Try env variables
This commit is contained in:
parent
6924f73ee0
commit
1bba665156
18
README.md
18
README.md
|
@ -69,9 +69,8 @@ jobs:
|
||||||
uses: actions/setup-java@v1
|
uses: actions/setup-java@v1
|
||||||
with:
|
with:
|
||||||
java-version: 1.8
|
java-version: 1.8
|
||||||
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
|
env:
|
||||||
username: ${{ github.actor }} # username for server authentication
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
password: ${{ github.token }} # password or token for authentication
|
|
||||||
|
|
||||||
- name: Build with Maven
|
- name: Build with Maven
|
||||||
run: mvn -B package --file pom.xml
|
run: mvn -B package --file pom.xml
|
||||||
|
@ -83,9 +82,12 @@ jobs:
|
||||||
uses: actions/setup-java@v1
|
uses: actions/setup-java@v1
|
||||||
with: # running setup-java again overwrites the settings.xml
|
with: # running setup-java again overwrites the settings.xml
|
||||||
java-version: 1.8
|
java-version: 1.8
|
||||||
server-id: maven
|
server-id: maven # Value of the distributionManagement/repository/id field of the pom.xml
|
||||||
server-username: maven_username
|
server-username: MAVEN_USERNAME # env variable for username below
|
||||||
server-password: ${{ secrets.MAVEN_CENTRAL_TOKEN }} # password from secrets store
|
server-password: MAVEN_CENTRAL_TOKEN # env variable for token below
|
||||||
|
env:
|
||||||
|
MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
|
||||||
|
MAVEN_USERNAME: maven_username123
|
||||||
|
|
||||||
- name: Publish to Apache Maven Central
|
- name: Publish to Apache Maven Central
|
||||||
run: mvn deploy
|
run: mvn deploy
|
||||||
|
@ -139,9 +141,9 @@ jobs:
|
||||||
with:
|
with:
|
||||||
java-version: 1.8
|
java-version: 1.8
|
||||||
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
|
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
|
||||||
server-username: ${{ github.actor }} # username for server authentication
|
|
||||||
server-password: ${{ github.token }} # password or token for authentication
|
|
||||||
settings-path: ${{ github.workspace }} # location for the settings.xml file
|
settings-path: ${{ github.workspace }} # location for the settings.xml file
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ github.token }}
|
||||||
|
|
||||||
- name: Build with Maven
|
- name: Build with Maven
|
||||||
run: mvn -B package --file pom.xml
|
run: mvn -B package --file pom.xml
|
||||||
|
|
|
@ -30,8 +30,8 @@ describe('auth tests', () => {
|
||||||
|
|
||||||
it('creates settings.xml in alternate locations', async () => {
|
it('creates settings.xml in alternate locations', async () => {
|
||||||
const id = 'packages';
|
const id = 'packages';
|
||||||
const username = 'bluebottle';
|
const username = 'UNAMI';
|
||||||
const password = 'SingleOrigin';
|
const password = 'TOLKIEN';
|
||||||
|
|
||||||
const altHome = path.join(__dirname, 'runner', 'settings');
|
const altHome = path.join(__dirname, 'runner', 'settings');
|
||||||
const altSettingsFile = path.join(altHome, auth.SETTINGS_FILE);
|
const altSettingsFile = path.join(altHome, auth.SETTINGS_FILE);
|
||||||
|
@ -55,8 +55,8 @@ describe('auth tests', () => {
|
||||||
|
|
||||||
it('creates settings.xml with username and password', async () => {
|
it('creates settings.xml with username and password', async () => {
|
||||||
const id = 'packages';
|
const id = 'packages';
|
||||||
const username = 'bluebottle';
|
const username = 'UNAME';
|
||||||
const password = 'SingleOrigin';
|
const password = 'TOKEN';
|
||||||
|
|
||||||
await auth.configAuthentication(id, username, password);
|
await auth.configAuthentication(id, username, password);
|
||||||
|
|
||||||
|
@ -69,8 +69,8 @@ describe('auth tests', () => {
|
||||||
|
|
||||||
it('overwrites existing settings.xml files', async () => {
|
it('overwrites existing settings.xml files', async () => {
|
||||||
const id = 'packages';
|
const id = 'packages';
|
||||||
const username = 'bluebottle';
|
const username = 'USERNAME';
|
||||||
const password = 'SingleOrigin';
|
const password = 'PASSWORD';
|
||||||
|
|
||||||
fs.mkdirSync(m2Dir, {recursive: true});
|
fs.mkdirSync(m2Dir, {recursive: true});
|
||||||
fs.writeFileSync(settingsFile, 'FAKE FILE');
|
fs.writeFileSync(settingsFile, 'FAKE FILE');
|
||||||
|
@ -87,30 +87,42 @@ describe('auth tests', () => {
|
||||||
}, 100000);
|
}, 100000);
|
||||||
|
|
||||||
it('does not create settings.xml without required parameters', async () => {
|
it('does not create settings.xml without required parameters', async () => {
|
||||||
await auth.configAuthentication('FOO', '', '');
|
await auth.configAuthentication('FOO');
|
||||||
|
|
||||||
expect(fs.existsSync(m2Dir)).toBe(false);
|
expect(fs.existsSync(m2Dir)).toBe(true);
|
||||||
expect(fs.existsSync(settingsFile)).toBe(false);
|
expect(fs.existsSync(settingsFile)).toBe(true);
|
||||||
|
expect(fs.readFileSync(settingsFile, 'utf-8')).toEqual(
|
||||||
|
auth.generate('FOO')
|
||||||
|
);
|
||||||
|
|
||||||
await auth.configAuthentication('', 'BAR', '');
|
await auth.configAuthentication(undefined, 'BAR', undefined);
|
||||||
|
|
||||||
expect(fs.existsSync(m2Dir)).toBe(false);
|
expect(fs.existsSync(m2Dir)).toBe(true);
|
||||||
expect(fs.existsSync(settingsFile)).toBe(false);
|
expect(fs.existsSync(settingsFile)).toBe(true);
|
||||||
|
expect(fs.readFileSync(settingsFile, 'utf-8')).toEqual(
|
||||||
|
auth.generate(undefined, 'BAR', undefined)
|
||||||
|
);
|
||||||
|
|
||||||
await auth.configAuthentication('', '', 'BAZ');
|
await auth.configAuthentication(undefined, undefined, 'BAZ');
|
||||||
|
|
||||||
expect(fs.existsSync(m2Dir)).toBe(false);
|
expect(fs.existsSync(m2Dir)).toBe(true);
|
||||||
expect(fs.existsSync(settingsFile)).toBe(false);
|
expect(fs.existsSync(settingsFile)).toBe(true);
|
||||||
|
expect(fs.readFileSync(settingsFile, 'utf-8')).toEqual(
|
||||||
|
auth.generate(undefined, undefined, 'BAZ')
|
||||||
|
);
|
||||||
|
|
||||||
await auth.configAuthentication('', '', '');
|
await auth.configAuthentication();
|
||||||
|
|
||||||
expect(fs.existsSync(m2Dir)).toBe(false);
|
expect(fs.existsSync(m2Dir)).toBe(true);
|
||||||
expect(fs.existsSync(settingsFile)).toBe(false);
|
expect(fs.existsSync(settingsFile)).toBe(true);
|
||||||
|
expect(fs.readFileSync(settingsFile, 'utf-8')).toEqual(
|
||||||
|
auth.generate(undefined, undefined, undefined)
|
||||||
|
);
|
||||||
}, 100000);
|
}, 100000);
|
||||||
|
|
||||||
it('escapes invalid XML inputs', () => {
|
it('escapes invalid XML inputs', () => {
|
||||||
const id = 'packages';
|
const id = 'packages';
|
||||||
const username = 'bluebottle';
|
const username = 'USER';
|
||||||
const password = '&<>"\'\'"><&';
|
const password = '&<>"\'\'"><&';
|
||||||
|
|
||||||
expect(auth.generate(id, username, password)).toEqual(`
|
expect(auth.generate(id, username, password)).toEqual(`
|
||||||
|
@ -118,8 +130,8 @@ describe('auth tests', () => {
|
||||||
<servers>
|
<servers>
|
||||||
<server>
|
<server>
|
||||||
<id>${id}</id>
|
<id>${id}</id>
|
||||||
<username>${username}</username>
|
<username>\${env.${username}}</username>
|
||||||
<password>&<>"''"><&</password>
|
<password>\${env.&<>"''"><&}</password>
|
||||||
</server>
|
</server>
|
||||||
</servers>
|
</servers>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
|
@ -24,11 +24,12 @@ inputs:
|
||||||
file.'
|
file.'
|
||||||
required: false
|
required: false
|
||||||
server-username:
|
server-username:
|
||||||
description: 'Username for authentication to the Apache Maven repository.'
|
description: 'Environment variable name for the username for authentication
|
||||||
|
to the Apache Maven repository.'
|
||||||
required: false
|
required: false
|
||||||
server-password:
|
server-password:
|
||||||
description: 'Password or token for authentication to the Apache Maven
|
description: 'Environment variable name for password or token for
|
||||||
repository.'
|
authentication to the Apache Maven repository.'
|
||||||
required: false
|
required: false
|
||||||
settings-path:
|
settings-path:
|
||||||
description: 'Path to where the settings.xml file will be written. Default is ~/.m2.'
|
description: 'Path to where the settings.xml file will be written. Default is ~/.m2.'
|
||||||
|
|
Binary file not shown.
51
src/auth.ts
51
src/auth.ts
|
@ -7,29 +7,28 @@ import * as io from '@actions/io';
|
||||||
export const M2_DIR = '.m2';
|
export const M2_DIR = '.m2';
|
||||||
export const SETTINGS_FILE = 'settings.xml';
|
export const SETTINGS_FILE = 'settings.xml';
|
||||||
|
|
||||||
|
export const DEFAULT_ID = 'github';
|
||||||
|
export const DEFAULT_USERNAME = 'GITHUB_ACTOR';
|
||||||
|
export const DEFAULT_PASSWORD = 'GITHUB_TOKEN';
|
||||||
|
|
||||||
export async function configAuthentication(
|
export async function configAuthentication(
|
||||||
id: string,
|
id = DEFAULT_ID,
|
||||||
username: string,
|
username = DEFAULT_USERNAME,
|
||||||
password: string
|
password = DEFAULT_PASSWORD
|
||||||
) {
|
) {
|
||||||
if (id && username && password) {
|
console.log(
|
||||||
console.log(
|
`creating ${SETTINGS_FILE} with server-id: ${id};`,
|
||||||
`creating ${SETTINGS_FILE} with server-id: ${id}, username: ${username}, and a password`
|
`environment variables: username=\$${username} and password=\$${password}`
|
||||||
);
|
);
|
||||||
// when an alternate m2 location is specified use only that location (no .m2 directory)
|
// when an alternate m2 location is specified use only that location (no .m2 directory)
|
||||||
// otherwise use the home/.m2/ path
|
// otherwise use the home/.m2/ path
|
||||||
const directory: string = path.join(
|
const directory: string = path.join(
|
||||||
core.getInput('settings-path') || os.homedir(),
|
core.getInput('settings-path') || os.homedir(),
|
||||||
core.getInput('settings-path') ? '' : M2_DIR
|
core.getInput('settings-path') ? '' : M2_DIR
|
||||||
);
|
);
|
||||||
await io.mkdirP(directory);
|
await io.mkdirP(directory);
|
||||||
core.debug(`created directory ${directory}`);
|
core.debug(`created directory ${directory}`);
|
||||||
await write(directory, generate(id, username, password));
|
await write(directory, generate(id, username, password));
|
||||||
} else {
|
|
||||||
core.debug(
|
|
||||||
`no ${SETTINGS_FILE} without server-id: ${id}, username: ${username}, and a password`
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function escapeXML(value: string) {
|
function escapeXML(value: string) {
|
||||||
|
@ -42,14 +41,18 @@ function escapeXML(value: string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// only exported for testing purposes
|
// only exported for testing purposes
|
||||||
export function generate(id: string, username: string, password: string) {
|
export function generate(
|
||||||
|
id = DEFAULT_ID,
|
||||||
|
username = DEFAULT_USERNAME,
|
||||||
|
password = DEFAULT_PASSWORD
|
||||||
|
) {
|
||||||
return `
|
return `
|
||||||
<settings>
|
<settings>
|
||||||
<servers>
|
<servers>
|
||||||
<server>
|
<server>
|
||||||
<id>${escapeXML(id)}</id>
|
<id>${escapeXML(id)}</id>
|
||||||
<username>${escapeXML(username)}</username>
|
<username>\${env.${escapeXML(username)}}</username>
|
||||||
<password>${escapeXML(password)}</password>
|
<password>\${env.${escapeXML(password)}}</password>
|
||||||
</server>
|
</server>
|
||||||
</servers>
|
</servers>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
|
@ -22,11 +22,7 @@ async function run() {
|
||||||
const username = core.getInput('server-username', {required: false});
|
const username = core.getInput('server-username', {required: false});
|
||||||
const password = core.getInput('server-password', {required: false});
|
const password = core.getInput('server-password', {required: false});
|
||||||
|
|
||||||
if (id && username && password) {
|
await auth.configAuthentication(id, username, password);
|
||||||
await auth.configAuthentication(id, username, password);
|
|
||||||
} else if (id || username || password) {
|
|
||||||
console.warn('All 3 server-(id, username, and password) are required.');
|
|
||||||
}
|
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
core.setFailed(error.message);
|
core.setFailed(error.message);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue