Skip to content

Commit

Permalink
docs: adds guidance in action files around the "github_token" input
Browse files Browse the repository at this point in the history
Signed-off-by: Jennifer Power <[email protected]>
  • Loading branch information
jpower432 committed May 3, 2024
1 parent e143ffc commit 79aad6e
Show file tree
Hide file tree
Showing 8 changed files with 28 additions and 12 deletions.
4 changes: 3 additions & 1 deletion actions/autosync/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ name: Example Workflow
| markdown_path | Path relative to the repository path where the Trestle markdown files are located. See action README.md for more information. | None | True |
| oscal_model | OSCAL Model type to assemble. Values can be catalog, profile, compdef, or ssp. | None | True |
| dry_run | Runs tasks without pushing changes to the repository. | false | False |
| github_token | GitHub token used to make authenticated API requests | None | False |
| github_token | "GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do nothardcode the token."
| None | False |
| version | Version of the OSCAL model to set during assembly into JSON. | None | False |
| skip_assemble | Skip assembly task. Defaults to false | false | False |
| skip_regenerate | Skip regenerate task. Defaults to false. | false | False |
Expand Down
6 changes: 4 additions & 2 deletions actions/autosync/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,9 @@ inputs:
required: false
default: "false"
github_token:
description: "GitHub token used to make authenticated API requests"
description: |
"GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do nothardcode the token."
required: false
version:
description: "Version of the OSCAL model to set during assembly into JSON."
Expand Down Expand Up @@ -91,7 +93,7 @@ runs:
image: "../../Dockerfile"
entrypoint: "/auto-sync-entrypoint.sh"
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
TRESTLEBOT_REPO_ACCESS_TOKEN: ${{ inputs.github_token }}

branding:
icon: "check"
Expand Down
4 changes: 3 additions & 1 deletion actions/create-cd/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ name: Example Workflow
| component_description | Description of the component to create | None | True |
| filter_by_profile | Name of the profile in the workspace to filter controls by | None | False |
| dry_run | Runs tasks without pushing changes to the repository. | false | False |
| github_token | GitHub token used to make authenticated API requests | None | False |
| github_token | "GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do nothardcode the token."
| None | False |
| commit_message | Commit message | Sync automatic updates | False |
| pull_request_title | Custom pull request title | Automatic updates from trestlebot | False |
| branch | Name of the Git branch to which modifications should be pushed. Required if Action is used on the `pull_request` event. | ${{ github.ref_name }} | False |
Expand Down
6 changes: 4 additions & 2 deletions actions/create-cd/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,9 @@ inputs:
required: false
default: "false"
github_token:
description: "GitHub token used to make authenticated API requests"
description: |
"GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do nothardcode the token."
required: false
commit_message:
description: Commit message
Expand Down Expand Up @@ -89,7 +91,7 @@ runs:
image: "../../Dockerfile"
entrypoint: "/create-cd-entrypoint.sh"
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
TRESTLEBOT_REPO_ACCESS_TOKEN: ${{ inputs.github_token }}

branding:
icon: "check"
Expand Down
4 changes: 3 additions & 1 deletion actions/rules-transform/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,9 @@ With custom rules directory:
| --- | --- | --- | --- |
| rules_view_path | Path relative to the repository path where the Trestle rules view files are located. Defaults to `rules/`. | rules/ | False |
| dry_run | Runs tasks without pushing changes to the repository. | false | False |
| github_token | GitHub token used to make authenticated API requests | None | False |
| github_token | "GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do not hardcode the token."
| None | False |
| skip_items | Comma-separated glob patterns list of content by Trestle name to skip during task execution. For example `compdef_x,compdef_y*,`. | None | False |
| commit_message | Commit message | Sync automatic updates | False |
| pull_request_title | Custom pull request title | Automatic updates from trestlebot | False |
Expand Down
6 changes: 4 additions & 2 deletions actions/rules-transform/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,9 @@ inputs:
required: false
default: "false"
github_token:
description: "GitHub token used to make authenticated API requests"
description: |
"GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do not hardcode the token."
required: false
skip_items:
description: "Comma-separated glob patterns list of content by Trestle name to skip during task execution. For example `compdef_x,compdef_y*,`."
Expand Down Expand Up @@ -74,7 +76,7 @@ runs:
image: "../../Dockerfile"
entrypoint: "/rules-transform-entrypoint.sh"
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
TRESTLEBOT_REPO_ACCESS_TOKEN: ${{ inputs.github_token }}

branding:
icon: "check"
Expand Down
4 changes: 3 additions & 1 deletion actions/sync-upstreams/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,9 @@ name: Example Workflow
| --- | --- | --- | --- |
| sources | A newline separated list of upstream sources to sync with a repo@branch format. For example, `https://github.com/myorg/myprofiles@main` | None | True |
| dry_run | Runs tasks without pushing changes to the repository. | false | False |
| github_token | GitHub token used to make authenticated API requests | None | False |
| github_token | "GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do nothardcode the token."
| None | False |
| include_model_names | Comma-separated glob pattern list of model names (i.e. trestle directory name) to include in the sync. For example, `*framework-v2`. Defaults to include all model names. | None | False |
| exclude_model_names | Comma-separated glob pattern of model names (i.e. trestle directory name) to exclude from the sync. For example, `*framework-v1`. Defaults to skip no model names. | None | False |
| skip_validation | Skip validation of the upstream OSCAL content. Defaults to false | false | False |
Expand Down
6 changes: 4 additions & 2 deletions actions/sync-upstreams/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,9 @@ inputs:
required: false
default: "false"
github_token:
description: "GitHub token used to make authenticated API requests"
description: |
"GitHub token used to make authenticated API requests.
Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do nothardcode the token."
required: false
include_model_names:
description: "Comma-separated glob pattern list of model names (i.e. trestle directory name) to include in the sync. For example, `*framework-v2`. Defaults to include all model names."
Expand Down Expand Up @@ -80,7 +82,7 @@ runs:
image: "../../Dockerfile"
entrypoint: "/sync-upstreams-entrypoint.sh"
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
TRESTLEBOT_REPO_ACCESS_TOKEN: ${{ inputs.github_token }}

branding:
icon: "check"
Expand Down

0 comments on commit 79aad6e

Please sign in to comment.