],"mappings":"AAAA,MAAM,4BAA4B,GAAG,OAAO,CAAC;AAC7C,MAAM,qBAAqB,GAAG,OAAO,CAAC;AACtC,MAAM,uBAAuB,GAAG,OAAO,CAAC;AACjC,eAAe,IAAI,CAAC,KAAK,EAAE;AAClC,IAAI,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;AACjD,IAAI,MAAM,cAAc,GAAG,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC;AACnE,QAAQ,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC1C,IAAI,MAAM,cAAc,GAAG,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC/D,IAAI,MAAM,SAAS,GAAG,KAAK;AAC3B,UAAU,KAAK;AACf,UAAU,cAAc;AACxB,cAAc,cAAc;AAC5B,cAAc,cAAc;AAC5B,kBAAkB,gBAAgB;AAClC,kBAAkB,OAAO,CAAC;AAC1B,IAAI,OAAO;AACX,QAAQ,IAAI,EAAE,OAAO;AACrB,QAAQ,KAAK,EAAE,KAAK;AACpB,QAAQ,SAAS;AACjB,KAAK,CAAC;AACN;;ACpBA;AACA;AACA;AACA;AACA;AACA,AAAO,SAAS,uBAAuB,CAAC,KAAK,EAAE;AAC/C,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;AACxC,QAAQ,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AACjC,KAAK;AACL,IAAI,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;AAC5B,CAAC;;ACTM,eAAe,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE;AAC9D,IAAI,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;AAC/D,IAAI,QAAQ,CAAC,OAAO,CAAC,aAAa,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC;AACpE,IAAI,OAAO,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC7B,CAAC;;ACHW,MAAC,eAAe,GAAG,SAAS,eAAe,CAAC,KAAK,EAAE;AAC/D,IAAI,IAAI,CAAC,KAAK,EAAE;AAChB,QAAQ,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;AACpF,KAAK;AACL,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;AACnC,QAAQ,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;AACjG,KAAK;AACL,IAAI,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AACpD,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE;AACjD,QAAQ,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC;AACpC,KAAK,CAAC,CAAC;AACP,CAAC;;;;"} \ No newline at end of file diff --git a/node_modules/@octokit/auth-token/package.json b/node_modules/@octokit/auth-token/package.json new file mode 100644 index 00000000..82d949b8 --- /dev/null +++ b/node_modules/@octokit/auth-token/package.json @@ -0,0 +1,48 @@ +{ + "name": "@octokit/auth-token", + "description": "GitHub API token authentication for browsers and Node.js", + "version": "3.0.0", + "license": "MIT", + "files": [ + "dist-*/", + "bin/" + ], + "pika": true, + "sideEffects": false, + "keywords": [ + "github", + "octokit", + "authentication", + "api" + ], + "repository": "github:octokit/auth-token.js", + "dependencies": { + "@octokit/types": "^6.0.3" + }, + "devDependencies": { + "@octokit/core": "^3.0.0", + "@octokit/request": "^5.3.0", + "@pika/pack": "^0.5.0", + "@pika/plugin-build-node": "^0.9.0", + "@pika/plugin-build-web": "^0.9.0", + "@pika/plugin-ts-standard-pkg": "^0.9.0", + "@types/fetch-mock": "^7.3.1", + "@types/jest": "^28.0.0", + "fetch-mock": "^9.0.0", + "jest": "^28.0.0", + "prettier": "2.7.1", + "semantic-release": "^19.0.3", + "ts-jest": "^28.0.0", + "typescript": "^4.0.0" + }, + "engines": { + "node": ">= 14" + }, + "publishConfig": { + "access": "public" + }, + "source": "dist-src/index.js", + "types": "dist-types/index.d.ts", + "main": "dist-node/index.js", + "module": "dist-web/index.js" +} diff --git a/package-lock.json b/package-lock.json index 03e33568..13d0fed9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,6 +13,7 @@ "@actions/exec": "^1.0.0", "@actions/io": "^1.0.0", "@actions/tool-cache": "1.1.2", + "@octokit/auth-action": "^2.0.0", "@octokit/graphql": "^4.6.1", "semver": "^6.1.0" }, @@ -920,6 +921,29 @@ "@jridgewell/sourcemap-codec": "^1.4.10" } }, + "node_modules/@octokit/auth-action": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-action/-/auth-action-2.0.0.tgz", + "integrity": "sha512-mH6i1qVLGAqIb0eh4CrX19MS90B638snykXwDeUiPn+WHc0ATddyJwD3nr/bsKaBtDPl48zrx1lg1ueLXKYybQ==", + "dependencies": { + "@octokit/auth-token": "^3.0.0", + "@octokit/types": "^6.0.3" + }, + "engines": { + "node": ">= 14" + } + }, + "node_modules/@octokit/auth-token": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-3.0.0.tgz", + "integrity": "sha512-MDNFUBcJIptB9At7HiV7VCvU3NcL4GnfCQaP8C5lrxWrRPMJBnemYtehaKSOlaM7AYxeRyj9etenu8LVpSpVaQ==", + "dependencies": { + "@octokit/types": "^6.0.3" + }, + "engines": { + "node": ">= 14" + } + }, "node_modules/@octokit/endpoint": { "version": "6.0.12", "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-6.0.12.tgz", @@ -7057,6 +7081,23 @@ "@jridgewell/sourcemap-codec": "^1.4.10" } }, + "@octokit/auth-action": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-action/-/auth-action-2.0.0.tgz", + "integrity": "sha512-mH6i1qVLGAqIb0eh4CrX19MS90B638snykXwDeUiPn+WHc0ATddyJwD3nr/bsKaBtDPl48zrx1lg1ueLXKYybQ==", + "requires": { + "@octokit/auth-token": "^3.0.0", + "@octokit/types": "^6.0.3" + } + }, + "@octokit/auth-token": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-3.0.0.tgz", + "integrity": "sha512-MDNFUBcJIptB9At7HiV7VCvU3NcL4GnfCQaP8C5lrxWrRPMJBnemYtehaKSOlaM7AYxeRyj9etenu8LVpSpVaQ==", + "requires": { + "@octokit/types": "^6.0.3" + } + }, "@octokit/endpoint": { "version": "6.0.12", "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-6.0.12.tgz", diff --git a/package.json b/package.json index 18129937..9fa58a74 100644 --- a/package.json +++ b/package.json @@ -10,6 +10,7 @@ "@actions/exec": "^1.0.0", "@actions/io": "^1.0.0", "@actions/tool-cache": "1.1.2", + "@octokit/auth-action": "^2.0.0", "@octokit/graphql": "^4.6.1", "semver": "^6.1.0" }, diff --git a/src/run.ts b/src/run.ts index bc8ead9a..8461460e 100644 --- a/src/run.ts +++ b/src/run.ts @@ -10,6 +10,8 @@ import * as fs from 'fs' import * as toolCache from '@actions/tool-cache' import * as core from '@actions/core' import {graphql} from '@octokit/graphql' +import {createActionAuth} from '@octokit/auth-action' +import {create} from 'domain' const helmToolName = 'helm' const stableHelmVersion = 'v3.9.0' @@ -49,7 +51,11 @@ export function getValidVersion(version: string): string { // Gets the latest helm version or returns a default stable if getting latest fails export async function getLatestHelmVersion(): Promise { try { - const {repository} = await graphql( + const auth = createActionAuth() + const graphqlAuthenticated = graphql.defaults({ + request: {hook: auth.hook} + }) + const {repository} = await graphqlAuthenticated( ` { repository(name: "helm", owner: "helm") {