cloudsmith-cli-action/src/main.js at master · cloudsmith-io/cloudsmith-cli-action · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
const core = require("@actions/core");
const oidcAuth = require("./oidc-auth");
const { installCli } = require("./download-cli");
const { createConfigFile } = require("./create-config-file");

async function run() {
  try {
    // Get inputs from GitHub Actions workflow
    const orgName = core.getInput("oidc-namespace");
    const serviceAccountSlug = core.getInput("oidc-service-slug");
    const apiKey = core.getInput("api-key");
    const oidcAuthRetry = Math.min(
      Math.max(parseInt(core.getInput("oidc-auth-retry") || "3", 10), 0),
      10,
    );
    const oidcTokenValidate = core.getBooleanInput("oidc-token-validate");
  const oidcAudienceInput = core.getInput("oidc-audience");
  const oidcAudience = oidcAudienceInput || `https://github.com/${process.env.GITHUB_REPOSITORY_OWNER || ''}`;

    // Cloudsmith CLI optional inputs
    const apiHost = core.getInput("api-host");
    const apiProxy = core.getInput("api-proxy");
    const apiSslVerify = core.getInput("api-ssl-verify");
    const apiUserAgent = core.getInput("api-user-agent");

    // Create config file for Cloudsmith CLI only if any of the optional inputs are provided
    if (apiHost || apiProxy || apiSslVerify || apiUserAgent) {
      createConfigFile(apiHost, apiProxy, apiSslVerify, apiUserAgent);
    }

    // Authenticate based on the provided inputs
    if (apiKey) {
      core.exportVariable("CLOUDSMITH_API_KEY", apiKey);
      core.info("Using provided API key for authentication.");
    } else if (orgName && serviceAccountSlug) {
      if (!process.env.ACTIONS_ID_TOKEN_REQUEST_URL) {
        throw new Error(
          "Environment variable ACTIONS_ID_TOKEN_REQUEST_URL is not set. Did you add the permission 'id-token: write' to your workflow?",
        );
      }

      await oidcAuth.authenticate(
        orgName,
        serviceAccountSlug,
        apiHost,
        oidcAuthRetry,
        oidcTokenValidate,
        oidcAudience,
      );
    } else {
      throw new Error(
        "Either API key or OIDC inputs (namespace and service account slug) must be provided for authentication.",
      );
    }

    // Install the CLI only if oidc-auth-only is false
    const oidcAuthOnly = core.getBooleanInput("oidc-auth-only");
    if (!oidcAuthOnly) {
      await installCli();
    }
  } catch (error) {
    core.setFailed(`Action failed: ${error.message}`);
  }
}

run();