diff --git a/.github/workflows/check-action-typing.yml b/.github/workflows/check-action-typing.yml new file mode 100644 index 0000000..b4d5808 --- /dev/null +++ b/.github/workflows/check-action-typing.yml @@ -0,0 +1,18 @@ +name: Check Action Typing + +on: + - pull_request + +permissions: + contents: read + +jobs: + check_action_typing: + name: Check Action Typing + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Check Action Typing + uses: typesafegithub/github-actions-typing@0dc5690c35c564d354dc0c23c56559f0813ed3ac diff --git a/action-types.yml b/action-types.yml new file mode 100644 index 0000000..c8b3f95 --- /dev/null +++ b/action-types.yml @@ -0,0 +1,321 @@ +# See https://github.com/typesafegithub/github-actions-typing +inputs: + app-id: + type: string + + private-key: + type: string + + owner: + type: string + + repositories: + type: list + separator: "\n" + list-item: + type: string + + skip-token-revoke: + type: boolean + + github-api-url: + type: string + + # + permission-actions: + type: enum + allowed-values: + - "read" + - "write" + + permission-administration: + type: enum + allowed-values: + - "read" + - "write" + + permission-checks: + type: enum + allowed-values: + - "read" + - "write" + + permission-codespaces: + type: enum + allowed-values: + - "read" + - "write" + + permission-contents: + type: enum + allowed-values: + - "read" + - "write" + + permission-dependabot-secrets: + type: enum + allowed-values: + - "read" + - "write" + + permission-deployments: + type: enum + allowed-values: + - "read" + - "write" + + permission-email-addresses: + type: enum + allowed-values: + - "read" + - "write" + + permission-environments: + type: enum + allowed-values: + - "read" + - "write" + + permission-followers: + type: enum + allowed-values: + - "read" + - "write" + + permission-git-ssh-keys: + type: enum + allowed-values: + - "read" + - "write" + + permission-gpg-keys: + type: enum + allowed-values: + - "read" + - "write" + + permission-interaction-limits: + type: enum + allowed-values: + - "read" + - "write" + + permission-issues: + type: enum + allowed-values: + - "read" + - "write" + + permission-members: + type: enum + allowed-values: + - "read" + - "write" + + permission-metadata: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-administration: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-announcement-banners: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-copilot-seat-management: + type: enum + allowed-values: + - "write" + + permission-organization-custom-org-roles: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-custom-properties: + type: enum + allowed-values: + - "read" + - "write" + - "admin" + + permission-organization-custom-roles: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-events: + type: enum + allowed-values: + - "read" + + permission-organization-hooks: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-packages: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-personal-access-token-requests: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-personal-access-tokens: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-plan: + type: enum + allowed-values: + - "read" + + permission-organization-projects: + type: enum + allowed-values: + - "read" + - "write" + - "admin" + + permission-organization-secrets: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-self-hosted-runners: + type: enum + allowed-values: + - "read" + - "write" + + permission-organization-user-blocking: + type: enum + allowed-values: + - "read" + - "write" + + permission-packages: + type: enum + allowed-values: + - "read" + - "write" + + permission-pages: + type: enum + allowed-values: + - "read" + - "write" + + permission-profile: + type: enum + allowed-values: + - "write" + + permission-pull-requests: + type: enum + allowed-values: + - "read" + - "write" + + permission-repository-custom-properties: + type: enum + allowed-values: + - "read" + - "write" + + permission-repository-hooks: + type: enum + allowed-values: + - "read" + - "write" + + permission-repository-projects: + type: enum + allowed-values: + - "read" + - "write" + - "admin" + + permission-secret-scanning-alerts: + type: enum + allowed-values: + - "read" + - "write" + + permission-secrets: + type: enum + allowed-values: + - "read" + - "write" + + permission-security-events: + type: enum + allowed-values: + - "read" + - "write" + + permission-single-file: + type: enum + allowed-values: + - "read" + - "write" + + permission-starring: + type: enum + allowed-values: + - "read" + - "write" + + permission-statuses: + type: enum + allowed-values: + - "read" + - "write" + + permission-team-discussions: + type: enum + allowed-values: + - "read" + - "write" + + permission-vulnerability-alerts: + type: enum + allowed-values: + - "read" + - "write" + + permission-workflows: + type: enum + allowed-values: + - "write" + + # + +outputs: + token: + type: string + + installation-id: + type: integer + + app-slug: + type: string diff --git a/scripts/update-permission-inputs.js b/scripts/update-permission-inputs.js index 8f17994..c1ed12c 100644 --- a/scripts/update-permission-inputs.js +++ b/scripts/update-permission-inputs.js @@ -30,13 +30,36 @@ const permissionsInputs = Object.entries(appPermissionsSchema.properties) description: "${description}"`; }, ""); -const actionsYamlContent = await readFile("action.yml", "utf8"); +const actionYamlContent = await readFile("action.yml", "utf8"); // In the action.yml file, replace the content between the `` and `` comments with the new content -const updatedActionsYamlContent = actionsYamlContent.replace( +const updatedActionYamlContent = actionYamlContent.replace( /(?<=# )(.|\n)*(?=# )/, permissionsInputs + "\n " ); -await writeFile("action.yml", updatedActionsYamlContent, "utf8"); +await writeFile("action.yml", updatedActionYamlContent, "utf8"); console.log("Updated action.yml with new permissions inputs"); + +const permissionsTypes = Object.entries(appPermissionsSchema.properties) + .sort((a, b) => a[0].localeCompare(b[0])) + .reduce((result, [key, value]) => { + const permissionAccessValues = value.enum.map((p) => ` - "${p}"`).reduce((result, p) => `${result}\n${p}`); + return `${result} + permission-${key.replace(/_/g, "-")}: + type: enum + allowed-values: +${permissionAccessValues} +`; + }, ""); + +const actionTypesYamlContent = await readFile("action-types.yml", "utf8"); + +// In the action-types.yml file, replace the content between the `` and `` comments with the new content +const updatedActionTypesYamlContent = actionTypesYamlContent.replace( + /(?<=# )(.|\n)*(?=# )/, + permissionsTypes + "\n " +); + +await writeFile("action-types.yml", updatedActionTypesYamlContent, "utf8"); +console.log("Updated action-types.yml with new permissions types");