UNPKG

@ycmd/creds

Version:

LSK.js CLI Creds is the easiest way to manage GitHub / Gitlab secrets and credentials

github.com/lskjs/cli

lskjs/libs

105 lines (103 loc) 2.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
import { Service } from './chunk-SDMJ4Z2K.js'; import { __name } from './chunk-POLJ2ZZ2.js'; import { Err } from '@lsk4/err'; import { createLogger } from '@lsk4/log'; import axios from 'axios'; import _sodium from 'libsodium-wrappers'; var GithubService = class extends Service { static { __name(this, "GithubService"); } log = createLogger(this.constructor.name); checkConfig() { super.checkConfig(); if (!this.projectId) throw new Err("!projectId"); if (!this.server) throw new Err("!server"); if (!this.token) throw new Err("!token"); } createClient(options) { const server = this.server || "api.github.com"; const baseURL = `https://${server}/repos/${this.getProjectPath()}`; return axios.create({ baseURL, headers: { Accept: "application/vnd.github+json", Authorization: `Bearer ${this.token}`, "X-GitHub-Api-Version": "2022-11-28" }, ...options }); } getServiceLink() { return "github.com"; } getProjectUrl() { return `https://${this.getServiceLink()}/${this.projectName}`; } getProjectCICDSettingURL() { return `${this.getProjectUrl()}/settings/secrets/actions`; } async uploadSecret(key, content) { const { data: publicKeyData } = await this.client({ method: "get", url: `/actions/secrets/public-key` }).catch((err) => { throw new Err(err.message, { data: err?.response?.data }); }); if (!publicKeyData?.key) throw new Err("!publicKey"); if (!publicKeyData?.key_id) throw new Err("!publicKeyId"); await _sodium.ready; const sodium = _sodium; const binkey = sodium.from_base64(publicKeyData.key, sodium.base64_variants.ORIGINAL); const binsec = sodium.from_string(content); const encBytes = sodium.crypto_box_seal(binsec, binkey); const output = sodium.to_base64(encBytes, sodium.base64_variants.ORIGINAL); await this.client({ method: "put", url: `/actions/secrets/${key}`, data: { encrypted_value: output, key_id: publicKeyData.key_id } }); } async uploadVariable(key, content) { const { data: varData, status } = await this.client({ method: "get", url: `/actions/variables/${key}` }).catch((err) => err?.response); if (status === 404) { await this.client({ method: "post", url: `/actions/variables`, data: { name: key, value: content } }); } if (status === 200 && varData.name.toLowerCase() === key.toLowerCase()) { await this.client({ method: "patch", url: `/actions/variables/${key}`, data: { name: key, value: content } }); } } uploadHook() { throw new Err("Github hooks not supported yet"); } }; export { GithubService }; //# sourceMappingURL=out.js.map //# sourceMappingURL=chunk-HQD3E2PN.js.map