Skip to content
This repository has been archived by the owner on Aug 23, 2023. It is now read-only.

Commit

Permalink
Merge pull request #14 from reecetech/optional-docker-running
Browse files Browse the repository at this point in the history 
Optional docker running
  • Loading branch information
@ps-jay
ps-jay authored Nov 22, 2022
2 parents c158c3b + 5d30568 commit b665001
Show file tree
Hide file tree
Showing 3 changed files with 107 additions and 27 deletions.
5 changes: 0 additions & 5 deletions .github/CODEOWNERS
View file

This file was deleted.

3 changes: 2 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ We have chosen not to create a new Vault secrets engine, as we could deliver thi
- name: Get PAT for Stash
id: stash
uses: reecetech/[email protected].1
uses: reecetech/[email protected].2
with:
base_url: https://stash.example.org/
username: ${{ steps.vault.outputs.username }}
Expand Down Expand Up @@ -79,6 +79,7 @@ We have chosen not to create a new Vault secrets engine, as we could deliver thi
| pat_uri | string | false | `"rest/access-tokens/1.0/users"` | The REST endpoint for PAT<br>actions |
| project_permissions | string | false | `"write"` | Project permissions: read, write or<br>admin |
| repository_permissions | string | false | `"write"` | Repository permissions: read, write or<br>admin |
| run_in_docker | string | false | `"false"` | Run in a Docker image<br>(if `actions/setup-python@v4` does not work<br>for you) |
| seconds_between_attempts | string | false | `"30"` | Number of seconds to wait<br>before retrying to generate a<br>PAT |
| username | string | true | | Username to connect to Bitbucket<br>Server |
| valid_days | string | false | `"1"` | Days the PAT will be<br>valid |
Expand Down
126 changes: 105 additions & 21 deletions action.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,10 @@ inputs:
description: 'Repository permissions: read, write or admin'
required: false
default: 'write'
run_in_docker:
description: 'Run in a Docker image (if `actions/setup-python@v4` does not work for you)'
required: false
default: false

outputs:
username:
Expand All @@ -80,24 +84,104 @@ outputs:
description: 'ID of the PAT (can be used to revoke)'

runs:
using: "docker"
image: 'Dockerfile'
args:
- ${{ inputs.mode }}
- --check-using-ldap-bind=${{ inputs.check_using_ldap_bind }}
- --project-permissions=${{ inputs.project_permissions }}
- --repository-permissions=${{ inputs.repository_permissions }}
entrypoint: '/app/entrypoint_main.sh'
post-entrypoint: '/app/entrypoint_post_cleanup.sh'
env:
base_url: ${{ inputs.base_url }}
username: ${{ inputs.username }}
password: ${{ inputs.password }}
pat_id: ${{ inputs.pat_id }}
valid_days: ${{ inputs.valid_days }}
max_attempts: ${{ inputs.max_attempts }}
seconds_between_attempts: ${{ inputs.seconds_between_attempts }}
ldap_hosts: ${{ inputs.ldap_hosts }}
ldap_path: ${{ inputs.ldap_path }}
ldap_port: ${{ inputs.ldap_port }}
pat_uri: ${{ inputs.pat_uri }}
using: "composite"
steps:
- id: python
name: Setup Python 🐍
if: ${{ inputs.run_in_docker == 'false' }}
uses: actions/setup-python@v4
with:
python-version: '3.10' # Should match Pipfile / "python_version"

- id: deps
name: Setup Python dependencies 📦
if: ${{ inputs.run_in_docker == 'false' }}
shell: bash
run: |
set -euo pipefail
pip install pipenv
PIPENV_PIPFILE=${{ github.action_path }}/Pipfile pipenv install --ignore-pipfile
- id: pat
name: Run pat_helper.py 🏃
if: ${{ inputs.run_in_docker == 'false' }}
env:
base_url: ${{ inputs.base_url }}
username: ${{ inputs.username }}
password: ${{ inputs.password }}
pat_id: ${{ inputs.pat_id }}
valid_days: ${{ inputs.valid_days }}
max_attempts: ${{ inputs.max_attempts }}
seconds_between_attempts: ${{ inputs.seconds_between_attempts }}
ldap_hosts: ${{ inputs.ldap_hosts }}
ldap_path: ${{ inputs.ldap_path }}
ldap_port: ${{ inputs.ldap_port }}
pat_uri: ${{ inputs.pat_uri }}
shell: bash
run: |
set -euo pipefail
PIPENV_PIPFILE="${{ github.action_path }}/Pipfile" pipenv run \
python "${{ github.action_path }}/pat_helper.py" \
"${{ inputs.mode }}" \
--check-using-ldap-bind "${{ inputs.check_using_ldap_bind }}" \
--project-permissions "${{ inputs.project_permissions }}" \
--repository-permissions "${{ inputs.repository_permissions }}"
# In docker:
- id: buildx
name: Set up docker buildx 🐳
if: ${{ inputs.run_in_docker == 'true' }}
uses: docker/setup-buildx-action@v2

- id: build
name: Docker build 🛠
if: ${{ inputs.run_in_docker == 'true' }}
uses: docker/build-push-action@v3
with:
context: ${{ github.action_path }}
file: ${{ github.action_path }}/Dockerfile
push: false
tags: pat-helper

- id: pat-in-docker
name: Run pat_helper.py in docker 🎁
if: ${{ inputs.run_in_docker == 'true' }}
env:
base_url: ${{ inputs.base_url }}
username: ${{ inputs.username }}
password: ${{ inputs.password }}
pat_id: ${{ inputs.pat_id }}
valid_days: ${{ inputs.valid_days }}
max_attempts: ${{ inputs.max_attempts }}
seconds_between_attempts: ${{ inputs.seconds_between_attempts }}
ldap_hosts: ${{ inputs.ldap_hosts }}
ldap_path: ${{ inputs.ldap_path }}
ldap_port: ${{ inputs.ldap_port }}
pat_uri: ${{ inputs.pat_uri }}
shell: bash
run: |
set -euo pipefail
docker run \
--rm \
--user "$(id -u):$(id -g)" \
--entrypoint "/app/entrypoint_main.sh" \
--env base_url \
--env username \
--env password \
--env pat_id \
--env valid_days \
--env max_attempts \
--env seconds_between_attempts \
--env ldap_hosts \
--env ldap_path \
--env ldap_port \
--env pat_uri \
--env GITHUB_OUTPUT \
--env GITHUB_STATE \
--volume "${GITHUB_OUTPUT}:${GITHUB_OUTPUT}" \
--volume "${GITHUB_STATE}:${GITHUB_STATE}" \
pat-helper \
"${{ inputs.mode }}" \
--check-using-ldap-bind "${{ inputs.check_using_ldap_bind }}" \
--project-permissions "${{ inputs.project_permissions }}" \
--repository-permissions "${{ inputs.repository_permissions }}"

0 comments on commit b665001

Please sign in to comment.