Initial commit of action-wrapper

Author: Cole Kennedy

.github/workflows/test.yml

@@ -0,0 +1,27 @@
+name: Test Wrapper Action
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '16'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Test wrapper with a simple action
+        uses: ./
+        with:
+          action-ref: "actions/hello-world-javascript-action@main"

.gitignore

@@ -0,0 +1,19 @@
+# Dependency directories
+node_modules/
+npm-debug.log
+yarn-debug.log
+yarn-error.log
+
+# Distribution directories
+dist/
+lib/
+
+# OS specific files
+.DS_Store
+Thumbs.db
+
+# Editor directories and files
+.idea
+.vscode
+*.swp
+*.swo

README.md

@@ -0,0 +1,46 @@
+# TestifySec Action Wrapper
+
+A GitHub Action that downloads and executes another GitHub Action dynamically.
+
+## Usage
+
+```yaml
+name: Example Workflow
+on: [push, pull_request]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Run Nested Action via Wrapper
+        uses: testifysec/action-wrapper@v1
+        with:
+          action-ref: "owner/[email protected]"
+          extra-args: "--foo bar"
+```
+
+## Inputs
+
+| Input | Description | Required |
+|-------|-------------|----------|
+| `action-ref` | Reference to the nested action (e.g., owner/repo@ref) | Yes |
+| `extra-args` | Extra arguments to pass to the nested action | No |
+
+## How It Works
+
+1. **Parsing the Input:**  
+   The wrapper reads an input `action-ref` (like `"owner/repo@ref"`) and splits it into the repository identifier and ref.
+
+2. **Downloading the Repository:**  
+   It constructs the URL for the GitHub zip archive and downloads it using Axios. The zip is then extracted using the `unzipper` package into a temporary directory.
+
+3. **Reading Action Metadata:**  
+   The script reads the `action.yml` file from the extracted folder to determine the JavaScript entry point (from the `runs.main` field).
+
+4. **Dependency Installation (Optional):**  
+   If a `package.json` is present in the nested action, it runs `npm install` to install dependencies.
+
+5. **Executing the Nested Action:**  
+   Finally, the wrapper runs the nested action's entry file using Node.js. Any extra arguments provided via the `extra-args` input are passed along.

action.yml

@@ -0,0 +1,12 @@
+name: "TestifySec Action Wrapper"
+description: "Downloads and executes another GitHub Action"
+inputs:
+  action-ref:
+    description: "Reference to the nested action (e.g., owner/repo@ref)"
+    required: true
+  extra-args:
+    description: "Extra arguments to pass to the nested action"
+    required: false
+runs:
+  using: "node16"
+  main: "index.js"

index.js

@@ -0,0 +1,91 @@
+const core = require("@actions/core");
+const exec = require("@actions/exec");
+const fs = require("fs");
+const os = require("os");
+const path = require("path");
+const axios = require("axios");
+const unzipper = require("unzipper");
+const yaml = require("js-yaml");
+
+async function run() {
+  try {
+    // Get inputs
+    const actionRef = core.getInput("action-ref");
+    const extraArgs = core.getInput("extra-args") || "";
+
+    // Parse action-ref (expects format: owner/repo@ref)
+    const [repo, ref] = parseActionRef(actionRef);
+    core.info(`Parsed repo: ${repo}, ref: ${ref}`);
+
+    // Construct URL for the repository zip archive
+    const zipUrl = `https://github.com/${repo}/archive/${ref}.zip`;
+    core.info(`Downloading action from: ${zipUrl}`);
+
+    // Create a temporary directory for extraction
+    const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "nested-action-"));
+
+    // Download and extract the zip archive
+    const response = await axios({
+      url: zipUrl,
+      method: "GET",
+      responseType: "stream"
+    });
+    await new Promise((resolve, reject) => {
+      response.data
+        .pipe(unzipper.Extract({ path: tempDir }))
+        .on("close", resolve)
+        .on("error", reject);
+    });
+    core.info(`Downloaded and extracted to ${tempDir}`);
+
+    // GitHub archives typically extract to a folder named "repo-ref"
+    const repoName = repo.split("/")[1];
+    const extractedFolder = path.join(tempDir, `${repoName}-${ref}`);
+    if (!fs.existsSync(extractedFolder)) {
+      throw new Error(`Extracted folder ${extractedFolder} not found.`);
+    }
+
+    // Read action.yml from the downloaded action
+    const actionYmlPath = path.join(extractedFolder, "action.yml");
+    if (!fs.existsSync(actionYmlPath)) {
+      throw new Error(`action.yml not found in ${extractedFolder}`);
+    }
+    const actionConfig = yaml.load(fs.readFileSync(actionYmlPath, "utf8"));
+    const entryPoint = actionConfig.runs && actionConfig.runs.main;
+    if (!entryPoint) {
+      throw new Error("Entry point (runs.main) not defined in action.yml");
+    }
+    core.info(`Nested action entry point: ${entryPoint}`);
+
+    // Construct full path to the nested action's entry file
+    const entryFile = path.join(extractedFolder, entryPoint);
+    if (!fs.existsSync(entryFile)) {
+      throw new Error(`Entry file ${entryFile} does not exist.`);
+    }
+
+    // Optionally, install dependencies if package.json exists
+    const pkgJsonPath = path.join(extractedFolder, "package.json");
+    if (fs.existsSync(pkgJsonPath)) {
+      core.info("Installing dependencies for nested action...");
+      await exec.exec("npm", ["install"], { cwd: extractedFolder });
+    }
+
+    // Execute the nested action using Node.js
+    const args = extraArgs.split(/\s+/).filter((a) => a); // split and remove empty strings
+    core.info(`Executing nested action: node ${entryFile} ${args.join(" ")}`);
+    await exec.exec("node", [entryFile, ...args], { cwd: extractedFolder });
+    
+  } catch (error) {
+    core.setFailed(`Wrapper action failed: ${error.message}`);
+  }
+}
+
+function parseActionRef(refString) {
+  const parts = refString.split("@");
+  if (parts.length !== 2) {
+    throw new Error("Invalid action-ref format. Expected 'owner/repo@ref'");
+  }
+  return parts;
+}
+
+run();

package.json

@@ -0,0 +1,23 @@
+{
+  "name": "action-wrapper",
+  "version": "1.0.0",
+  "description": "A GitHub Action that wraps other actions",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "github",
+    "actions",
+    "wrapper"
+  ],
+  "author": "TestifySec",
+  "license": "MIT",
+  "dependencies": {
+    "@actions/core": "^1.10.0",
+    "@actions/exec": "^1.1.1",
+    "axios": "^1.3.4",
+    "js-yaml": "^4.1.0",
+    "unzipper": "^0.10.11"
+  }
+}