Merge pull request #49 from gruntwork-io/caitlin/update-token

Add the ability to provide a separate auth token vs. patcher update token
gruntwork-io · Nov 15, 2024 · b1d692e · b1d692e
2 parents d8e117a + fc47115
commit b1d692e
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 19 deletions.
diff --git a/dist/index.js b/dist/index.js
@@ -13703,12 +13703,12 @@ function getPatcherEnvVars(gitCommiter, token) {
         GIT_AUTHOR_EMAIL: gitCommiter.email,
     };
 }
-async function runPatcher(gitCommiter, command, { specFile, includeDirs, excludeDirs, updateStrategy, prBranch, prTitle, dependency, workingDir, token, dryRun, noColor, }) {
+async function runPatcher(gitCommiter, command, { specFile, includeDirs, excludeDirs, updateStrategy, prBranch, prTitle, dependency, workingDir, updateToken, dryRun, noColor, }) {
     switch (command) {
         case REPORT_COMMAND: {
             core.startGroup("Running 'patcher report'");
             const reportOutput = await exec.getExecOutput("patcher", reportArgs(specFile, includeDirs, excludeDirs, workingDir, noColor), {
-                env: getPatcherEnvVars(gitCommiter, token),
+                env: getPatcherEnvVars(gitCommiter, updateToken),
             });
             core.endGroup();
             core.startGroup("Setting upgrade spec output");
@@ -13729,7 +13729,7 @@ async function runPatcher(gitCommiter, command, { specFile, includeDirs, exclude
             }
             core.startGroup(groupName);
             const updateOutput = await exec.getExecOutput("patcher", updateArgs(specFile, updateStrategy, prBranch, prTitle, dependency, workingDir, dryRun, noColor), {
-                env: getPatcherEnvVars(gitCommiter, token),
+                env: getPatcherEnvVars(gitCommiter, updateToken),
             });
             core.endGroup();
             core.startGroup("Setting 'updateResult' output");
@@ -13768,7 +13768,8 @@ async function validateAccessToPatcherCli(octokit) {
     }
 }
 async function run() {
-    const token = core.getInput("github_token");
+    const gruntworkToken = core.getInput("github_token");
+    const patcherUpdateToken = core.getInput("update_token");
     const command = core.getInput("patcher_command");
     const updateStrategy = core.getInput("update_strategy");
     const dependency = core.getInput("dependency");
@@ -13781,10 +13782,15 @@ async function run() {
     const prTitle = core.getInput("pull_request_title");
     const dryRun = core.getBooleanInput("dry_run");
     const noColor = core.getBooleanInput("no_color");
-    // Always mask the `token` string in the logs.
-    core.setSecret(token);
+    // if the user didn't specify a token specifically for `patcher update`,
+    // that's ok, we can try to use the github token instead. doing this adoption
+    // is for back compatibility reasons
+    const updateToken = patcherUpdateToken ? patcherUpdateToken : gruntworkToken;
+    // Always mask the token strings in the logs.
+    core.setSecret(gruntworkToken);
+    core.setSecret(updateToken);
     // Only run the action if the user has access to Patcher. Otherwise, the download won't work.
-    const octokit = github.getOctokit(token);
+    const octokit = github.getOctokit(gruntworkToken);
     await validateAccessToPatcherCli(octokit);
     // Validate if the 'patcher_command' provided is valid.
     if (!isPatcherCommandValid(command)) {
@@ -13794,7 +13800,7 @@ async function run() {
     // Validate if 'commit_author' has a valid format.
     const gitCommiter = parseCommitAuthor(commitAuthor);
     core.startGroup("Downloading Patcher and patch tools");
-    await downloadAndSetupTooling(octokit, token);
+    await downloadAndSetupTooling(octokit, gruntworkToken);
     core.endGroup();
     await runPatcher(gitCommiter, command, {
         specFile,
@@ -13805,7 +13811,7 @@ async function run() {
         prTitle,
         dependency,
         workingDir,
-        token,
+        updateToken,
         dryRun,
         noColor,
     });

diff --git a/src/action.ts b/src/action.ts
@@ -52,7 +52,7 @@ type PatcherCliArgs = {
   prTitle: string;
   dependency: string;
   workingDir: string;
-  token: string;
+  updateToken: string;
   dryRun: boolean;
   noColor: boolean;
 };
@@ -289,7 +289,7 @@ async function runPatcher(
     prTitle,
     dependency,
     workingDir,
-    token,
+    updateToken,
     dryRun,
     noColor,
   }: PatcherCliArgs
@@ -301,7 +301,7 @@ async function runPatcher(
         "patcher",
         reportArgs(specFile, includeDirs, excludeDirs, workingDir, noColor),
         {
-          env: getPatcherEnvVars(gitCommiter, token),
+          env: getPatcherEnvVars(gitCommiter, updateToken),
         }
       );
       core.endGroup();
@@ -329,7 +329,7 @@ async function runPatcher(
         "patcher",
         updateArgs(specFile, updateStrategy, prBranch, prTitle, dependency, workingDir, dryRun, noColor),
         {
-          env: getPatcherEnvVars(gitCommiter, token),
+          env: getPatcherEnvVars(gitCommiter, updateToken),
         }
       );
       core.endGroup();
@@ -379,7 +379,8 @@ async function validateAccessToPatcherCli(octokit: GitHub) {
 }
 
 export async function run() {
-  const token = core.getInput("github_token");
+  const gruntworkToken = core.getInput("github_token");
+  const patcherUpdateToken = core.getInput("update_token");
   const command = core.getInput("patcher_command");
   const updateStrategy = core.getInput("update_strategy");
   const dependency = core.getInput("dependency");
@@ -393,11 +394,17 @@ export async function run() {
   const dryRun = core.getBooleanInput("dry_run");
   const noColor = core.getBooleanInput("no_color");
 
-  // Always mask the `token` string in the logs.
-  core.setSecret(token);
+  // if the user didn't specify a token specifically for `patcher update`,
+  // that's ok, we can try to use the github token instead. doing this adoption
+  // is for back compatibility reasons
+  const updateToken = patcherUpdateToken ? patcherUpdateToken : gruntworkToken;
+
+  // Always mask the token strings in the logs.
+  core.setSecret(gruntworkToken);
+  core.setSecret(updateToken);
 
   // Only run the action if the user has access to Patcher. Otherwise, the download won't work.
-  const octokit = github.getOctokit(token);
+  const octokit = github.getOctokit(gruntworkToken);
   await validateAccessToPatcherCli(octokit);
 
   // Validate if the 'patcher_command' provided is valid.
@@ -410,7 +417,7 @@ export async function run() {
   const gitCommiter = parseCommitAuthor(commitAuthor);
 
   core.startGroup("Downloading Patcher and patch tools");
-  await downloadAndSetupTooling(octokit, token);
+  await downloadAndSetupTooling(octokit, gruntworkToken);
   core.endGroup();
 
   await runPatcher(gitCommiter, command, {
@@ -422,7 +429,7 @@ export async function run() {
     prTitle,
     dependency,
     workingDir,
-    token,
+    updateToken,
     dryRun,
     noColor,
   });