vscode-github-actions/src/commands/secrets/addSecret.ts at 8850a664b7dfd05efca1e00adc0d338f5ce296ab · github/vscode-github-actions · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
import * as vscode from "vscode";
import {GitHubRepoContext} from "../../git/repository";
import {encodeSecret} from "../../secrets";
import {EnvironmentSecretsCommandArgs} from "../../treeViews/settings/environmentSecretsNode";
import {RepoSecretsCommandArgs} from "../../treeViews/settings/repoSecretsNode";

type AddSecretCommandArgs = RepoSecretsCommandArgs | EnvironmentSecretsCommandArgs;

export function registerAddSecret(context: vscode.ExtensionContext) {
  context.subscriptions.push(
    vscode.commands.registerCommand("github-actions.settings.secret.add", async (args: AddSecretCommandArgs) => {
      const {gitHubRepoContext} = args;

      const name = await vscode.window.showInputBox({
        prompt: "Enter name for new secret",
        ignoreFocusOut: true
      });

      if (!name) {
        return;
      }

      const value = await vscode.window.showInputBox({
        prompt: "Enter the new secret value",
        ignoreFocusOut: true
      });

      if (!value) {
        return;
      }

      try {
        if ("environment" in args) {
          await createOrUpdateEnvSecret(gitHubRepoContext, args.environment.name, name, value);
        } else {
          await createOrUpdateRepoSecret(gitHubRepoContext, name, value);
        }
      } catch (e) {
        await vscode.window.showErrorMessage((e as Error).message);
      }

      await vscode.commands.executeCommand("github-actions.explorer.refresh");
    })
  );
}

export async function createOrUpdateRepoSecret(context: GitHubRepoContext, name: string, value: string) {
  const keyResponse = await context.client.actions.getRepoPublicKey({
    owner: context.owner,
    repo: context.name
  });

  await context.client.actions.createOrUpdateRepoSecret({
    owner: context.owner,
    repo: context.name,
    secret_name: name,
    key_id: keyResponse.data.key_id,
    encrypted_value: await encodeSecret(keyResponse.data.key, value)
  });
}

export async function createOrUpdateEnvSecret(
  context: GitHubRepoContext,
  environment: string,
  name: string,
  value: string
) {
  const keyResponse = await context.client.actions.getEnvironmentPublicKey({
    owner: context.owner,
    repo: context.name,
    environment_name: environment
  });

  await context.client.actions.createOrUpdateEnvironmentSecret({
    owner: context.owner,
    repo: context.name,
    environment_name: environment,
    secret_name: name,
    key_id: keyResponse.data.key_id,
    encrypted_value: await encodeSecret(keyResponse.data.key, value)
  });
}