Skip to content
This repository has been archived by the owner on Aug 23, 2023. It is now read-only.

Commit

Permalink
Merge pull request #17 from reecetech/rm-deprecated-functions
Browse files Browse the repository at this point in the history 
Replace deprecated GitHub functions
  • Loading branch information
@ps-jay
ps-jay authored Nov 22, 2022
2 parents 47c3dea + 6385b8a commit c158c3b
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 28 deletions.
44 changes: 22 additions & 22 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ We have chosen not to create a new Vault secrets engine, as we could deliver thi
```yaml
- name: Get creds from Vault
id: vault
uses: hashicorp/[email protected].0
uses: hashicorp/[email protected].3
with:
url: https://vault.example.org/
method: jwt
Expand All @@ -47,7 +47,7 @@ We have chosen not to create a new Vault secrets engine, as we could deliver thi
- name: Get PAT for Stash
id: stash
uses: reecetech/bitbucket-server-pat-generator@2022.6.3
uses: reecetech/bitbucket-server-pat-generator@2022.11.1
with:
base_url: https://stash.example.org/
username: ${{ steps.vault.outputs.username }}
Expand All @@ -67,21 +67,21 @@ We have chosen not to create a new Vault secrets engine, as we could deliver thi
| INPUT | TYPE | REQUIRED | DEFAULT | DESCRIPTION |
|--------------------------|--------|----------|----------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| base_url | string | true | | Base URL of Bitbucket Server<br> |
| check_using_ldap_bind | string | false | `"false"` | Check the password validity using<br>an LDAP bind to avoid<br>Bitbucket requiring a CAPTCHA after<br>failed authentication attempts |
| ldap_hosts | string | false | | Comma separated list of LDAP<br>hosts (only used if `check_using_ldap_bind`<br>is `true`) |
| ldap_path | string | false | | The path where the username<br>will be found in the<br>LDAP tree (only used if<br>`check_using_ldap_bind` is `true`) For example,<br>if the user object is<br>`CN=username,OU=tech,OU=Accounts,DC=example,DC=org`, then set `ldap_path` to:<br>`OU=tech,OU=Accounts,DC=example,DC=org` |
| ldap_port | string | false | `"389"` | TCP port to connect to<br>LDAP hosts (only used if<br>`check_using_ldap_bind` is `true`) |
| max_attempts | string | false | `"10"` | Number of times to attempt<br>to generate a PAT |
| mode | string | false | `"create"` | Mode to run in -<br>either `create` or `revoke` |
| password | string | true | | Password to connect to Bitbucket<br>Server |
| pat_id | string | false | | The ID of the PAT<br>to revoke (only used if<br>`mode` is `revoke`) |
| pat_uri | string | false | `"rest/access-tokens/1.0/users"` | The REST endpoint for PAT<br>actions |
| project_permissions | string | false | `"write"` | Project permissions: read, write or<br>admin |
| repository_permissions | string | false | `"write"` | Repository permissions: read, write or<br>admin |
| seconds_between_attempts | string | false | `"30"` | Number of seconds to wait<br>before retrying to generate a<br>PAT |
| username | string | true | | Username to connect to Bitbucket<br>Server |
| valid_days | string | false | `"1"` | Days the PAT will be<br>valid |
| base_url | string | true | | Base URL of Bitbucket Server<br> |
| check_using_ldap_bind | string | false | `"false"` | Check the password validity using<br>an LDAP bind to avoid<br>Bitbucket requiring a CAPTCHA after<br>failed authentication attempts |
| ldap_hosts | string | false | | Comma separated list of LDAP<br>hosts (only used if `check_using_ldap_bind`<br>is `true`) |
| ldap_path | string | false | | The path where the username<br>will be found in the<br>LDAP tree (only used if<br>`check_using_ldap_bind` is `true`) For example,<br>if the user object is<br>`CN=username,OU=tech,OU=Accounts,DC=example,DC=org`, then set `ldap_path` to:<br>`OU=tech,OU=Accounts,DC=example,DC=org` |
| ldap_port | string | false | `"389"` | TCP port to connect to<br>LDAP hosts (only used if<br>`check_using_ldap_bind` is `true`) |
| max_attempts | string | false | `"10"` | Number of times to attempt<br>to generate a PAT |
| mode | string | false | `"create"` | Mode to run in -<br>either `create` or `revoke` |
| password | string | true | | Password to connect to Bitbucket<br>Server |
| pat_id | string | false | | The ID of the PAT<br>to revoke (only used if<br>`mode` is `revoke`) |
| pat_uri | string | false | `"rest/access-tokens/1.0/users"` | The REST endpoint for PAT<br>actions |
| project_permissions | string | false | `"write"` | Project permissions: read, write or<br>admin |
| repository_permissions | string | false | `"write"` | Repository permissions: read, write or<br>admin |
| seconds_between_attempts | string | false | `"30"` | Number of seconds to wait<br>before retrying to generate a<br>PAT |
| username | string | true | | Username to connect to Bitbucket<br>Server |
| valid_days | string | false | `"1"` | Days the PAT will be<br>valid |

<!-- AUTO-DOC-INPUT:END -->

Expand All @@ -91,11 +91,11 @@ We have chosen not to create a new Vault secrets engine, as we could deliver thi

| OUTPUT | TYPE | DESCRIPTION |
|------------------|--------|--------------------------------------------|
| pat | string | PAT to connect to Bitbucket<br>Server |
| pat_encoded | string | PAT URL encoded |
| pat_id | string | ID of the PAT (can<br>be used to revoke) |
| username | string | Username to connect to Bitbucket<br>Server |
| username_encoded | string | Username URL encoded |
| pat | string | PAT to connect to Bitbucket<br>Server |
| pat_encoded | string | PAT URL encoded |
| pat_id | string | ID of the PAT (can<br>be used to revoke) |
| username | string | Username to connect to Bitbucket<br>Server |
| username_encoded | string | Username URL encoded |

<!-- AUTO-DOC-OUTPUT:END -->

Expand Down
14 changes: 8 additions & 6 deletions pat_helper.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,14 +238,16 @@ def print_outputs():
pat_encoded = urllib.parse.quote(PAT, safe='')
print(f"::add-mask::{PAT}") # mark the PAT as secret in GitHub Actions logs
print(f"::add-mask::{pat_encoded}") # mark the PAT as secret in GitHub Actions logs
print(f"::set-output name=username::{USERNAME}")
print(f"::set-output name=username_encoded::{username_encoded}")
print(f"::set-output name=pat::{PAT}")
print(f"::set-output name=pat_encoded::{pat_encoded}")
print(f"::set-output name=pat_id::{PAT_ID}")
with open(os.environ['GITHUB_OUTPUT'], 'a', encoding='utf-8') as output:
print(f"username={USERNAME}", file=output)
print(f"username_encoded={username_encoded}", file=output)
print(f"pat={PAT}", file=output)
print(f"pat_encoded={pat_encoded}", file=output)
print(f"pat_id={PAT_ID}", file=output)

# STATE_CLEANUP_PAT_ID will be used in the post action phase to automatically revoke the PAT
print(f"::save-state name=CLEANUP_PAT_ID::{PAT_ID}")
with open(os.environ['GITHUB_STATE'], 'a', encoding='utf-8') as state:
print(f"CLEANUP_PAT_ID={PAT_ID}", file=state)

##==--------------------------------------------------------------------
## Main...
Expand Down

0 comments on commit c158c3b

Please sign in to comment.