Don't rely on snap, fix buffer deprication, upgrade optional

mango-chutney · Aug 26, 2019 · 098762a · 098762a
1 parent b8a6427
commit 098762a
Show file tree

Hide file tree

Showing 65 changed files with 205 additions and 491 deletions.
diff --git a/.tool-versions b/.tool-versions
@@ -0,0 +1 @@
+nodejs 12.7.0
diff --git a/README.md b/README.md
@@ -1,17 +1,54 @@
-# Setup Gcloud
+# Setup and Activate GCloud | Github Action
 
-Very simple javascript action for setting up google cloud CLI `gcloud` command
+Very simple javascript github action for setting up google cloud CLI `gcloud` command with an service-account for authentication and permissions.
 
 ## Options
 
-#### Channel
+#### Service Account
 
-What snap channel to use, Default: `stable`
+The service account to activate in order to call authenticated gcloud requests. The value given to it must be a base64 encoded github secret of a google service account json file.
+
+```
+service_account: ${{ secrets.GCLOUD_AUTH }}
+```
+
+If service_account is not provided no service account will be activated for authenticated requets using the cli. However you are still able to upgrade gcloud and use public non authenticated requests.
+
+#### Upgrade
+
+Either to upgrade to latest version of gcloud or not.
+
+Default Value: `no`
+
+Possible Values:
+
+```
+'no' | 'yes' | 'snap'
+```
+
+_Snap_: Will install the latest gcloud version using a snap package instead of apt-get which is slightly slower than snap.
+
+**Note** Upgrading at all is considerably slower, Only upgrade if the runners gcloud is broken on the current version it uses.
 
 ## Example
 
+Activate with service account and upgrade using snap package.
+
+```
+  - uses: mango-chutney/mango-actions-setup-gcloud@releases/v1
+    with:
+      service_account: ${{ secrets.GCLOUD_AUTH }}
+      upgrade: 'snap'
+```
+
+Most common usage will not include upgrading because it is considerably faster to run.
+
 ```
-  - uses: mango-chutney/mango-actions-setup-gcloud@v1
+  - uses: mango-chutney/mango-actions-setup-gcloud@releases/v1
     with:
-      channel: 'stable'
+      service_account: ${{ secrets.GCLOUD_AUTH }}
 ```
+
+### TODO
+
+#### Upgrade / Downgrade Using gcloud components
diff --git a/action.yml b/action.yml
@@ -2,9 +2,9 @@ name: 'Setup GCloud'
 description: 'Setup Google Cloud Commands'
 author: 'Mango Chutney'
 inputs:
-  gcloud_channel:
-    description: 'What GCloud snap channel to use'
-    default: 'stable'
+  upgrade:
+    description: 'Either to upgrade gcloud to lastest or not'
+    default: 'no'
   service_account:
     description: 'Service account to be used to active gcloud cli'
     default: ''

diff --git a/lib/main.js b/lib/main.js
@@ -7,37 +7,36 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
     if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
     result["default"] = mod;
     return result;
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
+const fs_1 = __importDefault(require("fs"));
 const core = __importStar(require("@actions/core"));
 const exec = __importStar(require("@actions/exec"));
-const fs_1 = __importDefault(require("fs"));
+const upgradeScript_1 = __importDefault(require("./upgradeScript"));
 // TODO: Support mutiple operating systems
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
             // Inputs
-            const gcloud_channel = core.getInput('gcloud_channel');
+            const upgrade = core.getInput('upgrade');
             const service_account = core.getInput('service_account');
             // Start Installing
-            core.debug(`Installing GCloud snap channel ${gcloud_channel}`);
-            // Install Gcloud Snap
-            yield exec.exec(`sudo snap install google-cloud-sdk --channel=${gcloud_channel} --classic`);
-            // Ensure root is owned
-            yield exec.exec('sudo chown root:root /');
+            yield upgradeScript_1.default(upgrade);
             // Initialize Gcloud
-            const SABuffer = new Buffer(service_account, 'base64');
+            const SABuffer = Buffer.from(service_account, 'base64');
             fs_1.default.writeFileSync('gcloud.json', SABuffer);
             yield exec.exec('gcloud auth activate-service-account --key-file=gcloud.json');
+            // Cleanup
+            fs_1.default.unlinkSync('gcloud.json');
         }
         catch (error) {
             core.setFailed(error.message);

diff --git a/lib/upgradeScript.js b/lib/upgradeScript.js
@@ -0,0 +1,42 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const exec = __importStar(require("@actions/exec"));
+const upgradeScript = (upgrade) => __awaiter(this, void 0, void 0, function* () {
+    if (upgrade === 'no') {
+        return console.log('GCloud Upgrade not requested');
+    }
+    if (upgrade === 'snap') {
+        // Install Gcloud Snap
+        yield exec.exec('sudo snap install google-cloud-sdk --channel=stable --classic');
+        // Ensure root is owned (So that snap can run, Possible security issue)
+        yield exec.exec('sudo chown root:root /');
+        return console.log('GCloud Upgraded using Snap');
+    }
+    if (upgrade === 'yes') {
+        // Add the Cloud SDK distribution URI as a package source
+        yield exec.exec('echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" >> /etc/apt/sources.list.d/google-cloud-sdk.list');
+        // Import the Google Cloud Platform public key (Save file then import it (Piping is not supported with exec))
+        yield exec.exec('curl -o gcp-apt-key.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg');
+        yield exec.exec('sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add gcp-apt-key.gpg');
+        // Update the package list and install the Cloud SDK
+        yield exec.exec('sudo apt-get update');
+        return yield exec.exec('sudo apt-get install --only-upgrade google-cloud-sdk');
+    }
+    return null;
+});
+exports.default = upgradeScript;
diff --git a/node_modules/@actions/core/package.json b/node_modules/@actions/core/package.json
diff --git a/node_modules/@actions/exec/package.json b/node_modules/@actions/exec/package.json
diff --git a/node_modules/@actions/github/package.json b/node_modules/@actions/github/package.json
diff --git a/node_modules/@actions/io/package.json b/node_modules/@actions/io/package.json
diff --git a/node_modules/@actions/tool-cache/package.json b/node_modules/@actions/tool-cache/package.json
diff --git a/node_modules/@octokit/endpoint/node_modules/universal-user-agent/package.json b/node_modules/@octokit/endpoint/node_modules/universal-user-agent/package.json
diff --git a/node_modules/@octokit/endpoint/package.json b/node_modules/@octokit/endpoint/package.json
diff --git a/node_modules/@octokit/graphql/package.json b/node_modules/@octokit/graphql/package.json