Skip to content

Commit

Permalink
Add token token to variable verifier
Browse files Browse the repository at this point in the history
  • Loading branch information
@philnewm
philnewm committed Nov 2, 2024
1 parent e789c64 commit cac0882
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 5 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/initial_release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,8 @@ jobs:
with:
variables: "MAIN_BRANCH,MINOR_BUMP_LABEL,PATCH_BUMP_LABEL,PROJECT_NAME"
repo: ${{ github.repository }}
secrets:
gh_token: ${{ secrets.token }}


# TODO Move release query logic into github action
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/release_trigger.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ jobs:
with:
variables: "MAIN_BRANCH,MINOR_BUMP_LABEL,PATCH_BUMP_LABEL,PROJECT_NAME"
repo: ${{ github.repository }}
secrets:
gh_token: ${{ secrets.token }}


# TODO Move release query logic into github action
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/verify_secrets.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,22 +30,22 @@ jobs:
# TODO only check if no inputs provided

steps:
- name: 🔎 Verify secret 'GH_TOKEN' for ${{ env.GH_REPO }}
- name: Verify secret 'GH_TOKEN' for ${{ env.GH_REPO }}
if: ${{ !env.GH_TOKEN }}
run: |
echo "::error::Secret 'GH_TOKEN' is not set or empty"
- name: 🔎 Verify secret 'GH_USER' for ${{ env.GH_REPO }}
- name: Verify secret 'GH_USER' for ${{ env.GH_REPO }}
if: ${{ !env.GH_USER }}
run: |
echo "::error::Secret 'GH_USER' is not set or empty"
- name: 🔎 Verify secret 'GH_EMAIL' for ${{ env.GH_REPO }}
- name: Verify secret 'GH_EMAIL' for ${{ env.GH_REPO }}
if: ${{ !env.GH_EMAIL }}
run: |
echo "::error::Secret 'GH_EMAIL' is not set or empty"
- name: 🔎 Secrets verified
- name: Secrets verified
if: ${{ env.GH_TOKEN && env.GH_USER && env.GH_EMAIL }}
run: |
echo "::notice::All required secrets are present."
7 changes: 6 additions & 1 deletion .github/workflows/verify_variables.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,17 +10,22 @@ on:
repo:
type: string
required: false

secrets:
gh_token:
required: true

env:
REPO_VARS: ${{ secrets.gh_token || false }}
GH_REPO : ${{ inputs.repo || github.repository }}
GH_TOKEN: ${{ secrets.gh_token }}

jobs:
verify_variables:
runs-on: ubuntu-latest

steps:
- name: 🔎 Verify repo variables for ${{ env.GH_REPO }}
- name: Verify repo variables for ${{ env.GH_REPO }}
run: |
missing_vars=$(echo ${{ env.REPO_VARS }} | tr ',' '\n' | while read var; do
gh variable list --repo ${{ env.GH_REPO }} --json name --jq '.[].name' | grep -qx "$var" || echo "$var"
Expand Down

0 comments on commit cac0882

Please sign in to comment.