feat: initial version (#1)

probot · Oct 28, 2020 · 1bfb94c · 1bfb94c
1 parent 04e97ec
commit 1bfb94c
Show file tree

Hide file tree

Showing 17 changed files with 15,919 additions and 6 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,24 @@
+name: Release
+on:
+  push:
+    branches:
+      - main
+      - next
+      - beta
+      - "*.x" # maintenance releases
+
+jobs:
+  release:
+    name: release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v1
+        with:
+          node-version: "12.x"
+      - run: npm ci
+      - run: npm run build
+      - run: npx semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.PROBOTBOT_NPM_TOKEN }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,38 @@
+name: Test
+"on":
+  push:
+    branches:
+      - main
+      - dependabot/npm_and_yarn/**
+  pull_request:
+    types:
+      - opened
+      - synchronize
+jobs:
+  test_matrix:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node_version:
+          - 10
+          - 12
+          - 14
+    steps:
+      - uses: actions/checkout@v2
+      - name: "Use Node.js ${{ matrix.node_version }}"
+        uses: actions/setup-node@v1
+        with:
+          node-version: "${{ matrix.node_version }}"
+      - run: npm ci
+      - run: npm test
+
+  # separate job to set as required in branch protection,
+  # as the above change each time the Node versions change
+  test:
+    runs-on: ubuntu-latest
+    needs: test_matrix
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v1
+      - run: npm ci
+      - run: npm run lint
diff --git a/.github/workflows/update-prettier.yml b/.github/workflows/update-prettier.yml
@@ -0,0 +1,21 @@
+name: Update Prettier
+"on":
+  push:
+    branches:
+      - dependabot/npm_and_yarn/prettier-*
+jobs:
+  update_prettier:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v1
+      - run: npm ci
+      - run: "npm run lint:fix"
+      - uses: gr2m/[email protected]
+        env:
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+        with:
+          title: Prettier updated
+          body: An update to prettier required updates to your code.
+          branch: "${{ github.ref }}"
+          commit-message: "style: prettier"
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+coverage
+node_modules
+pkg
diff --git a/README.md b/README.md
@@ -1,14 +1,70 @@
-# 🚧 This is work-in-progress, see [#1](https://github.com/probot/octokit-auth-probot/pull/1)
-
 # octokit-auth-probot
 
 > Octokit authentication strategy that supports token, app (JWT), and event-based installation authentication
 
+[![@latest](https://img.shields.io/npm/v/octokit-auth-probot.svg)](https://www.npmjs.com/package/octokit-auth-probot)
+[![Build Status](https://github.com/probot/octokit-auth-probot/workflows/Test/badge.svg)](https://github.com/probot/octokit-auth-probot/actions?query=workflow%3ATest)
+
+`octokit-auth-probot` combines the authentication strategies:
+
+1. [`@octokit/auth-app`](https://github.com/octokit/auth-app.js#readme)
+2. [`@octokit/auth-token`](https://github.com/octokit/auth-token.js#readme)
+3. [`@octokit/auth-unauthenticated`](https://github.com/octokit/auth-unauthenticated.js#readme)
+
+It adds a new authentication type: `"event-octokit"`, which allows to retrieve an Octokit instance which is correctly authenticated based on the Octokit constructors authentication (`app` or `token`) as well as the event, which either results in an installation access token authentication or, in case the event implies that the installation's access has been revoked, in an unauthenticated Octokit instance.
+
+`octokit-auth-probot` is not meant to be used by itself, but in conjuction with [`@octokit/core`](https://github.com/octokit/core.js#readme) or a compatible library.
+
 ## Usage
 
+<table>
+<tbody valign=top align=left>
+<tr><th>
+Browsers
+</th><td width=100%>
+
+Load `octokit-auth-probot` directly from [cdn.pika.dev](https://cdn.pika.dev)
+
+```html
+<script type="module">
+  import { Octokit } from "https://cdn.pika.dev/@octokit/core";
+  import { createProbotAuth } from "https://cdn.pika.dev/octokit-auth-probot";
+</script>
+```
+
+</td></tr>
+<tr><th>
+Node
+</th><td>
+
+Install with <code>npm install octokit-auth-probot</code>
+
 ```js
 const { Octokit } = require("@octokit/core");
-const { createProbotAuth } = require("@probot/octokit-auth-probt");
+const { createProbotAuth } = require("octokit-auth-probot");
+// or:
+// import { Octokit } from "@octokit/core";
+// import { createProbotAuth } from "octokit-auth-probot";
+```
+
+</td></tr>
+<tr><td colspan=2>
+
+⚠️ For usage in browsers: The private keys provided by GitHub are in `PKCS#1` format, but the WebCrypto API only supports `PKCS#8`. You need to convert it first:
+
+```shell
+openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in private-key.pem -out private-key-pkcs8.key
+```
+
+No conversation is needed in Node, both `PKCS#1` and `PKCS#8` format will work.
+
+</td></tr>
+</tbody>
+</table>
+
+```js
+const { Octokit } = require("@octokit/core");
+const { createProbotAuth } = require("octokit-auth-probot");
 
 const ProbotOctokit = Octokit.defaults({
   authStrategy: createProbotAuth,
@@ -25,6 +81,8 @@ const octokit = new ProbotOctokit({
 });
 ```
 
+**Note**: `octokit.auth()` will always resolve with an [`oauth` authentication object](https://github.com/octokit/auth-token.js#authentication-object), no matter what options you will pass.
+
 ### App authentication
 
 ```js
@@ -45,10 +103,10 @@ const eventOctokit = await octokit.auth({
 });
 ```
 
-`eventOctokit` can be authenticate in one of three ways
+`eventOctokit` is now authenticate in one of three ways
 
-1. If `octokit` was authenticated using a token, `eventOctokit` is authenticated with the same token
-2. If `event` name is `installation` and `payload.action` is either `suspend` or `deleted`, then `eventOctokit` is unauthenticated
+1. If `octokit` was authenticated using a token, `eventOctokit` is authenticated with the same token. In fact, `eventOctokit` _is_ `octokit`
+2. If `event` name is `installation` and `payload.action` is either `suspend` or `deleted`, then `eventOctokit` is unauthenticated using [`@octokit/auth-unauthenticated`](https://github.com/octokit/auth-unauthenticated.js#readme)
 3. Otherwise `eventOctokit` is authenticate as installation based on `payload.installation.id`
 
 ## LICENSE