Skip to content

Commit

Permalink
Configurable API domain for testing
Browse files Browse the repository at this point in the history
  • Loading branch information
rgharris committed Dec 3, 2024
1 parent 8503a16 commit 54ad69b
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 6 deletions.
3 changes: 3 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,9 @@ inputs:
description: >-
Identity to use, required when auth-method is "oidc".
required: false
api-domain:
default: "api.doppler.com"
required: false
runs:
using: 'node20'
main: 'index.js'
10 changes: 6 additions & 4 deletions doppler.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,16 @@ import { VERSION } from "./meta.js";
* @param {string} dopplerToken
* @param {string | null} [dopplerProject]
* @param {string | null} [dopplerConfig]
* @param {string} apiDomain
* @returns {() => Promise<Record<string, Record>>}
*/
export async function fetch(dopplerToken, dopplerProject, dopplerConfig) {
export async function fetch(dopplerToken, dopplerProject, dopplerConfig, apiDomain) {
return new Promise(function (resolve, reject) {
const encodedAuthData = Buffer.from(`${dopplerToken}:`).toString("base64");
const authHeader = `Basic ${encodedAuthData}`;
const userAgent = `secrets-fetch-github-action/${VERSION}`;

const url = new URL("https://api.doppler.com/v3/configs/config/secrets");
const url = new URL(`https://${apiDomain}/v3/configs/config/secrets`);
if (dopplerProject && dopplerConfig) {
url.searchParams.append("project", dopplerProject);
url.searchParams.append("config", dopplerConfig);
Expand Down Expand Up @@ -58,13 +59,14 @@ export async function fetch(dopplerToken, dopplerProject, dopplerConfig) {
* Exchange an OIDC token for a short lived Doppler service account token
* @param {string} identityId
* @param {string} oidcToken
* @param {string} apiDomain
* @returns {() => Promise<string>}
*/
export async function oidcAuth(identityId, oidcToken) {
export async function oidcAuth(identityId, oidcToken, apiDomain) {
return new Promise(function (resolve, reject) {
const userAgent = `secrets-fetch-github-action/${VERSION}`;

const url = new URL("https://api.doppler.com/v3/auth/oidc");
const url = new URL(`https://${apiDomain}/v3/auth/oidc`);
const body = JSON.stringify({
identity: identityId,
token: oidcToken
Expand Down
5 changes: 3 additions & 2 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,14 @@ if (process.env.NODE_ENV === "development" && process.env.DOPPLER_TOKEN) {
}

const AUTH_METHOD = core.getInput("auth-method");
const API_DOMAIN = core.getInput("api-domain");
let DOPPLER_TOKEN = "";

if (AUTH_METHOD === "oidc") {
const DOPPLER_IDENTITY_ID = core.getInput("doppler-identity-id", { required: true });
const oidcToken = await core.getIDToken();
core.setSecret(oidcToken);
DOPPLER_TOKEN = await oidcAuth(DOPPLER_IDENTITY_ID, oidcToken)
DOPPLER_TOKEN = await oidcAuth(DOPPLER_IDENTITY_ID, oidcToken, API_DOMAIN)
} else if (AUTH_METHOD === "token") {
DOPPLER_TOKEN = core.getInput("doppler-token", { required: true });
}else {
Expand All @@ -39,7 +40,7 @@ if (IS_SA_TOKEN && !(DOPPLER_PROJECT && DOPPLER_CONFIG)) {
process.exit();
}

const secrets = await fetch(DOPPLER_TOKEN, DOPPLER_PROJECT, DOPPLER_CONFIG);
const secrets = await fetch(DOPPLER_TOKEN, DOPPLER_PROJECT, DOPPLER_CONFIG, API_DOMAIN);

for (const [key, secret] of Object.entries(secrets)) {
const value = secret.computed || "";
Expand Down

0 comments on commit 54ad69b

Please sign in to comment.