Commit Graph

16 Commits

Author SHA1 Message Date
Parker Brown 6423fe3683 Add bootstrap entry for env-based proxy support
Introduces bootstrap.js to set NODE_USE_ENV_PROXY before loading main.js, ensuring proxy support is enabled unless explicitly opted out. Updates action.yml to use bootstrap as the main entry and modifies build script to bundle bootstrap.js.
2025-08-22 13:10:57 -07:00
Parker Brown 39808af6a2 Move NODE_USE_ENV_PROXY assignment to top of file
Relocated the setting of process.env.NODE_USE_ENV_PROXY to the beginning of main.js for improved clarity and to ensure the environment variable is set before any imports or logic are executed.
2025-08-22 13:05:03 -07:00
Parker Brown fe4ba3360a Set NODE_USE_ENV_PROXY in main.js and update workflow
Moved NODE_USE_ENV_PROXY environment variable assignment from the GitHub Actions workflow to main.js for consistent runtime configuration. This change ensures the variable is always set when the application runs, regardless of workflow environment settings.
2025-08-22 12:31:42 -07:00
Yuta Kasai c3c17c79cc fix: use core.getBooleanInput() to retrieve boolean input values (#223)
This PR switches from evaluating values passed to `skip-token-revoke` as
true if they are truthy in JavaScript, to using `getBooleanInput`. This
change ensures that only proper YAML boolean values are recognized,
preventing unintended evaluations to true.
- The definition of `getBooleanInput` is here: definition of
`core#getBooealnInput` is here:
https://github.com/actions/toolkit/blob/930c89072712a3aac52d74b23338f00bb0cfcb24/packages/core/src/core.ts#L188-L208

The documentation states, `"If truthy, the token will not be revoked
when the current job is complete"`, so this change could be considered a
breaking change. This means that if there are users who rely on `truthy`
and expect values like whitespace or `"false"` to be evaluated as true
(though this is likely rare), it would be a breaking change.
- `Boolean(" ")` and `Boolean("false")` are both evaluated as true.

Alternatively, it can simply be considered a fix. How to handle this is
up to the maintainer.

Resolves https://github.com/actions/create-github-app-token/issues/216
2025-04-25 11:59:34 -07:00
Parker Brown 5cc811bc40 feat!: remove deprecated inputs (#213)
BREAKING CHANGE: Removed deprecated inputs (`app_id`, `private_key`, `skip_token_revoke`) and made `app-id` and `private-key` required in the action configuration.
2025-04-03 12:09:57 -07:00
Gregor Martynus 0e0aa99a86 feat: permissions (#168)
- Load `app-permissions` from schema exported by `@octokit/openapi`
- Update documentation in README.md
- Implement the `permissions_*` inputs in the action code

---------

Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2025-03-27 19:00:54 +00:00
Peter Evans 796b88dc58 feat: allow repositories input to be comma or newline-separated (#169)
Resolves https://github.com/actions/create-github-app-token/issues/106

- Fixes the parsing to cope with whitespace in the input string.
- Allows the input to be comma or newline-separated. (I've done this for
all array-type inputs in my own actions, but I'm happy to remove this if
you only want to support comma-separated.)
- Added tests for parsing comma and newline-separated inputs.
2024-09-11 13:54:50 -07:00
Parker Brown 1f82f7df93 feat: add proxy support (#102)
Adds support for the following environment variables:

- `https_proxy`
- `HTTPS_PROXY`
- `http_proxy`
- `HTTP_PROXY`
- `no_proxy`
- `NO_PROXY`
2024-02-08 15:39:04 -08:00
Gregor Martynus 837e2752e0 feat: github-api-url (#88)
closes #77

---------

Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2024-01-26 10:51:16 -08:00
Clay Miller 7b1d2aef87 feat: use dash notation for inputs (deprecates underscore notation) (#59)
Fixes #57 

This PR implements the 3-step plan proposed by @gr2m in
https://github.com/actions/create-github-app-token/issues/57#issuecomment-1751272252:

> 1. Support both input types
> 2. Log a deprecation warning for the old notation
> 3. Add a test for deprecations

Although this PR supports both input formats simultaneously, I opted
_not_ to document the old format in the updated README. That’s a
decision I’m happy to revisit, if y’all would prefer to have
documentation for both the old and new formats.
2023-10-06 13:10:49 -07:00
Gregor Martynus bdb2377ad0 test: add coverage (#58) 2023-10-06 12:54:48 -07:00
Clay Miller 9ec88c41ee feat: Add a skip_token_revoke input for configuring token revocation (#54)
Fixes https://github.com/actions/create-github-app-token/issues/55

Currently, `actions/create-github-app-token` always/unconditionally
revokes the installation access token in a `post` step, at the
completion of the current job. This prevents tokens from being used in
other jobs.

This PR makes this behavior configurable:
- When the `skip-token-revoke` input is not specified (i.e. by default),
the token is revoked in a `post` step (i.e. the current behavior).
- When the `skip-token-revoke` input is set to a truthy value (e.g.
`"true"`[^1]), the token is not revoked in a `post` step.

This PR adds a test for the `skip-token-revoke: "true"` case.

This is configurable in other app token actions, e.g.
[tibdex/github-app-token](https://github.com/tibdex/github-app-token/blob/3eb77c7243b85c65e84acfa93fdbac02fb6bd532/README.md?plain=1#L46-L47)
and
[wow-actions/use-app-token](https://github.com/wow-actions/use-app-token/blob/cd772994fc762f99cf291f308797341327a49b0c/README.md?plain=1#L132).

[^1]: Note that `"false"` is also truthy: `Boolean("false")` is `true`.
If we think that’ll potentially confuse folks, I can require
`skip-token-revoke` to be set explicitly to `"true"`.
2023-10-06 09:10:49 -07:00
Tim Reimherr 20fd86373f feat: support tokens scoped to multiple repositories within organization (#46)
Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com>
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
2023-10-03 22:28:48 -07:00
Gregor Martynus c08c5ace34 fix(GHES): respect GITHUB_API_URL when creating installation access token (#38)
Follow up to #36. I just wanted to do some refactoring but turns out I
missed to pass the custom `request` instance to `createAppAuth`. It will
fallback to the default `request` which does not respect
`GITHUB_API_URL`
2023-08-29 22:29:41 -07:00
7Hazard ede6c15881 feat: add GitHub Enterprise Server (GHES) support (#36)
This adds support for this action to be used in GitHub Enterprise
Server.

It sends request to the base url extracted from
[GITHUB_API_URL](https://docs.github.com/en/enterprise-server@3.10/actions/learn-github-actions/variables#default-environment-variables).

---------

Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com>
2023-08-29 16:13:34 -07:00
Gregor Martynus f45685208f feat: initial version (#1)
/ demo (push) Has been cancelled
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Co-authored-by: Gregor Martynus <gr2m@users.noreply.github.com>
2023-06-08 17:04:10 -07:00