@postman-cse/onboarding-repo-sync 1.0.4 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +11 -9
  2. package/action.yml +12 -7
  3. package/dist/action.cjs +102578 -1023
  4. package/dist/cli.cjs +102560 -1018
  5. package/dist/index.cjs +102577 -1023
  6. package/package.json +6 -4
package/README.md CHANGED
@@ -31,12 +31,12 @@ jobs:
31
31
  - uses: actions/checkout@v5
32
32
 
33
33
  - id: postman-auth
34
- uses: postman-cs/postman-resolve-service-token-action@v1
34
+ uses: postman-cs/postman-resolve-service-token-action@v2
35
35
  with:
36
36
  postman-region: us
37
37
  postman-api-key: ${{ secrets.POSTMAN_API_KEY }}
38
38
 
39
- - uses: postman-cs/postman-repo-sync-action@v1
39
+ - uses: postman-cs/postman-repo-sync-action@v2
40
40
  with:
41
41
  project-name: core-payments
42
42
  postman-region: us
@@ -57,7 +57,7 @@ The example permissions let `GITHUB_TOKEN` commit generated artifacts and update
57
57
  ### Full sync with workspace assets
58
58
 
59
59
  ```yaml
60
- - uses: postman-cs/postman-repo-sync-action@v1
60
+ - uses: postman-cs/postman-repo-sync-action@v2
61
61
  with:
62
62
  project-name: core-payments
63
63
  workspace-id: ws-123
@@ -73,7 +73,7 @@ The example permissions let `GITHUB_TOKEN` commit generated artifacts and update
73
73
  github-token: ${{ secrets.GITHUB_TOKEN }}
74
74
  ```
75
75
 
76
- `postman-access-token` is required for workspace-to-repository linking, system environment association, and API key generation. Use `postman-resolve-service-token-action` to mint it at runtime from a [Postman service account](https://learning.postman.com/docs/administration/service-accounts/) PMAK. If it is omitted, those integration steps are skipped and the remaining artifact sync can still run with `postman-api-key`. See [docs/credentials.md](docs/credentials.md).
76
+ `postman-access-token` is required: every asset operation (environment create/get/update, collection read, mock, monitor) plus workspace-to-repository linking and system environment association runs through the access-token gateway. Use `postman-resolve-service-token-action` to mint it at runtime from a [Postman service account](https://learning.postman.com/docs/administration/service-accounts/) PMAK. Without it the action fails fast — the PMAK is not an asset-routing fallback; it only mints/re-mints the access token, powers the generated CI workflow's `postman login --with-api-key`, and mints the CI `POSTMAN_API_KEY` secret. See [docs/credentials.md](docs/credentials.md).
77
77
 
78
78
  ### Disable CI workflow generation
79
79
 
@@ -137,7 +137,7 @@ with:
137
137
  | Name | Description | Required | Default |
138
138
  | --- | --- | --- | --- |
139
139
  | `generate-ci-workflow` | Whether to generate the CI workflow file | no | `true` |
140
- | `ci-workflow-path` | Path to write the generated CI workflow file | no | `.github/workflows/ci.yml` |
140
+ | `ci-workflow-path` | Path to write the generated CI workflow file. Defaults to azure-pipelines.yml for Azure DevOps, .github/workflows/ci.yml otherwise. | no | |
141
141
  | `project-name` | Service project name used for environment, mock, and monitor naming. | yes | |
142
142
  | `workspace-id` | Postman workspace ID used for workspace-link and export metadata. | no | |
143
143
  | `baseline-collection-id` | Baseline collection ID used for exported artifacts and mock server creation. | no | |
@@ -151,7 +151,9 @@ with:
151
151
  | `mock-url` | Existing mock server URL. When set, the action validates and reuses this mock instead of creating a new one. | no | |
152
152
  | `monitor-cron` | Cron expression for monitor scheduling (e.g. '0 */6 * * *'). When empty, the monitor is created disabled and triggered to run once per workflow invocation (and once on every subsequent run). | no | `""` |
153
153
  | `environments-json` | JSON array of environment slugs to create or update. | no | `["prod"]` |
154
- | `repo-url` | Explicit repository URL (GitHub or GitLab). Defaults to https://github.com/$GITHUB_REPOSITORY on GitHub Actions, or $CI_PROJECT_URL on GitLab CI, when omitted. | no | |
154
+ | `git-provider` | Git provider override ('github', 'gitlab', 'bitbucket', 'azure-devops'). Auto-detected from environment when omitted. | no | |
155
+ | `ado-token` | Azure DevOps personal access token or system token used to push commits in Azure Pipelines. Defaults to SYSTEM_ACCESSTOKEN when available. | no | |
156
+ | `repo-url` | Explicit repository URL (GitHub, GitLab, or Azure DevOps). Defaults to the URL inferred from runner environment when omitted. | no | |
155
157
  | `workspace-link-enabled` | Enable workspace linking. | no | `true` |
156
158
  | `environment-sync-enabled` | Enable association of Postman environments to system environments. | no | `true` |
157
159
  | `system-env-map-json` | JSON map of environment slug to system environment id. | no | `{}` |
@@ -162,9 +164,9 @@ with:
162
164
  | `current-ref` | Explicit ref override for push-changes when the checkout is detached. | no | |
163
165
  | `committer-name` | Git committer name for sync commits. | no | `Postman` |
164
166
  | `committer-email` | Git committer email for sync commits. | no | `support@postman.com` |
165
- | `postman-api-key` | Postman API key used for environment, mock, and monitor operations. | no | |
166
- | `postman-access-token` | Postman access token used for workspace linking, system environment association, and generated API-key creation. | no | |
167
- | `team-id` | Postman team ID resolved by postman-resolve-service-token-action for org-mode integration calls. Falls back to POSTMAN_TEAM_ID when omitted. | no | `""` |
167
+ | `postman-api-key` | Postman API key (PMAK). Used only to mint/re-mint the access token (via postman-resolve-service-token-action) and for the Postman CLI spec-lint login. Asset operations (environments, collections, mocks, monitors) run on the access-token gateway and do not use the PMAK. Optional when a valid postman-access-token is supplied; required only for the CLI lint path. | no | |
168
+ | `postman-access-token` | Postman access token minted by postman-resolve-service-token-action. Required for all asset operations (environment create/get/update, collection read, mock, monitor) which run through the access-token gateway. Also used for workspace linking, system environment association, and generated API-key creation. Without it the action fails fast — PMAK is not an asset-routing fallback. | yes | |
169
+ | `team-id` | Postman team ID resolved by postman-resolve-service-token-action. Primary team scope for all downstream actions; included as x-entity-team-id in org-mode Bifrost calls. Falls back to POSTMAN_TEAM_ID when omitted. Set explicitly for org-mode teams. | no | `""` |
168
170
  | `credential-preflight` | Credential identity preflight policy. warn (default) logs a note and continues when postman-api-key and postman-access-token resolve to different parent orgs; enforce fails the run on that condition before any workspace is created. Both modes warn when postman-access-token is not a service-account token. | no | `warn` |
169
171
  | `github-token` | GitHub token used for repo variable persistence and commits. | no | |
170
172
  | `gh-fallback-token` | Fallback token for repository variable APIs and workflow-file pushes. | no | |
package/action.yml CHANGED
@@ -11,9 +11,8 @@ inputs:
11
11
  required: false
12
12
  default: "true"
13
13
  ci-workflow-path:
14
- description: Path to write the generated CI workflow file
14
+ description: Path to write the generated CI workflow file. Defaults to azure-pipelines.yml for Azure DevOps, .github/workflows/ci.yml otherwise.
15
15
  required: false
16
- default: .github/workflows/ci.yml
17
16
  project-name:
18
17
  description: Service project name used for environment, mock, and monitor naming.
19
18
  required: true
@@ -58,8 +57,14 @@ inputs:
58
57
  description: JSON array of environment slugs to create or update.
59
58
  required: false
60
59
  default: '["prod"]'
60
+ git-provider:
61
+ description: Git provider override ('github', 'gitlab', 'bitbucket', 'azure-devops'). Auto-detected from environment when omitted.
62
+ required: false
63
+ ado-token:
64
+ description: Azure DevOps personal access token or system token used to push commits in Azure Pipelines. Defaults to SYSTEM_ACCESSTOKEN when available.
65
+ required: false
61
66
  repo-url:
62
- description: 'Explicit repository URL (GitHub or GitLab). Defaults to https://github.com/$GITHUB_REPOSITORY on GitHub Actions, or $CI_PROJECT_URL on GitLab CI, when omitted.'
67
+ description: 'Explicit repository URL (GitHub, GitLab, or Azure DevOps). Defaults to the URL inferred from runner environment when omitted.'
63
68
  required: false
64
69
  integration-backend:
65
70
  description: Advanced/internal. Integration backend for managed workspace linking and environment sync; leave unset to use the default.
@@ -104,13 +109,13 @@ inputs:
104
109
  required: false
105
110
  default: support@postman.com
106
111
  postman-api-key:
107
- description: Postman API key used for environment, mock, and monitor operations.
112
+ description: Postman API key (PMAK). Used only to mint/re-mint the access token (via postman-resolve-service-token-action) and for the Postman CLI spec-lint login. Asset operations (environments, collections, mocks, monitors) run on the access-token gateway and do not use the PMAK. Optional when a valid postman-access-token is supplied; required only for the CLI lint path.
108
113
  required: false
109
114
  postman-access-token:
110
- description: Postman access token used for workspace linking, system environment association, and generated API-key creation.
111
- required: false
115
+ description: Postman access token minted by postman-resolve-service-token-action. Required for all asset operations (environment create/get/update, collection read, mock, monitor) which run through the access-token gateway. Also used for workspace linking, system environment association, and generated API-key creation. Without it the action fails fast — PMAK is not an asset-routing fallback.
116
+ required: true
112
117
  team-id:
113
- description: Postman team ID resolved by postman-resolve-service-token-action for org-mode integration calls. Falls back to POSTMAN_TEAM_ID when omitted.
118
+ description: Postman team ID resolved by postman-resolve-service-token-action. Primary team scope for all downstream actions; included as x-entity-team-id in org-mode Bifrost calls. Falls back to POSTMAN_TEAM_ID when omitted. Set explicitly for org-mode teams.
114
119
  required: false
115
120
  default: ""
116
121
  credential-preflight: