actions_secrets.go

Documentation: github.com/google/go-github/v33/github

     1  // Copyright 2020 The go-github AUTHORS. All rights reserved.
     2  //
     3  // Use of this source code is governed by a BSD-style
     4  // license that can be found in the LICENSE file.
     5  
     6  package github
     7  
     8  import (
     9  	"context"
    10  	"fmt"
    11  )
    12  
    13  // PublicKey represents the public key that should be used to encrypt secrets.
    14  type PublicKey struct {
    15  	KeyID *string `json:"key_id"`
    16  	Key   *string `json:"key"`
    17  }
    18  
    19  // GetRepoPublicKey gets a public key that should be used for secret encryption.
    20  //
    21  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#get-a-repository-public-key
    22  func (s *ActionsService) GetRepoPublicKey(ctx context.Context, owner, repo string) (*PublicKey, *Response, error) {
    23  	u := fmt.Sprintf("repos/%v/%v/actions/secrets/public-key", owner, repo)
    24  	req, err := s.client.NewRequest("GET", u, nil)
    25  	if err != nil {
    26  		return nil, nil, err
    27  	}
    28  
    29  	pubKey := new(PublicKey)
    30  	resp, err := s.client.Do(ctx, req, pubKey)
    31  	if err != nil {
    32  		return nil, resp, err
    33  	}
    34  
    35  	return pubKey, resp, nil
    36  }
    37  
    38  // GetOrgPublicKey gets a public key that should be used for secret encryption.
    39  //
    40  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#get-an-organization-public-key
    41  func (s *ActionsService) GetOrgPublicKey(ctx context.Context, org string) (*PublicKey, *Response, error) {
    42  	u := fmt.Sprintf("orgs/%v/actions/secrets/public-key", org)
    43  	req, err := s.client.NewRequest("GET", u, nil)
    44  	if err != nil {
    45  		return nil, nil, err
    46  	}
    47  
    48  	pubKey := new(PublicKey)
    49  	resp, err := s.client.Do(ctx, req, pubKey)
    50  	if err != nil {
    51  		return nil, resp, err
    52  	}
    53  
    54  	return pubKey, resp, nil
    55  }
    56  
    57  // Secret represents a repository action secret.
    58  type Secret struct {
    59  	Name                    string    `json:"name"`
    60  	CreatedAt               Timestamp `json:"created_at"`
    61  	UpdatedAt               Timestamp `json:"updated_at"`
    62  	Visibility              string    `json:"visibility,omitempty"`
    63  	SelectedRepositoriesURL string    `json:"selected_repositories_url,omitempty"`
    64  }
    65  
    66  // Secrets represents one item from the ListSecrets response.
    67  type Secrets struct {
    68  	TotalCount int       `json:"total_count"`
    69  	Secrets    []*Secret `json:"secrets"`
    70  }
    71  
    72  // ListRepoSecrets lists all secrets available in a repository
    73  // without revealing their encrypted values.
    74  //
    75  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#list-repository-secrets
    76  func (s *ActionsService) ListRepoSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) {
    77  	u := fmt.Sprintf("repos/%v/%v/actions/secrets", owner, repo)
    78  	u, err := addOptions(u, opts)
    79  	if err != nil {
    80  		return nil, nil, err
    81  	}
    82  
    83  	req, err := s.client.NewRequest("GET", u, nil)
    84  	if err != nil {
    85  		return nil, nil, err
    86  	}
    87  
    88  	secrets := new(Secrets)
    89  	resp, err := s.client.Do(ctx, req, &secrets)
    90  	if err != nil {
    91  		return nil, resp, err
    92  	}
    93  
    94  	return secrets, resp, nil
    95  }
    96  
    97  // GetRepoSecret gets a single repository secret without revealing its encrypted value.
    98  //
    99  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#get-a-repository-secret
   100  func (s *ActionsService) GetRepoSecret(ctx context.Context, owner, repo, name string) (*Secret, *Response, error) {
   101  	u := fmt.Sprintf("repos/%v/%v/actions/secrets/%v", owner, repo, name)
   102  	req, err := s.client.NewRequest("GET", u, nil)
   103  	if err != nil {
   104  		return nil, nil, err
   105  	}
   106  
   107  	secret := new(Secret)
   108  	resp, err := s.client.Do(ctx, req, secret)
   109  	if err != nil {
   110  		return nil, resp, err
   111  	}
   112  
   113  	return secret, resp, nil
   114  }
   115  
   116  // SelectedRepoIDs are the repository IDs that have access to the secret.
   117  type SelectedRepoIDs []int64
   118  
   119  // EncryptedSecret represents a secret that is encrypted using a public key.
   120  //
   121  // The value of EncryptedValue must be your secret, encrypted with
   122  // LibSodium (see documentation here: https://libsodium.gitbook.io/doc/bindings_for_other_languages)
   123  // using the public key retrieved using the GetPublicKey method.
   124  type EncryptedSecret struct {
   125  	Name                  string          `json:"-"`
   126  	KeyID                 string          `json:"key_id"`
   127  	EncryptedValue        string          `json:"encrypted_value"`
   128  	Visibility            string          `json:"visibility,omitempty"`
   129  	SelectedRepositoryIDs SelectedRepoIDs `json:"selected_repository_ids,omitempty"`
   130  }
   131  
   132  // CreateOrUpdateRepoSecret creates or updates a repository secret with an encrypted value.
   133  //
   134  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#create-or-update-a-repository-secret
   135  func (s *ActionsService) CreateOrUpdateRepoSecret(ctx context.Context, owner, repo string, eSecret *EncryptedSecret) (*Response, error) {
   136  	u := fmt.Sprintf("repos/%v/%v/actions/secrets/%v", owner, repo, eSecret.Name)
   137  
   138  	req, err := s.client.NewRequest("PUT", u, eSecret)
   139  	if err != nil {
   140  		return nil, err
   141  	}
   142  
   143  	return s.client.Do(ctx, req, nil)
   144  }
   145  
   146  // DeleteRepoSecret deletes a secret in a repository using the secret name.
   147  //
   148  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#delete-a-repository-secret
   149  func (s *ActionsService) DeleteRepoSecret(ctx context.Context, owner, repo, name string) (*Response, error) {
   150  	u := fmt.Sprintf("repos/%v/%v/actions/secrets/%v", owner, repo, name)
   151  
   152  	req, err := s.client.NewRequest("DELETE", u, nil)
   153  	if err != nil {
   154  		return nil, err
   155  	}
   156  
   157  	return s.client.Do(ctx, req, nil)
   158  }
   159  
   160  // ListOrgSecrets lists all secrets available in an organization
   161  // without revealing their encrypted values.
   162  //
   163  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#list-organization-secrets
   164  func (s *ActionsService) ListOrgSecrets(ctx context.Context, org string, opts *ListOptions) (*Secrets, *Response, error) {
   165  	u := fmt.Sprintf("orgs/%v/actions/secrets", org)
   166  	u, err := addOptions(u, opts)
   167  	if err != nil {
   168  		return nil, nil, err
   169  	}
   170  
   171  	req, err := s.client.NewRequest("GET", u, nil)
   172  	if err != nil {
   173  		return nil, nil, err
   174  	}
   175  
   176  	secrets := new(Secrets)
   177  	resp, err := s.client.Do(ctx, req, &secrets)
   178  	if err != nil {
   179  		return nil, resp, err
   180  	}
   181  
   182  	return secrets, resp, nil
   183  }
   184  
   185  // GetOrgSecret gets a single organization secret without revealing its encrypted value.
   186  //
   187  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#get-an-organization-secret
   188  func (s *ActionsService) GetOrgSecret(ctx context.Context, org, name string) (*Secret, *Response, error) {
   189  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v", org, name)
   190  	req, err := s.client.NewRequest("GET", u, nil)
   191  	if err != nil {
   192  		return nil, nil, err
   193  	}
   194  
   195  	secret := new(Secret)
   196  	resp, err := s.client.Do(ctx, req, secret)
   197  	if err != nil {
   198  		return nil, resp, err
   199  	}
   200  
   201  	return secret, resp, nil
   202  }
   203  
   204  // CreateOrUpdateOrgSecret creates or updates an organization secret with an encrypted value.
   205  //
   206  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#create-or-update-an-organization-secret
   207  func (s *ActionsService) CreateOrUpdateOrgSecret(ctx context.Context, org string, eSecret *EncryptedSecret) (*Response, error) {
   208  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v", org, eSecret.Name)
   209  
   210  	req, err := s.client.NewRequest("PUT", u, eSecret)
   211  	if err != nil {
   212  		return nil, err
   213  	}
   214  
   215  	return s.client.Do(ctx, req, nil)
   216  }
   217  
   218  // SelectedReposList represents the list of repositories selected for an organization secret.
   219  type SelectedReposList struct {
   220  	TotalCount   *int          `json:"total_count,omitempty"`
   221  	Repositories []*Repository `json:"repositories,omitempty"`
   222  }
   223  
   224  // ListSelectedReposForOrgSecret lists all repositories that have access to a secret.
   225  //
   226  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#list-selected-repositories-for-an-organization-secret
   227  func (s *ActionsService) ListSelectedReposForOrgSecret(ctx context.Context, org, name string) (*SelectedReposList, *Response, error) {
   228  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories", org, name)
   229  	req, err := s.client.NewRequest("GET", u, nil)
   230  	if err != nil {
   231  		return nil, nil, err
   232  	}
   233  
   234  	result := new(SelectedReposList)
   235  	resp, err := s.client.Do(ctx, req, result)
   236  	if err != nil {
   237  		return nil, resp, err
   238  	}
   239  
   240  	return result, resp, nil
   241  }
   242  
   243  // SetSelectedReposForOrgSecret sets the repositories that have access to a secret.
   244  //
   245  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#set-selected-repositories-for-an-organization-secret
   246  func (s *ActionsService) SetSelectedReposForOrgSecret(ctx context.Context, org, name string, ids SelectedRepoIDs) (*Response, error) {
   247  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories", org, name)
   248  
   249  	type repoIDs struct {
   250  		SelectedIDs SelectedRepoIDs `json:"selected_repository_ids,omitempty"`
   251  	}
   252  
   253  	req, err := s.client.NewRequest("PUT", u, repoIDs{SelectedIDs: ids})
   254  	if err != nil {
   255  		return nil, err
   256  	}
   257  
   258  	return s.client.Do(ctx, req, nil)
   259  }
   260  
   261  // AddSelectedRepoToOrgSecret adds a repository to an organization secret.
   262  //
   263  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#add-selected-repository-to-an-organization-secret
   264  func (s *ActionsService) AddSelectedRepoToOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
   265  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories/%v", org, name, *repo.ID)
   266  	req, err := s.client.NewRequest("PUT", u, nil)
   267  	if err != nil {
   268  		return nil, err
   269  	}
   270  
   271  	return s.client.Do(ctx, req, nil)
   272  }
   273  
   274  // RemoveSelectedRepoFromOrgSecret removes a repository from an organization secret.
   275  //
   276  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#remove-selected-repository-from-an-organization-secret
   277  func (s *ActionsService) RemoveSelectedRepoFromOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
   278  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories/%v", org, name, *repo.ID)
   279  	req, err := s.client.NewRequest("DELETE", u, nil)
   280  	if err != nil {
   281  		return nil, err
   282  	}
   283  
   284  	return s.client.Do(ctx, req, nil)
   285  }
   286  
   287  // DeleteOrgSecret deletes a secret in an organization using the secret name.
   288  //
   289  // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/actions/#delete-an-organization-secret
   290  func (s *ActionsService) DeleteOrgSecret(ctx context.Context, org, name string) (*Response, error) {
   291  	u := fmt.Sprintf("orgs/%v/actions/secrets/%v", org, name)
   292  
   293  	req, err := s.client.NewRequest("DELETE", u, nil)
   294  	if err != nil {
   295  		return nil, err
   296  	}
   297  
   298  	return s.client.Do(ctx, req, nil)
   299  }
   300
View as plain text