diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c984df44..d172dd0e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -192,5 +192,5 @@ cat my-token.txt | podman secret create repo-secret - 4. Run the container ```bash -podman run --entrypoint /entrypoint.sh --secret repo-secret,type=env,target=GITHUB_TOKEN --env-file=envfile -v my-trestle-space:/data -w /data localhost:5000/trestlebot:latest +podman run --entrypoint /entrypoint.sh --secret repo-secret,type=env,target=TRESTLEBOT_REPO_ACCESS_TOKEN --env-file=envfile -v my-trestle-space:/data -w /data localhost:5000/trestlebot:latest ``` \ No newline at end of file diff --git a/actions/autosync/auto-sync-entrypoint.sh b/actions/autosync/auto-sync-entrypoint.sh index 35a4e713..7e084134 100644 --- a/actions/autosync/auto-sync-entrypoint.sh +++ b/actions/autosync/auto-sync-entrypoint.sh @@ -42,14 +42,4 @@ if [[ ${INPUT_VERBOSE} == true ]]; then command+=" --verbose" fi -# Only set the token value when is a target branch so pull requests can be created -if [[ -n ${INPUT_TARGET_BRANCH} ]]; then - if [[ -z ${GITHUB_TOKEN} ]]; then - echo "Set the GITHUB_TOKEN env variable." - exit 1 - fi - - command+=" --with-token - <<<\"${GITHUB_TOKEN}\"" -fi - eval "${command}" \ No newline at end of file diff --git a/actions/create-cd/create-cd-entrypoint.sh b/actions/create-cd/create-cd-entrypoint.sh index 5c62ec68..e051bb12 100644 --- a/actions/create-cd/create-cd-entrypoint.sh +++ b/actions/create-cd/create-cd-entrypoint.sh @@ -36,14 +36,4 @@ if [[ ${INPUT_DRY_RUN} == true ]]; then command+=" --dry-run" fi -# Only set the token value when is a target branch so pull requests can be created -if [[ -n ${INPUT_TARGET_BRANCH} ]]; then - if [[ -z ${GITHUB_TOKEN} ]]; then - echo "Set the GITHUB_TOKEN env variable." - exit 1 - fi - - command+=" --with-token - <<<\"${GITHUB_TOKEN}\"" -fi - eval "${command}" \ No newline at end of file diff --git a/actions/rules-transform/rules-transform-entrypoint.sh b/actions/rules-transform/rules-transform-entrypoint.sh index 681c8193..3131129e 100644 --- a/actions/rules-transform/rules-transform-entrypoint.sh +++ b/actions/rules-transform/rules-transform-entrypoint.sh @@ -31,15 +31,4 @@ if [[ ${INPUT_DRY_RUN} == true ]]; then command+=" --dry-run" fi - -# Only set the token value when is a target branch so pull requests can be created -if [[ -n ${INPUT_TARGET_BRANCH} ]]; then - if [[ -z ${GITHUB_TOKEN} ]]; then - echo "Set the GITHUB_TOKEN env variable." - exit 1 - fi - - command+=" --with-token - <<<\"${GITHUB_TOKEN}\"" -fi - eval "${command}" \ No newline at end of file diff --git a/actions/sync-upstreams/sync-upstreams-entrypoint.sh b/actions/sync-upstreams/sync-upstreams-entrypoint.sh index 5422ee73..8c38a84c 100644 --- a/actions/sync-upstreams/sync-upstreams-entrypoint.sh +++ b/actions/sync-upstreams/sync-upstreams-entrypoint.sh @@ -39,14 +39,4 @@ if [[ ${INPUT_SKIP_VALIDATION} == true ]]; then command+=" --skip-validation" fi -# Only set the token value when is a target branch so pull requests can be created -if [[ -n ${INPUT_TARGET_BRANCH} ]]; then - if [[ -z ${GITHUB_TOKEN} ]]; then - echo "Set the GITHUB_TOKEN env variable." - exit 1 - fi - - command+=" --with-token - <<<\"${GITHUB_TOKEN}\"" -fi - eval "${command}" \ No newline at end of file diff --git a/tests/trestlebot/entrypoints/test_entrypoint_base.py b/tests/trestlebot/entrypoints/test_entrypoint_base.py index 8aebaa3a..c765f1e8 100644 --- a/tests/trestlebot/entrypoints/test_entrypoint_base.py +++ b/tests/trestlebot/entrypoints/test_entrypoint_base.py @@ -35,6 +35,24 @@ def test_set_git_provider_with_github() -> None: assert isinstance(provider, GitHub) +@patch.dict( + "os.environ", + {"GITHUB_ACTIONS": "true", "TRESTLEBOT_REPO_ACCESS_TOKEN": "fake_token"}, +) +def test_set_git_provider_with_github_no_stdin() -> None: + """Test set_git_provider function in Entrypoint Base for GitHub Actions""" + with patch("sys.stdin", return_value=StringIO("fake_token")): + provider: Optional[GitProvider] + args = argparse.Namespace( + target_branch="main", + with_token=False, + git_provider_type="", + git_server_url="", + ) + provider = EntrypointBase.set_git_provider(args=args) + assert isinstance(provider, GitHub) + + @patch.dict( "os.environ", { @@ -105,8 +123,8 @@ def test_set_provider_with_no_token() -> None: args = argparse.Namespace(target_branch="main", with_token=False) with pytest.raises( EntrypointInvalidArgException, - match="Invalid args --with-token: with-token flag must be set to read from " - "standard input when using target-branch", + match="Invalid args --with-token: with-token flag must be set to read from standard input " + "or use TRESTLEBOT_REPO_ACCESS_TOKEN environment variable when using target-branch", ): EntrypointBase.set_git_provider(args=args) diff --git a/trestlebot/entrypoints/entrypoint_base.py b/trestlebot/entrypoints/entrypoint_base.py index 93bfbd26..53ad6e22 100644 --- a/trestlebot/entrypoints/entrypoint_base.py +++ b/trestlebot/entrypoints/entrypoint_base.py @@ -14,6 +14,7 @@ import argparse import logging +import os import sys from typing import List, Optional @@ -167,14 +168,18 @@ def set_git_provider(args: argparse.Namespace) -> Optional[GitProvider]: git_provider: Optional[GitProvider] = None if args.target_branch is not None: if not args.with_token: - raise EntrypointInvalidArgException( - "--with-token", - "with-token flag must be set to read from standard input when " - "using target-branch", - ) + # Attempts to read from env var + access_token = os.environ.get("TRESTLEBOT_REPO_ACCESS_TOKEN", "") + if not access_token: + raise EntrypointInvalidArgException( + "--with-token", + "with-token flag must be set to read from standard input or use " + "TRESTLEBOT_REPO_ACCESS_TOKEN environment variable when using target-branch", + ) else: - access_token = sys.stdin.read().strip() + access_token = sys.stdin.read() try: + access_token = access_token.strip() git_provider_type = args.git_provider_type git_server_url = args.git_server_url git_provider = GitProviderFactory.provider_factory(