diff --git a/Dockerfile b/Dockerfile index d95a8da..5adb7b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,5 +3,5 @@ WORKDIR /action RUN gem install jwt && \ apk add jq && \ apk add curl -COPY generate-jwt.rb get-installation-access-token.sh ./ -ENTRYPOINT ["/action/get-installation-access-token.sh"] \ No newline at end of file +COPY generate_jwt.rb get-installation-access-token.sh ./ +ENTRYPOINT ["/action/get-installation-access-token.sh"] diff --git a/generate-jwt.rb b/generate_jwt.rb similarity index 59% rename from generate-jwt.rb rename to generate_jwt.rb index d9e33e7..81ec073 100644 --- a/generate-jwt.rb +++ b/generate_jwt.rb @@ -1,11 +1,15 @@ +# frozen_string_literal: true + require 'openssl' require 'jwt' private_key = ENV.fetch('PRIVATE_KEY') app_id = ENV.fetch('APP_ID') -puts JWT.encode({ +payload = { iat: Time.now.to_i, exp: Time.now.to_i + (10 * 60), iss: app_id -}, OpenSSL::PKey::RSA.new(private_key), 'RS256') \ No newline at end of file +} + +puts JWT.encode(payload, OpenSSL::PKey::RSA.new(private_key), 'RS256') diff --git a/get-installation-access-token.sh b/get-installation-access-token.sh index 959fe0f..cc922b2 100755 --- a/get-installation-access-token.sh +++ b/get-installation-access-token.sh @@ -3,27 +3,26 @@ export PRIVATE_KEY=${1:?Usage: ${0} } export APP_ID=${2:?Usage: ${0} } repo=${GITHUB_REPOSITORY:?Missing required GITHUB_REPOSITORY environment variable} -[[ ! -z "$INPUT_REPO" ]] && repo=$INPUT_REPO +[ -n "$INPUT_REPO" ] && repo="$INPUT_REPO" -jwt=$(ruby $(dirname $0)/generate-jwt.rb) -installation_id=$(curl -s \ --H "Authorization: Bearer ${jwt}" \ --H "Accept: application/vnd.github.v3+json" \ -https://api.github.com/repos/${repo}/installation | jq -r .id) +jwt=$(ruby "$(dirname "$0")"/generate_jwt.rb) +response=$(curl -s -H "Authorization: Bearer ${jwt}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/${repo}/installation") +installation_id=$(echo "$response" | jq -r .id) if [ "$installation_id" = "null" ]; then - echo "Unable to get installation ID. Is the GitHub App installed on ${repo}?" - exit 1 + echo "Unable to get installation ID. Is the GitHub App installed on ${repo}?" + echo "$response" | jq -r .message + exit 1 fi token=$(curl -s -X POST \ --H "Authorization: Bearer ${jwt}" \ --H "Accept: application/vnd.github.v3+json" \ -https://api.github.com/app/installations/${installation_id}/access_tokens | jq -r .token) + -H "Authorization: Bearer ${jwt}" \ + -H "Accept: application/vnd.github.v3+json" \ + https://api.github.com/app/installations/"${installation_id}"/access_tokens | jq -r .token) if [ "$token" = "null" ]; then - echo "Unable to generate installation access token" - exit 1 + echo "Unable to generate installation access token" + exit 1 fi -echo ::set-output name=token::${token} +echo "::set-output name=token::${token}"