From 05592d4411d1bf4c655af08e620ad2dad79c68a5 Mon Sep 17 00:00:00 2001 From: Robert Harris Date: Tue, 3 Dec 2024 08:41:56 -0800 Subject: [PATCH] Configurable API domain for testing --- action.yml | 3 +++ doppler.js | 10 ++++++---- index.js | 6 ++++-- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/action.yml b/action.yml index 194406d..009fb24 100644 --- a/action.yml +++ b/action.yml @@ -31,6 +31,9 @@ inputs: description: >- Identity to use, required when auth-method is "oidc". required: false + doppler-api-domain: + default: "api.doppler.com" + required: false runs: using: 'node20' main: 'index.js' diff --git a/doppler.js b/doppler.js index da839e8..67d82f5 100644 --- a/doppler.js +++ b/doppler.js @@ -6,15 +6,16 @@ import { VERSION } from "./meta.js"; * @param {string} dopplerToken * @param {string | null} [dopplerProject] * @param {string | null} [dopplerConfig] + * @param {string} apiDomain * @returns {() => Promise>} */ -export async function fetch(dopplerToken, dopplerProject, dopplerConfig) { +export async function fetch(dopplerToken, dopplerProject, dopplerConfig, apiDomain) { return new Promise(function (resolve, reject) { const encodedAuthData = Buffer.from(`${dopplerToken}:`).toString("base64"); const authHeader = `Basic ${encodedAuthData}`; const userAgent = `secrets-fetch-github-action/${VERSION}`; - const url = new URL("https://api.doppler.com/v3/configs/config/secrets"); + const url = new URL(`https://${apiDomain}/v3/configs/config/secrets`); if (dopplerProject && dopplerConfig) { url.searchParams.append("project", dopplerProject); url.searchParams.append("config", dopplerConfig); @@ -58,13 +59,14 @@ export async function fetch(dopplerToken, dopplerProject, dopplerConfig) { * Exchange an OIDC token for a short lived Doppler service account token * @param {string} identityId * @param {string} oidcToken + * @param {string} apiDomain * @returns {() => Promise} */ -export async function oidcAuth(identityId, oidcToken) { +export async function oidcAuth(identityId, oidcToken, apiDomain) { return new Promise(function (resolve, reject) { const userAgent = `secrets-fetch-github-action/${VERSION}`; - const url = new URL("https://api.doppler.com/v3/auth/oidc"); + const url = new URL(`https://${apiDomain}/v3/auth/oidc`); const body = JSON.stringify({ identity: identityId, token: oidcToken diff --git a/index.js b/index.js index cfdd6a8..b198d96 100644 --- a/index.js +++ b/index.js @@ -4,19 +4,21 @@ import { fetch, oidcAuth } from "./doppler.js"; // For local testing if (process.env.NODE_ENV === "development" && process.env.DOPPLER_TOKEN) { process.env["INPUT_AUTH-METHOD"] = "token"; + process.env["INPUT_DOPPLER-API-DOMAIN"] = "api.doppler.com"; process.env["INPUT_DOPPLER-TOKEN"] = process.env.DOPPLER_TOKEN; process.env["INPUT_DOPPLER-PROJECT"] = process.env.DOPPLER_PROJECT; process.env["INPUT_DOPPLER-CONFIG"] = process.env.DOPPLER_CONFIG; } const AUTH_METHOD = core.getInput("auth-method"); +const API_DOMAIN = core.getInput("doppler-api-domain"); let DOPPLER_TOKEN = ""; if (AUTH_METHOD === "oidc") { const DOPPLER_IDENTITY_ID = core.getInput("doppler-identity-id", { required: true }); const oidcToken = await core.getIDToken(); core.setSecret(oidcToken); - DOPPLER_TOKEN = await oidcAuth(DOPPLER_IDENTITY_ID, oidcToken) + DOPPLER_TOKEN = await oidcAuth(DOPPLER_IDENTITY_ID, oidcToken, API_DOMAIN); } else if (AUTH_METHOD === "token") { DOPPLER_TOKEN = core.getInput("doppler-token", { required: true }); } else { @@ -40,7 +42,7 @@ if (IS_SA_TOKEN && !(DOPPLER_PROJECT && DOPPLER_CONFIG)) { process.exit(); } -const secrets = await fetch(DOPPLER_TOKEN, DOPPLER_PROJECT, DOPPLER_CONFIG); +const secrets = await fetch(DOPPLER_TOKEN, DOPPLER_PROJECT, DOPPLER_CONFIG, API_DOMAIN); for (const [key, secret] of Object.entries(secrets)) { const value = secret.computed || "";