@backstage/plugin-scaffolder-backend 1.4.0-next.1 → 1.4.0-next.2

package/dist/index.cjs.js

@@ -12,16 +12,16 @@ var path = require('path');
 var globby = require('globby');
 var isbinaryfile = require('isbinaryfile');
 var vm2 = require('vm2');
+var octokit = require('octokit');
 var child_process = require('child_process');
 var stream = require('stream');
+var webhooks = require('@octokit/webhooks');
 var azureDevopsNodeApi = require('azure-devops-node-api');
 var fetch = require('node-fetch');
 var crypto = require('crypto');
-var octokit = require('octokit');
 var octokitPluginCreatePullRequest = require('octokit-plugin-create-pull-request');
 var limiterFactory = require('p-limit');
 var node = require('@gitbeaker/node');
-var webhooks = require('@octokit/webhooks');
 var uuid = require('uuid');
 var luxon = require('luxon');
 var ObservableImpl = require('zen-observable');
@@ -688,6 +688,55 @@ const createFilesystemRenameAction = () => {
   });
 };
 
+const getRepoSourceDirectory = (workspacePath, sourcePath) => {
+  if (sourcePath) {
+    const safeSuffix = path.normalize(sourcePath).replace(/^(\.\.(\/|\\|$))+/, "");
+    const path$1 = path.join(workspacePath, safeSuffix);
+    if (!backendCommon.isChildPath(workspacePath, path$1)) {
+      throw new Error("Invalid source path");
+    }
+    return path$1;
+  }
+  return workspacePath;
+};
+const parseRepoUrl = (repoUrl, integrations) => {
+  var _a, _b, _c, _d, _e;
+  let parsed;
+  try {
+    parsed = new URL(`https://${repoUrl}`);
+  } catch (error) {
+    throw new errors.InputError(`Invalid repo URL passed to publisher, got ${repoUrl}, ${error}`);
+  }
+  const host = parsed.host;
+  const owner = (_a = parsed.searchParams.get("owner")) != null ? _a : void 0;
+  const organization = (_b = parsed.searchParams.get("organization")) != null ? _b : void 0;
+  const workspace = (_c = parsed.searchParams.get("workspace")) != null ? _c : void 0;
+  const project = (_d = parsed.searchParams.get("project")) != null ? _d : void 0;
+  const type = (_e = integrations.byHost(host)) == null ? void 0 : _e.type;
+  if (!type) {
+    throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
+  }
+  if (type === "bitbucket") {
+    if (host === "bitbucket.org") {
+      if (!workspace) {
+        throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing workspace`);
+      }
+    }
+    if (!project) {
+      throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing project`);
+    }
+  } else {
+    if (!owner) {
+      throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing owner`);
+    }
+  }
+  const repo = parsed.searchParams.get("repo");
+  if (!repo) {
+    throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing repo`);
+  }
+  return { host, owner, repo, organization, workspace, project };
+};
+
 const executeShellCommand = async (options) => {
   const {
     command,
@@ -803,138 +852,762 @@ const enableBranchProtectionOnDefaultRepoBranch = async ({
   }
 };
 
-const getRepoSourceDirectory = (workspacePath, sourcePath) => {
-  if (sourcePath) {
-    const safeSuffix = path.normalize(sourcePath).replace(/^(\.\.(\/|\\|$))+/, "");
-    const path$1 = path.join(workspacePath, safeSuffix);
-    if (!backendCommon.isChildPath(workspacePath, path$1)) {
-      throw new Error("Invalid source path");
-    }
-    return path$1;
+const DEFAULT_TIMEOUT_MS = 6e4;
+async function getOctokitOptions(options) {
+  var _a;
+  const { integrations, credentialsProvider, repoUrl, token } = options;
+  const { owner, repo, host } = parseRepoUrl(repoUrl, integrations);
+  const requestOptions = {
+    timeout: DEFAULT_TIMEOUT_MS
+  };
+  if (!owner) {
+    throw new errors.InputError(`No owner provided for repo ${repoUrl}`);
   }
-  return workspacePath;
-};
-const parseRepoUrl = (repoUrl, integrations) => {
-  var _a, _b, _c, _d, _e;
-  let parsed;
+  const integrationConfig = (_a = integrations.github.byHost(host)) == null ? void 0 : _a.config;
+  if (!integrationConfig) {
+    throw new errors.InputError(`No integration for host ${host}`);
+  }
+  if (token) {
+    return {
+      auth: token,
+      baseUrl: integrationConfig.apiBaseUrl,
+      previews: ["nebula-preview"],
+      request: requestOptions
+    };
+  }
+  const githubCredentialsProvider = credentialsProvider != null ? credentialsProvider : integration.DefaultGithubCredentialsProvider.fromIntegrations(integrations);
+  const { token: credentialProviderToken } = await githubCredentialsProvider.getCredentials({
+    url: `https://${host}/${encodeURIComponent(owner)}/${encodeURIComponent(repo)}`
+  });
+  if (!credentialProviderToken) {
+    throw new errors.InputError(`No token available for host: ${host}, with owner ${owner}, and repo ${repo}`);
+  }
+  return {
+    auth: credentialProviderToken,
+    baseUrl: integrationConfig.apiBaseUrl,
+    previews: ["nebula-preview"]
+  };
+}
+async function createGithubRepoWithCollaboratorsAndTopics(client, repo, owner, repoVisibility, description, deleteBranchOnMerge, allowMergeCommit, allowSquashMerge, allowRebaseMerge, access, collaborators, topics, logger) {
+  const user = await client.rest.users.getByUsername({
+    username: owner
+  });
+  const repoCreationPromise = user.data.type === "Organization" ? client.rest.repos.createInOrg({
+    name: repo,
+    org: owner,
+    private: repoVisibility === "private",
+    visibility: repoVisibility,
+    description,
+    delete_branch_on_merge: deleteBranchOnMerge,
+    allow_merge_commit: allowMergeCommit,
+    allow_squash_merge: allowSquashMerge,
+    allow_rebase_merge: allowRebaseMerge
+  }) : client.rest.repos.createForAuthenticatedUser({
+    name: repo,
+    private: repoVisibility === "private",
+    description,
+    delete_branch_on_merge: deleteBranchOnMerge,
+    allow_merge_commit: allowMergeCommit,
+    allow_squash_merge: allowSquashMerge,
+    allow_rebase_merge: allowRebaseMerge
+  });
+  let newRepo;
   try {
-    parsed = new URL(`https://${repoUrl}`);
-  } catch (error) {
-    throw new errors.InputError(`Invalid repo URL passed to publisher, got ${repoUrl}, ${error}`);
+    newRepo = (await repoCreationPromise).data;
+  } catch (e) {
+    errors.assertError(e);
+    if (e.message === "Resource not accessible by integration") {
+      logger.warn(`The GitHub app or token provided may not have the required permissions to create the ${user.data.type} repository ${owner}/${repo}.`);
+    }
+    throw new Error(`Failed to create the ${user.data.type} repository ${owner}/${repo}, ${e.message}`);
   }
-  const host = parsed.host;
-  const owner = (_a = parsed.searchParams.get("owner")) != null ? _a : void 0;
-  const organization = (_b = parsed.searchParams.get("organization")) != null ? _b : void 0;
-  const workspace = (_c = parsed.searchParams.get("workspace")) != null ? _c : void 0;
-  const project = (_d = parsed.searchParams.get("project")) != null ? _d : void 0;
-  const type = (_e = integrations.byHost(host)) == null ? void 0 : _e.type;
-  if (!type) {
-    throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
+  if (access == null ? void 0 : access.startsWith(`${owner}/`)) {
+    const [, team] = access.split("/");
+    await client.rest.teams.addOrUpdateRepoPermissionsInOrg({
+      org: owner,
+      team_slug: team,
+      owner,
+      repo,
+      permission: "admin"
+    });
+  } else if (access && access !== owner) {
+    await client.rest.repos.addCollaborator({
+      owner,
+      repo,
+      username: access,
+      permission: "admin"
+    });
   }
-  if (type === "bitbucket") {
-    if (host === "bitbucket.org") {
-      if (!workspace) {
-        throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing workspace`);
+  if (collaborators) {
+    for (const collaborator of collaborators) {
+      try {
+        if ("user" in collaborator) {
+          await client.rest.repos.addCollaborator({
+            owner,
+            repo,
+            username: collaborator.user,
+            permission: collaborator.access
+          });
+        } else if ("team" in collaborator) {
+          await client.rest.teams.addOrUpdateRepoPermissionsInOrg({
+            org: owner,
+            team_slug: collaborator.team,
+            owner,
+            repo,
+            permission: collaborator.access
+          });
+        }
+      } catch (e) {
+        errors.assertError(e);
+        const name = extractCollaboratorName(collaborator);
+        logger.warn(`Skipping ${collaborator.access} access for ${name}, ${e.message}`);
       }
     }
-    if (!project) {
-      throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing project`);
-    }
-  } else {
-    if (!owner) {
-      throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing owner`);
+  }
+  if (topics) {
+    try {
+      await client.rest.repos.replaceAllTopics({
+        owner,
+        repo,
+        names: topics.map((t) => t.toLowerCase())
+      });
+    } catch (e) {
+      errors.assertError(e);
+      logger.warn(`Skipping topics ${topics.join(" ")}, ${e.message}`);
     }
   }
-  const repo = parsed.searchParams.get("repo");
-  if (!repo) {
-    throw new errors.InputError(`Invalid repo URL passed to publisher: ${repoUrl}, missing repo`);
+  return newRepo;
+}
+async function initRepoPushAndProtect(remoteUrl, password, workspacePath, sourcePath, defaultBranch, protectDefaultBranch, owner, client, repo, requireCodeOwnerReviews, requiredStatusCheckContexts, config, logger, gitCommitMessage, gitAuthorName, gitAuthorEmail) {
+  const gitAuthorInfo = {
+    name: gitAuthorName ? gitAuthorName : config.getOptionalString("scaffolder.defaultAuthor.name"),
+    email: gitAuthorEmail ? gitAuthorEmail : config.getOptionalString("scaffolder.defaultAuthor.email")
+  };
+  const commitMessage = gitCommitMessage ? gitCommitMessage : config.getOptionalString("scaffolder.defaultCommitMessage");
+  await initRepoAndPush({
+    dir: getRepoSourceDirectory(workspacePath, sourcePath),
+    remoteUrl,
+    defaultBranch,
+    auth: {
+      username: "x-access-token",
+      password
+    },
+    logger,
+    commitMessage,
+    gitAuthorInfo
+  });
+  if (protectDefaultBranch) {
+    try {
+      await enableBranchProtectionOnDefaultRepoBranch({
+        owner,
+        client,
+        repoName: repo,
+        logger,
+        defaultBranch,
+        requireCodeOwnerReviews,
+        requiredStatusCheckContexts
+      });
+    } catch (e) {
+      errors.assertError(e);
+      logger.warn(`Skipping: default branch protection on '${repo}', ${e.message}`);
+    }
   }
-  return { host, owner, repo, organization, workspace, project };
-};
+}
+function extractCollaboratorName(collaborator) {
+  if ("username" in collaborator)
+    return collaborator.username;
+  if ("user" in collaborator)
+    return collaborator.user;
+  return collaborator.team;
+}
 
-function createPublishAzureAction(options) {
-  const { integrations, config } = options;
+function createGithubActionsDispatchAction(options) {
+  const { integrations, githubCredentialsProvider } = options;
   return createTemplateAction({
-    id: "publish:azure",
-    description: "Initializes a git repository of the content in the workspace, and publishes it to Azure.",
+    id: "github:actions:dispatch",
+    description: "Dispatches a GitHub Action workflow for a given branch or tag",
     schema: {
       input: {
         type: "object",
-        required: ["repoUrl"],
+        required: ["repoUrl", "workflowId", "branchOrTagName"],
         properties: {
           repoUrl: {
             title: "Repository Location",
+            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the new repository name and 'owner' is an organization or username`,
             type: "string"
           },
-          description: {
-            title: "Repository Description",
+          workflowId: {
+            title: "Workflow ID",
+            description: "The GitHub Action Workflow filename",
             type: "string"
           },
-          defaultBranch: {
-            title: "Default Branch",
-            type: "string",
-            description: `Sets the default branch on the repository. The default value is 'master'`
-          },
-          gitCommitMessage: {
-            title: "Git Commit Message",
-            type: "string",
-            description: `Sets the commit message on the repository. The default value is 'initial commit'`
-          },
-          gitAuthorName: {
-            title: "Default Author Name",
-            type: "string",
-            description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
-          },
-          gitAuthorEmail: {
-            title: "Default Author Email",
-            type: "string",
-            description: `Sets the default author email for the commit.`
-          },
-          sourcePath: {
-            title: "Source Path",
-            description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
+          branchOrTagName: {
+            title: "Branch or Tag name",
+            description: "The git branch or tag name used to dispatch the workflow",
             type: "string"
           },
+          workflowInputs: {
+            title: "Workflow Inputs",
+            description: "Inputs keys and values to send to GitHub Action configured on the workflow file. The maximum number of properties is 10. ",
+            type: "object"
+          },
           token: {
             title: "Authentication Token",
             type: "string",
-            description: "The token to use for authorization to Azure"
-          }
-        }
-      },
-      output: {
-        type: "object",
-        properties: {
-          remoteUrl: {
-            title: "A URL to the repository with the provider",
-            type: "string"
-          },
-          repoContentsUrl: {
-            title: "A URL to the root of the repository",
-            type: "string"
+            description: "The GITHUB_TOKEN to use for authorization to GitHub"
           }
         }
       }
     },
     async handler(ctx) {
-      var _a;
       const {
         repoUrl,
-        defaultBranch = "master",
-        gitCommitMessage = "initial commit",
-        gitAuthorName,
-        gitAuthorEmail
+        workflowId,
+        branchOrTagName,
+        workflowInputs,
+        token: providedToken
       } = ctx.input;
-      const { owner, repo, host, organization } = parseRepoUrl(repoUrl, integrations);
-      if (!organization) {
-        throw new errors.InputError(`Invalid URL provider was included in the repo URL to create ${ctx.input.repoUrl}, missing organization`);
-      }
-      const integrationConfig = integrations.azure.byHost(host);
-      if (!integrationConfig) {
-        throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
+      ctx.logger.info(`Dispatching workflow ${workflowId} for repo ${repoUrl} on ${branchOrTagName}`);
+      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
+      if (!owner) {
+        throw new errors.InputError("Invalid repository owner provided in repoUrl");
       }
-      if (!integrationConfig.config.token && !ctx.input.token) {
-        throw new errors.InputError(`No token provided for Azure Integration ${host}`);
+      const client = new octokit.Octokit(await getOctokitOptions({
+        integrations,
+        repoUrl,
+        credentialsProvider: githubCredentialsProvider,
+        token: providedToken
+      }));
+      await client.rest.actions.createWorkflowDispatch({
+        owner,
+        repo,
+        workflow_id: workflowId,
+        ref: branchOrTagName,
+        inputs: workflowInputs
+      });
+      ctx.logger.info(`Workflow ${workflowId} dispatched successfully`);
+    }
+  });
+}
+
+function createGithubIssuesLabelAction(options) {
+  const { integrations, githubCredentialsProvider } = options;
+  return createTemplateAction({
+    id: "github:issues:label",
+    description: "Adds labels to a pull request or issue on GitHub.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl", "number", "labels"],
+        properties: {
+          repoUrl: {
+            title: "Repository Location",
+            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the repository name and 'owner' is an organization or username`,
+            type: "string"
+          },
+          number: {
+            title: "Pull Request or issue number",
+            description: "The pull request or issue number to add labels to",
+            type: "number"
+          },
+          labels: {
+            title: "Labels",
+            description: "The labels to add to the pull request or issue",
+            type: "array",
+            items: {
+              type: "string"
+            }
+          },
+          token: {
+            title: "Authentication Token",
+            type: "string",
+            description: "The GITHUB_TOKEN to use for authorization to GitHub"
+          }
+        }
+      }
+    },
+    async handler(ctx) {
+      const { repoUrl, number, labels, token: providedToken } = ctx.input;
+      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
+      ctx.logger.info(`Adding labels to ${number} issue on repo ${repo}`);
+      if (!owner) {
+        throw new errors.InputError("Invalid repository owner provided in repoUrl");
+      }
+      const client = new octokit.Octokit(await getOctokitOptions({
+        integrations,
+        credentialsProvider: githubCredentialsProvider,
+        repoUrl,
+        token: providedToken
+      }));
+      try {
+        await client.rest.issues.addLabels({
+          owner,
+          repo,
+          issue_number: number,
+          labels
+        });
+      } catch (e) {
+        errors.assertError(e);
+        ctx.logger.warn(`Failed: adding labels to issue: '${number}' on repo: '${repo}', ${e.message}`);
+      }
+    }
+  });
+}
+
+const repoUrl = {
+  title: "Repository Location",
+  description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the new repository name and 'owner' is an organization or username`,
+  type: "string"
+};
+const description = {
+  title: "Repository Description",
+  type: "string"
+};
+const access = {
+  title: "Repository Access",
+  description: `Sets an admin collaborator on the repository. Can either be a user reference different from 'owner' in 'repoUrl' or team reference, eg. 'org/team-name'`,
+  type: "string"
+};
+const requireCodeOwnerReviews = {
+  title: "Require CODEOWNER Reviews?",
+  description: "Require an approved review in PR including files with a designated Code Owner",
+  type: "boolean"
+};
+const requiredStatusCheckContexts = {
+  title: "Required Status Check Contexts",
+  description: "The list of status checks to require in order to merge into this branch",
+  type: "array",
+  items: {
+    type: "string"
+  }
+};
+const repoVisibility = {
+  title: "Repository Visibility",
+  type: "string",
+  enum: ["private", "public", "internal"]
+};
+const deleteBranchOnMerge = {
+  title: "Delete Branch On Merge",
+  type: "boolean",
+  description: `Delete the branch after merging the PR. The default value is 'false'`
+};
+const gitAuthorName = {
+  title: "Default Author Name",
+  type: "string",
+  description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
+};
+const gitAuthorEmail = {
+  title: "Default Author Email",
+  type: "string",
+  description: `Sets the default author email for the commit.`
+};
+const allowMergeCommit = {
+  title: "Allow Merge Commits",
+  type: "boolean",
+  description: `Allow merge commits. The default value is 'true'`
+};
+const allowSquashMerge = {
+  title: "Allow Squash Merges",
+  type: "boolean",
+  description: `Allow squash merges. The default value is 'true'`
+};
+const allowRebaseMerge = {
+  title: "Allow Rebase Merges",
+  type: "boolean",
+  description: `Allow rebase merges. The default value is 'true'`
+};
+const collaborators = {
+  title: "Collaborators",
+  description: "Provide additional users or teams with permissions",
+  type: "array",
+  items: {
+    type: "object",
+    additionalProperties: false,
+    required: ["access"],
+    properties: {
+      access: {
+        type: "string",
+        description: "The type of access for the user",
+        enum: ["push", "pull", "admin", "maintain", "triage"]
+      },
+      user: {
+        type: "string",
+        description: "The name of the user that will be added as a collaborator"
+      },
+      team: {
+        type: "string",
+        description: "The name of the team that will be added as a collaborator"
+      }
+    },
+    oneOf: [{ required: ["user"] }, { required: ["team"] }]
+  }
+};
+const token = {
+  title: "Authentication Token",
+  type: "string",
+  description: "The token to use for authorization to GitHub"
+};
+const topics = {
+  title: "Topics",
+  type: "array",
+  items: {
+    type: "string"
+  }
+};
+const defaultBranch = {
+  title: "Default Branch",
+  type: "string",
+  description: `Sets the default branch on the repository. The default value is 'master'`
+};
+const protectDefaultBranch = {
+  title: "Protect Default Branch",
+  type: "boolean",
+  description: `Protect the default branch after creating the repository. The default value is 'true'`
+};
+const gitCommitMessage = {
+  title: "Git Commit Message",
+  type: "string",
+  description: `Sets the commit message on the repository. The default value is 'initial commit'`
+};
+const sourcePath = {
+  title: "Source Path",
+  description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
+  type: "string"
+};
+
+const remoteUrl = {
+  title: "A URL to the repository with the provider",
+  type: "string"
+};
+const repoContentsUrl = {
+  title: "A URL to the root of the repository",
+  type: "string"
+};
+
+function createGithubRepoCreateAction(options) {
+  const { integrations, githubCredentialsProvider } = options;
+  return createTemplateAction({
+    id: "github:repo:create",
+    description: "Creates a GitHub repository.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl"],
+        properties: {
+          repoUrl: repoUrl,
+          description: description,
+          access: access,
+          requireCodeOwnerReviews: requireCodeOwnerReviews,
+          requiredStatusCheckContexts: requiredStatusCheckContexts,
+          repoVisibility: repoVisibility,
+          deleteBranchOnMerge: deleteBranchOnMerge,
+          allowMergeCommit: allowMergeCommit,
+          allowSquashMerge: allowSquashMerge,
+          allowRebaseMerge: allowRebaseMerge,
+          collaborators: collaborators,
+          token: token,
+          topics: topics
+        }
+      },
+      output: {
+        type: "object",
+        properties: {
+          remoteUrl: remoteUrl,
+          repoContentsUrl: repoContentsUrl
+        }
+      }
+    },
+    async handler(ctx) {
+      const {
+        repoUrl,
+        description,
+        access,
+        repoVisibility = "private",
+        deleteBranchOnMerge = false,
+        allowMergeCommit = true,
+        allowSquashMerge = true,
+        allowRebaseMerge = true,
+        collaborators,
+        topics,
+        token: providedToken
+      } = ctx.input;
+      const octokitOptions = await getOctokitOptions({
+        integrations,
+        credentialsProvider: githubCredentialsProvider,
+        token: providedToken,
+        repoUrl
+      });
+      const client = new octokit.Octokit(octokitOptions);
+      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
+      if (!owner) {
+        throw new errors.InputError("Invalid repository owner provided in repoUrl");
+      }
+      const newRepo = await createGithubRepoWithCollaboratorsAndTopics(client, repo, owner, repoVisibility, description, deleteBranchOnMerge, allowMergeCommit, allowSquashMerge, allowRebaseMerge, access, collaborators, topics, ctx.logger);
+      ctx.output("remoteUrl", newRepo.clone_url);
+    }
+  });
+}
+
+function createGithubRepoPushAction(options) {
+  const { integrations, config, githubCredentialsProvider } = options;
+  return createTemplateAction({
+    id: "github:repo:push",
+    description: "Initializes a git repository of contents in workspace and publishes it to GitHub.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl"],
+        properties: {
+          repoUrl: repoUrl,
+          requireCodeOwnerReviews: requireCodeOwnerReviews,
+          requiredStatusCheckContexts: requiredStatusCheckContexts,
+          defaultBranch: defaultBranch,
+          protectDefaultBranch: protectDefaultBranch,
+          gitCommitMessage: gitCommitMessage,
+          gitAuthorName: gitAuthorName,
+          gitAuthorEmail: gitAuthorEmail,
+          sourcePath: sourcePath,
+          token: token
+        }
+      },
+      output: {
+        type: "object",
+        properties: {
+          remoteUrl: remoteUrl,
+          repoContentsUrl: repoContentsUrl
+        }
+      }
+    },
+    async handler(ctx) {
+      const {
+        repoUrl,
+        defaultBranch = "master",
+        protectDefaultBranch = true,
+        gitCommitMessage = "initial commit",
+        gitAuthorName,
+        gitAuthorEmail,
+        requireCodeOwnerReviews = false,
+        requiredStatusCheckContexts = [],
+        token: providedToken
+      } = ctx.input;
+      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
+      if (!owner) {
+        throw new errors.InputError("Invalid repository owner provided in repoUrl");
+      }
+      const octokitOptions = await getOctokitOptions({
+        integrations,
+        credentialsProvider: githubCredentialsProvider,
+        token: providedToken,
+        repoUrl
+      });
+      const client = new octokit.Octokit(octokitOptions);
+      const targetRepo = await client.rest.repos.get({ owner, repo });
+      const remoteUrl = targetRepo.data.clone_url;
+      const repoContentsUrl = `${targetRepo.data.html_url}/blob/${defaultBranch}`;
+      await initRepoPushAndProtect(remoteUrl, octokitOptions.auth, ctx.workspacePath, ctx.input.sourcePath, defaultBranch, protectDefaultBranch, owner, client, repo, requireCodeOwnerReviews, requiredStatusCheckContexts, config, ctx.logger, gitCommitMessage, gitAuthorName, gitAuthorEmail);
+      ctx.output("remoteUrl", remoteUrl);
+      ctx.output("repoContentsUrl", repoContentsUrl);
+    }
+  });
+}
+
+function createGithubWebhookAction(options) {
+  const { integrations, defaultWebhookSecret, githubCredentialsProvider } = options;
+  const eventNames = webhooks.emitterEventNames.filter((event) => !event.includes("."));
+  return createTemplateAction({
+    id: "github:webhook",
+    description: "Creates webhook for a repository on GitHub.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl", "webhookUrl"],
+        properties: {
+          repoUrl: {
+            title: "Repository Location",
+            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the new repository name and 'owner' is an organization or username`,
+            type: "string"
+          },
+          webhookUrl: {
+            title: "Webhook URL",
+            description: "The URL to which the payloads will be delivered",
+            type: "string"
+          },
+          webhookSecret: {
+            title: "Webhook Secret",
+            description: "Webhook secret value. The default can be provided internally in action creation",
+            type: "string"
+          },
+          events: {
+            title: "Triggering Events",
+            description: "Determines what events the hook is triggered for. Default: push",
+            type: "array",
+            oneOf: [
+              {
+                items: {
+                  type: "string",
+                  enum: eventNames
+                }
+              },
+              {
+                items: {
+                  type: "string",
+                  const: "*"
+                }
+              }
+            ]
+          },
+          active: {
+            title: "Active",
+            type: "boolean",
+            description: `Determines if notifications are sent when the webhook is triggered. Default: true`
+          },
+          contentType: {
+            title: "Content Type",
+            type: "string",
+            enum: ["form", "json"],
+            description: `The media type used to serialize the payloads. The default is 'form'`
+          },
+          insecureSsl: {
+            title: "Insecure SSL",
+            type: "boolean",
+            description: `Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Default 'false'`
+          },
+          token: {
+            title: "Authentication Token",
+            type: "string",
+            description: "The GITHUB_TOKEN to use for authorization to GitHub"
+          }
+        }
+      }
+    },
+    async handler(ctx) {
+      const {
+        repoUrl,
+        webhookUrl,
+        webhookSecret = defaultWebhookSecret,
+        events = ["push"],
+        active = true,
+        contentType = "form",
+        insecureSsl = false,
+        token: providedToken
+      } = ctx.input;
+      ctx.logger.info(`Creating webhook ${webhookUrl} for repo ${repoUrl}`);
+      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
+      if (!owner) {
+        throw new errors.InputError("Invalid repository owner provided in repoUrl");
+      }
+      const client = new octokit.Octokit(await getOctokitOptions({
+        integrations,
+        credentialsProvider: githubCredentialsProvider,
+        repoUrl,
+        token: providedToken
+      }));
+      try {
+        const insecure_ssl = insecureSsl ? "1" : "0";
+        await client.rest.repos.createWebhook({
+          owner,
+          repo,
+          config: {
+            url: webhookUrl,
+            content_type: contentType,
+            secret: webhookSecret,
+            insecure_ssl
+          },
+          events,
+          active
+        });
+        ctx.logger.info(`Webhook '${webhookUrl}' created successfully`);
+      } catch (e) {
+        errors.assertError(e);
+        ctx.logger.warn(`Failed: create webhook '${webhookUrl}' on repo: '${repo}', ${e.message}`);
+      }
+    }
+  });
+}
+
+function createPublishAzureAction(options) {
+  const { integrations, config } = options;
+  return createTemplateAction({
+    id: "publish:azure",
+    description: "Initializes a git repository of the content in the workspace, and publishes it to Azure.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl"],
+        properties: {
+          repoUrl: {
+            title: "Repository Location",
+            type: "string"
+          },
+          description: {
+            title: "Repository Description",
+            type: "string"
+          },
+          defaultBranch: {
+            title: "Default Branch",
+            type: "string",
+            description: `Sets the default branch on the repository. The default value is 'master'`
+          },
+          gitCommitMessage: {
+            title: "Git Commit Message",
+            type: "string",
+            description: `Sets the commit message on the repository. The default value is 'initial commit'`
+          },
+          gitAuthorName: {
+            title: "Default Author Name",
+            type: "string",
+            description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
+          },
+          gitAuthorEmail: {
+            title: "Default Author Email",
+            type: "string",
+            description: `Sets the default author email for the commit.`
+          },
+          sourcePath: {
+            title: "Source Path",
+            description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
+            type: "string"
+          },
+          token: {
+            title: "Authentication Token",
+            type: "string",
+            description: "The token to use for authorization to Azure"
+          }
+        }
+      },
+      output: {
+        type: "object",
+        properties: {
+          remoteUrl: {
+            title: "A URL to the repository with the provider",
+            type: "string"
+          },
+          repoContentsUrl: {
+            title: "A URL to the root of the repository",
+            type: "string"
+          }
+        }
+      }
+    },
+    async handler(ctx) {
+      var _a;
+      const {
+        repoUrl,
+        defaultBranch = "master",
+        gitCommitMessage = "initial commit",
+        gitAuthorName,
+        gitAuthorEmail
+      } = ctx.input;
+      const { owner, repo, host, organization } = parseRepoUrl(repoUrl, integrations);
+      if (!organization) {
+        throw new errors.InputError(`Invalid URL provider was included in the repo URL to create ${ctx.input.repoUrl}, missing organization`);
+      }
+      const integrationConfig = integrations.azure.byHost(host);
+      if (!integrationConfig) {
+        throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
+      }
+      if (!integrationConfig.config.token && !ctx.input.token) {
+        throw new errors.InputError(`No token provided for Azure Integration ${host}`);
       }
       const token = (_a = ctx.input.token) != null ? _a : integrationConfig.config.token;
       const authHandler = azureDevopsNodeApi.getPersonalAccessTokenHandler(token);
@@ -1731,43 +2404,6 @@ function createPublishGerritAction(options) {
   });
 }
 
-const DEFAULT_TIMEOUT_MS = 6e4;
-async function getOctokitOptions(options) {
-  var _a;
-  const { integrations, credentialsProvider, repoUrl, token } = options;
-  const { owner, repo, host } = parseRepoUrl(repoUrl, integrations);
-  const requestOptions = {
-    timeout: DEFAULT_TIMEOUT_MS
-  };
-  if (!owner) {
-    throw new errors.InputError(`No owner provided for repo ${repoUrl}`);
-  }
-  const integrationConfig = (_a = integrations.github.byHost(host)) == null ? void 0 : _a.config;
-  if (!integrationConfig) {
-    throw new errors.InputError(`No integration for host ${host}`);
-  }
-  if (token) {
-    return {
-      auth: token,
-      baseUrl: integrationConfig.apiBaseUrl,
-      previews: ["nebula-preview"],
-      request: requestOptions
-    };
-  }
-  const githubCredentialsProvider = credentialsProvider != null ? credentialsProvider : integration.DefaultGithubCredentialsProvider.fromIntegrations(integrations);
-  const { token: credentialProviderToken } = await githubCredentialsProvider.getCredentials({
-    url: `https://${host}/${encodeURIComponent(owner)}/${encodeURIComponent(repo)}`
-  });
-  if (!credentialProviderToken) {
-    throw new errors.InputError(`No token available for host: ${host}, with owner ${owner}, and repo ${repo}`);
-  }
-  return {
-    auth: credentialProviderToken,
-    baseUrl: integrationConfig.apiBaseUrl,
-    previews: ["nebula-preview"]
-  };
-}
-
 function createPublishGithubAction(options) {
   const { integrations, config, githubCredentialsProvider } = options;
   return createTemplateAction({
@@ -1778,147 +2414,32 @@ function createPublishGithubAction(options) {
         type: "object",
         required: ["repoUrl"],
         properties: {
-          repoUrl: {
-            title: "Repository Location",
-            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the new repository name and 'owner' is an organization or username`,
-            type: "string"
-          },
-          description: {
-            title: "Repository Description",
-            type: "string"
-          },
-          access: {
-            title: "Repository Access",
-            description: `Sets an admin collaborator on the repository. Can either be a user reference different from 'owner' in 'repoUrl' or team reference, eg. 'org/team-name'`,
-            type: "string"
-          },
-          requireCodeOwnerReviews: {
-            title: "Require CODEOWNER Reviews?",
-            description: "Require an approved review in PR including files with a designated Code Owner",
-            type: "boolean"
-          },
-          requiredStatusCheckContexts: {
-            title: "Required Status Check Contexts",
-            description: "The list of status checks to require in order to merge into this branch",
-            type: "array",
-            items: {
-              type: "string"
-            }
-          },
-          repoVisibility: {
-            title: "Repository Visibility",
-            type: "string",
-            enum: ["private", "public", "internal"]
-          },
-          defaultBranch: {
-            title: "Default Branch",
-            type: "string",
-            description: `Sets the default branch on the repository. The default value is 'master'`
-          },
-          protectDefaultBranch: {
-            title: "Protect Default Branch",
-            type: "boolean",
-            description: `Protect the default branch after creating the repository. The default value is 'true'`
-          },
-          deleteBranchOnMerge: {
-            title: "Delete Branch On Merge",
-            type: "boolean",
-            description: `Delete the branch after merging the PR. The default value is 'false'`
-          },
-          gitCommitMessage: {
-            title: "Git Commit Message",
-            type: "string",
-            description: `Sets the commit message on the repository. The default value is 'initial commit'`
-          },
-          gitAuthorName: {
-            title: "Default Author Name",
-            type: "string",
-            description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
-          },
-          gitAuthorEmail: {
-            title: "Default Author Email",
-            type: "string",
-            description: `Sets the default author email for the commit.`
-          },
-          allowMergeCommit: {
-            title: "Allow Merge Commits",
-            type: "boolean",
-            description: `Allow merge commits. The default value is 'true'`
-          },
-          allowSquashMerge: {
-            title: "Allow Squash Merges",
-            type: "boolean",
-            description: `Allow squash merges. The default value is 'true'`
-          },
-          allowRebaseMerge: {
-            title: "Allow Rebase Merges",
-            type: "boolean",
-            description: `Allow rebase merges. The default value is 'true'`
-          },
-          sourcePath: {
-            title: "Source Path",
-            description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
-            type: "string"
-          },
-          collaborators: {
-            title: "Collaborators",
-            description: "Provide additional users or teams with permissions",
-            type: "array",
-            items: {
-              type: "object",
-              additionalProperties: false,
-              required: ["access"],
-              properties: {
-                access: {
-                  type: "string",
-                  description: "The type of access for the user",
-                  enum: ["push", "pull", "admin", "maintain", "triage"]
-                },
-                user: {
-                  type: "string",
-                  description: "The name of the user that will be added as a collaborator"
-                },
-                username: {
-                  type: "string",
-                  description: "Deprecated. Use the `team` or `user` field instead."
-                },
-                team: {
-                  type: "string",
-                  description: "The name of the team that will be added as a collaborator"
-                }
-              },
-              oneOf: [
-                { required: ["user"] },
-                { required: ["username"] },
-                { required: ["team"] }
-              ]
-            }
-          },
-          token: {
-            title: "Authentication Token",
-            type: "string",
-            description: "The token to use for authorization to GitHub"
-          },
-          topics: {
-            title: "Topics",
-            type: "array",
-            items: {
-              type: "string"
-            }
-          }
+          repoUrl: repoUrl,
+          description: description,
+          access: access,
+          requireCodeOwnerReviews: requireCodeOwnerReviews,
+          requiredStatusCheckContexts: requiredStatusCheckContexts,
+          repoVisibility: repoVisibility,
+          defaultBranch: defaultBranch,
+          protectDefaultBranch: protectDefaultBranch,
+          deleteBranchOnMerge: deleteBranchOnMerge,
+          gitCommitMessage: gitCommitMessage,
+          gitAuthorName: gitAuthorName,
+          gitAuthorEmail: gitAuthorEmail,
+          allowMergeCommit: allowMergeCommit,
+          allowSquashMerge: allowSquashMerge,
+          allowRebaseMerge: allowRebaseMerge,
+          sourcePath: sourcePath,
+          collaborators: collaborators,
+          token: token,
+          topics: topics
         }
       },
       output: {
         type: "object",
         properties: {
-          remoteUrl: {
-            title: "A URL to the repository with the provider",
-            type: "string"
-          },
-          repoContentsUrl: {
-            title: "A URL to the root of the repository",
-            type: "string"
-          }
+          remoteUrl: remoteUrl,
+          repoContentsUrl: repoContentsUrl
         }
       }
     },
@@ -1943,10 +2464,6 @@ function createPublishGithubAction(options) {
         topics,
         token: providedToken
       } = ctx.input;
-      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
-      if (!owner) {
-        throw new errors.InputError("Invalid repository owner provided in repoUrl");
-      }
       const octokitOptions = await getOctokitOptions({
         integrations,
         credentialsProvider: githubCredentialsProvider,
@@ -1954,148 +2471,19 @@ function createPublishGithubAction(options) {
         repoUrl
       });
       const client = new octokit.Octokit(octokitOptions);
-      const user = await client.rest.users.getByUsername({
-        username: owner
-      });
-      const repoCreationPromise = user.data.type === "Organization" ? client.rest.repos.createInOrg({
-        name: repo,
-        org: owner,
-        private: repoVisibility === "private",
-        visibility: repoVisibility,
-        description,
-        delete_branch_on_merge: deleteBranchOnMerge,
-        allow_merge_commit: allowMergeCommit,
-        allow_squash_merge: allowSquashMerge,
-        allow_rebase_merge: allowRebaseMerge
-      }) : client.rest.repos.createForAuthenticatedUser({
-        name: repo,
-        private: repoVisibility === "private",
-        description,
-        delete_branch_on_merge: deleteBranchOnMerge,
-        allow_merge_commit: allowMergeCommit,
-        allow_squash_merge: allowSquashMerge,
-        allow_rebase_merge: allowRebaseMerge
-      });
-      let newRepo;
-      try {
-        newRepo = (await repoCreationPromise).data;
-      } catch (e) {
-        errors.assertError(e);
-        if (e.message === "Resource not accessible by integration") {
-          ctx.logger.warn(`The GitHub app or token provided may not have the required permissions to create the ${user.data.type} repository ${owner}/${repo}.`);
-        }
-        throw new Error(`Failed to create the ${user.data.type} repository ${owner}/${repo}, ${e.message}`);
-      }
-      if (access == null ? void 0 : access.startsWith(`${owner}/`)) {
-        const [, team] = access.split("/");
-        await client.rest.teams.addOrUpdateRepoPermissionsInOrg({
-          org: owner,
-          team_slug: team,
-          owner,
-          repo,
-          permission: "admin"
-        });
-      } else if (access && access !== owner) {
-        await client.rest.repos.addCollaborator({
-          owner,
-          repo,
-          username: access,
-          permission: "admin"
-        });
-      }
-      if (collaborators) {
-        for (const collaborator of collaborators) {
-          try {
-            if ("user" in collaborator) {
-              await client.rest.repos.addCollaborator({
-                owner,
-                repo,
-                username: collaborator.user,
-                permission: collaborator.access
-              });
-            } else if ("username" in collaborator) {
-              ctx.logger.warn("The field `username` is deprecated in favor of `team` and will be removed in the future.");
-              await client.rest.teams.addOrUpdateRepoPermissionsInOrg({
-                org: owner,
-                team_slug: collaborator.username,
-                owner,
-                repo,
-                permission: collaborator.access
-              });
-            } else if ("team" in collaborator) {
-              await client.rest.teams.addOrUpdateRepoPermissionsInOrg({
-                org: owner,
-                team_slug: collaborator.team,
-                owner,
-                repo,
-                permission: collaborator.access
-              });
-            }
-          } catch (e) {
-            errors.assertError(e);
-            const name = extractCollaboratorName(collaborator);
-            ctx.logger.warn(`Skipping ${collaborator.access} access for ${name}, ${e.message}`);
-          }
-        }
-      }
-      if (topics) {
-        try {
-          await client.rest.repos.replaceAllTopics({
-            owner,
-            repo,
-            names: topics.map((t) => t.toLowerCase())
-          });
-        } catch (e) {
-          errors.assertError(e);
-          ctx.logger.warn(`Skipping topics ${topics.join(" ")}, ${e.message}`);
-        }
+      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
+      if (!owner) {
+        throw new errors.InputError("Invalid repository owner provided in repoUrl");
       }
+      const newRepo = await createGithubRepoWithCollaboratorsAndTopics(client, repo, owner, repoVisibility, description, deleteBranchOnMerge, allowMergeCommit, allowSquashMerge, allowRebaseMerge, access, collaborators, topics, ctx.logger);
       const remoteUrl = newRepo.clone_url;
       const repoContentsUrl = `${newRepo.html_url}/blob/${defaultBranch}`;
-      const gitAuthorInfo = {
-        name: gitAuthorName ? gitAuthorName : config.getOptionalString("scaffolder.defaultAuthor.name"),
-        email: gitAuthorEmail ? gitAuthorEmail : config.getOptionalString("scaffolder.defaultAuthor.email")
-      };
-      await initRepoAndPush({
-        dir: getRepoSourceDirectory(ctx.workspacePath, ctx.input.sourcePath),
-        remoteUrl,
-        defaultBranch,
-        auth: {
-          username: "x-access-token",
-          password: octokitOptions.auth
-        },
-        logger: ctx.logger,
-        commitMessage: gitCommitMessage ? gitCommitMessage : config.getOptionalString("scaffolder.defaultCommitMessage"),
-        gitAuthorInfo
-      });
-      if (protectDefaultBranch) {
-        try {
-          await enableBranchProtectionOnDefaultRepoBranch({
-            owner,
-            client,
-            repoName: newRepo.name,
-            logger: ctx.logger,
-            defaultBranch,
-            requireCodeOwnerReviews,
-            requiredStatusCheckContexts
-          });
-        } catch (e) {
-          errors.assertError(e);
-          ctx.logger.warn(`Skipping: default branch protection on '${newRepo.name}', ${e.message}`);
-        }
-      }
+      await initRepoPushAndProtect(remoteUrl, octokitOptions.auth, ctx.workspacePath, ctx.input.sourcePath, defaultBranch, protectDefaultBranch, owner, client, repo, requireCodeOwnerReviews, requiredStatusCheckContexts, config, ctx.logger, gitCommitMessage, gitAuthorName, gitAuthorEmail);
       ctx.output("remoteUrl", remoteUrl);
       ctx.output("repoContentsUrl", repoContentsUrl);
     }
   });
 }
-function extractCollaboratorName(collaborator) {
-  if ("username" in collaborator)
-    return collaborator.username;
-  if ("user" in collaborator)
-    return collaborator.user;
-  return collaborator.team;
-}
 
 const DEFAULT_GLOB_PATTERNS = ["./**", "!.git"];
 const isExecutable = (fileMode) => {
@@ -2453,6 +2841,11 @@ const createPublishGitlabMergeRequestAction = (options) => {
             title: "Authentication Token",
             type: "string",
             description: "The token to use for authorization to GitLab"
+          },
+          removeSourceBranch: {
+            title: "Delete source branch",
+            type: "boolean",
+            description: "Option to delete source branch once the MR has been merged. Default: false"
           }
         }
       },
@@ -2523,7 +2916,10 @@ const createPublishGitlabMergeRequestAction = (options) => {
         throw new errors.InputError(`Committing the changes to ${destinationBranch} failed ${e}`);
       }
       try {
-        const mergeRequestUrl = await api.MergeRequests.create(projectPath, destinationBranch, String(defaultBranch), ctx.input.title, { description: ctx.input.description }).then((mergeRequest) => {
+        const mergeRequestUrl = await api.MergeRequests.create(projectPath, destinationBranch, String(defaultBranch), ctx.input.title, {
+          description: ctx.input.description,
+          removeSourceBranch: ctx.input.removeSourceBranch ? ctx.input.removeSourceBranch : false
+        }).then((mergeRequest) => {
           return mergeRequest.web_url;
         });
         ctx.output("projectid", projectPath);
@@ -2536,253 +2932,6 @@ const createPublishGitlabMergeRequestAction = (options) => {
   });
 };
 
-function createGithubActionsDispatchAction(options) {
-  const { integrations, githubCredentialsProvider } = options;
-  return createTemplateAction({
-    id: "github:actions:dispatch",
-    description: "Dispatches a GitHub Action workflow for a given branch or tag",
-    schema: {
-      input: {
-        type: "object",
-        required: ["repoUrl", "workflowId", "branchOrTagName"],
-        properties: {
-          repoUrl: {
-            title: "Repository Location",
-            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the new repository name and 'owner' is an organization or username`,
-            type: "string"
-          },
-          workflowId: {
-            title: "Workflow ID",
-            description: "The GitHub Action Workflow filename",
-            type: "string"
-          },
-          branchOrTagName: {
-            title: "Branch or Tag name",
-            description: "The git branch or tag name used to dispatch the workflow",
-            type: "string"
-          },
-          workflowInputs: {
-            title: "Workflow Inputs",
-            description: "Inputs keys and values to send to GitHub Action configured on the workflow file. The maximum number of properties is 10. ",
-            type: "object"
-          },
-          token: {
-            title: "Authentication Token",
-            type: "string",
-            description: "The GITHUB_TOKEN to use for authorization to GitHub"
-          }
-        }
-      }
-    },
-    async handler(ctx) {
-      const {
-        repoUrl,
-        workflowId,
-        branchOrTagName,
-        workflowInputs,
-        token: providedToken
-      } = ctx.input;
-      ctx.logger.info(`Dispatching workflow ${workflowId} for repo ${repoUrl} on ${branchOrTagName}`);
-      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
-      if (!owner) {
-        throw new errors.InputError("Invalid repository owner provided in repoUrl");
-      }
-      const client = new octokit.Octokit(await getOctokitOptions({
-        integrations,
-        repoUrl,
-        credentialsProvider: githubCredentialsProvider,
-        token: providedToken
-      }));
-      await client.rest.actions.createWorkflowDispatch({
-        owner,
-        repo,
-        workflow_id: workflowId,
-        ref: branchOrTagName,
-        inputs: workflowInputs
-      });
-      ctx.logger.info(`Workflow ${workflowId} dispatched successfully`);
-    }
-  });
-}
-
-function createGithubWebhookAction(options) {
-  const { integrations, defaultWebhookSecret, githubCredentialsProvider } = options;
-  const eventNames = webhooks.emitterEventNames.filter((event) => !event.includes("."));
-  return createTemplateAction({
-    id: "github:webhook",
-    description: "Creates webhook for a repository on GitHub.",
-    schema: {
-      input: {
-        type: "object",
-        required: ["repoUrl", "webhookUrl"],
-        properties: {
-          repoUrl: {
-            title: "Repository Location",
-            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the new repository name and 'owner' is an organization or username`,
-            type: "string"
-          },
-          webhookUrl: {
-            title: "Webhook URL",
-            description: "The URL to which the payloads will be delivered",
-            type: "string"
-          },
-          webhookSecret: {
-            title: "Webhook Secret",
-            description: "Webhook secret value. The default can be provided internally in action creation",
-            type: "string"
-          },
-          events: {
-            title: "Triggering Events",
-            description: "Determines what events the hook is triggered for. Default: push",
-            type: "array",
-            oneOf: [
-              {
-                items: {
-                  type: "string",
-                  enum: eventNames
-                }
-              },
-              {
-                items: {
-                  type: "string",
-                  const: "*"
-                }
-              }
-            ]
-          },
-          active: {
-            title: "Active",
-            type: "boolean",
-            description: `Determines if notifications are sent when the webhook is triggered. Default: true`
-          },
-          contentType: {
-            title: "Content Type",
-            type: "string",
-            enum: ["form", "json"],
-            description: `The media type used to serialize the payloads. The default is 'form'`
-          },
-          insecureSsl: {
-            title: "Insecure SSL",
-            type: "boolean",
-            description: `Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Default 'false'`
-          },
-          token: {
-            title: "Authentication Token",
-            type: "string",
-            description: "The GITHUB_TOKEN to use for authorization to GitHub"
-          }
-        }
-      }
-    },
-    async handler(ctx) {
-      const {
-        repoUrl,
-        webhookUrl,
-        webhookSecret = defaultWebhookSecret,
-        events = ["push"],
-        active = true,
-        contentType = "form",
-        insecureSsl = false,
-        token: providedToken
-      } = ctx.input;
-      ctx.logger.info(`Creating webhook ${webhookUrl} for repo ${repoUrl}`);
-      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
-      if (!owner) {
-        throw new errors.InputError("Invalid repository owner provided in repoUrl");
-      }
-      const client = new octokit.Octokit(await getOctokitOptions({
-        integrations,
-        credentialsProvider: githubCredentialsProvider,
-        repoUrl,
-        token: providedToken
-      }));
-      try {
-        const insecure_ssl = insecureSsl ? "1" : "0";
-        await client.rest.repos.createWebhook({
-          owner,
-          repo,
-          config: {
-            url: webhookUrl,
-            content_type: contentType,
-            secret: webhookSecret,
-            insecure_ssl
-          },
-          events,
-          active
-        });
-        ctx.logger.info(`Webhook '${webhookUrl}' created successfully`);
-      } catch (e) {
-        errors.assertError(e);
-        ctx.logger.warn(`Failed: create webhook '${webhookUrl}' on repo: '${repo}', ${e.message}`);
-      }
-    }
-  });
-}
-
-function createGithubIssuesLabelAction(options) {
-  const { integrations, githubCredentialsProvider } = options;
-  return createTemplateAction({
-    id: "github:issues:label",
-    description: "Adds labels to a pull request or issue on GitHub.",
-    schema: {
-      input: {
-        type: "object",
-        required: ["repoUrl", "number", "labels"],
-        properties: {
-          repoUrl: {
-            title: "Repository Location",
-            description: `Accepts the format 'github.com?repo=reponame&owner=owner' where 'reponame' is the repository name and 'owner' is an organization or username`,
-            type: "string"
-          },
-          number: {
-            title: "Pull Request or issue number",
-            description: "The pull request or issue number to add labels to",
-            type: "number"
-          },
-          labels: {
-            title: "Labels",
-            description: "The labels to add to the pull request or issue",
-            type: "array",
-            items: {
-              type: "string"
-            }
-          },
-          token: {
-            title: "Authentication Token",
-            type: "string",
-            description: "The GITHUB_TOKEN to use for authorization to GitHub"
-          }
-        }
-      }
-    },
-    async handler(ctx) {
-      const { repoUrl, number, labels, token: providedToken } = ctx.input;
-      const { owner, repo } = parseRepoUrl(repoUrl, integrations);
-      ctx.logger.info(`Adding labels to ${number} issue on repo ${repo}`);
-      if (!owner) {
-        throw new errors.InputError("Invalid repository owner provided in repoUrl");
-      }
-      const client = new octokit.Octokit(await getOctokitOptions({
-        integrations,
-        credentialsProvider: githubCredentialsProvider,
-        repoUrl,
-        token: providedToken
-      }));
-      try {
-        await client.rest.issues.addLabels({
-          owner,
-          repo,
-          issue_number: number,
-          labels
-        });
-      } catch (e) {
-        errors.assertError(e);
-        ctx.logger.warn(`Failed: adding labels to issue: '${number}' on repo: '${repo}', ${e.message}`);
-      }
-    }
-  });
-}
-
 const createBuiltinActions = (options) => {
   const {
     reader,
@@ -2854,6 +3003,15 @@ const createBuiltinActions = (options) => {
     createGithubIssuesLabelAction({
       integrations,
       githubCredentialsProvider
+    }),
+    createGithubRepoCreateAction({
+      integrations,
+      githubCredentialsProvider
+    }),
+    createGithubRepoPushAction({
+      integrations,
+      config,
+      githubCredentialsProvider
     })
   ];
   return actions;
@@ -3985,6 +4143,8 @@ exports.createFilesystemDeleteAction = createFilesystemDeleteAction;
 exports.createFilesystemRenameAction = createFilesystemRenameAction;
 exports.createGithubActionsDispatchAction = createGithubActionsDispatchAction;
 exports.createGithubIssuesLabelAction = createGithubIssuesLabelAction;
+exports.createGithubRepoCreateAction = createGithubRepoCreateAction;
+exports.createGithubRepoPushAction = createGithubRepoPushAction;
 exports.createGithubWebhookAction = createGithubWebhookAction;
 exports.createPublishAzureAction = createPublishAzureAction;
 exports.createPublishBitbucketAction = createPublishBitbucketAction;