Add organization secret API support #1535
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1535 +/- ##
==========================================
- Coverage 68.03% 67.87% -0.16%
==========================================
Files 94 94
Lines 8528 8654 +126
==========================================
+ Hits 5802 5874 +72
- Misses 1844 1880 +36
- Partials 882 900 +18
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
This is looking great, @nightlark ! Thank you for all the research and obvious effort that you have put into this... I really like it.
I've made a few suggestions, please let me know what you think.
github/actions_secrets.go
Outdated
| @@ -92,6 +113,11 @@ func (s *ActionsService) GetSecret(ctx context.Context, owner, repo, name string | |||
| return secret, resp, nil | |||
| } | |||
|
|
|||
| // SelectedRepositoryIDs are the repository IDs that have access to the secret. | |||
| type SelectedRepositoryIDs struct { | |||
There was a problem hiding this comment.
Instead of making this a struct, how about if we make it a type so that it can be used more easily both within a response and as a request parameter?
type SelectedRepoIDs []int64
github/actions_secrets.go
Outdated
| @@ -101,12 +127,14 @@ type EncryptedSecret struct { | |||
| Name string `json:"-"` | |||
| KeyID string `json:"key_id"` | |||
| EncryptedValue string `json:"encrypted_value"` | |||
| Visibility string `json:"visibility,omitempty"` | |||
| SelectedRepositoryIDs | |||
There was a problem hiding this comment.
Then this would become:
SelectedRepositoryIDs SelectedRepoIDs `json:"selected_repository_ids,omitempty"`
Note the long field name to correspond to the long JSON parameter name but the shorter type name.
github/actions_secrets.go
Outdated
| @@ -16,10 +16,10 @@ type PublicKey struct { | |||
| Key *string `json:"key"` | |||
| } | |||
|
|
|||
| // GetPublicKey gets a public key that should be used for secret encryption. | |||
| // GetRepositoryPublicKey gets a public key that should be used for secret encryption. | |||
There was a problem hiding this comment.
When names get impractically long (not that this one is, but down below... and you mentioned it in the issue),
in other places in this repo we have chosen to shorten "Repository" to "Repo" and "Organization" to "Org".
I think that would work well here... but let's go through these modified files and be consistent with the renaming since this is a breaking-API-change PR anyway.
So this would be GetRepoPublicKey.
github/actions_secrets.go
Outdated
| @@ -35,11 +35,32 @@ func (s *ActionsService) GetPublicKey(ctx context.Context, owner, repo string) ( | |||
| return pubKey, resp, nil | |||
| } | |||
|
|
|||
| // GetOrganizationPublicKey gets a public key that should be used for secret encryption. | |||
github/actions_secrets.go
Outdated
| @@ -48,12 +69,12 @@ type Secrets struct { | |||
| Secrets []*Secret `json:"secrets"` | |||
| } | |||
|
|
|||
| // ListSecrets lists all secrets available in a repository | |||
| // ListRepositorySecrets lists all secrets available in a repository | |||
github/actions_secrets.go
Outdated
| return result, resp, nil | ||
| } | ||
|
|
||
| // SetSelectedRepositoriesForOrganizationSecret sets the repositories that have access to a secret. |
There was a problem hiding this comment.
SetSelectedReposForOrgSecret
github/actions_secrets.go
Outdated
| return s.client.Do(ctx, req, nil) | ||
| } | ||
|
|
||
| // AddSelectedRepositoryToOrganizationSecret adds a repository to an organization secret. |
There was a problem hiding this comment.
AddSelectedRepoToOrgSecret
github/actions_secrets.go
Outdated
| return s.client.Do(ctx, req, nil) | ||
| } | ||
|
|
||
| // RemoveSelectedRepositoryFromOrganizationSecret removes a repository from an organization secret. |
There was a problem hiding this comment.
RemoveSelectedRepoFromOrgSecret
github/actions_secrets.go
Outdated
| // GitHub API docs: https://developer.github.com/v3/actions/secrets/#set-selected-repositories-for-an-organization-secret | ||
| func (s *ActionsService) SetSelectedRepositoriesForOrganizationSecret(ctx context.Context, org, name string, ids SelectedRepositoryIDs) (*Response, error) { | ||
| u := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories", org, name) | ||
| req, err := s.client.NewRequest("PUT", u, ids) |
There was a problem hiding this comment.
Because of my type ... []int64 suggestion above, you will have to wrap this into a private struct with the appropriate json tag to make this work again... but I think it still makes the API cleaner and easier for users of this repo, so I think it is a better way to go.
github/actions_secrets.go
Outdated
| return s.client.Do(ctx, req, nil) | ||
| } | ||
|
|
||
| // DeleteOrganizationSecret deletes a secret in an organization using the secret name. |
There was a problem hiding this comment.
Thank you, @nightlark!
LGTM.
Awaiting second LGTM before merging.
|
Thank you, @wesleimp! |
|
Thanks for all the work on this, any idea when this may get released? |
|
We could put together a release today. |
|
Could you, @z0mbix or you, @andrew-waters please review #1534 for me to get the one outstanding breaking API change into the release before I bump the major version again? Thank you! |
|
I'm unable to review here @gmlewis, I'm not a maintainer - I'm here for https://github.com/terraform-providers/terraform-provider-github/issues/468 |
|
Thank you, @andrew-waters - just to clarify, this repo is completely run by volunteers and all our code reviewers are Go programmers who are also volunteers. So I welcome your reviews, as that would help me unblock this next release. 😄 |
|
LGTM, I’ve approved it. |
|
Ah ok, thanks @gmlewis - I hadn't realised and didn't fancy stepping on toes here 😄 . I've added a second approval too |
|
@z0mbix - we have now released v32: https://github.com/google/go-github/releases/tag/v32.0.0 |
|
Thank you! 🙇 |
|
You're welcome! Now, if we could just get the Go proxy to recognize it so we can start using it! https://pkg.go.dev/mod/github.com/google/go-github/v32 |
|
OK, |
Related to #1525 and #1532.
Adds organization secrets https://developer.github.com/v3/actions/secrets/#get-an-organization-public-key and updates the repository secret actions API (probably would match how they would be named if org support had been in from the beginning, though it would be considered a breaking change).
Some possible issues:
SecretandEncryptedSecretfor organization secrets that repository secrets don't have: does omitempty make sense or should they be separate structs?SetSelectedRepositoriesForOrganizationSecretor is there a cleaner way to do this and use int64[] directly?