1 // Copyright 2023 The go-github AUTHORS. All rights reserved. 2 // 3 // Use of this source code is governed by a BSD-style 4 // license that can be found in the LICENSE file. 5 6 package github 7 8 import ( 9 "context" 10 "fmt" 11 ) 12 13 // ListUserSecrets list all secrets available for a users codespace 14 // 15 // Lists all secrets available for a user's Codespaces without revealing their encrypted values 16 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint 17 // GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint. 18 // 19 // GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#list-secrets-for-the-authenticated-user 20 func (s *CodespacesService) ListUserSecrets(ctx context.Context, opts *ListOptions) (*Secrets, *Response, error) { 21 u, err := addOptions("user/codespaces/secrets", opts) 22 if err != nil { 23 return nil, nil, err 24 } 25 return s.listSecrets(ctx, u) 26 } 27 28 // ListOrgSecrets list all secrets available to an org 29 // 30 // Lists all Codespaces secrets available at the organization-level without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. 31 // 32 // GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#list-organization-secrets 33 func (s *CodespacesService) ListOrgSecrets(ctx context.Context, org string, opts *ListOptions) (*Secrets, *Response, error) { 34 u := fmt.Sprintf("orgs/%v/codespaces/secrets", org) 35 u, err := addOptions(u, opts) 36 if err != nil { 37 return nil, nil, err 38 } 39 return s.listSecrets(ctx, u) 40 } 41 42 // ListRepoSecrets list all secrets available to a repo 43 // 44 // Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint. 45 // 46 // GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#list-repository-secrets 47 func (s *CodespacesService) ListRepoSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) { 48 u := fmt.Sprintf("repos/%v/%v/codespaces/secrets", owner, repo) 49 u, err := addOptions(u, opts) 50 if err != nil { 51 return nil, nil, err 52 } 53 return s.listSecrets(ctx, u) 54 } 55 56 func (s *CodespacesService) listSecrets(ctx context.Context, url string) (*Secrets, *Response, error) { 57 req, err := s.client.NewRequest("GET", url, nil) 58 if err != nil { 59 return nil, nil, err 60 } 61 62 var secrets *Secrets 63 resp, err := s.client.Do(ctx, req, &secrets) 64 if err != nil { 65 return nil, resp, err 66 } 67 68 return secrets, resp, nil 69 } 70 71 // GetUserPublicKey gets the users public key for encrypting codespace secrets 72 // 73 // Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. 74 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. 75 // GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint. 76 // 77 // GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#get-public-key-for-the-authenticated-user 78 func (s *CodespacesService) GetUserPublicKey(ctx context.Context) (*PublicKey, *Response, error) { 79 return s.getPublicKey(ctx, "user/codespaces/secrets/public-key") 80 } 81 82 // GetOrgPublicKey gets the org public key for encrypting codespace secrets 83 // 84 // Gets a public key for an organization, which is required in order to encrypt secrets. You need to encrypt the value of a secret before you can create or update secrets. You must authenticate using an access token with the admin:org scope to use this endpoint. 85 // 86 // GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#get-an-organization-public-key 87 func (s *CodespacesService) GetOrgPublicKey(ctx context.Context, org string) (*PublicKey, *Response, error) { 88 return s.getPublicKey(ctx, fmt.Sprintf("orgs/%v/codespaces/secrets/public-key", org)) 89 } 90 91 // GetRepoPublicKey gets the repo public key for encrypting codespace secrets 92 // 93 // Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint. 94 // 95 // GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#get-a-repository-public-key 96 func (s *CodespacesService) GetRepoPublicKey(ctx context.Context, owner, repo string) (*PublicKey, *Response, error) { 97 return s.getPublicKey(ctx, fmt.Sprintf("repos/%v/%v/codespaces/secrets/public-key", owner, repo)) 98 } 99 100 func (s *CodespacesService) getPublicKey(ctx context.Context, url string) (*PublicKey, *Response, error) { 101 req, err := s.client.NewRequest("GET", url, nil) 102 if err != nil { 103 return nil, nil, err 104 } 105 106 var publicKey *PublicKey 107 resp, err := s.client.Do(ctx, req, &publicKey) 108 if err != nil { 109 return nil, resp, err 110 } 111 112 return publicKey, resp, nil 113 } 114 115 // GetUserSecret gets a users codespace secret 116 // 117 // Gets a secret available to a user's codespaces without revealing its encrypted value. 118 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. 119 // GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint. 120 // 121 // GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#get-a-secret-for-the-authenticated-user 122 func (s *CodespacesService) GetUserSecret(ctx context.Context, name string) (*Secret, *Response, error) { 123 u := fmt.Sprintf("user/codespaces/secrets/%v", name) 124 return s.getSecret(ctx, u) 125 } 126 127 // GetOrgSecret gets an org codespace secret 128 // 129 // Gets an organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. 130 // 131 // GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#get-an-organization-secret 132 func (s *CodespacesService) GetOrgSecret(ctx context.Context, org, name string) (*Secret, *Response, error) { 133 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v", org, name) 134 return s.getSecret(ctx, u) 135 } 136 137 // GetRepoSecret gets a repo codespace secret 138 // 139 // Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint. 140 // 141 // GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#get-a-repository-secret 142 func (s *CodespacesService) GetRepoSecret(ctx context.Context, owner, repo, name string) (*Secret, *Response, error) { 143 u := fmt.Sprintf("repos/%v/%v/codespaces/secrets/%v", owner, repo, name) 144 return s.getSecret(ctx, u) 145 } 146 147 func (s *CodespacesService) getSecret(ctx context.Context, url string) (*Secret, *Response, error) { 148 req, err := s.client.NewRequest("GET", url, nil) 149 if err != nil { 150 return nil, nil, err 151 } 152 153 var secret *Secret 154 resp, err := s.client.Do(ctx, req, &secret) 155 if err != nil { 156 return nil, resp, err 157 } 158 159 return secret, resp, nil 160 } 161 162 // CreateOrUpdateUserSecret creates or updates a users codespace secret 163 // 164 // Creates or updates a secret for a user's codespace with an encrypted value. Encrypt your secret using LibSodium. 165 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must also have Codespaces access to use this endpoint. 166 // GitHub Apps must have write access to the codespaces_user_secrets user permission and codespaces_secrets repository permission on all referenced repositories to use this endpoint. 167 // 168 // GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#create-or-update-a-secret-for-the-authenticated-user 169 func (s *CodespacesService) CreateOrUpdateUserSecret(ctx context.Context, eSecret *EncryptedSecret) (*Response, error) { 170 u := fmt.Sprintf("user/codespaces/secrets/%v", eSecret.Name) 171 return s.createOrUpdateSecret(ctx, u, eSecret) 172 } 173 174 // CreateOrUpdateOrgSecret creates or updates an orgs codespace secret 175 // 176 // Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint. 177 // 178 // GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret 179 func (s *CodespacesService) CreateOrUpdateOrgSecret(ctx context.Context, org string, eSecret *EncryptedSecret) (*Response, error) { 180 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v", org, eSecret.Name) 181 return s.createOrUpdateSecret(ctx, u, eSecret) 182 } 183 184 // CreateOrUpdateRepoSecret creates or updates a repos codespace secret 185 // 186 // Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint. 187 // 188 // GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#create-or-update-a-repository-secret 189 func (s *CodespacesService) CreateOrUpdateRepoSecret(ctx context.Context, owner, repo string, eSecret *EncryptedSecret) (*Response, error) { 190 u := fmt.Sprintf("repos/%v/%v/codespaces/secrets/%v", owner, repo, eSecret.Name) 191 return s.createOrUpdateSecret(ctx, u, eSecret) 192 } 193 194 func (s *CodespacesService) createOrUpdateSecret(ctx context.Context, url string, eSecret *EncryptedSecret) (*Response, error) { 195 req, err := s.client.NewRequest("PUT", url, eSecret) 196 if err != nil { 197 return nil, err 198 } 199 200 resp, err := s.client.Do(ctx, req, nil) 201 if err != nil { 202 return resp, err 203 } 204 205 return resp, nil 206 } 207 208 // DeleteUserSecret deletes a users codespace secret 209 // 210 // Deletes a secret from a user's codespaces using the secret name. Deleting the secret will remove access from all codespaces that were allowed to access the secret. 211 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. 212 // GitHub Apps must have write access to the codespaces_user_secrets user permission to use this endpoint. 213 // 214 // GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#delete-a-secret-for-the-authenticated-user 215 func (s *CodespacesService) DeleteUserSecret(ctx context.Context, name string) (*Response, error) { 216 u := fmt.Sprintf("user/codespaces/secrets/%v", name) 217 return s.deleteSecret(ctx, u) 218 } 219 220 // DeleteOrgSecret deletes an orgs codespace secret 221 // 222 // Deletes an organization secret using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint. 223 // 224 // GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#delete-an-organization-secret 225 func (s *CodespacesService) DeleteOrgSecret(ctx context.Context, org, name string) (*Response, error) { 226 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v", org, name) 227 return s.deleteSecret(ctx, u) 228 } 229 230 // DeleteRepoSecret deletes a repos codespace secret 231 // 232 // Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint. 233 // 234 // GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#delete-a-repository-secret 235 func (s *CodespacesService) DeleteRepoSecret(ctx context.Context, owner, repo, name string) (*Response, error) { 236 u := fmt.Sprintf("repos/%v/%v/codespaces/secrets/%v", owner, repo, name) 237 return s.deleteSecret(ctx, u) 238 } 239 240 func (s *CodespacesService) deleteSecret(ctx context.Context, url string) (*Response, error) { 241 req, err := s.client.NewRequest("DELETE", url, nil) 242 if err != nil { 243 return nil, err 244 } 245 246 resp, err := s.client.Do(ctx, req, nil) 247 if err != nil { 248 return resp, err 249 } 250 251 return resp, nil 252 } 253 254 // ListSelectedReposForUserSecret lists the repositories that have been granted the ability to use a user's codespace secret. 255 // 256 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. 257 // GitHub Apps must have read access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on all referenced repositories to use this endpoint. 258 // 259 // GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#list-selected-repositories-for-a-user-secret 260 func (s *CodespacesService) ListSelectedReposForUserSecret(ctx context.Context, name string, opts *ListOptions) (*SelectedReposList, *Response, error) { 261 u := fmt.Sprintf("user/codespaces/secrets/%v/repositories", name) 262 u, err := addOptions(u, opts) 263 if err != nil { 264 return nil, nil, err 265 } 266 267 return s.listSelectedReposForSecret(ctx, u) 268 } 269 270 // ListSelectedReposForOrgSecret lists the repositories that have been granted the ability to use an organization's codespace secret. 271 // 272 // Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected. You must authenticate using an access token with the admin:org scope to use this endpoint. 273 // 274 // GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#list-selected-repositories-for-an-organization-secret 275 func (s *CodespacesService) ListSelectedReposForOrgSecret(ctx context.Context, org, name string, opts *ListOptions) (*SelectedReposList, *Response, error) { 276 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories", org, name) 277 u, err := addOptions(u, opts) 278 if err != nil { 279 return nil, nil, err 280 } 281 282 return s.listSelectedReposForSecret(ctx, u) 283 } 284 285 func (s *CodespacesService) listSelectedReposForSecret(ctx context.Context, url string) (*SelectedReposList, *Response, error) { 286 req, err := s.client.NewRequest("GET", url, nil) 287 if err != nil { 288 return nil, nil, err 289 } 290 291 var repositories *SelectedReposList 292 resp, err := s.client.Do(ctx, req, &repositories) 293 if err != nil { 294 return nil, resp, err 295 } 296 297 return repositories, resp, nil 298 } 299 300 // SetSelectedReposForUserSecret sets the repositories that have been granted the ability to use a user's codespace secret. 301 // 302 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. 303 // GitHub Apps must have write access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on all referenced repositories to use this endpoint. 304 // 305 // Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#set-selected-repositories-for-a-user-secret 306 func (s *CodespacesService) SetSelectedReposForUserSecret(ctx context.Context, name string, ids SelectedRepoIDs) (*Response, error) { 307 u := fmt.Sprintf("user/codespaces/secrets/%v/repositories", name) 308 return s.setSelectedRepoForSecret(ctx, u, ids) 309 } 310 311 // SetSelectedReposForOrgSecret sets the repositories that have been granted the ability to use a user's codespace secret. 312 // 313 // Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. 314 // 315 // Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#set-selected-repositories-for-a-user-secret 316 func (s *CodespacesService) SetSelectedReposForOrgSecret(ctx context.Context, org, name string, ids SelectedRepoIDs) (*Response, error) { 317 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories", org, name) 318 return s.setSelectedRepoForSecret(ctx, u, ids) 319 } 320 321 func (s *CodespacesService) setSelectedRepoForSecret(ctx context.Context, url string, ids SelectedRepoIDs) (*Response, error) { 322 type repoIDs struct { 323 SelectedIDs SelectedRepoIDs `json:"selected_repository_ids"` 324 } 325 326 req, err := s.client.NewRequest("PUT", url, repoIDs{SelectedIDs: ids}) 327 if err != nil { 328 return nil, err 329 } 330 331 resp, err := s.client.Do(ctx, req, nil) 332 if err != nil { 333 return resp, err 334 } 335 336 return resp, nil 337 } 338 339 // AddSelectedRepoToUserSecret adds a repository to the list of repositories that have been granted the ability to use a user's codespace secret. 340 // 341 // Adds a repository to the selected repositories for a user's codespace secret. You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. GitHub Apps must have write access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on the referenced repository to use this endpoint. 342 // 343 // Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#add-a-selected-repository-to-a-user-secret 344 func (s *CodespacesService) AddSelectedRepoToUserSecret(ctx context.Context, name string, repo *Repository) (*Response, error) { 345 u := fmt.Sprintf("user/codespaces/secrets/%v/repositories/%v", name, *repo.ID) 346 return s.addSelectedRepoToSecret(ctx, u) 347 } 348 349 // AddSelectedRepoToOrgSecret adds a repository to the list of repositories that have been granted the ability to use an organization's codespace secret. 350 // 351 // Adds a repository to an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. 352 // 353 // Github API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#add-selected-repository-to-an-organization-secret 354 func (s *CodespacesService) AddSelectedRepoToOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) { 355 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories/%v", org, name, *repo.ID) 356 return s.addSelectedRepoToSecret(ctx, u) 357 } 358 359 func (s *CodespacesService) addSelectedRepoToSecret(ctx context.Context, url string) (*Response, error) { 360 req, err := s.client.NewRequest("PUT", url, nil) 361 if err != nil { 362 return nil, err 363 } 364 365 resp, err := s.client.Do(ctx, req, nil) 366 if err != nil { 367 return resp, err 368 } 369 370 return resp, nil 371 } 372 373 // RemoveSelectedRepoFromUserSecret removes a repository from the list of repositories that have been granted the ability to use a user's codespace secret. 374 // 375 // Removes a repository from the selected repositories for a user's codespace secret. You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. GitHub Apps must have write access to the codespaces_user_secrets user permission to use this endpoint. 376 // 377 // Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#remove-a-selected-repository-from-a-user-secret 378 func (s *CodespacesService) RemoveSelectedRepoFromUserSecret(ctx context.Context, name string, repo *Repository) (*Response, error) { 379 u := fmt.Sprintf("user/codespaces/secrets/%v/repositories/%v", name, *repo.ID) 380 return s.removeSelectedRepoFromSecret(ctx, u) 381 } 382 383 // RemoveSelectedRepoFromOrgSecret removes a repository from the list of repositories that have been granted the ability to use an organization's codespace secret. 384 // 385 // Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. 386 // 387 // Github API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#remove-selected-repository-from-an-organization-secret 388 func (s *CodespacesService) RemoveSelectedRepoFromOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) { 389 u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories/%v", org, name, *repo.ID) 390 return s.removeSelectedRepoFromSecret(ctx, u) 391 } 392 393 func (s *CodespacesService) removeSelectedRepoFromSecret(ctx context.Context, url string) (*Response, error) { 394 req, err := s.client.NewRequest("DELETE", url, nil) 395 if err != nil { 396 return nil, err 397 } 398 399 resp, err := s.client.Do(ctx, req, nil) 400 if err != nil { 401 return resp, err 402 } 403 404 return resp, nil 405 } 406