@backstage/plugin-scaffolder-backend-module-github 0.5.4-next.1 → 0.5.4-next.2

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @backstage/plugin-scaffolder-backend-module-github
 
+## 0.5.4-next.2
+
+### Patch Changes
+
+- e913fdf: Add github backend module to create-app and improve error messages
+- Updated dependencies
+  - @backstage/backend-plugin-api@1.1.0-next.2
+  - @backstage/errors@1.2.6-next.0
+  - @backstage/plugin-scaffolder-node@0.6.2-next.2
+  - @backstage/catalog-client@1.9.0-next.2
+  - @backstage/catalog-model@1.7.2-next.0
+  - @backstage/config@1.3.1-next.0
+  - @backstage/integration@1.16.0-next.1
+
 ## 0.5.4-next.1
 
 ### Patch Changes

package/dist/actions/helpers.cjs.js

@@ -41,7 +41,7 @@ async function getOctokitOptions(options) {
   });
   if (!credentialProviderToken) {
     throw new errors.InputError(
-      `No token available for host: ${host}, with owner ${owner}, and repo ${repo}`
+      `No token available for host: ${host}, with owner ${owner}, and repo ${repo}. Make sure GitHub auth is configured correctly. See https://backstage.io/docs/auth/github/provider for more details.`
     );
   }
   return {

package/dist/actions/helpers.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.cjs.js","sources":["../../src/actions/helpers.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Config } from '@backstage/config';\nimport { assertError, InputError, NotFoundError } from '@backstage/errors';\nimport {\n  DefaultGithubCredentialsProvider,\n  GithubCredentialsProvider,\n  ScmIntegrationRegistry,\n} from '@backstage/integration';\nimport { OctokitOptions } from '@octokit/core/dist-types/types';\nimport { Octokit } from 'octokit';\n\nimport {\n  getRepoSourceDirectory,\n  initRepoAndPush,\n  parseRepoUrl,\n} from '@backstage/plugin-scaffolder-node';\n\nimport Sodium from 'libsodium-wrappers';\nimport {\n  enableBranchProtectionOnDefaultRepoBranch,\n  entityRefToName,\n} from './gitHelpers';\nimport { LoggerService } from '@backstage/backend-plugin-api';\n\nconst DEFAULT_TIMEOUT_MS = 60_000;\n\n/**\n * Helper for generating octokit configuration options for given repoUrl.\n * If no token is provided, it will attempt to get a token from the credentials provider.\n * @public\n */\nexport async function getOctokitOptions(options: {\n  integrations: ScmIntegrationRegistry;\n  credentialsProvider?: GithubCredentialsProvider;\n  token?: string;\n  repoUrl: string;\n}): Promise<OctokitOptions> {\n  const { integrations, credentialsProvider, repoUrl, token } = options;\n  const { owner, repo, host } = parseRepoUrl(repoUrl, integrations);\n\n  const requestOptions = {\n    // set timeout to 60 seconds\n    timeout: DEFAULT_TIMEOUT_MS,\n  };\n\n  if (!owner) {\n    throw new InputError(`No owner provided for repo ${repoUrl}`);\n  }\n\n  const integrationConfig = integrations.github.byHost(host)?.config;\n\n  if (!integrationConfig) {\n    throw new InputError(`No integration for host ${host}`);\n  }\n\n  // short circuit the `githubCredentialsProvider` if there is a token provided by the caller already\n  if (token) {\n    return {\n      auth: token,\n      baseUrl: integrationConfig.apiBaseUrl,\n      previews: ['nebula-preview'],\n      request: requestOptions,\n    };\n  }\n\n  const githubCredentialsProvider =\n    credentialsProvider ??\n    DefaultGithubCredentialsProvider.fromIntegrations(integrations);\n\n  // TODO(blam): Consider changing this API to take host and repo instead of repoUrl, as we end up parsing in this function\n  // and then parsing in the `getCredentials` function too the other side\n  const { token: credentialProviderToken } =\n    await githubCredentialsProvider.getCredentials({\n      url: `https://${host}/${encodeURIComponent(owner)}/${encodeURIComponent(\n        repo,\n      )}`,\n    });\n\n  if (!credentialProviderToken) {\n    throw new InputError(\n      `No token available for host: ${host}, with owner ${owner}, and repo ${repo}`,\n    );\n  }\n\n  return {\n    auth: credentialProviderToken,\n    baseUrl: integrationConfig.apiBaseUrl,\n    previews: ['nebula-preview'],\n  };\n}\n\nexport async function createGithubRepoWithCollaboratorsAndTopics(\n  client: Octokit,\n  repo: string,\n  owner: string,\n  repoVisibility: 'private' | 'internal' | 'public' | undefined,\n  description: string | undefined,\n  homepage: string | undefined,\n  deleteBranchOnMerge: boolean,\n  allowMergeCommit: boolean,\n  allowSquashMerge: boolean,\n  squashMergeCommitTitle: 'PR_TITLE' | 'COMMIT_OR_PR_TITLE' | undefined,\n  squashMergeCommitMessage: 'PR_BODY' | 'COMMIT_MESSAGES' | 'BLANK' | undefined,\n  allowRebaseMerge: boolean,\n  allowAutoMerge: boolean,\n  access: string | undefined,\n  collaborators:\n    | (\n        | {\n            user: string;\n            access: string;\n          }\n        | {\n            team: string;\n            access: string;\n          }\n        | {\n            /** @deprecated This field is deprecated in favor of team */\n            username: string;\n            access: 'pull' | 'push' | 'admin' | 'maintain' | 'triage';\n          }\n      )[]\n    | undefined,\n  hasProjects: boolean | undefined,\n  hasWiki: boolean | undefined,\n  hasIssues: boolean | undefined,\n  topics: string[] | undefined,\n  repoVariables: { [key: string]: string } | undefined,\n  secrets: { [key: string]: string } | undefined,\n  oidcCustomization:\n    | {\n        useDefault: boolean;\n        includeClaimKeys?: string[];\n      }\n    | undefined,\n  customProperties: { [key: string]: string } | undefined,\n  logger: LoggerService,\n) {\n  // eslint-disable-next-line testing-library/no-await-sync-queries\n  const user = await client.rest.users.getByUsername({\n    username: owner,\n  });\n\n  if (access?.startsWith(`${owner}/`)) {\n    await validateAccessTeam(client, access);\n  }\n\n  const repoCreationPromise =\n    user.data.type === 'Organization'\n      ? client.rest.repos.createInOrg({\n          name: repo,\n          org: owner,\n          private: repoVisibility === 'private',\n          // @ts-ignore https://github.com/octokit/types.ts/issues/522\n          visibility: repoVisibility,\n          description: description,\n          delete_branch_on_merge: deleteBranchOnMerge,\n          allow_merge_commit: allowMergeCommit,\n          allow_squash_merge: allowSquashMerge,\n          squash_merge_commit_title: squashMergeCommitTitle,\n          squash_merge_commit_message: squashMergeCommitMessage,\n          allow_rebase_merge: allowRebaseMerge,\n          allow_auto_merge: allowAutoMerge,\n          homepage: homepage,\n          has_projects: hasProjects,\n          has_wiki: hasWiki,\n          has_issues: hasIssues,\n          // Custom properties only available on org repos\n          custom_properties: customProperties,\n        })\n      : client.rest.repos.createForAuthenticatedUser({\n          name: repo,\n          private: repoVisibility === 'private',\n          description: description,\n          delete_branch_on_merge: deleteBranchOnMerge,\n          allow_merge_commit: allowMergeCommit,\n          allow_squash_merge: allowSquashMerge,\n          squash_merge_commit_title: squashMergeCommitTitle,\n          squash_merge_commit_message: squashMergeCommitMessage,\n          allow_rebase_merge: allowRebaseMerge,\n          allow_auto_merge: allowAutoMerge,\n          homepage: homepage,\n          has_projects: hasProjects,\n          has_wiki: hasWiki,\n          has_issues: hasIssues,\n        });\n\n  let newRepo;\n\n  try {\n    newRepo = (await repoCreationPromise).data;\n  } catch (e) {\n    assertError(e);\n    if (e.message === 'Resource not accessible by integration') {\n      logger.warn(\n        `The GitHub app or token provided may not have the required permissions to create the ${user.data.type} repository ${owner}/${repo}.`,\n      );\n    }\n    throw new Error(\n      `Failed to create the ${user.data.type} repository ${owner}/${repo}, ${e.message}`,\n    );\n  }\n\n  if (access?.startsWith(`${owner}/`)) {\n    const [, team] = access.split('/');\n    await client.rest.teams.addOrUpdateRepoPermissionsInOrg({\n      org: owner,\n      team_slug: team,\n      owner,\n      repo,\n      permission: 'admin',\n    });\n    // No need to add access if it's the person who owns the personal account\n  } else if (access && access !== owner) {\n    await client.rest.repos.addCollaborator({\n      owner,\n      repo,\n      username: access,\n      permission: 'admin',\n    });\n  }\n\n  if (collaborators) {\n    for (const collaborator of collaborators) {\n      try {\n        if ('user' in collaborator) {\n          await client.rest.repos.addCollaborator({\n            owner,\n            repo,\n            username: entityRefToName(collaborator.user),\n            permission: collaborator.access,\n          });\n        } else if ('team' in collaborator) {\n          await client.rest.teams.addOrUpdateRepoPermissionsInOrg({\n            org: owner,\n            team_slug: entityRefToName(collaborator.team),\n            owner,\n            repo,\n            permission: collaborator.access,\n          });\n        }\n      } catch (e) {\n        assertError(e);\n        const name = extractCollaboratorName(collaborator);\n        logger.warn(\n          `Skipping ${collaborator.access} access for ${name}, ${e.message}`,\n        );\n      }\n    }\n  }\n\n  if (topics) {\n    try {\n      await client.rest.repos.replaceAllTopics({\n        owner,\n        repo,\n        names: topics.map(t => t.toLowerCase()),\n      });\n    } catch (e) {\n      assertError(e);\n      logger.warn(`Skipping topics ${topics.join(' ')}, ${e.message}`);\n    }\n  }\n\n  for (const [key, value] of Object.entries(repoVariables ?? {})) {\n    await client.rest.actions.createRepoVariable({\n      owner,\n      repo,\n      name: key,\n      value: value,\n    });\n  }\n\n  if (secrets) {\n    const publicKeyResponse = await client.rest.actions.getRepoPublicKey({\n      owner,\n      repo,\n    });\n\n    await Sodium.ready;\n    const binaryKey = Sodium.from_base64(\n      publicKeyResponse.data.key,\n      Sodium.base64_variants.ORIGINAL,\n    );\n    for (const [key, value] of Object.entries(secrets)) {\n      const binarySecret = Sodium.from_string(value);\n      const encryptedBinarySecret = Sodium.crypto_box_seal(\n        binarySecret,\n        binaryKey,\n      );\n      const encryptedBase64Secret = Sodium.to_base64(\n        encryptedBinarySecret,\n        Sodium.base64_variants.ORIGINAL,\n      );\n\n      await client.rest.actions.createOrUpdateRepoSecret({\n        owner,\n        repo,\n        secret_name: key,\n        encrypted_value: encryptedBase64Secret,\n        key_id: publicKeyResponse.data.key_id,\n      });\n    }\n  }\n\n  if (oidcCustomization) {\n    await client.request(\n      'PUT /repos/{owner}/{repo}/actions/oidc/customization/sub',\n      {\n        owner,\n        repo,\n        use_default: oidcCustomization.useDefault,\n        include_claim_keys: oidcCustomization.includeClaimKeys,\n      },\n    );\n  }\n\n  return newRepo;\n}\n\nexport async function initRepoPushAndProtect(\n  remoteUrl: string,\n  password: string,\n  workspacePath: string,\n  sourcePath: string | undefined,\n  defaultBranch: string,\n  protectDefaultBranch: boolean,\n  protectEnforceAdmins: boolean,\n  owner: string,\n  client: Octokit,\n  repo: string,\n  requireCodeOwnerReviews: boolean,\n  bypassPullRequestAllowances:\n    | {\n        users?: string[];\n        teams?: string[];\n        apps?: string[];\n      }\n    | undefined,\n  requiredApprovingReviewCount: number,\n  restrictions:\n    | {\n        users: string[];\n        teams: string[];\n        apps?: string[];\n      }\n    | undefined,\n  requiredStatusCheckContexts: string[],\n  requireBranchesToBeUpToDate: boolean,\n  requiredConversationResolution: boolean,\n  requireLastPushApproval: boolean,\n  config: Config,\n  logger: any,\n  gitCommitMessage?: string,\n  gitAuthorName?: string,\n  gitAuthorEmail?: string,\n  dismissStaleReviews?: boolean,\n  requiredCommitSigning?: boolean,\n): Promise<{ commitHash: string }> {\n  const gitAuthorInfo = {\n    name: gitAuthorName\n      ? gitAuthorName\n      : config.getOptionalString('scaffolder.defaultAuthor.name'),\n    email: gitAuthorEmail\n      ? gitAuthorEmail\n      : config.getOptionalString('scaffolder.defaultAuthor.email'),\n  };\n\n  const commitMessage =\n    getGitCommitMessage(gitCommitMessage, config) || 'initial commit';\n\n  const commitResult = await initRepoAndPush({\n    dir: getRepoSourceDirectory(workspacePath, sourcePath),\n    remoteUrl,\n    defaultBranch,\n    auth: {\n      username: 'x-access-token',\n      password,\n    },\n    logger,\n    commitMessage,\n    gitAuthorInfo,\n  });\n\n  if (protectDefaultBranch) {\n    try {\n      await enableBranchProtectionOnDefaultRepoBranch({\n        owner,\n        client,\n        repoName: repo,\n        logger,\n        defaultBranch,\n        bypassPullRequestAllowances,\n        requiredApprovingReviewCount,\n        restrictions,\n        requireCodeOwnerReviews,\n        requiredStatusCheckContexts,\n        requireBranchesToBeUpToDate,\n        requiredConversationResolution,\n        requireLastPushApproval,\n        enforceAdmins: protectEnforceAdmins,\n        dismissStaleReviews: dismissStaleReviews,\n        requiredCommitSigning: requiredCommitSigning,\n      });\n    } catch (e) {\n      assertError(e);\n      logger.warn(\n        `Skipping: default branch protection on '${repo}', ${e.message}`,\n      );\n    }\n  }\n\n  return { commitHash: commitResult.commitHash };\n}\n\nfunction extractCollaboratorName(\n  collaborator: { user: string } | { team: string } | { username: string },\n) {\n  if ('username' in collaborator) return collaborator.username;\n  if ('user' in collaborator) return collaborator.user;\n  return collaborator.team;\n}\n\nasync function validateAccessTeam(client: Octokit, access: string) {\n  const [org, team_slug] = access.split('/');\n  try {\n    // Below rule disabled because of a 'getByName' check for a different library\n    // incorrectly triggers here.\n    // eslint-disable-next-line testing-library/no-await-sync-queries\n    await client.rest.teams.getByName({\n      org,\n      team_slug,\n    });\n  } catch (e) {\n    if (e.response.data.message === 'Not Found') {\n      const message = `Received 'Not Found' from the API; one of org:\n        ${org} or team: ${team_slug} was not found within GitHub.`;\n      throw new NotFoundError(message);\n    }\n  }\n}\n\nexport function getGitCommitMessage(\n  gitCommitMessage: string | undefined,\n  config: Config,\n): string | undefined {\n  return gitCommitMessage\n    ? gitCommitMessage\n    : config.getOptionalString('scaffolder.defaultCommitMessage');\n}\n"],"names":["parseRepoUrl","InputError","DefaultGithubCredentialsProvider","assertError","entityRefToName","Sodium","initRepoAndPush","getRepoSourceDirectory","enableBranchProtectionOnDefaultRepoBranch","NotFoundError"],"mappings":";;;;;;;;;;;;AAuCA,MAAM,kBAAqB,GAAA,GAAA;AAO3B,eAAsB,kBAAkB,OAKZ,EAAA;AAC1B,EAAA,MAAM,EAAE,YAAA,EAAc,mBAAqB,EAAA,OAAA,EAAS,OAAU,GAAA,OAAA;AAC9D,EAAA,MAAM,EAAE,KAAO,EAAA,IAAA,EAAM,MAAS,GAAAA,iCAAA,CAAa,SAAS,YAAY,CAAA;AAEhE,EAAA,MAAM,cAAiB,GAAA;AAAA;AAAA,IAErB,OAAS,EAAA;AAAA,GACX;AAEA,EAAA,IAAI,CAAC,KAAO,EAAA;AACV,IAAA,MAAM,IAAIC,iBAAA,CAAW,CAA8B,2BAAA,EAAA,OAAO,CAAE,CAAA,CAAA;AAAA;AAG9D,EAAA,MAAM,iBAAoB,GAAA,YAAA,CAAa,MAAO,CAAA,MAAA,CAAO,IAAI,CAAG,EAAA,MAAA;AAE5D,EAAA,IAAI,CAAC,iBAAmB,EAAA;AACtB,IAAA,MAAM,IAAIA,iBAAA,CAAW,CAA2B,wBAAA,EAAA,IAAI,CAAE,CAAA,CAAA;AAAA;AAIxD,EAAA,IAAI,KAAO,EAAA;AACT,IAAO,OAAA;AAAA,MACL,IAAM,EAAA,KAAA;AAAA,MACN,SAAS,iBAAkB,CAAA,UAAA;AAAA,MAC3B,QAAA,EAAU,CAAC,gBAAgB,CAAA;AAAA,MAC3B,OAAS,EAAA;AAAA,KACX;AAAA;AAGF,EAAA,MAAM,yBACJ,GAAA,mBAAA,IACAC,4CAAiC,CAAA,gBAAA,CAAiB,YAAY,CAAA;AAIhE,EAAA,MAAM,EAAE,KAAO,EAAA,uBAAA,EACb,GAAA,MAAM,0BAA0B,cAAe,CAAA;AAAA,IAC7C,KAAK,CAAW,QAAA,EAAA,IAAI,IAAI,kBAAmB,CAAA,KAAK,CAAC,CAAI,CAAA,EAAA,kBAAA;AAAA,MACnD;AAAA,KACD,CAAA;AAAA,GACF,CAAA;AAEH,EAAA,IAAI,CAAC,uBAAyB,EAAA;AAC5B,IAAA,MAAM,IAAID,iBAAA;AAAA,MACR,CAAgC,6BAAA,EAAA,IAAI,CAAgB,aAAA,EAAA,KAAK,cAAc,IAAI,CAAA;AAAA,KAC7E;AAAA;AAGF,EAAO,OAAA;AAAA,IACL,IAAM,EAAA,uBAAA;AAAA,IACN,SAAS,iBAAkB,CAAA,UAAA;AAAA,IAC3B,QAAA,EAAU,CAAC,gBAAgB;AAAA,GAC7B;AACF;AAEsB,eAAA,0CAAA,CACpB,MACA,EAAA,IAAA,EACA,KACA,EAAA,cAAA,EACA,aACA,QACA,EAAA,mBAAA,EACA,gBACA,EAAA,gBAAA,EACA,sBACA,EAAA,wBAAA,EACA,kBACA,cACA,EAAA,MAAA,EACA,aAiBA,EAAA,WAAA,EACA,OACA,EAAA,SAAA,EACA,QACA,aACA,EAAA,OAAA,EACA,iBAMA,EAAA,gBAAA,EACA,MACA,EAAA;AAEA,EAAA,MAAM,IAAO,GAAA,MAAM,MAAO,CAAA,IAAA,CAAK,MAAM,aAAc,CAAA;AAAA,IACjD,QAAU,EAAA;AAAA,GACX,CAAA;AAED,EAAA,IAAI,MAAQ,EAAA,UAAA,CAAW,CAAG,EAAA,KAAK,GAAG,CAAG,EAAA;AACnC,IAAM,MAAA,kBAAA,CAAmB,QAAQ,MAAM,CAAA;AAAA;AAGzC,EAAM,MAAA,mBAAA,GACJ,KAAK,IAAK,CAAA,IAAA,KAAS,iBACf,MAAO,CAAA,IAAA,CAAK,MAAM,WAAY,CAAA;AAAA,IAC5B,IAAM,EAAA,IAAA;AAAA,IACN,GAAK,EAAA,KAAA;AAAA,IACL,SAAS,cAAmB,KAAA,SAAA;AAAA;AAAA,IAE5B,UAAY,EAAA,cAAA;AAAA,IACZ,WAAA;AAAA,IACA,sBAAwB,EAAA,mBAAA;AAAA,IACxB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,yBAA2B,EAAA,sBAAA;AAAA,IAC3B,2BAA6B,EAAA,wBAAA;AAAA,IAC7B,kBAAoB,EAAA,gBAAA;AAAA,IACpB,gBAAkB,EAAA,cAAA;AAAA,IAClB,QAAA;AAAA,IACA,YAAc,EAAA,WAAA;AAAA,IACd,QAAU,EAAA,OAAA;AAAA,IACV,UAAY,EAAA,SAAA;AAAA;AAAA,IAEZ,iBAAmB,EAAA;AAAA,GACpB,CAAA,GACD,MAAO,CAAA,IAAA,CAAK,MAAM,0BAA2B,CAAA;AAAA,IAC3C,IAAM,EAAA,IAAA;AAAA,IACN,SAAS,cAAmB,KAAA,SAAA;AAAA,IAC5B,WAAA;AAAA,IACA,sBAAwB,EAAA,mBAAA;AAAA,IACxB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,yBAA2B,EAAA,sBAAA;AAAA,IAC3B,2BAA6B,EAAA,wBAAA;AAAA,IAC7B,kBAAoB,EAAA,gBAAA;AAAA,IACpB,gBAAkB,EAAA,cAAA;AAAA,IAClB,QAAA;AAAA,IACA,YAAc,EAAA,WAAA;AAAA,IACd,QAAU,EAAA,OAAA;AAAA,IACV,UAAY,EAAA;AAAA,GACb,CAAA;AAEP,EAAI,IAAA,OAAA;AAEJ,EAAI,IAAA;AACF,IAAA,OAAA,GAAA,CAAW,MAAM,mBAAqB,EAAA,IAAA;AAAA,WAC/B,CAAG,EAAA;AACV,IAAAE,kBAAA,CAAY,CAAC,CAAA;AACb,IAAI,IAAA,CAAA,CAAE,YAAY,wCAA0C,EAAA;AAC1D,MAAO,MAAA,CAAA,IAAA;AAAA,QACL,wFAAwF,IAAK,CAAA,IAAA,CAAK,IAAI,CAAe,YAAA,EAAA,KAAK,IAAI,IAAI,CAAA,CAAA;AAAA,OACpI;AAAA;AAEF,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,qBAAA,EAAwB,IAAK,CAAA,IAAA,CAAK,IAAI,CAAA,YAAA,EAAe,KAAK,CAAI,CAAA,EAAA,IAAI,CAAK,EAAA,EAAA,CAAA,CAAE,OAAO,CAAA;AAAA,KAClF;AAAA;AAGF,EAAA,IAAI,MAAQ,EAAA,UAAA,CAAW,CAAG,EAAA,KAAK,GAAG,CAAG,EAAA;AACnC,IAAA,MAAM,GAAG,IAAI,CAAI,GAAA,MAAA,CAAO,MAAM,GAAG,CAAA;AACjC,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,+BAAgC,CAAA;AAAA,MACtD,GAAK,EAAA,KAAA;AAAA,MACL,SAAW,EAAA,IAAA;AAAA,MACX,KAAA;AAAA,MACA,IAAA;AAAA,MACA,UAAY,EAAA;AAAA,KACb,CAAA;AAAA,GAEH,MAAA,IAAW,MAAU,IAAA,MAAA,KAAW,KAAO,EAAA;AACrC,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,eAAgB,CAAA;AAAA,MACtC,KAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAU,EAAA,MAAA;AAAA,MACV,UAAY,EAAA;AAAA,KACb,CAAA;AAAA;AAGH,EAAA,IAAI,aAAe,EAAA;AACjB,IAAA,KAAA,MAAW,gBAAgB,aAAe,EAAA;AACxC,MAAI,IAAA;AACF,QAAA,IAAI,UAAU,YAAc,EAAA;AAC1B,UAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,eAAgB,CAAA;AAAA,YACtC,KAAA;AAAA,YACA,IAAA;AAAA,YACA,QAAA,EAAUC,0BAAgB,CAAA,YAAA,CAAa,IAAI,CAAA;AAAA,YAC3C,YAAY,YAAa,CAAA;AAAA,WAC1B,CAAA;AAAA,SACH,MAAA,IAAW,UAAU,YAAc,EAAA;AACjC,UAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,+BAAgC,CAAA;AAAA,YACtD,GAAK,EAAA,KAAA;AAAA,YACL,SAAA,EAAWA,0BAAgB,CAAA,YAAA,CAAa,IAAI,CAAA;AAAA,YAC5C,KAAA;AAAA,YACA,IAAA;AAAA,YACA,YAAY,YAAa,CAAA;AAAA,WAC1B,CAAA;AAAA;AACH,eACO,CAAG,EAAA;AACV,QAAAD,kBAAA,CAAY,CAAC,CAAA;AACb,QAAM,MAAA,IAAA,GAAO,wBAAwB,YAAY,CAAA;AACjD,QAAO,MAAA,CAAA,IAAA;AAAA,UACL,YAAY,YAAa,CAAA,MAAM,eAAe,IAAI,CAAA,EAAA,EAAK,EAAE,OAAO,CAAA;AAAA,SAClE;AAAA;AACF;AACF;AAGF,EAAA,IAAI,MAAQ,EAAA;AACV,IAAI,IAAA;AACF,MAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,gBAAiB,CAAA;AAAA,QACvC,KAAA;AAAA,QACA,IAAA;AAAA,QACA,OAAO,MAAO,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,aAAa;AAAA,OACvC,CAAA;AAAA,aACM,CAAG,EAAA;AACV,MAAAA,kBAAA,CAAY,CAAC,CAAA;AACb,MAAO,MAAA,CAAA,IAAA,CAAK,mBAAmB,MAAO,CAAA,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAE,CAAA,OAAO,CAAE,CAAA,CAAA;AAAA;AACjE;AAGF,EAAW,KAAA,MAAA,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAQ,CAAA,aAAA,IAAiB,EAAE,CAAG,EAAA;AAC9D,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,OAAA,CAAQ,kBAAmB,CAAA;AAAA,MAC3C,KAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAM,EAAA,GAAA;AAAA,MACN;AAAA,KACD,CAAA;AAAA;AAGH,EAAA,IAAI,OAAS,EAAA;AACX,IAAA,MAAM,iBAAoB,GAAA,MAAM,MAAO,CAAA,IAAA,CAAK,QAAQ,gBAAiB,CAAA;AAAA,MACnE,KAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,MAAME,uBAAO,CAAA,KAAA;AACb,IAAA,MAAM,YAAYA,uBAAO,CAAA,WAAA;AAAA,MACvB,kBAAkB,IAAK,CAAA,GAAA;AAAA,MACvBA,wBAAO,eAAgB,CAAA;AAAA,KACzB;AACA,IAAA,KAAA,MAAW,CAAC,GAAK,EAAA,KAAK,KAAK,MAAO,CAAA,OAAA,CAAQ,OAAO,CAAG,EAAA;AAClD,MAAM,MAAA,YAAA,GAAeA,uBAAO,CAAA,WAAA,CAAY,KAAK,CAAA;AAC7C,MAAA,MAAM,wBAAwBA,uBAAO,CAAA,eAAA;AAAA,QACnC,YAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,MAAM,wBAAwBA,uBAAO,CAAA,SAAA;AAAA,QACnC,qBAAA;AAAA,QACAA,wBAAO,eAAgB,CAAA;AAAA,OACzB;AAEA,MAAM,MAAA,MAAA,CAAO,IAAK,CAAA,OAAA,CAAQ,wBAAyB,CAAA;AAAA,QACjD,KAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAa,EAAA,GAAA;AAAA,QACb,eAAiB,EAAA,qBAAA;AAAA,QACjB,MAAA,EAAQ,kBAAkB,IAAK,CAAA;AAAA,OAChC,CAAA;AAAA;AACH;AAGF,EAAA,IAAI,iBAAmB,EAAA;AACrB,IAAA,MAAM,MAAO,CAAA,OAAA;AAAA,MACX,0DAAA;AAAA,MACA;AAAA,QACE,KAAA;AAAA,QACA,IAAA;AAAA,QACA,aAAa,iBAAkB,CAAA,UAAA;AAAA,QAC/B,oBAAoB,iBAAkB,CAAA;AAAA;AACxC,KACF;AAAA;AAGF,EAAO,OAAA,OAAA;AACT;AAEsB,eAAA,sBAAA,CACpB,SACA,EAAA,QAAA,EACA,aACA,EAAA,UAAA,EACA,eACA,oBACA,EAAA,oBAAA,EACA,KACA,EAAA,MAAA,EACA,IACA,EAAA,uBAAA,EACA,6BAOA,4BACA,EAAA,YAAA,EAOA,2BACA,EAAA,2BAAA,EACA,8BACA,EAAA,uBAAA,EACA,MACA,EAAA,MAAA,EACA,gBACA,EAAA,aAAA,EACA,cACA,EAAA,mBAAA,EACA,qBACiC,EAAA;AACjC,EAAA,MAAM,aAAgB,GAAA;AAAA,IACpB,IAAM,EAAA,aAAA,GACF,aACA,GAAA,MAAA,CAAO,kBAAkB,+BAA+B,CAAA;AAAA,IAC5D,KAAO,EAAA,cAAA,GACH,cACA,GAAA,MAAA,CAAO,kBAAkB,gCAAgC;AAAA,GAC/D;AAEA,EAAA,MAAM,aACJ,GAAA,mBAAA,CAAoB,gBAAkB,EAAA,MAAM,CAAK,IAAA,gBAAA;AAEnD,EAAM,MAAA,YAAA,GAAe,MAAMC,oCAAgB,CAAA;AAAA,IACzC,GAAA,EAAKC,2CAAuB,CAAA,aAAA,EAAe,UAAU,CAAA;AAAA,IACrD,SAAA;AAAA,IACA,aAAA;AAAA,IACA,IAAM,EAAA;AAAA,MACJ,QAAU,EAAA,gBAAA;AAAA,MACV;AAAA,KACF;AAAA,IACA,MAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACD,CAAA;AAED,EAAA,IAAI,oBAAsB,EAAA;AACxB,IAAI,IAAA;AACF,MAAA,MAAMC,oDAA0C,CAAA;AAAA,QAC9C,KAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAU,EAAA,IAAA;AAAA,QACV,MAAA;AAAA,QACA,aAAA;AAAA,QACA,2BAAA;AAAA,QACA,4BAAA;AAAA,QACA,YAAA;AAAA,QACA,uBAAA;AAAA,QACA,2BAAA;AAAA,QACA,2BAAA;AAAA,QACA,8BAAA;AAAA,QACA,uBAAA;AAAA,QACA,aAAe,EAAA,oBAAA;AAAA,QACf,mBAAA;AAAA,QACA;AAAA,OACD,CAAA;AAAA,aACM,CAAG,EAAA;AACV,MAAAL,kBAAA,CAAY,CAAC,CAAA;AACb,MAAO,MAAA,CAAA,IAAA;AAAA,QACL,CAA2C,wCAAA,EAAA,IAAI,CAAM,GAAA,EAAA,CAAA,CAAE,OAAO,CAAA;AAAA,OAChE;AAAA;AACF;AAGF,EAAO,OAAA,EAAE,UAAY,EAAA,YAAA,CAAa,UAAW,EAAA;AAC/C;AAEA,SAAS,wBACP,YACA,EAAA;AACA,EAAI,IAAA,UAAA,IAAc,YAAc,EAAA,OAAO,YAAa,CAAA,QAAA;AACpD,EAAI,IAAA,MAAA,IAAU,YAAc,EAAA,OAAO,YAAa,CAAA,IAAA;AAChD,EAAA,OAAO,YAAa,CAAA,IAAA;AACtB;AAEA,eAAe,kBAAA,CAAmB,QAAiB,MAAgB,EAAA;AACjE,EAAA,MAAM,CAAC,GAAK,EAAA,SAAS,CAAI,GAAA,MAAA,CAAO,MAAM,GAAG,CAAA;AACzC,EAAI,IAAA;AAIF,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,SAAU,CAAA;AAAA,MAChC,GAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,WACM,CAAG,EAAA;AACV,IAAA,IAAI,CAAE,CAAA,QAAA,CAAS,IAAK,CAAA,OAAA,KAAY,WAAa,EAAA;AAC3C,MAAA,MAAM,OAAU,GAAA,CAAA;AAAA,QACZ,EAAA,GAAG,aAAa,SAAS,CAAA,6BAAA,CAAA;AAC7B,MAAM,MAAA,IAAIM,qBAAc,OAAO,CAAA;AAAA;AACjC;AAEJ;AAEgB,SAAA,mBAAA,CACd,kBACA,MACoB,EAAA;AACpB,EAAA,OAAO,gBACH,GAAA,gBAAA,GACA,MAAO,CAAA,iBAAA,CAAkB,iCAAiC,CAAA;AAChE;;;;;;;"}
+{"version":3,"file":"helpers.cjs.js","sources":["../../src/actions/helpers.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Config } from '@backstage/config';\nimport { assertError, InputError, NotFoundError } from '@backstage/errors';\nimport {\n  DefaultGithubCredentialsProvider,\n  GithubCredentialsProvider,\n  ScmIntegrationRegistry,\n} from '@backstage/integration';\nimport { OctokitOptions } from '@octokit/core/dist-types/types';\nimport { Octokit } from 'octokit';\n\nimport {\n  getRepoSourceDirectory,\n  initRepoAndPush,\n  parseRepoUrl,\n} from '@backstage/plugin-scaffolder-node';\n\nimport Sodium from 'libsodium-wrappers';\nimport {\n  enableBranchProtectionOnDefaultRepoBranch,\n  entityRefToName,\n} from './gitHelpers';\nimport { LoggerService } from '@backstage/backend-plugin-api';\n\nconst DEFAULT_TIMEOUT_MS = 60_000;\n\n/**\n * Helper for generating octokit configuration options for given repoUrl.\n * If no token is provided, it will attempt to get a token from the credentials provider.\n * @public\n */\nexport async function getOctokitOptions(options: {\n  integrations: ScmIntegrationRegistry;\n  credentialsProvider?: GithubCredentialsProvider;\n  token?: string;\n  repoUrl: string;\n}): Promise<OctokitOptions> {\n  const { integrations, credentialsProvider, repoUrl, token } = options;\n  const { owner, repo, host } = parseRepoUrl(repoUrl, integrations);\n\n  const requestOptions = {\n    // set timeout to 60 seconds\n    timeout: DEFAULT_TIMEOUT_MS,\n  };\n\n  if (!owner) {\n    throw new InputError(`No owner provided for repo ${repoUrl}`);\n  }\n\n  const integrationConfig = integrations.github.byHost(host)?.config;\n\n  if (!integrationConfig) {\n    throw new InputError(`No integration for host ${host}`);\n  }\n\n  // short circuit the `githubCredentialsProvider` if there is a token provided by the caller already\n  if (token) {\n    return {\n      auth: token,\n      baseUrl: integrationConfig.apiBaseUrl,\n      previews: ['nebula-preview'],\n      request: requestOptions,\n    };\n  }\n\n  const githubCredentialsProvider =\n    credentialsProvider ??\n    DefaultGithubCredentialsProvider.fromIntegrations(integrations);\n\n  // TODO(blam): Consider changing this API to take host and repo instead of repoUrl, as we end up parsing in this function\n  // and then parsing in the `getCredentials` function too the other side\n  const { token: credentialProviderToken } =\n    await githubCredentialsProvider.getCredentials({\n      url: `https://${host}/${encodeURIComponent(owner)}/${encodeURIComponent(\n        repo,\n      )}`,\n    });\n\n  if (!credentialProviderToken) {\n    throw new InputError(\n      `No token available for host: ${host}, with owner ${owner}, and repo ${repo}. Make sure GitHub auth is configured correctly. See https://backstage.io/docs/auth/github/provider for more details.`,\n    );\n  }\n\n  return {\n    auth: credentialProviderToken,\n    baseUrl: integrationConfig.apiBaseUrl,\n    previews: ['nebula-preview'],\n  };\n}\n\nexport async function createGithubRepoWithCollaboratorsAndTopics(\n  client: Octokit,\n  repo: string,\n  owner: string,\n  repoVisibility: 'private' | 'internal' | 'public' | undefined,\n  description: string | undefined,\n  homepage: string | undefined,\n  deleteBranchOnMerge: boolean,\n  allowMergeCommit: boolean,\n  allowSquashMerge: boolean,\n  squashMergeCommitTitle: 'PR_TITLE' | 'COMMIT_OR_PR_TITLE' | undefined,\n  squashMergeCommitMessage: 'PR_BODY' | 'COMMIT_MESSAGES' | 'BLANK' | undefined,\n  allowRebaseMerge: boolean,\n  allowAutoMerge: boolean,\n  access: string | undefined,\n  collaborators:\n    | (\n        | {\n            user: string;\n            access: string;\n          }\n        | {\n            team: string;\n            access: string;\n          }\n        | {\n            /** @deprecated This field is deprecated in favor of team */\n            username: string;\n            access: 'pull' | 'push' | 'admin' | 'maintain' | 'triage';\n          }\n      )[]\n    | undefined,\n  hasProjects: boolean | undefined,\n  hasWiki: boolean | undefined,\n  hasIssues: boolean | undefined,\n  topics: string[] | undefined,\n  repoVariables: { [key: string]: string } | undefined,\n  secrets: { [key: string]: string } | undefined,\n  oidcCustomization:\n    | {\n        useDefault: boolean;\n        includeClaimKeys?: string[];\n      }\n    | undefined,\n  customProperties: { [key: string]: string } | undefined,\n  logger: LoggerService,\n) {\n  // eslint-disable-next-line testing-library/no-await-sync-queries\n  const user = await client.rest.users.getByUsername({\n    username: owner,\n  });\n\n  if (access?.startsWith(`${owner}/`)) {\n    await validateAccessTeam(client, access);\n  }\n\n  const repoCreationPromise =\n    user.data.type === 'Organization'\n      ? client.rest.repos.createInOrg({\n          name: repo,\n          org: owner,\n          private: repoVisibility === 'private',\n          // @ts-ignore https://github.com/octokit/types.ts/issues/522\n          visibility: repoVisibility,\n          description: description,\n          delete_branch_on_merge: deleteBranchOnMerge,\n          allow_merge_commit: allowMergeCommit,\n          allow_squash_merge: allowSquashMerge,\n          squash_merge_commit_title: squashMergeCommitTitle,\n          squash_merge_commit_message: squashMergeCommitMessage,\n          allow_rebase_merge: allowRebaseMerge,\n          allow_auto_merge: allowAutoMerge,\n          homepage: homepage,\n          has_projects: hasProjects,\n          has_wiki: hasWiki,\n          has_issues: hasIssues,\n          // Custom properties only available on org repos\n          custom_properties: customProperties,\n        })\n      : client.rest.repos.createForAuthenticatedUser({\n          name: repo,\n          private: repoVisibility === 'private',\n          description: description,\n          delete_branch_on_merge: deleteBranchOnMerge,\n          allow_merge_commit: allowMergeCommit,\n          allow_squash_merge: allowSquashMerge,\n          squash_merge_commit_title: squashMergeCommitTitle,\n          squash_merge_commit_message: squashMergeCommitMessage,\n          allow_rebase_merge: allowRebaseMerge,\n          allow_auto_merge: allowAutoMerge,\n          homepage: homepage,\n          has_projects: hasProjects,\n          has_wiki: hasWiki,\n          has_issues: hasIssues,\n        });\n\n  let newRepo;\n\n  try {\n    newRepo = (await repoCreationPromise).data;\n  } catch (e) {\n    assertError(e);\n    if (e.message === 'Resource not accessible by integration') {\n      logger.warn(\n        `The GitHub app or token provided may not have the required permissions to create the ${user.data.type} repository ${owner}/${repo}.`,\n      );\n    }\n    throw new Error(\n      `Failed to create the ${user.data.type} repository ${owner}/${repo}, ${e.message}`,\n    );\n  }\n\n  if (access?.startsWith(`${owner}/`)) {\n    const [, team] = access.split('/');\n    await client.rest.teams.addOrUpdateRepoPermissionsInOrg({\n      org: owner,\n      team_slug: team,\n      owner,\n      repo,\n      permission: 'admin',\n    });\n    // No need to add access if it's the person who owns the personal account\n  } else if (access && access !== owner) {\n    await client.rest.repos.addCollaborator({\n      owner,\n      repo,\n      username: access,\n      permission: 'admin',\n    });\n  }\n\n  if (collaborators) {\n    for (const collaborator of collaborators) {\n      try {\n        if ('user' in collaborator) {\n          await client.rest.repos.addCollaborator({\n            owner,\n            repo,\n            username: entityRefToName(collaborator.user),\n            permission: collaborator.access,\n          });\n        } else if ('team' in collaborator) {\n          await client.rest.teams.addOrUpdateRepoPermissionsInOrg({\n            org: owner,\n            team_slug: entityRefToName(collaborator.team),\n            owner,\n            repo,\n            permission: collaborator.access,\n          });\n        }\n      } catch (e) {\n        assertError(e);\n        const name = extractCollaboratorName(collaborator);\n        logger.warn(\n          `Skipping ${collaborator.access} access for ${name}, ${e.message}`,\n        );\n      }\n    }\n  }\n\n  if (topics) {\n    try {\n      await client.rest.repos.replaceAllTopics({\n        owner,\n        repo,\n        names: topics.map(t => t.toLowerCase()),\n      });\n    } catch (e) {\n      assertError(e);\n      logger.warn(`Skipping topics ${topics.join(' ')}, ${e.message}`);\n    }\n  }\n\n  for (const [key, value] of Object.entries(repoVariables ?? {})) {\n    await client.rest.actions.createRepoVariable({\n      owner,\n      repo,\n      name: key,\n      value: value,\n    });\n  }\n\n  if (secrets) {\n    const publicKeyResponse = await client.rest.actions.getRepoPublicKey({\n      owner,\n      repo,\n    });\n\n    await Sodium.ready;\n    const binaryKey = Sodium.from_base64(\n      publicKeyResponse.data.key,\n      Sodium.base64_variants.ORIGINAL,\n    );\n    for (const [key, value] of Object.entries(secrets)) {\n      const binarySecret = Sodium.from_string(value);\n      const encryptedBinarySecret = Sodium.crypto_box_seal(\n        binarySecret,\n        binaryKey,\n      );\n      const encryptedBase64Secret = Sodium.to_base64(\n        encryptedBinarySecret,\n        Sodium.base64_variants.ORIGINAL,\n      );\n\n      await client.rest.actions.createOrUpdateRepoSecret({\n        owner,\n        repo,\n        secret_name: key,\n        encrypted_value: encryptedBase64Secret,\n        key_id: publicKeyResponse.data.key_id,\n      });\n    }\n  }\n\n  if (oidcCustomization) {\n    await client.request(\n      'PUT /repos/{owner}/{repo}/actions/oidc/customization/sub',\n      {\n        owner,\n        repo,\n        use_default: oidcCustomization.useDefault,\n        include_claim_keys: oidcCustomization.includeClaimKeys,\n      },\n    );\n  }\n\n  return newRepo;\n}\n\nexport async function initRepoPushAndProtect(\n  remoteUrl: string,\n  password: string,\n  workspacePath: string,\n  sourcePath: string | undefined,\n  defaultBranch: string,\n  protectDefaultBranch: boolean,\n  protectEnforceAdmins: boolean,\n  owner: string,\n  client: Octokit,\n  repo: string,\n  requireCodeOwnerReviews: boolean,\n  bypassPullRequestAllowances:\n    | {\n        users?: string[];\n        teams?: string[];\n        apps?: string[];\n      }\n    | undefined,\n  requiredApprovingReviewCount: number,\n  restrictions:\n    | {\n        users: string[];\n        teams: string[];\n        apps?: string[];\n      }\n    | undefined,\n  requiredStatusCheckContexts: string[],\n  requireBranchesToBeUpToDate: boolean,\n  requiredConversationResolution: boolean,\n  requireLastPushApproval: boolean,\n  config: Config,\n  logger: any,\n  gitCommitMessage?: string,\n  gitAuthorName?: string,\n  gitAuthorEmail?: string,\n  dismissStaleReviews?: boolean,\n  requiredCommitSigning?: boolean,\n): Promise<{ commitHash: string }> {\n  const gitAuthorInfo = {\n    name: gitAuthorName\n      ? gitAuthorName\n      : config.getOptionalString('scaffolder.defaultAuthor.name'),\n    email: gitAuthorEmail\n      ? gitAuthorEmail\n      : config.getOptionalString('scaffolder.defaultAuthor.email'),\n  };\n\n  const commitMessage =\n    getGitCommitMessage(gitCommitMessage, config) || 'initial commit';\n\n  const commitResult = await initRepoAndPush({\n    dir: getRepoSourceDirectory(workspacePath, sourcePath),\n    remoteUrl,\n    defaultBranch,\n    auth: {\n      username: 'x-access-token',\n      password,\n    },\n    logger,\n    commitMessage,\n    gitAuthorInfo,\n  });\n\n  if (protectDefaultBranch) {\n    try {\n      await enableBranchProtectionOnDefaultRepoBranch({\n        owner,\n        client,\n        repoName: repo,\n        logger,\n        defaultBranch,\n        bypassPullRequestAllowances,\n        requiredApprovingReviewCount,\n        restrictions,\n        requireCodeOwnerReviews,\n        requiredStatusCheckContexts,\n        requireBranchesToBeUpToDate,\n        requiredConversationResolution,\n        requireLastPushApproval,\n        enforceAdmins: protectEnforceAdmins,\n        dismissStaleReviews: dismissStaleReviews,\n        requiredCommitSigning: requiredCommitSigning,\n      });\n    } catch (e) {\n      assertError(e);\n      logger.warn(\n        `Skipping: default branch protection on '${repo}', ${e.message}`,\n      );\n    }\n  }\n\n  return { commitHash: commitResult.commitHash };\n}\n\nfunction extractCollaboratorName(\n  collaborator: { user: string } | { team: string } | { username: string },\n) {\n  if ('username' in collaborator) return collaborator.username;\n  if ('user' in collaborator) return collaborator.user;\n  return collaborator.team;\n}\n\nasync function validateAccessTeam(client: Octokit, access: string) {\n  const [org, team_slug] = access.split('/');\n  try {\n    // Below rule disabled because of a 'getByName' check for a different library\n    // incorrectly triggers here.\n    // eslint-disable-next-line testing-library/no-await-sync-queries\n    await client.rest.teams.getByName({\n      org,\n      team_slug,\n    });\n  } catch (e) {\n    if (e.response.data.message === 'Not Found') {\n      const message = `Received 'Not Found' from the API; one of org:\n        ${org} or team: ${team_slug} was not found within GitHub.`;\n      throw new NotFoundError(message);\n    }\n  }\n}\n\nexport function getGitCommitMessage(\n  gitCommitMessage: string | undefined,\n  config: Config,\n): string | undefined {\n  return gitCommitMessage\n    ? gitCommitMessage\n    : config.getOptionalString('scaffolder.defaultCommitMessage');\n}\n"],"names":["parseRepoUrl","InputError","DefaultGithubCredentialsProvider","assertError","entityRefToName","Sodium","initRepoAndPush","getRepoSourceDirectory","enableBranchProtectionOnDefaultRepoBranch","NotFoundError"],"mappings":";;;;;;;;;;;;AAuCA,MAAM,kBAAqB,GAAA,GAAA;AAO3B,eAAsB,kBAAkB,OAKZ,EAAA;AAC1B,EAAA,MAAM,EAAE,YAAA,EAAc,mBAAqB,EAAA,OAAA,EAAS,OAAU,GAAA,OAAA;AAC9D,EAAA,MAAM,EAAE,KAAO,EAAA,IAAA,EAAM,MAAS,GAAAA,iCAAA,CAAa,SAAS,YAAY,CAAA;AAEhE,EAAA,MAAM,cAAiB,GAAA;AAAA;AAAA,IAErB,OAAS,EAAA;AAAA,GACX;AAEA,EAAA,IAAI,CAAC,KAAO,EAAA;AACV,IAAA,MAAM,IAAIC,iBAAA,CAAW,CAA8B,2BAAA,EAAA,OAAO,CAAE,CAAA,CAAA;AAAA;AAG9D,EAAA,MAAM,iBAAoB,GAAA,YAAA,CAAa,MAAO,CAAA,MAAA,CAAO,IAAI,CAAG,EAAA,MAAA;AAE5D,EAAA,IAAI,CAAC,iBAAmB,EAAA;AACtB,IAAA,MAAM,IAAIA,iBAAA,CAAW,CAA2B,wBAAA,EAAA,IAAI,CAAE,CAAA,CAAA;AAAA;AAIxD,EAAA,IAAI,KAAO,EAAA;AACT,IAAO,OAAA;AAAA,MACL,IAAM,EAAA,KAAA;AAAA,MACN,SAAS,iBAAkB,CAAA,UAAA;AAAA,MAC3B,QAAA,EAAU,CAAC,gBAAgB,CAAA;AAAA,MAC3B,OAAS,EAAA;AAAA,KACX;AAAA;AAGF,EAAA,MAAM,yBACJ,GAAA,mBAAA,IACAC,4CAAiC,CAAA,gBAAA,CAAiB,YAAY,CAAA;AAIhE,EAAA,MAAM,EAAE,KAAO,EAAA,uBAAA,EACb,GAAA,MAAM,0BAA0B,cAAe,CAAA;AAAA,IAC7C,KAAK,CAAW,QAAA,EAAA,IAAI,IAAI,kBAAmB,CAAA,KAAK,CAAC,CAAI,CAAA,EAAA,kBAAA;AAAA,MACnD;AAAA,KACD,CAAA;AAAA,GACF,CAAA;AAEH,EAAA,IAAI,CAAC,uBAAyB,EAAA;AAC5B,IAAA,MAAM,IAAID,iBAAA;AAAA,MACR,CAAgC,6BAAA,EAAA,IAAI,CAAgB,aAAA,EAAA,KAAK,cAAc,IAAI,CAAA,qHAAA;AAAA,KAC7E;AAAA;AAGF,EAAO,OAAA;AAAA,IACL,IAAM,EAAA,uBAAA;AAAA,IACN,SAAS,iBAAkB,CAAA,UAAA;AAAA,IAC3B,QAAA,EAAU,CAAC,gBAAgB;AAAA,GAC7B;AACF;AAEsB,eAAA,0CAAA,CACpB,MACA,EAAA,IAAA,EACA,KACA,EAAA,cAAA,EACA,aACA,QACA,EAAA,mBAAA,EACA,gBACA,EAAA,gBAAA,EACA,sBACA,EAAA,wBAAA,EACA,kBACA,cACA,EAAA,MAAA,EACA,aAiBA,EAAA,WAAA,EACA,OACA,EAAA,SAAA,EACA,QACA,aACA,EAAA,OAAA,EACA,iBAMA,EAAA,gBAAA,EACA,MACA,EAAA;AAEA,EAAA,MAAM,IAAO,GAAA,MAAM,MAAO,CAAA,IAAA,CAAK,MAAM,aAAc,CAAA;AAAA,IACjD,QAAU,EAAA;AAAA,GACX,CAAA;AAED,EAAA,IAAI,MAAQ,EAAA,UAAA,CAAW,CAAG,EAAA,KAAK,GAAG,CAAG,EAAA;AACnC,IAAM,MAAA,kBAAA,CAAmB,QAAQ,MAAM,CAAA;AAAA;AAGzC,EAAM,MAAA,mBAAA,GACJ,KAAK,IAAK,CAAA,IAAA,KAAS,iBACf,MAAO,CAAA,IAAA,CAAK,MAAM,WAAY,CAAA;AAAA,IAC5B,IAAM,EAAA,IAAA;AAAA,IACN,GAAK,EAAA,KAAA;AAAA,IACL,SAAS,cAAmB,KAAA,SAAA;AAAA;AAAA,IAE5B,UAAY,EAAA,cAAA;AAAA,IACZ,WAAA;AAAA,IACA,sBAAwB,EAAA,mBAAA;AAAA,IACxB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,yBAA2B,EAAA,sBAAA;AAAA,IAC3B,2BAA6B,EAAA,wBAAA;AAAA,IAC7B,kBAAoB,EAAA,gBAAA;AAAA,IACpB,gBAAkB,EAAA,cAAA;AAAA,IAClB,QAAA;AAAA,IACA,YAAc,EAAA,WAAA;AAAA,IACd,QAAU,EAAA,OAAA;AAAA,IACV,UAAY,EAAA,SAAA;AAAA;AAAA,IAEZ,iBAAmB,EAAA;AAAA,GACpB,CAAA,GACD,MAAO,CAAA,IAAA,CAAK,MAAM,0BAA2B,CAAA;AAAA,IAC3C,IAAM,EAAA,IAAA;AAAA,IACN,SAAS,cAAmB,KAAA,SAAA;AAAA,IAC5B,WAAA;AAAA,IACA,sBAAwB,EAAA,mBAAA;AAAA,IACxB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,kBAAoB,EAAA,gBAAA;AAAA,IACpB,yBAA2B,EAAA,sBAAA;AAAA,IAC3B,2BAA6B,EAAA,wBAAA;AAAA,IAC7B,kBAAoB,EAAA,gBAAA;AAAA,IACpB,gBAAkB,EAAA,cAAA;AAAA,IAClB,QAAA;AAAA,IACA,YAAc,EAAA,WAAA;AAAA,IACd,QAAU,EAAA,OAAA;AAAA,IACV,UAAY,EAAA;AAAA,GACb,CAAA;AAEP,EAAI,IAAA,OAAA;AAEJ,EAAI,IAAA;AACF,IAAA,OAAA,GAAA,CAAW,MAAM,mBAAqB,EAAA,IAAA;AAAA,WAC/B,CAAG,EAAA;AACV,IAAAE,kBAAA,CAAY,CAAC,CAAA;AACb,IAAI,IAAA,CAAA,CAAE,YAAY,wCAA0C,EAAA;AAC1D,MAAO,MAAA,CAAA,IAAA;AAAA,QACL,wFAAwF,IAAK,CAAA,IAAA,CAAK,IAAI,CAAe,YAAA,EAAA,KAAK,IAAI,IAAI,CAAA,CAAA;AAAA,OACpI;AAAA;AAEF,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,qBAAA,EAAwB,IAAK,CAAA,IAAA,CAAK,IAAI,CAAA,YAAA,EAAe,KAAK,CAAI,CAAA,EAAA,IAAI,CAAK,EAAA,EAAA,CAAA,CAAE,OAAO,CAAA;AAAA,KAClF;AAAA;AAGF,EAAA,IAAI,MAAQ,EAAA,UAAA,CAAW,CAAG,EAAA,KAAK,GAAG,CAAG,EAAA;AACnC,IAAA,MAAM,GAAG,IAAI,CAAI,GAAA,MAAA,CAAO,MAAM,GAAG,CAAA;AACjC,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,+BAAgC,CAAA;AAAA,MACtD,GAAK,EAAA,KAAA;AAAA,MACL,SAAW,EAAA,IAAA;AAAA,MACX,KAAA;AAAA,MACA,IAAA;AAAA,MACA,UAAY,EAAA;AAAA,KACb,CAAA;AAAA,GAEH,MAAA,IAAW,MAAU,IAAA,MAAA,KAAW,KAAO,EAAA;AACrC,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,eAAgB,CAAA;AAAA,MACtC,KAAA;AAAA,MACA,IAAA;AAAA,MACA,QAAU,EAAA,MAAA;AAAA,MACV,UAAY,EAAA;AAAA,KACb,CAAA;AAAA;AAGH,EAAA,IAAI,aAAe,EAAA;AACjB,IAAA,KAAA,MAAW,gBAAgB,aAAe,EAAA;AACxC,MAAI,IAAA;AACF,QAAA,IAAI,UAAU,YAAc,EAAA;AAC1B,UAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,eAAgB,CAAA;AAAA,YACtC,KAAA;AAAA,YACA,IAAA;AAAA,YACA,QAAA,EAAUC,0BAAgB,CAAA,YAAA,CAAa,IAAI,CAAA;AAAA,YAC3C,YAAY,YAAa,CAAA;AAAA,WAC1B,CAAA;AAAA,SACH,MAAA,IAAW,UAAU,YAAc,EAAA;AACjC,UAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,+BAAgC,CAAA;AAAA,YACtD,GAAK,EAAA,KAAA;AAAA,YACL,SAAA,EAAWA,0BAAgB,CAAA,YAAA,CAAa,IAAI,CAAA;AAAA,YAC5C,KAAA;AAAA,YACA,IAAA;AAAA,YACA,YAAY,YAAa,CAAA;AAAA,WAC1B,CAAA;AAAA;AACH,eACO,CAAG,EAAA;AACV,QAAAD,kBAAA,CAAY,CAAC,CAAA;AACb,QAAM,MAAA,IAAA,GAAO,wBAAwB,YAAY,CAAA;AACjD,QAAO,MAAA,CAAA,IAAA;AAAA,UACL,YAAY,YAAa,CAAA,MAAM,eAAe,IAAI,CAAA,EAAA,EAAK,EAAE,OAAO,CAAA;AAAA,SAClE;AAAA;AACF;AACF;AAGF,EAAA,IAAI,MAAQ,EAAA;AACV,IAAI,IAAA;AACF,MAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,gBAAiB,CAAA;AAAA,QACvC,KAAA;AAAA,QACA,IAAA;AAAA,QACA,OAAO,MAAO,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,aAAa;AAAA,OACvC,CAAA;AAAA,aACM,CAAG,EAAA;AACV,MAAAA,kBAAA,CAAY,CAAC,CAAA;AACb,MAAO,MAAA,CAAA,IAAA,CAAK,mBAAmB,MAAO,CAAA,IAAA,CAAK,GAAG,CAAC,CAAA,EAAA,EAAK,CAAE,CAAA,OAAO,CAAE,CAAA,CAAA;AAAA;AACjE;AAGF,EAAW,KAAA,MAAA,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAQ,CAAA,aAAA,IAAiB,EAAE,CAAG,EAAA;AAC9D,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,OAAA,CAAQ,kBAAmB,CAAA;AAAA,MAC3C,KAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAM,EAAA,GAAA;AAAA,MACN;AAAA,KACD,CAAA;AAAA;AAGH,EAAA,IAAI,OAAS,EAAA;AACX,IAAA,MAAM,iBAAoB,GAAA,MAAM,MAAO,CAAA,IAAA,CAAK,QAAQ,gBAAiB,CAAA;AAAA,MACnE,KAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,MAAME,uBAAO,CAAA,KAAA;AACb,IAAA,MAAM,YAAYA,uBAAO,CAAA,WAAA;AAAA,MACvB,kBAAkB,IAAK,CAAA,GAAA;AAAA,MACvBA,wBAAO,eAAgB,CAAA;AAAA,KACzB;AACA,IAAA,KAAA,MAAW,CAAC,GAAK,EAAA,KAAK,KAAK,MAAO,CAAA,OAAA,CAAQ,OAAO,CAAG,EAAA;AAClD,MAAM,MAAA,YAAA,GAAeA,uBAAO,CAAA,WAAA,CAAY,KAAK,CAAA;AAC7C,MAAA,MAAM,wBAAwBA,uBAAO,CAAA,eAAA;AAAA,QACnC,YAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,MAAM,wBAAwBA,uBAAO,CAAA,SAAA;AAAA,QACnC,qBAAA;AAAA,QACAA,wBAAO,eAAgB,CAAA;AAAA,OACzB;AAEA,MAAM,MAAA,MAAA,CAAO,IAAK,CAAA,OAAA,CAAQ,wBAAyB,CAAA;AAAA,QACjD,KAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAa,EAAA,GAAA;AAAA,QACb,eAAiB,EAAA,qBAAA;AAAA,QACjB,MAAA,EAAQ,kBAAkB,IAAK,CAAA;AAAA,OAChC,CAAA;AAAA;AACH;AAGF,EAAA,IAAI,iBAAmB,EAAA;AACrB,IAAA,MAAM,MAAO,CAAA,OAAA;AAAA,MACX,0DAAA;AAAA,MACA;AAAA,QACE,KAAA;AAAA,QACA,IAAA;AAAA,QACA,aAAa,iBAAkB,CAAA,UAAA;AAAA,QAC/B,oBAAoB,iBAAkB,CAAA;AAAA;AACxC,KACF;AAAA;AAGF,EAAO,OAAA,OAAA;AACT;AAEsB,eAAA,sBAAA,CACpB,SACA,EAAA,QAAA,EACA,aACA,EAAA,UAAA,EACA,eACA,oBACA,EAAA,oBAAA,EACA,KACA,EAAA,MAAA,EACA,IACA,EAAA,uBAAA,EACA,6BAOA,4BACA,EAAA,YAAA,EAOA,2BACA,EAAA,2BAAA,EACA,8BACA,EAAA,uBAAA,EACA,MACA,EAAA,MAAA,EACA,gBACA,EAAA,aAAA,EACA,cACA,EAAA,mBAAA,EACA,qBACiC,EAAA;AACjC,EAAA,MAAM,aAAgB,GAAA;AAAA,IACpB,IAAM,EAAA,aAAA,GACF,aACA,GAAA,MAAA,CAAO,kBAAkB,+BAA+B,CAAA;AAAA,IAC5D,KAAO,EAAA,cAAA,GACH,cACA,GAAA,MAAA,CAAO,kBAAkB,gCAAgC;AAAA,GAC/D;AAEA,EAAA,MAAM,aACJ,GAAA,mBAAA,CAAoB,gBAAkB,EAAA,MAAM,CAAK,IAAA,gBAAA;AAEnD,EAAM,MAAA,YAAA,GAAe,MAAMC,oCAAgB,CAAA;AAAA,IACzC,GAAA,EAAKC,2CAAuB,CAAA,aAAA,EAAe,UAAU,CAAA;AAAA,IACrD,SAAA;AAAA,IACA,aAAA;AAAA,IACA,IAAM,EAAA;AAAA,MACJ,QAAU,EAAA,gBAAA;AAAA,MACV;AAAA,KACF;AAAA,IACA,MAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACD,CAAA;AAED,EAAA,IAAI,oBAAsB,EAAA;AACxB,IAAI,IAAA;AACF,MAAA,MAAMC,oDAA0C,CAAA;AAAA,QAC9C,KAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAU,EAAA,IAAA;AAAA,QACV,MAAA;AAAA,QACA,aAAA;AAAA,QACA,2BAAA;AAAA,QACA,4BAAA;AAAA,QACA,YAAA;AAAA,QACA,uBAAA;AAAA,QACA,2BAAA;AAAA,QACA,2BAAA;AAAA,QACA,8BAAA;AAAA,QACA,uBAAA;AAAA,QACA,aAAe,EAAA,oBAAA;AAAA,QACf,mBAAA;AAAA,QACA;AAAA,OACD,CAAA;AAAA,aACM,CAAG,EAAA;AACV,MAAAL,kBAAA,CAAY,CAAC,CAAA;AACb,MAAO,MAAA,CAAA,IAAA;AAAA,QACL,CAA2C,wCAAA,EAAA,IAAI,CAAM,GAAA,EAAA,CAAA,CAAE,OAAO,CAAA;AAAA,OAChE;AAAA;AACF;AAGF,EAAO,OAAA,EAAE,UAAY,EAAA,YAAA,CAAa,UAAW,EAAA;AAC/C;AAEA,SAAS,wBACP,YACA,EAAA;AACA,EAAI,IAAA,UAAA,IAAc,YAAc,EAAA,OAAO,YAAa,CAAA,QAAA;AACpD,EAAI,IAAA,MAAA,IAAU,YAAc,EAAA,OAAO,YAAa,CAAA,IAAA;AAChD,EAAA,OAAO,YAAa,CAAA,IAAA;AACtB;AAEA,eAAe,kBAAA,CAAmB,QAAiB,MAAgB,EAAA;AACjE,EAAA,MAAM,CAAC,GAAK,EAAA,SAAS,CAAI,GAAA,MAAA,CAAO,MAAM,GAAG,CAAA;AACzC,EAAI,IAAA;AAIF,IAAM,MAAA,MAAA,CAAO,IAAK,CAAA,KAAA,CAAM,SAAU,CAAA;AAAA,MAChC,GAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,WACM,CAAG,EAAA;AACV,IAAA,IAAI,CAAE,CAAA,QAAA,CAAS,IAAK,CAAA,OAAA,KAAY,WAAa,EAAA;AAC3C,MAAA,MAAM,OAAU,GAAA,CAAA;AAAA,QACZ,EAAA,GAAG,aAAa,SAAS,CAAA,6BAAA,CAAA;AAC7B,MAAM,MAAA,IAAIM,qBAAc,OAAO,CAAA;AAAA;AACjC;AAEJ;AAEgB,SAAA,mBAAA,CACd,kBACA,MACoB,EAAA;AACpB,EAAA,OAAO,gBACH,GAAA,gBAAA,GACA,MAAO,CAAA,iBAAA,CAAkB,iCAAiC,CAAA;AAChE;;;;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-scaffolder-backend-module-github",
-  "version": "0.5.4-next.1",
+  "version": "0.5.4-next.2",
   "description": "The github module for @backstage/plugin-scaffolder-backend",
   "backstage": {
     "role": "backend-plugin-module",
@@ -48,13 +48,13 @@
   },
   "dependencies": {
     "@backstage/backend-common": "^0.25.0",
-    "@backstage/backend-plugin-api": "1.1.0-next.1",
-    "@backstage/catalog-client": "1.9.0-next.1",
-    "@backstage/catalog-model": "1.7.1",
-    "@backstage/config": "1.3.0",
-    "@backstage/errors": "1.2.5",
-    "@backstage/integration": "1.16.0-next.0",
-    "@backstage/plugin-scaffolder-node": "0.6.2-next.1",
+    "@backstage/backend-plugin-api": "1.1.0-next.2",
+    "@backstage/catalog-client": "1.9.0-next.2",
+    "@backstage/catalog-model": "1.7.2-next.0",
+    "@backstage/config": "1.3.1-next.0",
+    "@backstage/errors": "1.2.6-next.0",
+    "@backstage/integration": "1.16.0-next.1",
+    "@backstage/plugin-scaffolder-node": "0.6.2-next.2",
     "@octokit/webhooks": "^10.9.2",
     "libsodium-wrappers": "^0.7.11",
     "octokit": "^3.0.0",
@@ -62,9 +62,9 @@
     "yaml": "^2.0.0"
   },
   "devDependencies": {
-    "@backstage/backend-test-utils": "1.2.0-next.1",
-    "@backstage/cli": "0.29.3-next.1",
-    "@backstage/plugin-scaffolder-node-test-utils": "0.1.17-next.1",
+    "@backstage/backend-test-utils": "1.2.0-next.2",
+    "@backstage/cli": "0.29.3-next.2",
+    "@backstage/plugin-scaffolder-node-test-utils": "0.1.17-next.2",
     "@types/libsodium-wrappers": "^0.7.10",
     "fs-extra": "^11.2.0",
     "jsonschema": "^1.2.6"