Skip to content

Add support to handle sensitive information (tokens...) #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Dec 4, 2024
Merged

Add support to handle sensitive information (tokens...) #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5de12f4
feat: add utility to check GITHUB_TOKEN
UlisesGascon Dec 4, 2024
fc28ad2
docs: add information on how to handle secrets
UlisesGascon Dec 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ This is an evolution of [this proof of concept (POC)](https://github.com/UlisesG

- Node.js 22 and npm
- Docker and Docker Compose
- Github token with repo:read level access.

## Infrastructure

Expand All @@ -28,6 +29,23 @@ To stop the infrastructure, run the following command:
npm run infra:stop
```

## Configuration

### Environment Variables

This project requires a GitHub token to access the GitHub API. You need to set the `GITHUB_TOKEN` environment variable.

#### Optional: use .env file

Create a `.env` file and add your GitHub token:

```sh
GITHUB_TOKEN=your_github_token_here
```

then use `--env-file` flag to load it, like `node --env-file=.env index.js workflow run --name populate-repos-list`


## Database Management

### Running Migrations
Expand Down
24 changes: 23 additions & 1 deletion __tests__/utils.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,26 @@
const { validateGithubUrl } = require('../src/utils/index')
const { validateGithubUrl, ensureGithubToken } = require('../src/utils/index')

describe('ensureGithubToken', () => {
let originalGithubToken

beforeAll(() => {
originalGithubToken = process.env.GITHUB_TOKEN
})

afterAll(() => {
process.env.GITHUB_TOKEN = originalGithubToken
})

it('should throw an error if GITHUB_TOKEN is required', () => {
delete process.env.GITHUB_TOKEN
expect(() => ensureGithubToken()).toThrow('GITHUB_TOKEN is required')
})

it('should not throw an error if GITHUB_TOKEN is set', () => {
process.env.GITHUB_TOKEN = 'test-token'
expect(() => ensureGithubToken()).not.toThrow()
})
})

describe('validateGithubUrl', () => {
it('should return true for a valid GitHub URL', () => {
Expand Down
9 changes: 8 additions & 1 deletion src/utils/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,13 @@ const isURL = require('validator/lib/isURL.js')

const validateGithubUrl = (url) => isURL(url, { protocols: ['https'], require_protocol: true }) && url.includes('github.com')

const ensureGithubToken = () => {
if (!process.env.GITHUB_TOKEN) {
throw new Error('GITHUB_TOKEN is required')
}
}

module.exports = {
validateGithubUrl
validateGithubUrl,
ensureGithubToken
}
Loading