actions/actions-toolkit
1
0
Fork 0
mirror of https://code.forgejo.org/docker/actions-toolkit.git synced 2025-06-24 06:38:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14

github: translate access controls permissions

Browse source 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2023-02-03 04:09:04 +01:00
parent ad59af8cf2
commit 3e2548a8ed
No known key found for this signature in database
GPG key ID: 3248E46B6BB8C7F7
3 changed files with 40 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

36
src/github.ts
View file

@ -20,7 +20,7 @@ import * as github from '@actions/github';
import {Context} from '@actions/github/lib/context';
import jwt_decode from 'jwt-decode';
import {GitHubActionsRuntimeToken, GitHubRepo} from './types/github';
import {GitHubActionsRuntimeToken, GitHubActionsRuntimeTokenAC, GitHubRepo} from './types/github';
export interface GitHubOpts {
token?: string;
@ -49,17 +49,37 @@ export class GitHub {
return process.env.GITHUB_API_URL || 'https://api.github.com';
}
static get actionsRuntimeToken(): GitHubActionsRuntimeToken {
static get actionsRuntimeToken(): GitHubActionsRuntimeToken | undefined {
const token = process.env['ACTIONS_RUNTIME_TOKEN'] || '';
return token ? jwt_decode<GitHubActionsRuntimeToken>(token) : {};
return token ? jwt_decode<GitHubActionsRuntimeToken>(token) : undefined;
}
public static async printActionsRuntimeToken() {
const actionsRuntimeToken = process.env['ACTIONS_RUNTIME_TOKEN'];
if (actionsRuntimeToken) {
core.info(JSON.stringify(JSON.parse(GitHub.actionsRuntimeToken.ac as string), undefined, 2));
} else {
public static async printActionsRuntimeTokenACs() {
const jwt = GitHub.actionsRuntimeToken;
if (!jwt) {
core.info(`ACTIONS_RUNTIME_TOKEN not set`);
return;
}
try {
<Array<GitHubActionsRuntimeTokenAC>>JSON.parse(`${jwt.ac}`).forEach(ac => {
let permission: string;
switch (ac.Permission) {
case 1:
permission = 'read';
break;
case 2:
permission = 'write';
break;
case 3:
permission = 'read/write';
break;
default:
permission = `unimplemented (${ac.Permission})`;
}
core.info(`${ac.Scope}: ${permission}`);
});
} catch (e) {
core.warning(`Cannot parse Actions Runtime Token Access Controls: ${e.message}`);
}
}
}