@cloudsnorkel/cdk-github-runners 0.2.0 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.gitattributes +8 -1
- package/.jsii +1371 -206
- package/API.md +1191 -93
- package/README.md +59 -49
- package/lib/index.d.ts +3 -1
- package/lib/index.js +7 -1
- package/lib/lambdas/build-image/index.js +121 -0
- package/lib/lambdas/delete-runner/index.js +5151 -2999
- package/lib/lambdas/setup/index.html +37 -0
- package/lib/lambdas/setup/index.js +140 -255
- package/lib/lambdas/status/index.js +5151 -2999
- package/lib/lambdas/token-retriever/index.js +5151 -2999
- package/lib/lambdas/update-lambda/index.js +55 -0
- package/lib/providers/codebuild.d.ts +31 -1
- package/lib/providers/codebuild.js +57 -13
- package/lib/providers/common.d.ts +87 -6
- package/lib/providers/common.js +64 -4
- package/lib/providers/docker-images/codebuild/linux-arm64/Dockerfile +63 -0
- package/lib/providers/docker-images/codebuild/{Dockerfile → linux-x64/Dockerfile} +14 -5
- package/lib/providers/docker-images/fargate/linux-arm64/Dockerfile +45 -0
- package/lib/providers/docker-images/fargate/{runner.sh → linux-arm64/runner.sh} +0 -0
- package/lib/providers/docker-images/fargate/{Dockerfile → linux-x64/Dockerfile} +14 -5
- package/lib/providers/docker-images/fargate/linux-x64/runner.sh +5 -0
- package/lib/providers/docker-images/lambda/linux-arm64/Dockerfile +36 -0
- package/lib/providers/docker-images/lambda/{runner.js → linux-arm64/runner.js} +0 -0
- package/lib/providers/docker-images/lambda/{runner.sh → linux-arm64/runner.sh} +0 -0
- package/lib/providers/docker-images/lambda/linux-x64/Dockerfile +35 -0
- package/lib/providers/docker-images/lambda/linux-x64/runner.js +29 -0
- package/lib/providers/docker-images/lambda/linux-x64/runner.sh +12 -0
- package/lib/providers/fargate.d.ts +33 -1
- package/lib/providers/fargate.js +39 -8
- package/lib/providers/image-builders/codebuild.d.ts +178 -0
- package/lib/providers/image-builders/codebuild.js +354 -0
- package/lib/providers/image-builders/static.d.ts +29 -0
- package/lib/providers/image-builders/static.js +58 -0
- package/lib/providers/lambda.d.ts +27 -1
- package/lib/providers/lambda.js +88 -9
- package/lib/runner.d.ts +56 -9
- package/lib/runner.js +37 -11
- package/lib/secrets.js +1 -1
- package/lib/utils.d.ts +2 -1
- package/lib/utils.js +14 -3
- package/lib/webhook.js +2 -1
- package/package.json +30 -12
- package/setup/index.html +12 -0
- package/setup/src/App.svelte +291 -0
- package/setup/src/app.scss +15 -0
- package/setup/src/main.ts +8 -0
- package/setup/src/vite-env.d.ts +2 -0
- package/setup/svelte.config.mjs +7 -0
- package/setup/tsconfig.json +21 -0
- package/setup/tsconfig.node.json +8 -0
- package/setup/vite.config.ts +15 -0
- package/lib/providers/docker-images/lambda/Dockerfile +0 -27
|
@@ -5753,7 +5753,7 @@ var require_lib2 = __commonJS({
|
|
|
5753
5753
|
var trail = encoder.end();
|
|
5754
5754
|
return trail && trail.length > 0 ? Buffer2.concat([res, trail]) : res;
|
|
5755
5755
|
};
|
|
5756
|
-
iconv.decode = function
|
|
5756
|
+
iconv.decode = function decode(buf, encoding, options) {
|
|
5757
5757
|
if (typeof buf === "string") {
|
|
5758
5758
|
if (!iconv.skipDecodeWarning) {
|
|
5759
5759
|
console.error("Iconv-lite warning: decode()-ing strings is deprecated. Refer to https://github.com/ashtuchkin/iconv-lite/wiki/Use-Buffers-when-decoding");
|
|
@@ -6795,16 +6795,16 @@ var require_lib3 = __commonJS({
|
|
|
6795
6795
|
const options = getNodeRequestOptions(request);
|
|
6796
6796
|
const send = (options.protocol === "https:" ? https : http).request;
|
|
6797
6797
|
const signal = request.signal;
|
|
6798
|
-
let
|
|
6798
|
+
let response2 = null;
|
|
6799
6799
|
const abort = function abort2() {
|
|
6800
6800
|
let error = new AbortError("The user aborted a request.");
|
|
6801
6801
|
reject(error);
|
|
6802
6802
|
if (request.body && request.body instanceof Stream.Readable) {
|
|
6803
6803
|
request.body.destroy(error);
|
|
6804
6804
|
}
|
|
6805
|
-
if (!
|
|
6805
|
+
if (!response2 || !response2.body)
|
|
6806
6806
|
return;
|
|
6807
|
-
|
|
6807
|
+
response2.body.emit("error", error);
|
|
6808
6808
|
};
|
|
6809
6809
|
if (signal && signal.aborted) {
|
|
6810
6810
|
abort();
|
|
@@ -6923,8 +6923,8 @@ var require_lib3 = __commonJS({
|
|
|
6923
6923
|
};
|
|
6924
6924
|
const codings = headers.get("Content-Encoding");
|
|
6925
6925
|
if (!request.compress || request.method === "HEAD" || codings === null || res.statusCode === 204 || res.statusCode === 304) {
|
|
6926
|
-
|
|
6927
|
-
resolve(
|
|
6926
|
+
response2 = new Response(body, response_options);
|
|
6927
|
+
resolve(response2);
|
|
6928
6928
|
return;
|
|
6929
6929
|
}
|
|
6930
6930
|
const zlibOptions = {
|
|
@@ -6933,8 +6933,8 @@ var require_lib3 = __commonJS({
|
|
|
6933
6933
|
};
|
|
6934
6934
|
if (codings == "gzip" || codings == "x-gzip") {
|
|
6935
6935
|
body = body.pipe(zlib.createGunzip(zlibOptions));
|
|
6936
|
-
|
|
6937
|
-
resolve(
|
|
6936
|
+
response2 = new Response(body, response_options);
|
|
6937
|
+
resolve(response2);
|
|
6938
6938
|
return;
|
|
6939
6939
|
}
|
|
6940
6940
|
if (codings == "deflate" || codings == "x-deflate") {
|
|
@@ -6945,19 +6945,19 @@ var require_lib3 = __commonJS({
|
|
|
6945
6945
|
} else {
|
|
6946
6946
|
body = body.pipe(zlib.createInflateRaw());
|
|
6947
6947
|
}
|
|
6948
|
-
|
|
6949
|
-
resolve(
|
|
6948
|
+
response2 = new Response(body, response_options);
|
|
6949
|
+
resolve(response2);
|
|
6950
6950
|
});
|
|
6951
6951
|
return;
|
|
6952
6952
|
}
|
|
6953
6953
|
if (codings == "br" && typeof zlib.createBrotliDecompress === "function") {
|
|
6954
6954
|
body = body.pipe(zlib.createBrotliDecompress());
|
|
6955
|
-
|
|
6956
|
-
resolve(
|
|
6955
|
+
response2 = new Response(body, response_options);
|
|
6956
|
+
resolve(response2);
|
|
6957
6957
|
return;
|
|
6958
6958
|
}
|
|
6959
|
-
|
|
6960
|
-
resolve(
|
|
6959
|
+
response2 = new Response(body, response_options);
|
|
6960
|
+
resolve(response2);
|
|
6961
6961
|
});
|
|
6962
6962
|
writeToStream(req, request);
|
|
6963
6963
|
});
|
|
@@ -7138,8 +7138,8 @@ var require_dist_node5 = __commonJS({
|
|
|
7138
7138
|
var nodeFetch = _interopDefault(require_lib3());
|
|
7139
7139
|
var requestError = require_dist_node4();
|
|
7140
7140
|
var VERSION = "5.6.3";
|
|
7141
|
-
function getBufferResponse(
|
|
7142
|
-
return
|
|
7141
|
+
function getBufferResponse(response2) {
|
|
7142
|
+
return response2.arrayBuffer();
|
|
7143
7143
|
}
|
|
7144
7144
|
function fetchWrapper(requestOptions) {
|
|
7145
7145
|
const log = requestOptions.request && requestOptions.request.log ? requestOptions.request.log : console;
|
|
@@ -7155,10 +7155,10 @@ var require_dist_node5 = __commonJS({
|
|
|
7155
7155
|
body: requestOptions.body,
|
|
7156
7156
|
headers: requestOptions.headers,
|
|
7157
7157
|
redirect: requestOptions.redirect
|
|
7158
|
-
}, requestOptions.request)).then(async (
|
|
7159
|
-
url =
|
|
7160
|
-
status =
|
|
7161
|
-
for (const keyAndValue of
|
|
7158
|
+
}, requestOptions.request)).then(async (response2) => {
|
|
7159
|
+
url = response2.url;
|
|
7160
|
+
status = response2.status;
|
|
7161
|
+
for (const keyAndValue of response2.headers) {
|
|
7162
7162
|
headers[keyAndValue[0]] = keyAndValue[1];
|
|
7163
7163
|
}
|
|
7164
7164
|
if ("deprecation" in headers) {
|
|
@@ -7173,7 +7173,7 @@ var require_dist_node5 = __commonJS({
|
|
|
7173
7173
|
if (status < 400) {
|
|
7174
7174
|
return;
|
|
7175
7175
|
}
|
|
7176
|
-
throw new requestError.RequestError(
|
|
7176
|
+
throw new requestError.RequestError(response2.statusText, status, {
|
|
7177
7177
|
response: {
|
|
7178
7178
|
url,
|
|
7179
7179
|
status,
|
|
@@ -7189,13 +7189,13 @@ var require_dist_node5 = __commonJS({
|
|
|
7189
7189
|
url,
|
|
7190
7190
|
status,
|
|
7191
7191
|
headers,
|
|
7192
|
-
data: await getResponseData(
|
|
7192
|
+
data: await getResponseData(response2)
|
|
7193
7193
|
},
|
|
7194
7194
|
request: requestOptions
|
|
7195
7195
|
});
|
|
7196
7196
|
}
|
|
7197
7197
|
if (status >= 400) {
|
|
7198
|
-
const data = await getResponseData(
|
|
7198
|
+
const data = await getResponseData(response2);
|
|
7199
7199
|
const error = new requestError.RequestError(toErrorMessage(data), status, {
|
|
7200
7200
|
response: {
|
|
7201
7201
|
url,
|
|
@@ -7207,7 +7207,7 @@ var require_dist_node5 = __commonJS({
|
|
|
7207
7207
|
});
|
|
7208
7208
|
throw error;
|
|
7209
7209
|
}
|
|
7210
|
-
return getResponseData(
|
|
7210
|
+
return getResponseData(response2);
|
|
7211
7211
|
}).then((data) => {
|
|
7212
7212
|
return {
|
|
7213
7213
|
status,
|
|
@@ -7223,15 +7223,15 @@ var require_dist_node5 = __commonJS({
|
|
|
7223
7223
|
});
|
|
7224
7224
|
});
|
|
7225
7225
|
}
|
|
7226
|
-
async function getResponseData(
|
|
7227
|
-
const contentType =
|
|
7226
|
+
async function getResponseData(response2) {
|
|
7227
|
+
const contentType = response2.headers.get("content-type");
|
|
7228
7228
|
if (/application\/json/.test(contentType)) {
|
|
7229
|
-
return
|
|
7229
|
+
return response2.json();
|
|
7230
7230
|
}
|
|
7231
7231
|
if (!contentType || /^text\/|charset=utf-8$/.test(contentType)) {
|
|
7232
|
-
return
|
|
7232
|
+
return response2.text();
|
|
7233
7233
|
}
|
|
7234
|
-
return getBufferResponse(
|
|
7234
|
+
return getBufferResponse(response2);
|
|
7235
7235
|
}
|
|
7236
7236
|
function toErrorMessage(data) {
|
|
7237
7237
|
if (typeof data === "string")
|
|
@@ -7287,14 +7287,14 @@ var require_dist_node6 = __commonJS({
|
|
|
7287
7287
|
` + data.errors.map((e) => ` - ${e.message}`).join("\n");
|
|
7288
7288
|
}
|
|
7289
7289
|
var GraphqlResponseError = class extends Error {
|
|
7290
|
-
constructor(request2, headers,
|
|
7291
|
-
super(_buildMessageForResponseErrors(
|
|
7290
|
+
constructor(request2, headers, response2) {
|
|
7291
|
+
super(_buildMessageForResponseErrors(response2));
|
|
7292
7292
|
this.request = request2;
|
|
7293
7293
|
this.headers = headers;
|
|
7294
|
-
this.response =
|
|
7294
|
+
this.response = response2;
|
|
7295
7295
|
this.name = "GraphqlResponseError";
|
|
7296
|
-
this.errors =
|
|
7297
|
-
this.data =
|
|
7296
|
+
this.errors = response2.errors;
|
|
7297
|
+
this.data = response2.data;
|
|
7298
7298
|
if (Error.captureStackTrace) {
|
|
7299
7299
|
Error.captureStackTrace(this, this.constructor);
|
|
7300
7300
|
}
|
|
@@ -7332,15 +7332,15 @@ var require_dist_node6 = __commonJS({
|
|
|
7332
7332
|
if (GHES_V3_SUFFIX_REGEX.test(baseUrl)) {
|
|
7333
7333
|
requestOptions.url = baseUrl.replace(GHES_V3_SUFFIX_REGEX, "/api/graphql");
|
|
7334
7334
|
}
|
|
7335
|
-
return request2(requestOptions).then((
|
|
7336
|
-
if (
|
|
7335
|
+
return request2(requestOptions).then((response2) => {
|
|
7336
|
+
if (response2.data.errors) {
|
|
7337
7337
|
const headers = {};
|
|
7338
|
-
for (const key of Object.keys(
|
|
7339
|
-
headers[key] =
|
|
7338
|
+
for (const key of Object.keys(response2.headers)) {
|
|
7339
|
+
headers[key] = response2.headers[key];
|
|
7340
7340
|
}
|
|
7341
|
-
throw new GraphqlResponseError(requestOptions, headers,
|
|
7341
|
+
throw new GraphqlResponseError(requestOptions, headers, response2.data);
|
|
7342
7342
|
}
|
|
7343
|
-
return
|
|
7343
|
+
return response2.data.data;
|
|
7344
7344
|
});
|
|
7345
7345
|
}
|
|
7346
7346
|
function withDefaults(request$1, newDefaults) {
|
|
@@ -7566,9 +7566,9 @@ var require_dist_node9 = __commonJS({
|
|
|
7566
7566
|
const start = Date.now();
|
|
7567
7567
|
const requestOptions = octokit.request.endpoint.parse(options);
|
|
7568
7568
|
const path = requestOptions.url.replace(options.baseUrl, "");
|
|
7569
|
-
return request(options).then((
|
|
7570
|
-
octokit.log.info(`${requestOptions.method} ${path} - ${
|
|
7571
|
-
return
|
|
7569
|
+
return request(options).then((response2) => {
|
|
7570
|
+
octokit.log.info(`${requestOptions.method} ${path} - ${response2.status} in ${Date.now() - start}ms`);
|
|
7571
|
+
return response2;
|
|
7572
7572
|
}).catch((error) => {
|
|
7573
7573
|
octokit.log.info(`${requestOptions.method} ${path} - ${error.status} in ${Date.now() - start}ms`);
|
|
7574
7574
|
throw error;
|
|
@@ -7585,7 +7585,7 @@ var require_dist_node10 = __commonJS({
|
|
|
7585
7585
|
"node_modules/@octokit/plugin-paginate-rest/dist-node/index.js"(exports2) {
|
|
7586
7586
|
"use strict";
|
|
7587
7587
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
7588
|
-
var VERSION = "2.
|
|
7588
|
+
var VERSION = "2.21.3";
|
|
7589
7589
|
function ownKeys(object, enumerableOnly) {
|
|
7590
7590
|
var keys = Object.keys(object);
|
|
7591
7591
|
if (Object.getOwnPropertySymbols) {
|
|
@@ -7598,7 +7598,7 @@ var require_dist_node10 = __commonJS({
|
|
|
7598
7598
|
}
|
|
7599
7599
|
function _objectSpread2(target) {
|
|
7600
7600
|
for (var i = 1; i < arguments.length; i++) {
|
|
7601
|
-
var source = arguments[i]
|
|
7601
|
+
var source = null != arguments[i] ? arguments[i] : {};
|
|
7602
7602
|
i % 2 ? ownKeys(Object(source), true).forEach(function(key) {
|
|
7603
7603
|
_defineProperty(target, key, source[key]);
|
|
7604
7604
|
}) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function(key) {
|
|
@@ -7620,32 +7620,32 @@ var require_dist_node10 = __commonJS({
|
|
|
7620
7620
|
}
|
|
7621
7621
|
return obj;
|
|
7622
7622
|
}
|
|
7623
|
-
function normalizePaginatedListResponse(
|
|
7624
|
-
if (!
|
|
7625
|
-
return _objectSpread2(_objectSpread2({},
|
|
7623
|
+
function normalizePaginatedListResponse(response2) {
|
|
7624
|
+
if (!response2.data) {
|
|
7625
|
+
return _objectSpread2(_objectSpread2({}, response2), {}, {
|
|
7626
7626
|
data: []
|
|
7627
7627
|
});
|
|
7628
7628
|
}
|
|
7629
|
-
const responseNeedsNormalization = "total_count" in
|
|
7629
|
+
const responseNeedsNormalization = "total_count" in response2.data && !("url" in response2.data);
|
|
7630
7630
|
if (!responseNeedsNormalization)
|
|
7631
|
-
return
|
|
7632
|
-
const incompleteResults =
|
|
7633
|
-
const repositorySelection =
|
|
7634
|
-
const totalCount =
|
|
7635
|
-
delete
|
|
7636
|
-
delete
|
|
7637
|
-
delete
|
|
7638
|
-
const namespaceKey = Object.keys(
|
|
7639
|
-
const data =
|
|
7640
|
-
|
|
7631
|
+
return response2;
|
|
7632
|
+
const incompleteResults = response2.data.incomplete_results;
|
|
7633
|
+
const repositorySelection = response2.data.repository_selection;
|
|
7634
|
+
const totalCount = response2.data.total_count;
|
|
7635
|
+
delete response2.data.incomplete_results;
|
|
7636
|
+
delete response2.data.repository_selection;
|
|
7637
|
+
delete response2.data.total_count;
|
|
7638
|
+
const namespaceKey = Object.keys(response2.data)[0];
|
|
7639
|
+
const data = response2.data[namespaceKey];
|
|
7640
|
+
response2.data = data;
|
|
7641
7641
|
if (typeof incompleteResults !== "undefined") {
|
|
7642
|
-
|
|
7642
|
+
response2.data.incomplete_results = incompleteResults;
|
|
7643
7643
|
}
|
|
7644
7644
|
if (typeof repositorySelection !== "undefined") {
|
|
7645
|
-
|
|
7645
|
+
response2.data.repository_selection = repositorySelection;
|
|
7646
7646
|
}
|
|
7647
|
-
|
|
7648
|
-
return
|
|
7647
|
+
response2.data.total_count = totalCount;
|
|
7648
|
+
return response2;
|
|
7649
7649
|
}
|
|
7650
7650
|
function iterator(octokit, route, parameters) {
|
|
7651
7651
|
const options = typeof route === "function" ? route.endpoint(parameters) : octokit.request.endpoint(route, parameters);
|
|
@@ -7661,12 +7661,12 @@ var require_dist_node10 = __commonJS({
|
|
|
7661
7661
|
done: true
|
|
7662
7662
|
};
|
|
7663
7663
|
try {
|
|
7664
|
-
const
|
|
7664
|
+
const response2 = await requestMethod({
|
|
7665
7665
|
method,
|
|
7666
7666
|
url,
|
|
7667
7667
|
headers
|
|
7668
7668
|
});
|
|
7669
|
-
const normalizedResponse = normalizePaginatedListResponse(
|
|
7669
|
+
const normalizedResponse = normalizePaginatedListResponse(response2);
|
|
7670
7670
|
url = ((normalizedResponse.headers.link || "").match(/<([^>]+)>;\s*rel="next"/) || [])[1];
|
|
7671
7671
|
return {
|
|
7672
7672
|
value: normalizedResponse
|
|
@@ -7713,7 +7713,7 @@ var require_dist_node10 = __commonJS({
|
|
|
7713
7713
|
var composePaginateRest = Object.assign(paginate, {
|
|
7714
7714
|
iterator
|
|
7715
7715
|
});
|
|
7716
|
-
var paginatingEndpoints = ["GET /app/hook/deliveries", "GET /app/installations", "GET /applications/grants", "GET /authorizations", "GET /enterprises/{enterprise}/actions/permissions/organizations", "GET /enterprises/{enterprise}/actions/runner-groups", "GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations", "GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners", "GET /enterprises/{enterprise}/actions/runners", "GET /enterprises/{enterprise}/
|
|
7716
|
+
var paginatingEndpoints = ["GET /app/hook/deliveries", "GET /app/installations", "GET /applications/grants", "GET /authorizations", "GET /enterprises/{enterprise}/actions/permissions/organizations", "GET /enterprises/{enterprise}/actions/runner-groups", "GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations", "GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners", "GET /enterprises/{enterprise}/actions/runners", "GET /enterprises/{enterprise}/audit-log", "GET /enterprises/{enterprise}/secret-scanning/alerts", "GET /enterprises/{enterprise}/settings/billing/advanced-security", "GET /events", "GET /gists", "GET /gists/public", "GET /gists/starred", "GET /gists/{gist_id}/comments", "GET /gists/{gist_id}/commits", "GET /gists/{gist_id}/forks", "GET /installation/repositories", "GET /issues", "GET /licenses", "GET /marketplace_listing/plans", "GET /marketplace_listing/plans/{plan_id}/accounts", "GET /marketplace_listing/stubbed/plans", "GET /marketplace_listing/stubbed/plans/{plan_id}/accounts", "GET /networks/{owner}/{repo}/events", "GET /notifications", "GET /organizations", "GET /orgs/{org}/actions/cache/usage-by-repository", "GET /orgs/{org}/actions/permissions/repositories", "GET /orgs/{org}/actions/runner-groups", "GET /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories", "GET /orgs/{org}/actions/runner-groups/{runner_group_id}/runners", "GET /orgs/{org}/actions/runners", "GET /orgs/{org}/actions/secrets", "GET /orgs/{org}/actions/secrets/{secret_name}/repositories", "GET /orgs/{org}/audit-log", "GET /orgs/{org}/blocks", "GET /orgs/{org}/code-scanning/alerts", "GET /orgs/{org}/codespaces", "GET /orgs/{org}/credential-authorizations", "GET /orgs/{org}/dependabot/secrets", "GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories", "GET /orgs/{org}/events", "GET /orgs/{org}/external-groups", "GET /orgs/{org}/failed_invitations", "GET /orgs/{org}/hooks", "GET /orgs/{org}/hooks/{hook_id}/deliveries", "GET /orgs/{org}/installations", "GET /orgs/{org}/invitations", "GET /orgs/{org}/invitations/{invitation_id}/teams", "GET /orgs/{org}/issues", "GET /orgs/{org}/members", "GET /orgs/{org}/migrations", "GET /orgs/{org}/migrations/{migration_id}/repositories", "GET /orgs/{org}/outside_collaborators", "GET /orgs/{org}/packages", "GET /orgs/{org}/packages/{package_type}/{package_name}/versions", "GET /orgs/{org}/projects", "GET /orgs/{org}/public_members", "GET /orgs/{org}/repos", "GET /orgs/{org}/secret-scanning/alerts", "GET /orgs/{org}/settings/billing/advanced-security", "GET /orgs/{org}/team-sync/groups", "GET /orgs/{org}/teams", "GET /orgs/{org}/teams/{team_slug}/discussions", "GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments", "GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions", "GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions", "GET /orgs/{org}/teams/{team_slug}/invitations", "GET /orgs/{org}/teams/{team_slug}/members", "GET /orgs/{org}/teams/{team_slug}/projects", "GET /orgs/{org}/teams/{team_slug}/repos", "GET /orgs/{org}/teams/{team_slug}/teams", "GET /projects/columns/{column_id}/cards", "GET /projects/{project_id}/collaborators", "GET /projects/{project_id}/columns", "GET /repos/{owner}/{repo}/actions/artifacts", "GET /repos/{owner}/{repo}/actions/caches", "GET /repos/{owner}/{repo}/actions/runners", "GET /repos/{owner}/{repo}/actions/runs", "GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts", "GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/jobs", "GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs", "GET /repos/{owner}/{repo}/actions/secrets", "GET /repos/{owner}/{repo}/actions/workflows", "GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs", "GET /repos/{owner}/{repo}/assignees", "GET /repos/{owner}/{repo}/branches", "GET /repos/{owner}/{repo}/check-runs/{check_run_id}/annotations", "GET /repos/{owner}/{repo}/check-suites/{check_suite_id}/check-runs", "GET /repos/{owner}/{repo}/code-scanning/alerts", "GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances", "GET /repos/{owner}/{repo}/code-scanning/analyses", "GET /repos/{owner}/{repo}/codespaces", "GET /repos/{owner}/{repo}/codespaces/devcontainers", "GET /repos/{owner}/{repo}/codespaces/secrets", "GET /repos/{owner}/{repo}/collaborators", "GET /repos/{owner}/{repo}/comments", "GET /repos/{owner}/{repo}/comments/{comment_id}/reactions", "GET /repos/{owner}/{repo}/commits", "GET /repos/{owner}/{repo}/commits/{commit_sha}/comments", "GET /repos/{owner}/{repo}/commits/{commit_sha}/pulls", "GET /repos/{owner}/{repo}/commits/{ref}/check-runs", "GET /repos/{owner}/{repo}/commits/{ref}/check-suites", "GET /repos/{owner}/{repo}/commits/{ref}/status", "GET /repos/{owner}/{repo}/commits/{ref}/statuses", "GET /repos/{owner}/{repo}/contributors", "GET /repos/{owner}/{repo}/dependabot/secrets", "GET /repos/{owner}/{repo}/deployments", "GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses", "GET /repos/{owner}/{repo}/environments", "GET /repos/{owner}/{repo}/events", "GET /repos/{owner}/{repo}/forks", "GET /repos/{owner}/{repo}/git/matching-refs/{ref}", "GET /repos/{owner}/{repo}/hooks", "GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries", "GET /repos/{owner}/{repo}/invitations", "GET /repos/{owner}/{repo}/issues", "GET /repos/{owner}/{repo}/issues/comments", "GET /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions", "GET /repos/{owner}/{repo}/issues/events", "GET /repos/{owner}/{repo}/issues/{issue_number}/comments", "GET /repos/{owner}/{repo}/issues/{issue_number}/events", "GET /repos/{owner}/{repo}/issues/{issue_number}/labels", "GET /repos/{owner}/{repo}/issues/{issue_number}/reactions", "GET /repos/{owner}/{repo}/issues/{issue_number}/timeline", "GET /repos/{owner}/{repo}/keys", "GET /repos/{owner}/{repo}/labels", "GET /repos/{owner}/{repo}/milestones", "GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels", "GET /repos/{owner}/{repo}/notifications", "GET /repos/{owner}/{repo}/pages/builds", "GET /repos/{owner}/{repo}/projects", "GET /repos/{owner}/{repo}/pulls", "GET /repos/{owner}/{repo}/pulls/comments", "GET /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions", "GET /repos/{owner}/{repo}/pulls/{pull_number}/comments", "GET /repos/{owner}/{repo}/pulls/{pull_number}/commits", "GET /repos/{owner}/{repo}/pulls/{pull_number}/files", "GET /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers", "GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews", "GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/comments", "GET /repos/{owner}/{repo}/releases", "GET /repos/{owner}/{repo}/releases/{release_id}/assets", "GET /repos/{owner}/{repo}/releases/{release_id}/reactions", "GET /repos/{owner}/{repo}/secret-scanning/alerts", "GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations", "GET /repos/{owner}/{repo}/stargazers", "GET /repos/{owner}/{repo}/subscribers", "GET /repos/{owner}/{repo}/tags", "GET /repos/{owner}/{repo}/teams", "GET /repos/{owner}/{repo}/topics", "GET /repositories", "GET /repositories/{repository_id}/environments/{environment_name}/secrets", "GET /search/code", "GET /search/commits", "GET /search/issues", "GET /search/labels", "GET /search/repositories", "GET /search/topics", "GET /search/users", "GET /teams/{team_id}/discussions", "GET /teams/{team_id}/discussions/{discussion_number}/comments", "GET /teams/{team_id}/discussions/{discussion_number}/comments/{comment_number}/reactions", "GET /teams/{team_id}/discussions/{discussion_number}/reactions", "GET /teams/{team_id}/invitations", "GET /teams/{team_id}/members", "GET /teams/{team_id}/projects", "GET /teams/{team_id}/repos", "GET /teams/{team_id}/teams", "GET /user/blocks", "GET /user/codespaces", "GET /user/codespaces/secrets", "GET /user/emails", "GET /user/followers", "GET /user/following", "GET /user/gpg_keys", "GET /user/installations", "GET /user/installations/{installation_id}/repositories", "GET /user/issues", "GET /user/keys", "GET /user/marketplace_purchases", "GET /user/marketplace_purchases/stubbed", "GET /user/memberships/orgs", "GET /user/migrations", "GET /user/migrations/{migration_id}/repositories", "GET /user/orgs", "GET /user/packages", "GET /user/packages/{package_type}/{package_name}/versions", "GET /user/public_emails", "GET /user/repos", "GET /user/repository_invitations", "GET /user/starred", "GET /user/subscriptions", "GET /user/teams", "GET /users", "GET /users/{username}/events", "GET /users/{username}/events/orgs/{org}", "GET /users/{username}/events/public", "GET /users/{username}/followers", "GET /users/{username}/following", "GET /users/{username}/gists", "GET /users/{username}/gpg_keys", "GET /users/{username}/keys", "GET /users/{username}/orgs", "GET /users/{username}/packages", "GET /users/{username}/projects", "GET /users/{username}/received_events", "GET /users/{username}/received_events/public", "GET /users/{username}/repos", "GET /users/{username}/starred", "GET /users/{username}/subscriptions"];
|
|
7717
7717
|
function isPaginatingEndpoint(arg) {
|
|
7718
7718
|
if (typeof arg === "string") {
|
|
7719
7719
|
return paginatingEndpoints.includes(arg);
|
|
@@ -7799,6 +7799,8 @@ var require_dist_node11 = __commonJS({
|
|
|
7799
7799
|
createRemoveTokenForOrg: ["POST /orgs/{org}/actions/runners/remove-token"],
|
|
7800
7800
|
createRemoveTokenForRepo: ["POST /repos/{owner}/{repo}/actions/runners/remove-token"],
|
|
7801
7801
|
createWorkflowDispatch: ["POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches"],
|
|
7802
|
+
deleteActionsCacheById: ["DELETE /repos/{owner}/{repo}/actions/caches/{cache_id}"],
|
|
7803
|
+
deleteActionsCacheByKey: ["DELETE /repos/{owner}/{repo}/actions/caches{?key,ref}"],
|
|
7802
7804
|
deleteArtifact: ["DELETE /repos/{owner}/{repo}/actions/artifacts/{artifact_id}"],
|
|
7803
7805
|
deleteEnvironmentSecret: ["DELETE /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}"],
|
|
7804
7806
|
deleteOrgSecret: ["DELETE /orgs/{org}/actions/secrets/{secret_name}"],
|
|
@@ -7815,6 +7817,7 @@ var require_dist_node11 = __commonJS({
|
|
|
7815
7817
|
downloadWorkflowRunLogs: ["GET /repos/{owner}/{repo}/actions/runs/{run_id}/logs"],
|
|
7816
7818
|
enableSelectedRepositoryGithubActionsOrganization: ["PUT /orgs/{org}/actions/permissions/repositories/{repository_id}"],
|
|
7817
7819
|
enableWorkflow: ["PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable"],
|
|
7820
|
+
getActionsCacheList: ["GET /repos/{owner}/{repo}/actions/caches"],
|
|
7818
7821
|
getActionsCacheUsage: ["GET /repos/{owner}/{repo}/actions/cache/usage"],
|
|
7819
7822
|
getActionsCacheUsageByRepoForOrg: ["GET /orgs/{org}/actions/cache/usage-by-repository"],
|
|
7820
7823
|
getActionsCacheUsageForEnterprise: ["GET /enterprises/{enterprise}/actions/cache/usage"],
|
|
@@ -8020,6 +8023,7 @@ var require_dist_node11 = __commonJS({
|
|
|
8020
8023
|
createWithPrForAuthenticatedUser: ["POST /repos/{owner}/{repo}/pulls/{pull_number}/codespaces"],
|
|
8021
8024
|
createWithRepoForAuthenticatedUser: ["POST /repos/{owner}/{repo}/codespaces"],
|
|
8022
8025
|
deleteForAuthenticatedUser: ["DELETE /user/codespaces/{codespace_name}"],
|
|
8026
|
+
deleteFromOrganization: ["DELETE /orgs/{org}/members/{username}/codespaces/{codespace_name}"],
|
|
8023
8027
|
deleteRepoSecret: ["DELETE /repos/{owner}/{repo}/codespaces/secrets/{secret_name}"],
|
|
8024
8028
|
deleteSecretForAuthenticatedUser: ["DELETE /user/codespaces/secrets/{secret_name}"],
|
|
8025
8029
|
exportForAuthenticatedUser: ["POST /user/codespaces/{codespace_name}/exports"],
|
|
@@ -8031,6 +8035,11 @@ var require_dist_node11 = __commonJS({
|
|
|
8031
8035
|
getSecretForAuthenticatedUser: ["GET /user/codespaces/secrets/{secret_name}"],
|
|
8032
8036
|
listDevcontainersInRepositoryForAuthenticatedUser: ["GET /repos/{owner}/{repo}/codespaces/devcontainers"],
|
|
8033
8037
|
listForAuthenticatedUser: ["GET /user/codespaces"],
|
|
8038
|
+
listInOrganization: ["GET /orgs/{org}/codespaces", {}, {
|
|
8039
|
+
renamedParameters: {
|
|
8040
|
+
org_id: "org"
|
|
8041
|
+
}
|
|
8042
|
+
}],
|
|
8034
8043
|
listInRepositoryForAuthenticatedUser: ["GET /repos/{owner}/{repo}/codespaces"],
|
|
8035
8044
|
listRepoSecrets: ["GET /repos/{owner}/{repo}/codespaces/secrets"],
|
|
8036
8045
|
listRepositoriesForSecretForAuthenticatedUser: ["GET /user/codespaces/secrets/{secret_name}/repositories"],
|
|
@@ -8040,6 +8049,7 @@ var require_dist_node11 = __commonJS({
|
|
|
8040
8049
|
setRepositoriesForSecretForAuthenticatedUser: ["PUT /user/codespaces/secrets/{secret_name}/repositories"],
|
|
8041
8050
|
startForAuthenticatedUser: ["POST /user/codespaces/{codespace_name}/start"],
|
|
8042
8051
|
stopForAuthenticatedUser: ["POST /user/codespaces/{codespace_name}/stop"],
|
|
8052
|
+
stopInOrganization: ["POST /orgs/{org}/members/{username}/codespaces/{codespace_name}/stop"],
|
|
8043
8053
|
updateForAuthenticatedUser: ["PATCH /user/codespaces/{codespace_name}"]
|
|
8044
8054
|
},
|
|
8045
8055
|
dependabot: {
|
|
@@ -8059,6 +8069,7 @@ var require_dist_node11 = __commonJS({
|
|
|
8059
8069
|
setSelectedReposForOrgSecret: ["PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories"]
|
|
8060
8070
|
},
|
|
8061
8071
|
dependencyGraph: {
|
|
8072
|
+
createRepositorySnapshot: ["POST /repos/{owner}/{repo}/dependency-graph/snapshots"],
|
|
8062
8073
|
diffRange: ["GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead}"]
|
|
8063
8074
|
},
|
|
8064
8075
|
emojis: {
|
|
@@ -8721,7 +8732,7 @@ var require_dist_node11 = __commonJS({
|
|
|
8721
8732
|
updateAuthenticated: ["PATCH /user"]
|
|
8722
8733
|
}
|
|
8723
8734
|
};
|
|
8724
|
-
var VERSION = "5.
|
|
8735
|
+
var VERSION = "5.16.2";
|
|
8725
8736
|
function endpointsToMethods(octokit, endpointsMap) {
|
|
8726
8737
|
const newMethods = {};
|
|
8727
8738
|
for (const [scope, endpoints] of Object.entries(endpointsMap)) {
|
|
@@ -8818,7 +8829,7 @@ var require_dist_node12 = __commonJS({
|
|
|
8818
8829
|
|
|
8819
8830
|
// src/lambdas/setup/index.ts
|
|
8820
8831
|
var crypto = __toESM(require("crypto"));
|
|
8821
|
-
var
|
|
8832
|
+
var fs = __toESM(require("fs"));
|
|
8822
8833
|
var import_rest = __toESM(require_dist_node12());
|
|
8823
8834
|
|
|
8824
8835
|
// src/lambdas/helpers.ts
|
|
@@ -8844,135 +8855,55 @@ async function updateSecretValue(arn, value) {
|
|
|
8844
8855
|
await sm.updateSecret({ SecretId: arn, SecretString: value }).promise();
|
|
8845
8856
|
}
|
|
8846
8857
|
|
|
8847
|
-
// src/lambdas/
|
|
8848
|
-
function
|
|
8849
|
-
|
|
8850
|
-
|
|
8851
|
-
|
|
8852
|
-
|
|
8853
|
-
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
|
|
8854
|
-
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">
|
|
8855
|
-
<title>Setup GitHub Runners</title>
|
|
8856
|
-
<body>
|
|
8857
|
-
<h1>Setup GitHub Runners</h1>
|
|
8858
|
-
<p>You can choose between creating a new app that will provide authentication for specific repositories, or a personal access token that will provide access to all repositories available to you. Apps are easier to set up and provide more fine-grained access control.</p>
|
|
8859
|
-
<form>
|
|
8860
|
-
<fieldset>
|
|
8861
|
-
<legend>GitHub Domain</legend>
|
|
8862
|
-
<p>When using a GitHub Enterprise Server, change this to your own domain like github.mycompany.com.</p>
|
|
8863
|
-
<label for="domain">Domain: </label>
|
|
8864
|
-
<input id="domain" value="github.com">
|
|
8865
|
-
</fieldset>
|
|
8866
|
-
</form>
|
|
8867
|
-
|
|
8868
|
-
<h2>Using App</h2>
|
|
8869
|
-
<p>Choose whether you want a personal app, an organization app, or an existing app created according to the instructions in <a href="https://github.com/CloudSnorkel/cdk-github-runners/blob/main/SETUP_GITHUB.md">SETUP_GITHUB.md</a>. The scope of the app should match the scope of the repositories you need to provide runners for.</p>
|
|
8870
|
-
<form action="https://github.com/settings/apps/new?state=${token}" method="post" id="appform">
|
|
8871
|
-
<fieldset>
|
|
8872
|
-
<legend>New Personal App</legend>
|
|
8873
|
-
<input type="hidden" name="manifest" id="manifest">
|
|
8874
|
-
<input type="submit" value="Create">
|
|
8875
|
-
</fieldset>
|
|
8876
|
-
</form>
|
|
8877
|
-
|
|
8878
|
-
<br>
|
|
8879
|
-
<form action="https://github.com/organizations/ORGANIZATION/settings/apps/new?state=${token}" method="post" id="orgappform">
|
|
8880
|
-
<fieldset>
|
|
8881
|
-
<legend>New Organization App</legend>
|
|
8882
|
-
<label for="org">Organization slug:</label>
|
|
8883
|
-
<input id="org" name="org" value="ORGANIZATION"><br><br>
|
|
8884
|
-
<input type="hidden" name="manifest" id="manifestorg">
|
|
8885
|
-
<input type="submit" value="Create">
|
|
8886
|
-
</fieldset>
|
|
8887
|
-
</form>
|
|
8888
|
-
|
|
8889
|
-
<br>
|
|
8890
|
-
<form action="app?token=${token}" method="post">
|
|
8891
|
-
<fieldset>
|
|
8892
|
-
<p>Existing apps must have <code>actions</code> and <code>administration</code> write permissions. Don't forget to set up the webhook and its secret as described in <a href="https://github.com/CloudSnorkel/cdk-github-runners/blob/main/SETUP_GITHUB.md">SETUP_GITHUB.md</a>.</p>
|
|
8893
|
-
<legend>Existing App</legend>
|
|
8894
|
-
<input type="hidden" name="domain" id="existingdomain" value="github.com">
|
|
8895
|
-
<label for="appid">App id:</label>
|
|
8896
|
-
<input type="number" id="appid" name="appid"><br><br>
|
|
8897
|
-
<label for="pk">Private key:</label>
|
|
8898
|
-
<textarea id="pk" name="pk"></textarea><br><br>
|
|
8899
|
-
<input type="submit" value="Set">
|
|
8900
|
-
</fieldset>
|
|
8901
|
-
</form>
|
|
8902
|
-
|
|
8903
|
-
<h2>Using Personal Access Token</h2>
|
|
8904
|
-
<p>The personal token must have the <code>repo</code> scope enable. Don't forget to also create a webhook as described in <a href="https://github.com/CloudSnorkel/cdk-github-runners/blob/main/SETUP_GITHUB.md">SETUP_GITHUB.md</a>.</p>
|
|
8905
|
-
<form action="pat?token=${token}" method="post">
|
|
8906
|
-
<fieldset>
|
|
8907
|
-
<label for="pat">Token:</label>
|
|
8908
|
-
<input type="hidden" name="domain" id="patdomain" value="github.com">
|
|
8909
|
-
<input type="password" id="pat" name="pat">
|
|
8910
|
-
<input type="submit" value="Set">
|
|
8911
|
-
</fieldset>
|
|
8912
|
-
</form>
|
|
8913
|
-
|
|
8914
|
-
<script>
|
|
8915
|
-
document.getElementById("manifest").value = JSON.stringify(${manifest});
|
|
8916
|
-
document.getElementById("manifestorg").value = JSON.stringify(${manifest});
|
|
8917
|
-
function setDomainAndOrg() {
|
|
8918
|
-
const domain = document.getElementById("domain").value;
|
|
8919
|
-
const org = document.getElementById("org").value;
|
|
8920
|
-
document.getElementById("appform").action = \`https://\${domain}/settings/apps/new?state=${token}\`;
|
|
8921
|
-
document.getElementById("orgappform").action = \`https://\${domain}/organizations/\${org}/settings/apps/new?state=${token}\`;
|
|
8922
|
-
document.getElementById("existingdomain").value = domain;
|
|
8923
|
-
document.getElementById("patdomain").value = domain;
|
|
8924
|
-
}
|
|
8925
|
-
document.getElementById("domain").onchange = setDomainAndOrg;
|
|
8926
|
-
document.getElementById("org").onchange = setDomainAndOrg;
|
|
8927
|
-
<\/script>
|
|
8928
|
-
</body>
|
|
8929
|
-
</html>
|
|
8930
|
-
`;
|
|
8858
|
+
// src/lambdas/github.ts
|
|
8859
|
+
function baseUrlFromDomain(domain) {
|
|
8860
|
+
if (domain == "github.com") {
|
|
8861
|
+
return "https://api.github.com";
|
|
8862
|
+
}
|
|
8863
|
+
return `https://${domain}/api/v3`;
|
|
8931
8864
|
}
|
|
8932
|
-
|
|
8933
|
-
|
|
8934
|
-
|
|
8935
|
-
|
|
8936
|
-
|
|
8937
|
-
},
|
|
8938
|
-
redirect_url: `${baseUrl}/complete-new-app`,
|
|
8939
|
-
public: false,
|
|
8940
|
-
default_permissions: {
|
|
8941
|
-
actions: "write",
|
|
8942
|
-
administration: "write"
|
|
8943
|
-
},
|
|
8944
|
-
default_events: [
|
|
8945
|
-
"workflow_job"
|
|
8946
|
-
]
|
|
8947
|
-
});
|
|
8865
|
+
|
|
8866
|
+
// src/lambdas/setup/index.ts
|
|
8867
|
+
var nonce = crypto.randomBytes(64).toString("hex");
|
|
8868
|
+
function getHtml(baseUrl, token, domain) {
|
|
8869
|
+
return fs.readFileSync("index.html", "utf-8").replace(/INSERT_WEBHOOK_URL_HERE/g, process.env.WEBHOOK_URL).replace(/INSERT_BASE_URL_HERE/g, baseUrl).replace(/INSERT_TOKEN_HERE/g, token).replace(/INSERT_SECRET_ARN_HERE/g, process.env.SETUP_SECRET_ARN).replace(/INSERT_DOMAIN_HERE/g, domain).replace(/<script/g, `<script nonce="${nonce}"`).replace(/<style/g, `<style nonce="${nonce}"`);
|
|
8948
8870
|
}
|
|
8949
|
-
|
|
8950
|
-
const setupBaseUrl = `https://${event.requestContext.domainName}`;
|
|
8871
|
+
function response(code, body) {
|
|
8951
8872
|
return {
|
|
8952
|
-
statusCode:
|
|
8873
|
+
statusCode: code,
|
|
8953
8874
|
headers: {
|
|
8954
|
-
"Content-Type": "text/html"
|
|
8875
|
+
"Content-Type": "text/html",
|
|
8876
|
+
"Content-Security-Policy": `default-src 'nonce-${nonce}'; img-src data:; connect-src 'self'; form-action https:; frame-ancestors 'none'`
|
|
8955
8877
|
},
|
|
8956
|
-
body
|
|
8878
|
+
body
|
|
8957
8879
|
};
|
|
8958
8880
|
}
|
|
8881
|
+
async function handleRoot(event, setupToken) {
|
|
8882
|
+
const setupBaseUrl = `https://${event.requestContext.domainName}`;
|
|
8883
|
+
const githubSecrets = await getSecretJsonValue(process.env.GITHUB_SECRET_ARN);
|
|
8884
|
+
return response(200, getHtml(setupBaseUrl, setupToken, githubSecrets.domain));
|
|
8885
|
+
}
|
|
8959
8886
|
function decodeBody(event) {
|
|
8960
8887
|
let body = event.body;
|
|
8961
8888
|
if (event.isBase64Encoded) {
|
|
8962
8889
|
body = Buffer.from(body, "base64").toString("utf-8");
|
|
8963
8890
|
}
|
|
8964
|
-
return
|
|
8891
|
+
return JSON.parse(body);
|
|
8892
|
+
}
|
|
8893
|
+
async function handleDomain(event) {
|
|
8894
|
+
const body = decodeBody(event);
|
|
8895
|
+
if (!body.domain) {
|
|
8896
|
+
return response(400, "Invalid domain");
|
|
8897
|
+
}
|
|
8898
|
+
const githubSecrets = await getSecretJsonValue(process.env.GITHUB_SECRET_ARN);
|
|
8899
|
+
githubSecrets.domain = body.domain;
|
|
8900
|
+
await updateSecretValue(process.env.GITHUB_SECRET_ARN, JSON.stringify(githubSecrets));
|
|
8901
|
+
return response(200, "Domain set");
|
|
8965
8902
|
}
|
|
8966
8903
|
async function handlePat(event) {
|
|
8967
8904
|
const body = decodeBody(event);
|
|
8968
8905
|
if (!body.pat || !body.domain) {
|
|
8969
|
-
return
|
|
8970
|
-
statusCode: 400,
|
|
8971
|
-
headers: {
|
|
8972
|
-
"Content-Type": "text/html"
|
|
8973
|
-
},
|
|
8974
|
-
body: "Invalid personal access token"
|
|
8975
|
-
};
|
|
8906
|
+
return response(400, "Invalid personal access token");
|
|
8976
8907
|
}
|
|
8977
8908
|
await updateSecretValue(process.env.GITHUB_SECRET_ARN, JSON.stringify({
|
|
8978
8909
|
domain: body.domain,
|
|
@@ -8980,26 +8911,16 @@ async function handlePat(event) {
|
|
|
8980
8911
|
personalAuthToken: body.pat
|
|
8981
8912
|
}));
|
|
8982
8913
|
await updateSecretValue(process.env.SETUP_SECRET_ARN, JSON.stringify({ token: "" }));
|
|
8983
|
-
return
|
|
8984
|
-
statusCode: 200,
|
|
8985
|
-
headers: {
|
|
8986
|
-
"Content-Type": "text/html"
|
|
8987
|
-
},
|
|
8988
|
-
body: "Personal access token set"
|
|
8989
|
-
};
|
|
8914
|
+
return response(200, "Personal access token set");
|
|
8990
8915
|
}
|
|
8991
8916
|
async function handleNewApp(event) {
|
|
8992
8917
|
const code = event.queryStringParameters.code;
|
|
8993
8918
|
if (!code) {
|
|
8994
|
-
return
|
|
8995
|
-
statusCode: 400,
|
|
8996
|
-
headers: {
|
|
8997
|
-
"Content-Type": "text/html"
|
|
8998
|
-
},
|
|
8999
|
-
body: "Invalid code"
|
|
9000
|
-
};
|
|
8919
|
+
return response(400, "Invalid code");
|
|
9001
8920
|
}
|
|
9002
|
-
const
|
|
8921
|
+
const githubSecrets = await getSecretJsonValue(process.env.GITHUB_SECRET_ARN);
|
|
8922
|
+
const baseUrl = baseUrlFromDomain(githubSecrets.domain);
|
|
8923
|
+
const newApp = await new import_rest.Octokit({ baseUrl }).rest.apps.createFromManifest({ code });
|
|
9003
8924
|
await updateSecretValue(process.env.GITHUB_SECRET_ARN, JSON.stringify({
|
|
9004
8925
|
domain: new URL(newApp.data.html_url).host,
|
|
9005
8926
|
appId: newApp.data.id,
|
|
@@ -9010,24 +8931,12 @@ async function handleNewApp(event) {
|
|
|
9010
8931
|
webhookSecret: newApp.data.webhook_secret
|
|
9011
8932
|
}));
|
|
9012
8933
|
await updateSecretValue(process.env.SETUP_SECRET_ARN, JSON.stringify({ token: "" }));
|
|
9013
|
-
return {
|
|
9014
|
-
statusCode: 200,
|
|
9015
|
-
headers: {
|
|
9016
|
-
"Content-Type": "text/html"
|
|
9017
|
-
},
|
|
9018
|
-
body: `New app set. <a href="${newApp.data.html_url}/installations/new">Install it</a> for your repositories.`
|
|
9019
|
-
};
|
|
8934
|
+
return response(200, `New app set. <a href="${newApp.data.html_url}/installations/new">Install it</a> for your repositories.`);
|
|
9020
8935
|
}
|
|
9021
8936
|
async function handleExistingApp(event) {
|
|
9022
8937
|
const body = decodeBody(event);
|
|
9023
8938
|
if (!body.appid || !body.pk || !body.domain) {
|
|
9024
|
-
return
|
|
9025
|
-
statusCode: 400,
|
|
9026
|
-
headers: {
|
|
9027
|
-
"Content-Type": "text/html"
|
|
9028
|
-
},
|
|
9029
|
-
body: "Missing fields"
|
|
9030
|
-
};
|
|
8939
|
+
return response(400, "Missing fields");
|
|
9031
8940
|
}
|
|
9032
8941
|
await updateSecretValue(process.env.GITHUB_SECRET_ARN, JSON.stringify({
|
|
9033
8942
|
domain: body.domain,
|
|
@@ -9036,13 +8945,7 @@ async function handleExistingApp(event) {
|
|
|
9036
8945
|
}));
|
|
9037
8946
|
await updateSecretValue(process.env.GITHUB_PRIVATE_KEY_SECRET_ARN, body.pk);
|
|
9038
8947
|
await updateSecretValue(process.env.SETUP_SECRET_ARN, JSON.stringify({ token: "" }));
|
|
9039
|
-
return
|
|
9040
|
-
statusCode: 200,
|
|
9041
|
-
headers: {
|
|
9042
|
-
"Content-Type": "text/html"
|
|
9043
|
-
},
|
|
9044
|
-
body: "Existing app set. Don't forget to set up the webhook."
|
|
9045
|
-
};
|
|
8948
|
+
return response(200, "Existing app set. Don't forget to set up the webhook.");
|
|
9046
8949
|
}
|
|
9047
8950
|
exports.handler = async function(event) {
|
|
9048
8951
|
if (!process.env.WEBHOOK_URL) {
|
|
@@ -9050,49 +8953,31 @@ exports.handler = async function(event) {
|
|
|
9050
8953
|
}
|
|
9051
8954
|
const setupToken = (await getSecretJsonValue(process.env.SETUP_SECRET_ARN)).token;
|
|
9052
8955
|
if (!setupToken) {
|
|
9053
|
-
return
|
|
9054
|
-
statusCode: 200,
|
|
9055
|
-
headers: {
|
|
9056
|
-
"Content-Type": "text/html"
|
|
9057
|
-
},
|
|
9058
|
-
body: "Setup already complete. Put a new token in the setup secret if you want to redo it."
|
|
9059
|
-
};
|
|
8956
|
+
return response(200, "Setup already complete. Put a new token in the setup secret if you want to redo it.");
|
|
9060
8957
|
}
|
|
9061
8958
|
if (!event.queryStringParameters) {
|
|
9062
|
-
return
|
|
9063
|
-
statusCode: 403,
|
|
9064
|
-
headers: {
|
|
9065
|
-
"Content-Type": "text/html"
|
|
9066
|
-
},
|
|
9067
|
-
body: "Wrong setup token."
|
|
9068
|
-
};
|
|
8959
|
+
return response(403, "Wrong setup token.");
|
|
9069
8960
|
}
|
|
9070
|
-
const urlToken = event.queryStringParameters.token || event.queryStringParameters.state;
|
|
8961
|
+
const urlToken = event.queryStringParameters.token || event.queryStringParameters.state || "";
|
|
9071
8962
|
if (urlToken.length != setupToken.length || !crypto.timingSafeEqual(Buffer.from(urlToken, "utf-8"), Buffer.from(setupToken, "utf-8"))) {
|
|
9072
|
-
return
|
|
9073
|
-
statusCode: 403,
|
|
9074
|
-
headers: {
|
|
9075
|
-
"Content-Type": "text/html"
|
|
9076
|
-
},
|
|
9077
|
-
body: "Wrong setup token."
|
|
9078
|
-
};
|
|
8963
|
+
return response(403, "Wrong setup token.");
|
|
9079
8964
|
}
|
|
9080
|
-
|
|
9081
|
-
|
|
9082
|
-
|
|
9083
|
-
|
|
9084
|
-
|
|
9085
|
-
|
|
9086
|
-
|
|
9087
|
-
|
|
9088
|
-
|
|
9089
|
-
|
|
9090
|
-
|
|
9091
|
-
|
|
9092
|
-
|
|
9093
|
-
|
|
9094
|
-
|
|
9095
|
-
};
|
|
8965
|
+
try {
|
|
8966
|
+
if (event.requestContext.http.path == "/") {
|
|
8967
|
+
return await handleRoot(event, setupToken);
|
|
8968
|
+
} else if (event.requestContext.http.path == "/domain" && event.requestContext.http.method == "POST") {
|
|
8969
|
+
return await handleDomain(event);
|
|
8970
|
+
} else if (event.requestContext.http.path == "/pat" && event.requestContext.http.method == "POST") {
|
|
8971
|
+
return await handlePat(event);
|
|
8972
|
+
} else if (event.requestContext.http.path == "/complete-new-app" && event.requestContext.http.method == "GET") {
|
|
8973
|
+
return await handleNewApp(event);
|
|
8974
|
+
} else if (event.requestContext.http.path == "/app" && event.requestContext.http.method == "POST") {
|
|
8975
|
+
return await handleExistingApp(event);
|
|
8976
|
+
} else {
|
|
8977
|
+
return response(404, "Not found");
|
|
8978
|
+
}
|
|
8979
|
+
} catch (e) {
|
|
8980
|
+
return response(500, `<b>Error:</b> ${e}`);
|
|
9096
8981
|
}
|
|
9097
8982
|
};
|
|
9098
8983
|
/*!
|