From 3f5de4d9bcdc28a906a1e190f8f31ff535cbc063 Mon Sep 17 00:00:00 2001 From: Anurag Rajawat Date: Thu, 23 Apr 2026 16:19:02 +0530 Subject: [PATCH] feat: added banner and update subscription check to make maintained actions free for public repos Signed-off-by: Anurag Rajawat --- README.md | 2 ++ src/release_on_push_action/core.clj | 51 +++++++++++++++++++++-------- 2 files changed, 39 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 4774330..040b119 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +[![StepSecurity Maintained Action](https://raw.githubusercontent.com/step-security/maintained-actions-assets/main/assets/maintained-action-banner.png)](https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions) + # Github Release On Push Action > Stop using files for versioning. Use git tags instead! diff --git a/src/release_on_push_action/core.clj b/src/release_on_push_action/core.clj index 8d2a948..3e18476 100644 --- a/src/release_on_push_action/core.clj +++ b/src/release_on_push_action/core.clj @@ -172,20 +172,43 @@ (println (prepare-key-value "body" (:body release-data)))))) (defn validate-subscription! [context] - (let [repo (:repo context) - url (str "https://agent.api.stepsecurity.io/v1/github/" repo "/actions/subscription")] - (try - (curl/get url {:timeout 3000}) - (catch clojure.lang.ExceptionInfo e - (let [status (-> e ex-data :status)] - (if (= status 403) - (do - (println "::error::Subscription is not valid. Reach out to support@stepsecurity.io") - (System/exit 1)) - (println "INFO: Timeout or API not reachable. Continuing to next step.")))) - (catch Exception _ - ;; handle unexpected error types (network issues, DNS, etc.) - (println "INFO: Timeout or API not reachable. Continuing to next step."))))) + (let [event-path (System/getenv "GITHUB_EVENT_PATH") + repo-private (when (and event-path (.exists (io/file event-path))) + (try + (get-in (json/parse-string (slurp event-path) true) + [:repository :private]) + (catch Exception _ nil))) + upstream "rymndhng/release-on-push-action" + action (System/getenv "GITHUB_ACTION_REPOSITORY") + docs-url "https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions"] + (println "") + (println "StepSecurity Maintained Action") + (println (str "Secure drop-in replacement for " upstream)) + (when (false? repo-private) + (println "✓ Free for public repositories")) + (println (str "Learn more: " docs-url)) + (println "") + (when-not (false? repo-private) + (let [server-url (or (System/getenv "GITHUB_SERVER_URL") "https://github.com") + body (cond-> {:action (or action "")} + (not= server-url "https://github.com") (assoc :ghes_server server-url)) + url (str "https://agent.api.stepsecurity.io/v1/github/" + (:repo context) + "/actions/maintained-actions-subscription")] + (try + (curl/post url {:body (json/generate-string body) + :headers {"Content-Type" "application/json"} + :timeout 3000}) + (catch clojure.lang.ExceptionInfo e + (let [status (-> e ex-data :status)] + (if (= status 403) + (do + (println "::error::This action requires a StepSecurity subscription for private repositories.") + (println (str "::error::Learn how to enable a subscription: " docs-url "")) + (System/exit 1)) + (println "Timeout or API not reachable. Continuing to next step.")))) + (catch Exception _ + (println "Timeout or API not reachable. Continuing to next step."))))))) (defn -main [& args]