diff --git a/.github/actions/GithubToken/action.yaml b/.github/actions/GithubToken/action.yaml deleted file mode 100644 index 89d2dea..0000000 --- a/.github/actions/GithubToken/action.yaml +++ /dev/null @@ -1,42 +0,0 @@ -name: 'Generate GitHub App Token' -description: 'Generates a GitHub App installation access token.' - -inputs: - app_id: - description: 'GitHub App ID' - required: true - installation_id: - description: 'GitHub App Installation ID' - required: true - private_key: - description: 'GitHub App Private Key' - required: true - -outputs: - token: - description: 'The generated GitHub App installation access token.' - value: ${{ steps.generate_token_script.outputs.token }} - -runs: - using: 'composite' - steps: - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.x' - - - name: Install dependencies - shell: bash - run: pip install -r ${{ github.action_path }}/requirements.txt - - - name: Generate token - id: generate_token_script - shell: bash - run: | - TOKEN=$(python ${{ github.action_path }}/generate_token.py) - echo "::add-mask::$TOKEN" - echo "token=$TOKEN" >> $GITHUB_OUTPUT - env: - github_app_id: ${{ inputs.app_id }} - github_app_installation_id: ${{ inputs.installation_id }} - github_app_private_key: ${{ inputs.private_key }} diff --git a/.github/actions/GithubToken/generate_token.py b/.github/actions/GithubToken/generate_token.py deleted file mode 100644 index ff18c97..0000000 --- a/.github/actions/GithubToken/generate_token.py +++ /dev/null @@ -1,49 +0,0 @@ -import os -import time - -import jwt -import requests - -app_id = os.getenv("github_app_id") -installation_id = os.getenv("github_app_installation_id") -private_key = os.getenv("github_app_private_key") - - -if not all([app_id, installation_id, private_key]): - raise ValueError("One or more required environment variables are missing") - - -now = int(time.time()) -payload = { - "iat": now, # Issued at time - "exp": now + (10 * 60), # JWT expiration time (10 minutes) - "iss": app_id, # GitHub App ID -} - -try: - jwt_token = jwt.encode(payload, private_key, algorithm="RS256") -except Exception as e: - raise ValueError(f"Error encoding JWT: {e}") from e - -headers = { - "Authorization": f"Bearer {jwt_token}", - "Accept": "application/vnd.github+json", -} - -url = f"https://api.github.com/app/installations/{installation_id}/access_tokens" - - -try: - response = requests.post(url, headers=headers) - response.raise_for_status() # Raise an error for bad status codes -except requests.exceptions.HTTPError as http_err: - raise SystemExit(f"HTTP error occurred: {http_err}") from http_err -except Exception as err: - raise SystemExit(f"Other error occurred: {err}") from err - -# Extract and print the access token -installation_access_token = response.json().get("token") -if installation_access_token: - print(installation_access_token) -else: - raise ValueError("Access token not found in the response") diff --git a/.github/actions/GithubToken/requirements.txt b/.github/actions/GithubToken/requirements.txt deleted file mode 100644 index 9b6bfb7..0000000 --- a/.github/actions/GithubToken/requirements.txt +++ /dev/null @@ -1,3 +0,0 @@ -pyjwt==2.12.1 -cryptography==47.0.0 -requests==2.33.1 diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3117520..bf49a1d 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,14 +8,6 @@ updates: prefix: "fix" include: "scope" - - package-ecosystem: "pip" - directory: "/.github/actions/GithubToken" - schedule: - interval: "weekly" - commit-message: - prefix: "fix" - include: "scope" - - package-ecosystem: "github-actions" directory: "/" schedule: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 29c223c..482a194 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,11 +24,10 @@ jobs: - name: Generate GitHub App Token id: app_token_generator - uses: ./.github/actions/GithubToken + uses: actions/create-github-app-token@v3 with: - app_id: ${{ secrets.APP_ID }} - installation_id: ${{ secrets.INSTALLATION_ID }} - private_key: ${{ secrets.APP_PRIVATE_KEY }} + client-id: ${{ secrets.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} - name: Release Please uses: googleapis/release-please-action@v5