From 75a30a545a7372f7517285ff27b99d0367b0294c Mon Sep 17 00:00:00 2001 From: Benedek Kozma Date: Tue, 22 Dec 2020 20:18:16 +0100 Subject: [PATCH] feat: deprecate GITHUB_TOKEN env var and use token input instead with default value (#112) * deprecate GITHUB_TOKEN env var and use token input instead with default value * update readme * npm run lint:fix --- README.md | 15 +++------------ action.yml | 4 ++++ src/main.ts | 10 +++++++--- 3 files changed, 14 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index c059614..4d7c9a2 100644 --- a/README.md +++ b/README.md @@ -59,16 +59,11 @@ Add a step like this to your workflow: # Default: '' tag: 'v1.0.0 --force' - env: - # This is necessary in order to push a commit to the repo - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Leave this line unchanged + # Token to use for pushing the commit. The default value won't trigger any workflows, you need to use a Personal Access Token for that. + # Default: secrets.GITHUB_TOKEN + token: ${{ secrets.GITHUB_TOKEN }} ``` -### Environment variables: - -The only `env` variable required is the token for the action to run: GitHub generates one automatically, but you need to pass it through `env` to make it available to actions. You can find more about `GITHUB_TOKEN` [here](https://help.github.com/en/articles/virtual-environments-for-github-actions#github_token-secret). -That said, you can just copy the example line and not worry about it. If you do want to use a different token you can pass that in, but I wouldn't see any possible advantage in doing so. - ### Adding files: The action adds files using a regular `git add` command, so you can put every kind of argument in the `add` option. For example, if you want to force-add a file: `./path/to/file.txt --force`. @@ -129,8 +124,6 @@ jobs: author_email: mail@example.com message: 'Your commit message' add: '*.js' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ``` If you need to run the action on a repository that is not located in [`$GITHUB_WORKSPACE`](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/using-environment-variables#default-environment-variables), you can use the `cwd` option: the action uses a `cd` normal command, so the path should follow bash standards. @@ -159,8 +152,6 @@ jobs: message: 'Add the very useful text file' add: '*.txt --force' cwd: './pathToRepo/' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ``` ## Contributors ✨ diff --git a/action.yml b/action.yml index a026429..b6905fa 100644 --- a/action.yml +++ b/action.yml @@ -38,6 +38,10 @@ inputs: tag: description: Arguments for the git tag command (the tag name always needs to be the first word not preceded by a hyphen) required: false + token: + description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)' + required: false + default: ${{ github.token }} outputs: committed: diff --git a/src/main.ts b/src/main.ts index c73a321..45f4e7e 100644 --- a/src/main.ts +++ b/src/main.ts @@ -161,7 +161,6 @@ async function checkInputs() { const eventPath = process.env.GITHUB_EVENT_PATH, event = eventPath && require(eventPath), - token = process.env.GITHUB_TOKEN, isPR = process.env.GITHUB_EVENT_NAME?.includes('pull_request'), sha = (event?.pull_request?.head?.sha || process.env.GITHUB_SHA) as string, defaultBranch = isPR @@ -169,10 +168,15 @@ async function checkInputs() { : process.env.GITHUB_REF?.substring(11) // #region GITHUB_TOKEN - if (!token) + let token = process.env.GITHUB_TOKEN + if (token) { warning( - 'The GITHUB_TOKEN env variable is missing: the action may not work as expected.' + "The GITHUB_TOKEN env variable is deprecated and will not be supported in the next major release. Use the 'token' input, " + + "which defaults to 'secrets.GITHUB_TOKEN'." ) + } else { + token = getInput('token') + } // #endregion // #region add, remove