Compare commits
22 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 16e04e7152 | |||
| 522779ef54 | |||
| d3d2dad025 | |||
| 66bf86f081 | |||
| 608322f026 | |||
| e3a3d416fb | |||
| f0e339f5c2 | |||
| 87d32763e9 | |||
| 671334f37d | |||
| 267ed3686f | |||
| ff1226a824 | |||
| e13c5eed00 | |||
| f2a1c3c1bb | |||
| e672deb934 | |||
| 70b365fca1 | |||
| 5c8b03a427 | |||
| 92225d30c5 | |||
| 3630ba6618 | |||
| 6a03bb8e1b | |||
| 3139f541e4 | |||
| c5b9c7cfc4 | |||
| 7a14716481 |
@@ -34,7 +34,7 @@ jobs:
|
||||
registry-url: "https://registry.npmjs.org"
|
||||
|
||||
- name: Install dependencies
|
||||
run: pnpm install
|
||||
run: pnpm install --no-frozen-lockfile
|
||||
|
||||
- name: Get package version
|
||||
id: version
|
||||
@@ -95,24 +95,14 @@ jobs:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
tag_name: ${{ steps.version.outputs.tag }}
|
||||
release_name: "@pullfrog/action ${{ steps.version.outputs.tag }}"
|
||||
release_name: "${{ steps.version.outputs.tag }}"
|
||||
body: |
|
||||
## 📦 @pullfrog/action ${{ steps.version.outputs.version }}
|
||||
|
||||
### Usage in GitHub Actions
|
||||
|
||||
Use the major version tag for automatic updates:
|
||||
```yaml
|
||||
- uses: pullfrog/action@${{ steps.version.outputs.major_tag }}
|
||||
with:
|
||||
message: "Your message here"
|
||||
```
|
||||
|
||||
Or pin to this specific version:
|
||||
```yaml
|
||||
- uses: pullfrog/action@${{ steps.version.outputs.tag }}
|
||||
with:
|
||||
message: "Your message here"
|
||||
```
|
||||
|
||||
### Installation via npm
|
||||
@@ -123,11 +113,11 @@ jobs:
|
||||
draft: false
|
||||
prerelease: false
|
||||
|
||||
- name: Publish to npm
|
||||
if: steps.check_tag.outputs.exists == 'false'
|
||||
run: npm publish --access public
|
||||
env:
|
||||
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
# - name: Publish to npm
|
||||
# if: steps.check_tag.outputs.exists == 'false'
|
||||
# run: npm publish --access public
|
||||
# env:
|
||||
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
|
||||
- name: Summary
|
||||
if: always()
|
||||
|
||||
+1
-1
@@ -3,4 +3,4 @@ echo "🔨 Building action..."
|
||||
npm run build
|
||||
|
||||
# Add the built files to the commit
|
||||
git add index.cjs entry.cjs
|
||||
git add entry.cjs
|
||||
|
||||
@@ -0,0 +1,299 @@
|
||||
# Claude Code Action Architecture & Flow
|
||||
|
||||
This document provides a comprehensive overview of how the official (Anthropic) Claude Code Action works, from token exchange through post-run cleanup.
|
||||
|
||||
## Overview
|
||||
|
||||
The Claude Code Action is a sophisticated GitHub automation platform that enables Claude to interact with GitHub repositories through secure token exchange, intelligent mode detection, and comprehensive GitHub API integration.
|
||||
|
||||
## High-Level Architecture
|
||||
|
||||
```mermaid
|
||||
graph TD
|
||||
Start([GitHub Action Triggered]) --> Setup[Setup Environment<br/>- Install Bun<br/>- Install Dependencies]
|
||||
|
||||
Setup --> ParseContext[Parse GitHub Context<br/>- Extract event data<br/>- Parse inputs]
|
||||
|
||||
ParseContext --> ModeDetection{Mode Detection}
|
||||
|
||||
ModeDetection -->|Has explicit prompt| AgentMode[AGENT MODE<br/>Direct automation]
|
||||
ModeDetection -->|@claude mention/assignment/label| TagMode[TAG MODE<br/>Interactive response]
|
||||
ModeDetection -->|No trigger| DefaultAgent[Default to Agent<br/>(won't trigger)]
|
||||
|
||||
%% Token Exchange Branch
|
||||
AgentMode --> TokenExchange[Token Exchange Process]
|
||||
TagMode --> TokenExchange
|
||||
TokenExchange --> TokenMethod{Token Method}
|
||||
|
||||
TokenMethod -->|Custom token provided| UseCustom[Use Custom GitHub Token]
|
||||
TokenMethod -->|No custom token| OIDC[Generate OIDC Token<br/>core.getIDToken()]
|
||||
|
||||
OIDC --> Exchange[Exchange OIDC for App Token<br/>api.anthropic.com/api/github/github-app-token-exchange]
|
||||
Exchange --> CreateOctokit[Create Authenticated Octokit Client<br/>REST + GraphQL]
|
||||
UseCustom --> CreateOctokit
|
||||
|
||||
%% Permission Checks
|
||||
CreateOctokit --> PermCheck[Check Write Permissions<br/>Only for entity contexts]
|
||||
PermCheck -->|No permissions| PermFail[❌ Exit: No write access]
|
||||
PermCheck -->|Has permissions| TriggerCheck{Check Trigger Conditions}
|
||||
|
||||
%% Trigger Validation
|
||||
TriggerCheck -->|Agent Mode| AgentTrigger{Has explicit prompt?}
|
||||
TriggerCheck -->|Tag Mode| TagTrigger{Contains @claude mention<br/>or assignment/label?}
|
||||
|
||||
AgentTrigger -->|No prompt| NoTrigger[❌ Skip: No trigger found]
|
||||
AgentTrigger -->|Has prompt| PrepareAgent[Prepare Agent Mode]
|
||||
TagTrigger -->|No mention| NoTrigger
|
||||
TagTrigger -->|Has mention| PrepareTag[Prepare Tag Mode]
|
||||
|
||||
%% Mode-Specific Preparation
|
||||
PrepareAgent --> AgentPrep[Agent Mode Preparation<br/>- Create prompt file<br/>- Setup MCP servers<br/>- No tracking comment]
|
||||
PrepareTag --> TagPrep[Tag Mode Preparation<br/>- Create tracking comment<br/>- Setup branches<br/>- Fetch GitHub data<br/>- Setup MCP servers]
|
||||
|
||||
%% Data Fetching (Tag Mode)
|
||||
TagPrep --> DataFetch[Fetch GitHub Data<br/>GraphQL + REST API]
|
||||
DataFetch --> FetchWhat{What to fetch?}
|
||||
|
||||
FetchWhat -->|Pull Request| PRData[PR Data:<br/>- Comments & reviews<br/>- Changed files + SHAs<br/>- Commit history<br/>- Author info]
|
||||
FetchWhat -->|Issue| IssueData[Issue Data:<br/>- Comments<br/>- Issue details<br/>- Author info]
|
||||
|
||||
PRData --> ProcessImages[Process Images<br/>Download & convert to base64]
|
||||
IssueData --> ProcessImages
|
||||
ProcessImages --> SetupBranch[Setup Branch<br/>- Create Claude branch<br/>- Configure git auth]
|
||||
|
||||
%% MCP Server Setup
|
||||
AgentPrep --> MCPSetup[Setup MCP Servers]
|
||||
SetupBranch --> MCPSetup
|
||||
|
||||
MCPSetup --> MCPServers{MCP Servers}
|
||||
MCPServers --> GitHubActions[GitHub Actions Server<br/>- Workflow data<br/>- CI results]
|
||||
MCPServers --> GitHubComments[GitHub Comment Server<br/>- Comment operations]
|
||||
MCPServers --> GitHubFiles[GitHub File Ops Server<br/>- File operations<br/>- Branch management]
|
||||
MCPServers --> GitHubInline[GitHub Inline Comment Server<br/>- PR review comments]
|
||||
|
||||
GitHubActions --> PromptGen[Generate Prompt]
|
||||
GitHubComments --> PromptGen
|
||||
GitHubFiles --> PromptGen
|
||||
GitHubInline --> PromptGen
|
||||
|
||||
%% Prompt Generation
|
||||
PromptGen --> PromptType{Prompt Type}
|
||||
PromptType -->|Agent Mode| AgentPrompt[Agent Prompt:<br/>- Direct user prompt<br/>- Minimal context]
|
||||
PromptType -->|Tag Mode| TagPrompt[Tag Prompt:<br/>- Rich GitHub context<br/>- PR/Issue details<br/>- Changed files<br/>- Comments & reviews<br/>- Commit instructions]
|
||||
|
||||
AgentPrompt --> ClaudeRun[Run Claude Code]
|
||||
TagPrompt --> ClaudeRun
|
||||
|
||||
%% Claude Execution
|
||||
ClaudeRun --> ClaudeExec[Claude Code Execution<br/>base-action/src/index.ts]
|
||||
ClaudeExec --> ClaudeArgs[Prepare Claude Args<br/>- Prompt file path<br/>- Custom claude_args<br/>- Output format: stream-json]
|
||||
|
||||
ClaudeArgs --> ClaudeProvider{Provider}
|
||||
ClaudeProvider -->|Default| AnthropicAPI[Anthropic API<br/>ANTHROPIC_API_KEY]
|
||||
ClaudeProvider -->|Bedrock| AWSBedrock[AWS Bedrock<br/>OIDC + AWS credentials]
|
||||
ClaudeProvider -->|Vertex| GCPVertex[GCP Vertex AI<br/>OIDC + GCP credentials]
|
||||
|
||||
AnthropicAPI --> ClaudeProcess[Spawn Claude Process<br/>- Named pipe for input<br/>- Stream JSON output]
|
||||
AWSBedrock --> ClaudeProcess
|
||||
GCPVertex --> ClaudeProcess
|
||||
|
||||
ClaudeProcess --> ClaudeTools[Claude Tool Usage<br/>- MCP tools<br/>- File operations<br/>- GitHub API calls<br/>- Bash commands]
|
||||
|
||||
ClaudeTools --> ClaudeOutput[Claude Output Processing<br/>- Capture execution log<br/>- Parse JSON stream<br/>- Extract metrics]
|
||||
|
||||
%% Post-Run Actions
|
||||
ClaudeOutput --> PostRun{Post-Run Actions}
|
||||
|
||||
PostRun -->|Success| Success[✅ Success Path]
|
||||
PostRun -->|Failure| Failure[❌ Failure Path]
|
||||
|
||||
Success --> UpdateComment[Update Tracking Comment<br/>- Job run link<br/>- Branch link<br/>- PR link (if created)<br/>- Execution metrics]
|
||||
Failure --> UpdateComment
|
||||
|
||||
UpdateComment --> BranchCleanup[Branch Cleanup<br/>- Check for changes<br/>- Delete empty branches<br/>- Keep branches with commits]
|
||||
|
||||
BranchCleanup --> FormatReport[Format Execution Report<br/>- Parse conversation turns<br/>- Format tool usage<br/>- Add to GitHub step summary]
|
||||
|
||||
FormatReport --> RevokeToken[Revoke App Token<br/>DELETE /installation/token]
|
||||
|
||||
RevokeToken --> End([Action Complete])
|
||||
```
|
||||
|
||||
## Key Components
|
||||
|
||||
### 1. Token Exchange Process
|
||||
|
||||
The action uses a secure OIDC token exchange system:
|
||||
|
||||
1. **OIDC Token Generation**: `core.getIDToken("claude-code-github-action")`
|
||||
2. **Token Exchange**: POST to `https://api.anthropic.com/api/github/github-app-token-exchange`
|
||||
3. **Authentication**: Creates authenticated Octokit clients for GitHub API access
|
||||
|
||||
**Security Benefits:**
|
||||
- Repository-scoped access
|
||||
- Time-limited tokens
|
||||
- Permission-limited (only configured GitHub App permissions)
|
||||
- Automatic token masking in logs
|
||||
|
||||
### 2. Mode Detection
|
||||
|
||||
The action automatically detects the appropriate execution mode:
|
||||
|
||||
#### **Agent Mode**
|
||||
- **Trigger**: Explicit `prompt` input provided
|
||||
- **Use Case**: Direct automation, custom workflows
|
||||
- **Behavior**: Minimal context, direct execution
|
||||
- **Tracking**: No tracking comments
|
||||
|
||||
#### **Tag Mode**
|
||||
- **Trigger**: @claude mentions, issue assignments, or labels
|
||||
- **Use Case**: Interactive GitHub responses
|
||||
- **Behavior**: Rich context, comprehensive GitHub data
|
||||
- **Tracking**: Creates and updates tracking comments
|
||||
|
||||
### 3. Data Fetching (Tag Mode)
|
||||
|
||||
When in Tag Mode, the action fetches comprehensive GitHub context:
|
||||
|
||||
#### **Pull Request Data:**
|
||||
- Comments and reviews (including inline comments)
|
||||
- Changed files with SHAs
|
||||
- Commit history and metadata
|
||||
- Author information
|
||||
- File diff data
|
||||
|
||||
#### **Issue Data:**
|
||||
- Issue details and metadata
|
||||
- All comments
|
||||
- Author information
|
||||
- Labels and assignments
|
||||
|
||||
#### **Image Processing:**
|
||||
- Downloads images from GitHub
|
||||
- Converts to base64 for Claude
|
||||
- Maps original URLs to processed content
|
||||
|
||||
### 4. MCP Server Integration
|
||||
|
||||
The action sets up multiple MCP (Model Context Protocol) servers to provide Claude with GitHub capabilities:
|
||||
|
||||
#### **GitHub Actions Server**
|
||||
- Access to workflow runs and CI data
|
||||
- Build status and test results
|
||||
- Artifact information
|
||||
|
||||
#### **GitHub Comment Server**
|
||||
- Comment creation and updates
|
||||
- Issue and PR comment management
|
||||
|
||||
#### **GitHub File Operations Server**
|
||||
- File reading and writing
|
||||
- Branch creation and management
|
||||
- Commit operations
|
||||
|
||||
#### **GitHub Inline Comment Server**
|
||||
- PR review comment operations
|
||||
- Line-specific feedback
|
||||
|
||||
### 5. Prompt Generation
|
||||
|
||||
The action generates context-rich prompts based on the detected mode:
|
||||
|
||||
#### **Agent Mode Prompts:**
|
||||
- Direct user prompt
|
||||
- Minimal GitHub context
|
||||
- Focused on specific task
|
||||
|
||||
#### **Tag Mode Prompts:**
|
||||
- Comprehensive GitHub context
|
||||
- PR/Issue details and history
|
||||
- Changed files and diffs
|
||||
- Comment threads and reviews
|
||||
- Commit instructions and guidelines
|
||||
|
||||
### 6. Claude Execution
|
||||
|
||||
The action runs Claude Code through multiple provider options:
|
||||
|
||||
#### **Provider Support:**
|
||||
- **Anthropic API** (default): Direct API access with API key
|
||||
- **AWS Bedrock**: OIDC authentication with AWS credentials
|
||||
- **GCP Vertex AI**: OIDC authentication with GCP credentials
|
||||
|
||||
#### **Execution Process:**
|
||||
1. **Named Pipe Setup**: Creates pipe for prompt input
|
||||
2. **Process Spawning**: Spawns Claude Code process
|
||||
3. **Stream Processing**: Captures JSON stream output
|
||||
4. **Tool Integration**: Enables MCP tools and GitHub operations
|
||||
|
||||
### 7. Post-Run Actions
|
||||
|
||||
After Claude execution, the action performs comprehensive cleanup and reporting:
|
||||
|
||||
#### **Comment Updates:**
|
||||
- Updates tracking comments with results
|
||||
- Adds job run links and execution metrics
|
||||
- Includes branch and PR links when created
|
||||
|
||||
#### **Branch Management:**
|
||||
- Checks for actual changes in Claude branches
|
||||
- Deletes empty branches to avoid clutter
|
||||
- Preserves branches with meaningful commits
|
||||
|
||||
#### **Report Generation:**
|
||||
- Parses execution logs and conversation turns
|
||||
- Formats tool usage and results
|
||||
- Adds formatted report to GitHub step summary
|
||||
|
||||
#### **Security Cleanup:**
|
||||
- Revokes GitHub App installation token
|
||||
- Cleans up temporary files and processes
|
||||
|
||||
## Security Considerations
|
||||
|
||||
### **Access Control:**
|
||||
- Repository-scoped permissions only
|
||||
- Write access validation for actors
|
||||
- Bot user controls and allowlists
|
||||
|
||||
### **Token Management:**
|
||||
- Short-lived installation tokens
|
||||
- Automatic token revocation after use
|
||||
- Secure OIDC-based exchange
|
||||
|
||||
### **Permission Boundaries:**
|
||||
- Limited to configured GitHub App permissions
|
||||
- No cross-repository access
|
||||
- Scoped to specific repository operations
|
||||
|
||||
## Integration Points
|
||||
|
||||
### **With Pullfrog:**
|
||||
The Claude Code Action can be integrated with Pullfrog's workflow system, providing:
|
||||
- Standardized agent interaction patterns
|
||||
- Consistent GitHub integration
|
||||
- Reusable authentication flows
|
||||
- Common MCP server infrastructure
|
||||
|
||||
### **With GitHub:**
|
||||
- Native GitHub Actions integration
|
||||
- Comprehensive API coverage (REST + GraphQL)
|
||||
- Proper webhook handling
|
||||
- Standard GitHub UI integration
|
||||
|
||||
## Development Notes
|
||||
|
||||
### **Key Files:**
|
||||
- `src/entrypoints/prepare.ts`: Main preparation logic
|
||||
- `src/modes/`: Mode detection and handling
|
||||
- `src/github/token.ts`: OIDC token exchange
|
||||
- `src/mcp/`: MCP server implementations
|
||||
- `base-action/`: Core Claude Code execution
|
||||
|
||||
### **Testing:**
|
||||
- Unit tests for individual components
|
||||
- Integration tests for full workflows
|
||||
- Local testing with `act` tool
|
||||
- Comprehensive fixture support
|
||||
|
||||
This architecture provides a robust, secure, and extensible foundation for Claude-GitHub integration while maintaining clear separation of concerns and comprehensive error handling.
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
GitHub Action for running Claude Code and other agents via Pullfrog.
|
||||
|
||||
> **📖 Claude Code Action Architecture**: For a detailed technical overview of how the Claude Code Action works (token exchange, modes, data fetching, execution flow), see [CLAUDE-ACTION.md](./CLAUDE-ACTION.md).
|
||||
|
||||
## Quick Start
|
||||
|
||||
```bash
|
||||
@@ -55,6 +57,14 @@ pnpm dev # Watch mode
|
||||
|
||||
The action is bundled into `entry.cjs` with all dependencies included, eliminating runtime dependency on node_modules.
|
||||
|
||||
## Environment Variables
|
||||
|
||||
Create `.env` in `/action`:
|
||||
|
||||
```bash
|
||||
ANTHROPIC_API_KEY=sk-ant-api03-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # Claude API key
|
||||
```
|
||||
|
||||
## Architecture
|
||||
|
||||
- **entry.cjs**: Bundled action entry point (self-contained)
|
||||
|
||||
@@ -10,6 +10,12 @@ inputs:
|
||||
anthropic_api_key:
|
||||
description: "Anthropic API key for Claude Code authentication"
|
||||
required: false
|
||||
github_token:
|
||||
description: "GitHub token for repository access"
|
||||
required: false
|
||||
github_installation_token:
|
||||
description: "GitHub App installation token"
|
||||
required: false
|
||||
|
||||
runs:
|
||||
using: "node20"
|
||||
|
||||
+35
-31
@@ -1,8 +1,9 @@
|
||||
import { access, constants } from "node:fs/promises";
|
||||
import * as core from "@actions/core";
|
||||
import { boxString, tableString } from "../utils";
|
||||
import { spawn } from "../utils/subprocess";
|
||||
import type { Agent, AgentConfig, AgentResult } from "./types";
|
||||
import { createMcpConfig } from "../mcp/config.ts";
|
||||
import { spawn } from "../utils/subprocess.ts";
|
||||
import { boxString, tableString } from "../utils/table.ts";
|
||||
import type { Agent, AgentConfig, AgentResult } from "./types.ts";
|
||||
|
||||
/**
|
||||
* Claude Code agent implementation
|
||||
@@ -53,20 +54,18 @@ export class ClaudeAgent implements Agent {
|
||||
// Use shell execution to properly handle the pipe
|
||||
const result = await spawn({
|
||||
cmd: "bash",
|
||||
args: [
|
||||
"-c",
|
||||
"curl -fsSL https://claude.ai/install.sh | bash -s 1.0.93",
|
||||
],
|
||||
args: ["-c", "curl -fsSL https://claude.ai/install.sh | bash -s 1.0.93"],
|
||||
env: { ANTHROPIC_API_KEY: this.apiKey },
|
||||
timeout: 120000, // 2 minute timeout
|
||||
onStdout: (chunk) => process.stdout.write(chunk),
|
||||
onStdout: () => {
|
||||
// no logs
|
||||
// process.stdout.write(chunk)
|
||||
},
|
||||
onStderr: (chunk) => process.stderr.write(chunk),
|
||||
});
|
||||
|
||||
if (result.exitCode !== 0) {
|
||||
throw new Error(
|
||||
`Installation failed with exit code ${result.exitCode}: ${result.stderr}`,
|
||||
);
|
||||
throw new Error(`Installation failed with exit code ${result.exitCode}: ${result.stderr}`);
|
||||
}
|
||||
|
||||
core.info("Claude Code installed successfully");
|
||||
@@ -95,8 +94,24 @@ export class ClaudeAgent implements Agent {
|
||||
"stream-json",
|
||||
"--verbose",
|
||||
"--permission-mode",
|
||||
"acceptEdits",
|
||||
"bypassPermissions",
|
||||
];
|
||||
|
||||
// Add MCP configuration if GitHub credentials are available
|
||||
if (
|
||||
process.env.GITHUB_INSTALLATION_TOKEN &&
|
||||
process.env.REPO_OWNER &&
|
||||
process.env.REPO_NAME
|
||||
) {
|
||||
const mcpConfig = createMcpConfig(
|
||||
process.env.GITHUB_INSTALLATION_TOKEN,
|
||||
process.env.REPO_OWNER,
|
||||
process.env.REPO_NAME
|
||||
);
|
||||
console.log("📋 MCP Config:", mcpConfig);
|
||||
args.push("--mcp-config", mcpConfig);
|
||||
}
|
||||
|
||||
const env = {
|
||||
ANTHROPIC_API_KEY: this.apiKey,
|
||||
};
|
||||
@@ -136,7 +151,7 @@ export class ClaudeAgent implements Agent {
|
||||
// throw on non-zero exit code
|
||||
if (result.exitCode !== 0) {
|
||||
throw new Error(
|
||||
`Command failed with exit code ${result.exitCode}\n\nStdout: ${result.stdout}\n\nStderr: ${result.stderr}`,
|
||||
`Command failed with exit code ${result.exitCode}\n\nStdout: ${result.stdout}\n\nStderr: ${result.stderr}`
|
||||
);
|
||||
}
|
||||
|
||||
@@ -155,7 +170,7 @@ export class ClaudeAgent implements Agent {
|
||||
// Log run summary
|
||||
const duration = Date.now() - this.runStats.startTime;
|
||||
core.info(
|
||||
`📊 Run Summary: ${this.runStats.toolsUsed} tools used, ${this.runStats.turns} turns, ${duration}ms duration`,
|
||||
`📊 Run Summary: ${this.runStats.toolsUsed} tools used, ${this.runStats.turns} turns, ${duration}ms duration`
|
||||
);
|
||||
|
||||
core.info("✅ Task complete.");
|
||||
@@ -178,8 +193,7 @@ export class ClaudeAgent implements Agent {
|
||||
} catch {
|
||||
// Group might not have been started, ignore
|
||||
}
|
||||
const errorMessage =
|
||||
error instanceof Error ? error.message : "Unknown error";
|
||||
const errorMessage = error instanceof Error ? error.message : "Unknown error";
|
||||
return {
|
||||
success: false,
|
||||
error: `Failed to execute Claude Code: ${errorMessage}`,
|
||||
@@ -230,12 +244,7 @@ function processJSONChunk(chunk: string, agent?: ClaudeAgent): void {
|
||||
["model", parsedChunk.model],
|
||||
["cwd", parsedChunk.cwd],
|
||||
["permission_mode", parsedChunk.permissionMode],
|
||||
[
|
||||
"tools",
|
||||
parsedChunk.tools?.length
|
||||
? `${parsedChunk.tools.length} tools`
|
||||
: "none",
|
||||
],
|
||||
["tools", parsedChunk.tools?.length ? `${parsedChunk.tools.length} tools` : "none"],
|
||||
[
|
||||
"mcp_servers",
|
||||
parsedChunk.mcp_servers?.length
|
||||
@@ -248,7 +257,7 @@ function processJSONChunk(chunk: string, agent?: ClaudeAgent): void {
|
||||
? `${parsedChunk.slash_commands.length} commands`
|
||||
: "none",
|
||||
],
|
||||
]),
|
||||
])
|
||||
);
|
||||
}
|
||||
break;
|
||||
@@ -264,9 +273,7 @@ function processJSONChunk(chunk: string, agent?: ClaudeAgent): void {
|
||||
if (content.type === "text") {
|
||||
// Skip empty text content
|
||||
if (content.text.trim()) {
|
||||
core.info(
|
||||
boxString(content.text.trim(), { title: "Claude Code" }),
|
||||
);
|
||||
core.info(boxString(content.text.trim(), { title: "Claude Code" }));
|
||||
}
|
||||
} else if (content.type === "tool_use") {
|
||||
// Track tools used
|
||||
@@ -376,15 +383,12 @@ function processJSONChunk(chunk: string, agent?: ClaudeAgent): void {
|
||||
|
||||
core.info(
|
||||
tableString([
|
||||
[
|
||||
"Cost",
|
||||
`$${parsedChunk.total_cost_usd?.toFixed(4) || "0.0000"}`,
|
||||
],
|
||||
["Cost", `$${parsedChunk.total_cost_usd?.toFixed(4) || "0.0000"}`],
|
||||
["Input Tokens", parsedChunk.usage?.input_tokens || 0],
|
||||
["Output Tokens", parsedChunk.usage?.output_tokens || 0],
|
||||
["Duration", `${parsedChunk.duration_ms}ms`],
|
||||
["Turns", parsedChunk.num_turns || 1],
|
||||
]),
|
||||
])
|
||||
);
|
||||
} else {
|
||||
core.error(`❌ Failed: ${parsedChunk.error || "Unknown error"}`);
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
export * from "./claude";
|
||||
export * from "./types";
|
||||
@@ -13047,7 +13047,7 @@ var require_fetch = __commonJS({
|
||||
this.emit("terminated", error2);
|
||||
}
|
||||
};
|
||||
function fetch(input, init = {}) {
|
||||
function fetch2(input, init = {}) {
|
||||
webidl.argumentLengthCheck(arguments, 1, { header: "globalThis.fetch" });
|
||||
const p = createDeferredPromise();
|
||||
let requestObject;
|
||||
@@ -13977,7 +13977,7 @@ var require_fetch = __commonJS({
|
||||
}
|
||||
}
|
||||
module2.exports = {
|
||||
fetch,
|
||||
fetch: fetch2,
|
||||
Fetch,
|
||||
fetching,
|
||||
finalizeAndReportTiming
|
||||
@@ -17233,7 +17233,7 @@ var require_undici = __commonJS({
|
||||
module2.exports.getGlobalDispatcher = getGlobalDispatcher;
|
||||
if (util.nodeMajor > 16 || util.nodeMajor === 16 && util.nodeMinor >= 8) {
|
||||
let fetchImpl = null;
|
||||
module2.exports.fetch = async function fetch(resource) {
|
||||
module2.exports.fetch = async function fetch2(resource) {
|
||||
if (!fetchImpl) {
|
||||
fetchImpl = require_fetch().fetch;
|
||||
}
|
||||
@@ -17582,12 +17582,12 @@ var require_lib = __commonJS({
|
||||
throw new Error("Client has already been disposed.");
|
||||
}
|
||||
const parsedUrl = new URL(requestUrl);
|
||||
let info3 = this._prepareRequest(verb, parsedUrl, headers);
|
||||
let info4 = this._prepareRequest(verb, parsedUrl, headers);
|
||||
const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb) ? this._maxRetries + 1 : 1;
|
||||
let numTries = 0;
|
||||
let response;
|
||||
do {
|
||||
response = yield this.requestRaw(info3, data);
|
||||
response = yield this.requestRaw(info4, data);
|
||||
if (response && response.message && response.message.statusCode === HttpCodes.Unauthorized) {
|
||||
let authenticationHandler;
|
||||
for (const handler of this.handlers) {
|
||||
@@ -17597,7 +17597,7 @@ var require_lib = __commonJS({
|
||||
}
|
||||
}
|
||||
if (authenticationHandler) {
|
||||
return authenticationHandler.handleAuthentication(this, info3, data);
|
||||
return authenticationHandler.handleAuthentication(this, info4, data);
|
||||
} else {
|
||||
return response;
|
||||
}
|
||||
@@ -17620,8 +17620,8 @@ var require_lib = __commonJS({
|
||||
}
|
||||
}
|
||||
}
|
||||
info3 = this._prepareRequest(verb, parsedRedirectUrl, headers);
|
||||
response = yield this.requestRaw(info3, data);
|
||||
info4 = this._prepareRequest(verb, parsedRedirectUrl, headers);
|
||||
response = yield this.requestRaw(info4, data);
|
||||
redirectsRemaining--;
|
||||
}
|
||||
if (!response.message.statusCode || !HttpResponseRetryCodes.includes(response.message.statusCode)) {
|
||||
@@ -17650,7 +17650,7 @@ var require_lib = __commonJS({
|
||||
* @param info
|
||||
* @param data
|
||||
*/
|
||||
requestRaw(info3, data) {
|
||||
requestRaw(info4, data) {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
return new Promise((resolve, reject) => {
|
||||
function callbackForResult(err, res) {
|
||||
@@ -17662,7 +17662,7 @@ var require_lib = __commonJS({
|
||||
resolve(res);
|
||||
}
|
||||
}
|
||||
this.requestRawWithCallback(info3, data, callbackForResult);
|
||||
this.requestRawWithCallback(info4, data, callbackForResult);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -17672,12 +17672,12 @@ var require_lib = __commonJS({
|
||||
* @param data
|
||||
* @param onResult
|
||||
*/
|
||||
requestRawWithCallback(info3, data, onResult) {
|
||||
requestRawWithCallback(info4, data, onResult) {
|
||||
if (typeof data === "string") {
|
||||
if (!info3.options.headers) {
|
||||
info3.options.headers = {};
|
||||
if (!info4.options.headers) {
|
||||
info4.options.headers = {};
|
||||
}
|
||||
info3.options.headers["Content-Length"] = Buffer.byteLength(data, "utf8");
|
||||
info4.options.headers["Content-Length"] = Buffer.byteLength(data, "utf8");
|
||||
}
|
||||
let callbackCalled = false;
|
||||
function handleResult(err, res) {
|
||||
@@ -17686,7 +17686,7 @@ var require_lib = __commonJS({
|
||||
onResult(err, res);
|
||||
}
|
||||
}
|
||||
const req = info3.httpModule.request(info3.options, (msg) => {
|
||||
const req = info4.httpModule.request(info4.options, (msg) => {
|
||||
const res = new HttpClientResponse(msg);
|
||||
handleResult(void 0, res);
|
||||
});
|
||||
@@ -17698,7 +17698,7 @@ var require_lib = __commonJS({
|
||||
if (socket) {
|
||||
socket.end();
|
||||
}
|
||||
handleResult(new Error(`Request timeout: ${info3.options.path}`));
|
||||
handleResult(new Error(`Request timeout: ${info4.options.path}`));
|
||||
});
|
||||
req.on("error", function(err) {
|
||||
handleResult(err);
|
||||
@@ -17734,27 +17734,27 @@ var require_lib = __commonJS({
|
||||
return this._getProxyAgentDispatcher(parsedUrl, proxyUrl);
|
||||
}
|
||||
_prepareRequest(method, requestUrl, headers) {
|
||||
const info3 = {};
|
||||
info3.parsedUrl = requestUrl;
|
||||
const usingSsl = info3.parsedUrl.protocol === "https:";
|
||||
info3.httpModule = usingSsl ? https : http;
|
||||
const info4 = {};
|
||||
info4.parsedUrl = requestUrl;
|
||||
const usingSsl = info4.parsedUrl.protocol === "https:";
|
||||
info4.httpModule = usingSsl ? https : http;
|
||||
const defaultPort = usingSsl ? 443 : 80;
|
||||
info3.options = {};
|
||||
info3.options.host = info3.parsedUrl.hostname;
|
||||
info3.options.port = info3.parsedUrl.port ? parseInt(info3.parsedUrl.port) : defaultPort;
|
||||
info3.options.path = (info3.parsedUrl.pathname || "") + (info3.parsedUrl.search || "");
|
||||
info3.options.method = method;
|
||||
info3.options.headers = this._mergeHeaders(headers);
|
||||
info4.options = {};
|
||||
info4.options.host = info4.parsedUrl.hostname;
|
||||
info4.options.port = info4.parsedUrl.port ? parseInt(info4.parsedUrl.port) : defaultPort;
|
||||
info4.options.path = (info4.parsedUrl.pathname || "") + (info4.parsedUrl.search || "");
|
||||
info4.options.method = method;
|
||||
info4.options.headers = this._mergeHeaders(headers);
|
||||
if (this.userAgent != null) {
|
||||
info3.options.headers["user-agent"] = this.userAgent;
|
||||
info4.options.headers["user-agent"] = this.userAgent;
|
||||
}
|
||||
info3.options.agent = this._getAgent(info3.parsedUrl);
|
||||
info4.options.agent = this._getAgent(info4.parsedUrl);
|
||||
if (this.handlers) {
|
||||
for (const handler of this.handlers) {
|
||||
handler.prepareRequest(info3.options);
|
||||
handler.prepareRequest(info4.options);
|
||||
}
|
||||
}
|
||||
return info3;
|
||||
return info4;
|
||||
}
|
||||
_mergeHeaders(headers) {
|
||||
if (this.requestOptions && this.requestOptions.headers) {
|
||||
@@ -19661,10 +19661,10 @@ var require_core = __commonJS({
|
||||
(0, command_1.issueCommand)("set-env", { name }, convertedVal);
|
||||
}
|
||||
exports2.exportVariable = exportVariable;
|
||||
function setSecret(secret) {
|
||||
function setSecret2(secret) {
|
||||
(0, command_1.issueCommand)("add-mask", {}, secret);
|
||||
}
|
||||
exports2.setSecret = setSecret;
|
||||
exports2.setSecret = setSecret2;
|
||||
function addPath(inputPath) {
|
||||
const filePath = process.env["GITHUB_PATH"] || "";
|
||||
if (filePath) {
|
||||
@@ -19675,7 +19675,7 @@ var require_core = __commonJS({
|
||||
process.env["PATH"] = `${inputPath}${path.delimiter}${process.env["PATH"]}`;
|
||||
}
|
||||
exports2.addPath = addPath;
|
||||
function getInput2(name, options) {
|
||||
function getInput3(name, options) {
|
||||
const val = process.env[`INPUT_${name.replace(/ /g, "_").toUpperCase()}`] || "";
|
||||
if (options && options.required && !val) {
|
||||
throw new Error(`Input required and not supplied: ${name}`);
|
||||
@@ -19685,9 +19685,9 @@ var require_core = __commonJS({
|
||||
}
|
||||
return val.trim();
|
||||
}
|
||||
exports2.getInput = getInput2;
|
||||
exports2.getInput = getInput3;
|
||||
function getMultilineInput(name, options) {
|
||||
const inputs = getInput2(name, options).split("\n").filter((x) => x !== "");
|
||||
const inputs = getInput3(name, options).split("\n").filter((x) => x !== "");
|
||||
if (options && options.trimWhitespace === false) {
|
||||
return inputs;
|
||||
}
|
||||
@@ -19697,7 +19697,7 @@ var require_core = __commonJS({
|
||||
function getBooleanInput(name, options) {
|
||||
const trueValue = ["true", "True", "TRUE"];
|
||||
const falseValue = ["false", "False", "FALSE"];
|
||||
const val = getInput2(name, options);
|
||||
const val = getInput3(name, options);
|
||||
if (trueValue.includes(val))
|
||||
return true;
|
||||
if (falseValue.includes(val))
|
||||
@@ -19706,7 +19706,7 @@ var require_core = __commonJS({
|
||||
Support boolean input list: \`true | True | TRUE | false | False | FALSE\``);
|
||||
}
|
||||
exports2.getBooleanInput = getBooleanInput;
|
||||
function setOutput2(name, value) {
|
||||
function setOutput(name, value) {
|
||||
const filePath = process.env["GITHUB_OUTPUT"] || "";
|
||||
if (filePath) {
|
||||
return (0, file_command_1.issueFileCommand)("OUTPUT", (0, file_command_1.prepareKeyValueMessage)(name, value));
|
||||
@@ -19714,7 +19714,7 @@ Support boolean input list: \`true | True | TRUE | false | False | FALSE\``);
|
||||
process.stdout.write(os.EOL);
|
||||
(0, command_1.issueCommand)("set-output", { name }, (0, utils_1.toCommandValue)(value));
|
||||
}
|
||||
exports2.setOutput = setOutput2;
|
||||
exports2.setOutput = setOutput;
|
||||
function setCommandEcho(enabled) {
|
||||
(0, command_1.issue)("echo", enabled ? "on" : "off");
|
||||
}
|
||||
@@ -19744,10 +19744,10 @@ Support boolean input list: \`true | True | TRUE | false | False | FALSE\``);
|
||||
(0, command_1.issueCommand)("notice", (0, utils_1.toCommandProperties)(properties), message instanceof Error ? message.toString() : message);
|
||||
}
|
||||
exports2.notice = notice;
|
||||
function info3(message) {
|
||||
function info4(message) {
|
||||
process.stdout.write(message + os.EOL);
|
||||
}
|
||||
exports2.info = info3;
|
||||
exports2.info = info4;
|
||||
function startGroup2(name) {
|
||||
(0, command_1.issue)("group", name);
|
||||
}
|
||||
@@ -19781,12 +19781,12 @@ Support boolean input list: \`true | True | TRUE | false | False | FALSE\``);
|
||||
return process.env[`STATE_${name}`] || "";
|
||||
}
|
||||
exports2.getState = getState;
|
||||
function getIDToken(aud) {
|
||||
function getIDToken2(aud) {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
return yield oidc_utils_1.OidcClient.getIDToken(aud);
|
||||
});
|
||||
}
|
||||
exports2.getIDToken = getIDToken;
|
||||
exports2.getIDToken = getIDToken2;
|
||||
var summary_1 = require_summary();
|
||||
Object.defineProperty(exports2, "summary", { enumerable: true, get: function() {
|
||||
return summary_1.summary;
|
||||
@@ -25494,7 +25494,7 @@ var require_src = __commonJS({
|
||||
});
|
||||
|
||||
// entry.ts
|
||||
var core3 = __toESM(require_core(), 1);
|
||||
var core4 = __toESM(require_core(), 1);
|
||||
|
||||
// main.ts
|
||||
var core2 = __toESM(require_core(), 1);
|
||||
@@ -25503,6 +25503,28 @@ var core2 = __toESM(require_core(), 1);
|
||||
var import_promises = require("node:fs/promises");
|
||||
var core = __toESM(require_core(), 1);
|
||||
|
||||
// mcp/config.ts
|
||||
var actionPath = process.env.GITHUB_ACTION_PATH || process.cwd();
|
||||
function createMcpConfig(githubInstallationToken, repoOwner, repoName) {
|
||||
return JSON.stringify(
|
||||
{
|
||||
mcpServers: {
|
||||
minimal_github_comment: {
|
||||
command: "node",
|
||||
args: [`${actionPath}/mcp/server.ts`],
|
||||
env: {
|
||||
GITHUB_INSTALLATION_TOKEN: githubInstallationToken,
|
||||
REPO_OWNER: repoOwner,
|
||||
REPO_NAME: repoName
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
null,
|
||||
2
|
||||
);
|
||||
}
|
||||
|
||||
// utils/subprocess.ts
|
||||
var import_node_child_process = require("node:child_process");
|
||||
async function spawn(options) {
|
||||
@@ -25707,20 +25729,16 @@ var ClaudeAgent = class {
|
||||
try {
|
||||
const result = await spawn({
|
||||
cmd: "bash",
|
||||
args: [
|
||||
"-c",
|
||||
"curl -fsSL https://claude.ai/install.sh | bash -s 1.0.93"
|
||||
],
|
||||
args: ["-c", "curl -fsSL https://claude.ai/install.sh | bash -s 1.0.93"],
|
||||
env: { ANTHROPIC_API_KEY: this.apiKey },
|
||||
timeout: 12e4,
|
||||
// 2 minute timeout
|
||||
onStdout: (chunk) => process.stdout.write(chunk),
|
||||
onStdout: () => {
|
||||
},
|
||||
onStderr: (chunk) => process.stderr.write(chunk)
|
||||
});
|
||||
if (result.exitCode !== 0) {
|
||||
throw new Error(
|
||||
`Installation failed with exit code ${result.exitCode}: ${result.stderr}`
|
||||
);
|
||||
throw new Error(`Installation failed with exit code ${result.exitCode}: ${result.stderr}`);
|
||||
}
|
||||
core.info("Claude Code installed successfully");
|
||||
} catch (error2) {
|
||||
@@ -25741,8 +25759,17 @@ var ClaudeAgent = class {
|
||||
"stream-json",
|
||||
"--verbose",
|
||||
"--permission-mode",
|
||||
"acceptEdits"
|
||||
"bypassPermissions"
|
||||
];
|
||||
if (process.env.GITHUB_INSTALLATION_TOKEN && process.env.REPO_OWNER && process.env.REPO_NAME) {
|
||||
const mcpConfig = createMcpConfig(
|
||||
process.env.GITHUB_INSTALLATION_TOKEN,
|
||||
process.env.REPO_OWNER,
|
||||
process.env.REPO_NAME
|
||||
);
|
||||
console.log("\u{1F4CB} MCP Config:", mcpConfig);
|
||||
args.push("--mcp-config", mcpConfig);
|
||||
}
|
||||
const env = {
|
||||
ANTHROPIC_API_KEY: this.apiKey
|
||||
};
|
||||
@@ -25821,10 +25848,7 @@ function processJSONChunk(chunk, agent) {
|
||||
["model", parsedChunk.model],
|
||||
["cwd", parsedChunk.cwd],
|
||||
["permission_mode", parsedChunk.permissionMode],
|
||||
[
|
||||
"tools",
|
||||
parsedChunk.tools?.length ? `${parsedChunk.tools.length} tools` : "none"
|
||||
],
|
||||
["tools", parsedChunk.tools?.length ? `${parsedChunk.tools.length} tools` : "none"],
|
||||
[
|
||||
"mcp_servers",
|
||||
parsedChunk.mcp_servers?.length ? `${parsedChunk.mcp_servers.length} servers` : "none"
|
||||
@@ -25845,9 +25869,7 @@ function processJSONChunk(chunk, agent) {
|
||||
for (const content of parsedChunk.message.content) {
|
||||
if (content.type === "text") {
|
||||
if (content.text.trim()) {
|
||||
core.info(
|
||||
boxString(content.text.trim(), { title: "Claude Code" })
|
||||
);
|
||||
core.info(boxString(content.text.trim(), { title: "Claude Code" }));
|
||||
}
|
||||
} else if (content.type === "tool_use") {
|
||||
if (agent) {
|
||||
@@ -25915,10 +25937,7 @@ function processJSONChunk(chunk, agent) {
|
||||
if (parsedChunk.subtype === "success") {
|
||||
core.info(
|
||||
tableString([
|
||||
[
|
||||
"Cost",
|
||||
`$${parsedChunk.total_cost_usd?.toFixed(4) || "0.0000"}`
|
||||
],
|
||||
["Cost", `$${parsedChunk.total_cost_usd?.toFixed(4) || "0.0000"}`],
|
||||
["Input Tokens", parsedChunk.usage?.input_tokens || 0],
|
||||
["Output Tokens", parsedChunk.usage?.output_tokens || 0],
|
||||
["Duration", `${parsedChunk.duration_ms}ms`],
|
||||
@@ -25942,14 +25961,15 @@ function processJSONChunk(chunk, agent) {
|
||||
// main.ts
|
||||
async function main(params) {
|
||||
try {
|
||||
const anthropicApiKey = params.anthropicApiKey || process.env.ANTHROPIC_API_KEY;
|
||||
if (!anthropicApiKey) {
|
||||
throw new Error("anthropic_api_key is required");
|
||||
const { inputs, env, cwd } = params;
|
||||
if (cwd !== process.cwd()) {
|
||||
process.chdir(cwd);
|
||||
}
|
||||
Object.assign(process.env, env);
|
||||
core2.info(`\u2192 Starting agent run with Claude Code`);
|
||||
const agent = new ClaudeAgent({ apiKey: anthropicApiKey });
|
||||
const agent = new ClaudeAgent({ apiKey: inputs.anthropic_api_key });
|
||||
await agent.install();
|
||||
const result = await agent.execute(params.prompt);
|
||||
const result = await agent.execute(inputs.prompt);
|
||||
if (!result.success) {
|
||||
return {
|
||||
success: false,
|
||||
@@ -25970,33 +25990,82 @@ async function main(params) {
|
||||
}
|
||||
}
|
||||
|
||||
// utils/github.ts
|
||||
var core3 = __toESM(require_core(), 1);
|
||||
async function setupGitHubInstallationToken() {
|
||||
const inputToken = core3.getInput("github_installation_token");
|
||||
const envToken = process.env.GITHUB_INSTALLATION_TOKEN;
|
||||
const existingToken = inputToken || envToken;
|
||||
if (existingToken) {
|
||||
core3.setSecret(existingToken);
|
||||
core3.info("Using provided GitHub installation token");
|
||||
return existingToken;
|
||||
}
|
||||
core3.info("Generating OIDC token...");
|
||||
try {
|
||||
const oidcToken = await core3.getIDToken("pullfrog-api");
|
||||
core3.info("OIDC token generated successfully");
|
||||
const apiUrl = process.env.API_URL || "https://pullfrog.ai";
|
||||
core3.info("Exchanging OIDC token for installation token...");
|
||||
const tokenResponse = await fetch(`${apiUrl}/api/github/installation-token`, {
|
||||
method: "POST",
|
||||
headers: {
|
||||
Authorization: `Bearer ${oidcToken}`,
|
||||
"Content-Type": "application/json"
|
||||
}
|
||||
});
|
||||
if (!tokenResponse.ok) {
|
||||
const errorText = await tokenResponse.text();
|
||||
throw new Error(
|
||||
`Token exchange failed: ${tokenResponse.status} ${tokenResponse.statusText} - ${errorText}`
|
||||
);
|
||||
}
|
||||
const tokenData = await tokenResponse.json();
|
||||
core3.info(`Installation token obtained for ${tokenData.repository || "all repositories"}`);
|
||||
core3.setSecret(tokenData.token);
|
||||
process.env.GITHUB_INSTALLATION_TOKEN = tokenData.token;
|
||||
return tokenData.token;
|
||||
} catch (error2) {
|
||||
throw new Error(
|
||||
`Failed to setup GitHub installation token: ${error2 instanceof Error ? error2.message : "Unknown error"}`
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// entry.ts
|
||||
async function run() {
|
||||
try {
|
||||
const prompt = core3.getInput("prompt", { required: true });
|
||||
const anthropicApiKey = core3.getInput("anthropic_api_key", {
|
||||
required: true
|
||||
});
|
||||
if (!anthropicApiKey) {
|
||||
throw new Error("anthropic_api_key is required");
|
||||
}
|
||||
const prompt = core4.getInput("prompt", { required: true });
|
||||
const anthropic_api_key = core4.getInput("anthropic_api_key");
|
||||
if (!prompt) {
|
||||
throw new Error("prompt is required");
|
||||
}
|
||||
const params = {
|
||||
const inputs = {
|
||||
prompt,
|
||||
anthropicApiKey
|
||||
anthropic_api_key
|
||||
};
|
||||
const githubToken = core4.getInput("github_token") || process.env.GITHUB_TOKEN;
|
||||
if (githubToken) {
|
||||
inputs.github_token = githubToken;
|
||||
}
|
||||
const githubInstallationToken = core4.getInput("github_installation_token") || process.env.GITHUB_INSTALLATION_TOKEN;
|
||||
if (githubInstallationToken) {
|
||||
inputs.github_installation_token = githubInstallationToken;
|
||||
} else {
|
||||
await setupGitHubInstallationToken();
|
||||
}
|
||||
const params = {
|
||||
inputs,
|
||||
env: {},
|
||||
cwd: process.cwd()
|
||||
};
|
||||
const result = await main(params);
|
||||
core3.setOutput("status", result.success ? "success" : "failed");
|
||||
core3.setOutput("prompt", prompt);
|
||||
core3.setOutput("output", result.output || "");
|
||||
if (!result.success) {
|
||||
throw new Error(result.error || "Agent execution failed");
|
||||
}
|
||||
} catch (error2) {
|
||||
const errorMessage = error2 instanceof Error ? error2.message : "Unknown error occurred";
|
||||
core3.setFailed(`Action failed: ${errorMessage}`);
|
||||
core4.setFailed(`Action failed: ${errorMessage}`);
|
||||
}
|
||||
}
|
||||
run().catch((error2) => {
|
||||
|
||||
@@ -6,44 +6,54 @@
|
||||
*/
|
||||
|
||||
import * as core from "@actions/core";
|
||||
import { main } from "./main";
|
||||
import { type ExecutionInputs, type MainParams, main } from "./main.ts";
|
||||
import { setupGitHubInstallationToken } from "./utils/github.ts";
|
||||
|
||||
async function run(): Promise<void> {
|
||||
try {
|
||||
// Get inputs from GitHub Actions
|
||||
const prompt = core.getInput("prompt", { required: true });
|
||||
const anthropicApiKey = core.getInput("anthropic_api_key", {
|
||||
required: true,
|
||||
});
|
||||
|
||||
if (!anthropicApiKey) {
|
||||
throw new Error("anthropic_api_key is required");
|
||||
}
|
||||
const anthropic_api_key = core.getInput("anthropic_api_key");
|
||||
|
||||
if (!prompt) {
|
||||
throw new Error("prompt is required");
|
||||
}
|
||||
|
||||
// Create params object
|
||||
const params = {
|
||||
// Create params object with new structure
|
||||
const inputs: ExecutionInputs = {
|
||||
prompt,
|
||||
anthropicApiKey,
|
||||
anthropic_api_key,
|
||||
};
|
||||
|
||||
// Add optional properties only if they exist
|
||||
const githubToken = core.getInput("github_token") || process.env.GITHUB_TOKEN;
|
||||
if (githubToken) {
|
||||
inputs.github_token = githubToken;
|
||||
}
|
||||
|
||||
const githubInstallationToken =
|
||||
core.getInput("github_installation_token") || process.env.GITHUB_INSTALLATION_TOKEN;
|
||||
if (githubInstallationToken) {
|
||||
inputs.github_installation_token = githubInstallationToken;
|
||||
} else {
|
||||
await setupGitHubInstallationToken();
|
||||
}
|
||||
|
||||
const params: MainParams = {
|
||||
inputs,
|
||||
env: {},
|
||||
cwd: process.cwd(),
|
||||
};
|
||||
|
||||
// Run the main function
|
||||
const result = await main(params);
|
||||
|
||||
// Set outputs
|
||||
core.setOutput("status", result.success ? "success" : "failed");
|
||||
core.setOutput("prompt", prompt);
|
||||
core.setOutput("output", result.output || "");
|
||||
// TODO: Set outputs
|
||||
|
||||
if (!result.success) {
|
||||
throw new Error(result.error || "Agent execution failed");
|
||||
}
|
||||
} catch (error) {
|
||||
const errorMessage =
|
||||
error instanceof Error ? error.message : "Unknown error occurred";
|
||||
const errorMessage = error instanceof Error ? error.message : "Unknown error occurred";
|
||||
core.setFailed(`Action failed: ${errorMessage}`);
|
||||
}
|
||||
}
|
||||
|
||||
+8
-2
@@ -1,7 +1,13 @@
|
||||
import type { MainParams } from "../main";
|
||||
import type { MainParams } from "../main.ts";
|
||||
|
||||
const testParams = {
|
||||
prompt: "List all files in the current directory, then create a file called dynamic-test.txt with the content 'This was loaded from a TypeScript file!', then delete it."
|
||||
inputs: {
|
||||
prompt:
|
||||
"List all files in the current directory, then create a file called dynamic-test.txt with the content 'This was loaded from a TypeScript file!', then delete it.",
|
||||
anthropic_api_key: "sk-test-key",
|
||||
},
|
||||
env: {},
|
||||
cwd: process.cwd(),
|
||||
} satisfies MainParams;
|
||||
|
||||
export default testParams;
|
||||
|
||||
+3
-1
@@ -1 +1,3 @@
|
||||
Print the list of tools available. Then create a new file called test.txt with the content "Hello from Pullfrog!".
|
||||
Use the MCP GitHub comment tool to add a comment containing your best frog joke to GitHub issue https://github.com/pullfrogai/scratch/issues/2.
|
||||
|
||||
Do not use the gh cli. If the mcp tool does not work, bail.
|
||||
@@ -3,6 +3,11 @@
|
||||
* This exports the main function for programmatic usage
|
||||
*/
|
||||
|
||||
export { main } from "./main";
|
||||
export { ClaudeAgent } from "./agents";
|
||||
export type { Agent, AgentConfig, AgentResult } from "./agents/types";
|
||||
export { ClaudeAgent } from "./agents/claude.ts";
|
||||
export type { Agent, AgentConfig, AgentResult } from "./agents/types.ts";
|
||||
export {
|
||||
type ExecutionInputs,
|
||||
type MainParams,
|
||||
type MainResult,
|
||||
main,
|
||||
} from "./main.ts";
|
||||
|
||||
@@ -1,9 +1,24 @@
|
||||
import * as core from "@actions/core";
|
||||
import { ClaudeAgent } from "./agents";
|
||||
import { ClaudeAgent } from "./agents/claude.ts";
|
||||
|
||||
// Expected environment variables that should be passed as inputs
|
||||
export const EXPECTED_INPUTS: string[] = [
|
||||
"ANTHROPIC_API_KEY",
|
||||
"GITHUB_TOKEN",
|
||||
"GITHUB_INSTALLATION_TOKEN",
|
||||
];
|
||||
|
||||
export interface ExecutionInputs {
|
||||
prompt: string;
|
||||
anthropic_api_key: string;
|
||||
github_token?: string;
|
||||
github_installation_token?: string;
|
||||
}
|
||||
|
||||
export interface MainParams {
|
||||
prompt: string;
|
||||
anthropicApiKey?: string;
|
||||
inputs: ExecutionInputs;
|
||||
env: Record<string, string>;
|
||||
cwd: string;
|
||||
}
|
||||
|
||||
export interface MainResult {
|
||||
@@ -14,22 +29,25 @@ export interface MainResult {
|
||||
|
||||
export async function main(params: MainParams): Promise<MainResult> {
|
||||
try {
|
||||
// Use provided API key or fall back to environment variable
|
||||
const anthropicApiKey =
|
||||
params.anthropicApiKey || process.env.ANTHROPIC_API_KEY;
|
||||
// Extract inputs from params
|
||||
const { inputs, env, cwd } = params;
|
||||
|
||||
if (!anthropicApiKey) {
|
||||
throw new Error("anthropic_api_key is required");
|
||||
// Set working directory if different from current
|
||||
if (cwd !== process.cwd()) {
|
||||
process.chdir(cwd);
|
||||
}
|
||||
|
||||
// Set environment variables
|
||||
Object.assign(process.env, env);
|
||||
|
||||
core.info(`→ Starting agent run with Claude Code`);
|
||||
|
||||
// Create and install the Claude agent
|
||||
const agent = new ClaudeAgent({ apiKey: anthropicApiKey });
|
||||
const agent = new ClaudeAgent({ apiKey: inputs.anthropic_api_key });
|
||||
await agent.install();
|
||||
|
||||
// Execute the agent with the prompt
|
||||
const result = await agent.execute(params.prompt);
|
||||
const result = await agent.execute(inputs.prompt);
|
||||
|
||||
if (!result.success) {
|
||||
return {
|
||||
@@ -44,8 +62,7 @@ export async function main(params: MainParams): Promise<MainResult> {
|
||||
output: result.output || "",
|
||||
};
|
||||
} catch (error) {
|
||||
const errorMessage =
|
||||
error instanceof Error ? error.message : "Unknown error occurred";
|
||||
const errorMessage = error instanceof Error ? error.message : "Unknown error occurred";
|
||||
return {
|
||||
success: false,
|
||||
error: errorMessage,
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
/**
|
||||
* Simple MCP configuration helper for adding our minimal GitHub comment server
|
||||
*/
|
||||
const actionPath = process.env.GITHUB_ACTION_PATH || process.cwd();
|
||||
|
||||
export function createMcpConfig(
|
||||
githubInstallationToken: string,
|
||||
repoOwner: string,
|
||||
repoName: string
|
||||
) {
|
||||
return JSON.stringify(
|
||||
{
|
||||
mcpServers: {
|
||||
minimal_github_comment: {
|
||||
command: "node",
|
||||
args: [`${actionPath}/mcp/server.ts`],
|
||||
env: {
|
||||
GITHUB_INSTALLATION_TOKEN: githubInstallationToken,
|
||||
REPO_OWNER: repoOwner,
|
||||
REPO_NAME: repoName,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
null,
|
||||
2
|
||||
);
|
||||
}
|
||||
@@ -0,0 +1,97 @@
|
||||
#!/usr/bin/env node
|
||||
// Minimal GitHub Issue Comment MCP Server
|
||||
import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
|
||||
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
|
||||
import { Octokit } from "@octokit/rest";
|
||||
import { type } from "arktype";
|
||||
import { z } from "zod";
|
||||
|
||||
// Get repository information from environment variables
|
||||
const REPO_OWNER = process.env.REPO_OWNER;
|
||||
const REPO_NAME = process.env.REPO_NAME;
|
||||
|
||||
if (!REPO_OWNER || !REPO_NAME) {
|
||||
console.error("Error: REPO_OWNER and REPO_NAME environment variables are required");
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
const server = new McpServer({
|
||||
name: "Minimal GitHub Issue Comment Server",
|
||||
version: "0.0.1",
|
||||
});
|
||||
|
||||
// Define the schema for creating issue comments
|
||||
const Comment = type({
|
||||
issueNumber: type.number.describe("the issue number to comment on"),
|
||||
body: type.string.describe("the comment body content"),
|
||||
});
|
||||
|
||||
server.tool(
|
||||
"create_issue_comment",
|
||||
"Create a comment on a GitHub issue",
|
||||
{
|
||||
issueNumber: z.number().describe("the issue number to comment on"),
|
||||
body: z.string().describe("the comment body content"),
|
||||
},
|
||||
async ({ issueNumber, body }) => {
|
||||
try {
|
||||
Comment.assert({ issueNumber, body });
|
||||
|
||||
const githubInstallationToken = process.env.GITHUB_INSTALLATION_TOKEN;
|
||||
if (!githubInstallationToken) {
|
||||
throw new Error("GITHUB_INSTALLATION_TOKEN environment variable is required");
|
||||
}
|
||||
|
||||
const octokit = new Octokit({
|
||||
auth: githubInstallationToken,
|
||||
});
|
||||
|
||||
const result = await octokit.rest.issues.createComment({
|
||||
owner: REPO_OWNER,
|
||||
repo: REPO_NAME,
|
||||
issue_number: issueNumber,
|
||||
body: body,
|
||||
});
|
||||
|
||||
return {
|
||||
content: [
|
||||
{
|
||||
type: "text",
|
||||
text: JSON.stringify(
|
||||
{
|
||||
success: true,
|
||||
commentId: result.data.id,
|
||||
url: result.data.html_url,
|
||||
body: result.data.body,
|
||||
},
|
||||
null,
|
||||
2
|
||||
),
|
||||
},
|
||||
],
|
||||
};
|
||||
} catch (error) {
|
||||
const errorMessage = error instanceof Error ? error.message : String(error);
|
||||
return {
|
||||
content: [
|
||||
{
|
||||
type: "text",
|
||||
text: `Error creating comment: ${errorMessage}`,
|
||||
},
|
||||
],
|
||||
error: errorMessage,
|
||||
isError: true,
|
||||
};
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
async function runServer() {
|
||||
const transport = new StdioServerTransport();
|
||||
await server.connect(transport);
|
||||
process.on("exit", () => {
|
||||
server.close();
|
||||
});
|
||||
}
|
||||
|
||||
runServer().catch(console.error);
|
||||
+13
-6
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@pullfrog/action",
|
||||
"version": "0.0.7",
|
||||
"version": "0.0.13",
|
||||
"type": "module",
|
||||
"files": [
|
||||
"index.js",
|
||||
@@ -17,25 +17,32 @@
|
||||
},
|
||||
"scripts": {
|
||||
"test": "echo \"Error: no test specified\" && exit 1",
|
||||
"typecheck": "tsc --noEmit",
|
||||
"build": "node esbuild.config.js",
|
||||
"build:npm": "zshy",
|
||||
"build:dev": "node esbuild.config.js",
|
||||
"prepare": "husky",
|
||||
"play": "tsx --env-file=../.env play.ts"
|
||||
"play": "node play.ts",
|
||||
"upDeps": "pnpm up --latest"
|
||||
},
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.1",
|
||||
"@actions/core": "^1.11.1",
|
||||
"@modelcontextprotocol/sdk": "^1.17.5",
|
||||
"@octokit/rest": "^22.0.0",
|
||||
"@octokit/webhooks-types": "^7.6.1",
|
||||
"arktype": "^2.1.22",
|
||||
"dotenv": "^17.2.2",
|
||||
"execa": "^9.6.0",
|
||||
"table": "^6.9.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/node": "^20.10.0",
|
||||
"commander": "^14.0.0",
|
||||
"dotenv": "^17.2.2",
|
||||
"arg": "^5.0.2",
|
||||
"esbuild": "^0.25.9",
|
||||
"husky": "^9.0.0",
|
||||
"typescript": "^5.3.0",
|
||||
"zshy": "^0.4.1"
|
||||
"zshy": "^0.4.1",
|
||||
"zod": "^3.24.4"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
|
||||
@@ -1,191 +1,198 @@
|
||||
#!/usr/bin/env tsx
|
||||
|
||||
import { execSync } from "node:child_process";
|
||||
import { existsSync, readFileSync, rmSync, writeFileSync } from "node:fs";
|
||||
import { dirname, join, resolve, extname } from "node:path";
|
||||
import { existsSync, readFileSync } from "node:fs";
|
||||
import { dirname, extname, join, resolve } from "node:path";
|
||||
import { fileURLToPath, pathToFileURL } from "node:url";
|
||||
import { Command } from "commander";
|
||||
import { main } from "./main";
|
||||
import { runAct } from "./utils/act";
|
||||
import arg from "arg";
|
||||
import { config } from "dotenv";
|
||||
import { main } from "./main.ts";
|
||||
import { runAct } from "./utils/act.ts";
|
||||
import { setupTestRepo } from "./utils/setup.ts";
|
||||
|
||||
// Load environment variables from .env file
|
||||
config();
|
||||
|
||||
const __filename = fileURLToPath(import.meta.url);
|
||||
const __dirname = dirname(__filename);
|
||||
|
||||
async function loadPrompt(filePath: string): Promise<string> {
|
||||
const ext = extname(filePath).toLowerCase();
|
||||
|
||||
// Try to resolve the file path
|
||||
let resolvedPath: string;
|
||||
|
||||
// First try as fixtures path
|
||||
const fixturesPath = join(__dirname, "fixtures", filePath);
|
||||
if (existsSync(fixturesPath)) {
|
||||
resolvedPath = fixturesPath;
|
||||
} else if (existsSync(filePath)) {
|
||||
resolvedPath = resolve(filePath);
|
||||
} else {
|
||||
throw new Error(`File not found: ${filePath}`);
|
||||
}
|
||||
|
||||
switch (ext) {
|
||||
case ".txt": {
|
||||
// Plain text - pass directly as prompt
|
||||
return readFileSync(resolvedPath, "utf8").trim();
|
||||
}
|
||||
|
||||
case ".json": {
|
||||
// JSON - stringify and pass as prompt
|
||||
const content = readFileSync(resolvedPath, "utf8");
|
||||
const parsed = JSON.parse(content);
|
||||
return JSON.stringify(parsed, null, 2);
|
||||
}
|
||||
|
||||
case ".ts": {
|
||||
// TypeScript - dynamic import and stringify default export
|
||||
const fileUrl = pathToFileURL(resolvedPath).href;
|
||||
const module = await import(fileUrl);
|
||||
|
||||
if (!module.default) {
|
||||
throw new Error(
|
||||
`TypeScript file ${filePath} must have a default export`,
|
||||
);
|
||||
}
|
||||
|
||||
// If it's a string, use it directly
|
||||
if (typeof module.default === "string") {
|
||||
return module.default;
|
||||
}
|
||||
|
||||
// If it's a MainParams object with a prompt field, extract the prompt
|
||||
if (typeof module.default === "object" && module.default.prompt) {
|
||||
return module.default.prompt;
|
||||
}
|
||||
|
||||
// Otherwise stringify it
|
||||
return JSON.stringify(module.default, null, 2);
|
||||
}
|
||||
|
||||
default:
|
||||
throw new Error(
|
||||
`Unsupported file type: ${ext}. Supported types: .txt, .json, .ts`,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
async function runPlay(
|
||||
filePath: string,
|
||||
options: { act?: boolean },
|
||||
): Promise<void> {
|
||||
export async function run(
|
||||
prompt: string,
|
||||
options: { act?: boolean } = {}
|
||||
): Promise<{ success: boolean; output?: string | undefined; error?: string | undefined }> {
|
||||
try {
|
||||
// Load the prompt from the specified file
|
||||
const prompt = await loadPrompt(filePath);
|
||||
|
||||
if (options.act) {
|
||||
// Use Docker/act to run the action
|
||||
console.log("🐳 Running with Docker/act...");
|
||||
runAct(prompt);
|
||||
return { success: true };
|
||||
}
|
||||
|
||||
// Setup test repository and run directly
|
||||
const tempDir = join(process.cwd(), ".temp");
|
||||
setupTestRepo({ tempDir, forceClean: true });
|
||||
|
||||
// Change to the temp directory
|
||||
const originalCwd = process.cwd();
|
||||
process.chdir(tempDir);
|
||||
|
||||
console.log("🚀 Running action with prompt...");
|
||||
console.log("─".repeat(50));
|
||||
console.log("Prompt:");
|
||||
console.log(prompt);
|
||||
console.log("─".repeat(50));
|
||||
|
||||
// Set environment variables from our .env for the action to use
|
||||
const { EXPECTED_INPUTS } = await import("./main.ts");
|
||||
EXPECTED_INPUTS.forEach((inputName) => {
|
||||
const value = process.env[inputName];
|
||||
if (value) {
|
||||
process.env[`INPUT_${inputName.toLowerCase()}`] = value;
|
||||
}
|
||||
});
|
||||
|
||||
// Run main with the new params structure
|
||||
const inputs: any = {
|
||||
prompt,
|
||||
anthropic_api_key: process.env.ANTHROPIC_API_KEY || "",
|
||||
};
|
||||
|
||||
// Add optional properties only if they exist
|
||||
if (process.env.GITHUB_TOKEN) {
|
||||
inputs.github_token = process.env.GITHUB_TOKEN;
|
||||
}
|
||||
|
||||
if (process.env.GITHUB_INSTALLATION_TOKEN) {
|
||||
inputs.github_installation_token = process.env.GITHUB_INSTALLATION_TOKEN;
|
||||
}
|
||||
|
||||
const result = await main({
|
||||
inputs,
|
||||
env: process.env as Record<string, string>,
|
||||
cwd: process.cwd(),
|
||||
});
|
||||
|
||||
// Change back to original directory
|
||||
process.chdir(originalCwd);
|
||||
|
||||
if (result.success) {
|
||||
console.log("✅ Action completed successfully");
|
||||
if (result.output) {
|
||||
console.log("Output:", result.output);
|
||||
}
|
||||
return { success: true, output: result.output || undefined, error: undefined };
|
||||
} else {
|
||||
// Clone the test repository and run directly
|
||||
const tempDir = join(process.cwd(), ".temp");
|
||||
const repoUrl = "git@github.com:pullfrogai/scratch.git";
|
||||
console.error("❌ Action failed:", result.error);
|
||||
return { success: false, error: result.error || undefined, output: undefined };
|
||||
}
|
||||
} catch (error) {
|
||||
const errorMessage = (error as Error).message;
|
||||
console.error("❌ Error:", errorMessage);
|
||||
return { success: false, error: errorMessage, output: undefined };
|
||||
}
|
||||
}
|
||||
|
||||
// Remove existing temp directory if it exists
|
||||
if (existsSync(tempDir)) {
|
||||
console.log("🗑️ Removing existing .temp directory...");
|
||||
rmSync(tempDir, { recursive: true, force: true });
|
||||
// CLI execution when run directly
|
||||
if (import.meta.url === `file://${process.argv[1]}`) {
|
||||
const args = arg({
|
||||
"--help": Boolean,
|
||||
"--act": Boolean,
|
||||
"--raw": String,
|
||||
"-h": "--help",
|
||||
});
|
||||
|
||||
if (args["--help"]) {
|
||||
console.log(`
|
||||
Usage: tsx play.ts [file] [options]
|
||||
|
||||
Test the Pullfrog action with various prompts.
|
||||
|
||||
Arguments:
|
||||
file Prompt file to use (.txt, .json, or .ts) [default: fixtures/basic.txt]
|
||||
|
||||
Options:
|
||||
--act Use Docker/act to run the action instead of running directly
|
||||
--raw [prompt] Use raw string as prompt instead of loading from file
|
||||
-h, --help Show this help message
|
||||
|
||||
Examples:
|
||||
tsx play.ts # Use default fixture
|
||||
tsx play.ts fixtures/basic.txt # Use specific text file
|
||||
tsx play.ts custom.json # Use JSON file
|
||||
tsx play.ts --act fixtures/test.ts # Use TypeScript file with Docker/act
|
||||
tsx play.ts --raw "Hello world" # Use raw string as prompt
|
||||
`);
|
||||
process.exit(0);
|
||||
}
|
||||
|
||||
let prompt: string;
|
||||
|
||||
if (args["--raw"]) {
|
||||
// Use raw prompt string
|
||||
prompt = args["--raw"];
|
||||
} else {
|
||||
// Load prompt from file
|
||||
const filePath = args._[0] || "fixtures/basic.txt";
|
||||
const ext = extname(filePath).toLowerCase();
|
||||
let resolvedPath: string;
|
||||
|
||||
// First try as fixtures path
|
||||
const fixturesPath = join(__dirname, "fixtures", filePath);
|
||||
if (existsSync(fixturesPath)) {
|
||||
resolvedPath = fixturesPath;
|
||||
} else if (existsSync(filePath)) {
|
||||
resolvedPath = resolve(filePath);
|
||||
} else {
|
||||
throw new Error(`File not found: ${filePath}`);
|
||||
}
|
||||
|
||||
switch (ext) {
|
||||
case ".txt": {
|
||||
// Plain text - pass directly as prompt
|
||||
prompt = readFileSync(resolvedPath, "utf8").trim();
|
||||
break;
|
||||
}
|
||||
|
||||
// Clone the repository
|
||||
console.log("📦 Cloning pullfrogai/scratch into .temp...");
|
||||
execSync(`git clone ${repoUrl} ${tempDir}`, { stdio: "inherit" });
|
||||
case ".json": {
|
||||
// JSON - stringify and pass as prompt
|
||||
const content = readFileSync(resolvedPath, "utf8");
|
||||
const parsed = JSON.parse(content);
|
||||
prompt = JSON.stringify(parsed, null, 2);
|
||||
break;
|
||||
}
|
||||
|
||||
// List of environment variables to copy to .temp
|
||||
const envVarsToCopy = [
|
||||
"ANTHROPIC_API_KEY",
|
||||
"GITHUB_TOKEN",
|
||||
// Add more environment variables here as needed
|
||||
];
|
||||
case ".ts": {
|
||||
// TypeScript - dynamic import and stringify default export
|
||||
const fileUrl = pathToFileURL(resolvedPath).href;
|
||||
const module = await import(fileUrl);
|
||||
|
||||
// Build .env content from the list
|
||||
const envLines = envVarsToCopy
|
||||
.map((varName) => `${varName}=${process.env[varName] || ""}`)
|
||||
.join("\n");
|
||||
|
||||
const envPath = join(tempDir, ".env");
|
||||
writeFileSync(envPath, envLines + "\n");
|
||||
console.log("📝 Created .env file in .temp directory with:");
|
||||
|
||||
let hasRequiredVars = true;
|
||||
envVarsToCopy.forEach((varName) => {
|
||||
const hasValue = !!process.env[varName];
|
||||
console.log(` - ${varName}: ${hasValue ? "✓" : "✗ (missing)"}`);
|
||||
|
||||
// Check for required variables
|
||||
if (varName === "ANTHROPIC_API_KEY" && !hasValue) {
|
||||
hasRequiredVars = false;
|
||||
if (!module.default) {
|
||||
throw new Error(`TypeScript file ${filePath} must have a default export`);
|
||||
}
|
||||
});
|
||||
|
||||
if (!hasRequiredVars) {
|
||||
console.warn("\n⚠️ Warning: ANTHROPIC_API_KEY is not set or empty.");
|
||||
console.warn(
|
||||
" Please ensure you have a valid API key in your .env file.",
|
||||
);
|
||||
console.warn(
|
||||
" Get your API key from: https://console.anthropic.com/api-keys\n",
|
||||
);
|
||||
}
|
||||
|
||||
// Change to the temp directory
|
||||
process.chdir(tempDir);
|
||||
|
||||
console.log("🚀 Running test in .temp directory...");
|
||||
console.log("─".repeat(50));
|
||||
console.log(`Prompt from ${filePath}:`);
|
||||
console.log(prompt);
|
||||
console.log("─".repeat(50));
|
||||
|
||||
// Run main with the params object
|
||||
const result = await main({ prompt });
|
||||
|
||||
if (result.success) {
|
||||
console.log("✅ Test completed successfully");
|
||||
if (result.output) {
|
||||
console.log("Output:", result.output);
|
||||
// If it's a string, use it directly
|
||||
if (typeof module.default === "string") {
|
||||
prompt = module.default;
|
||||
} else if (typeof module.default === "object" && module.default.prompt) {
|
||||
// If it's a MainParams object with a prompt field, extract the prompt
|
||||
prompt = module.default.prompt;
|
||||
} else {
|
||||
// Otherwise stringify it
|
||||
prompt = JSON.stringify(module.default, null, 2);
|
||||
}
|
||||
} else {
|
||||
console.error("❌ Test failed:", result.error);
|
||||
process.exit(1);
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
throw new Error(`Unsupported file type: ${ext}. Supported types: .txt, .json, .ts`);
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
const result = await run(prompt, { act: args["--act"] || false });
|
||||
|
||||
if (!result.success) {
|
||||
process.exit(1);
|
||||
}
|
||||
} catch (error) {
|
||||
console.error("❌ Error:", (error as Error).message);
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
// Set up CLI
|
||||
const program = new Command();
|
||||
|
||||
program
|
||||
.name("play")
|
||||
.description("Test the Pullfrog action with various prompts")
|
||||
.version("1.0.0")
|
||||
.argument(
|
||||
"[file]",
|
||||
"Prompt file to use (.txt, .json, or .ts)",
|
||||
"fixtures/basic.txt",
|
||||
)
|
||||
.option(
|
||||
"--act",
|
||||
"Use Docker/act to run the action instead of running directly",
|
||||
)
|
||||
.action(async (file: string, options: { act?: boolean }) => {
|
||||
await runPlay(file, options);
|
||||
});
|
||||
|
||||
// Parse arguments and run
|
||||
program.parseAsync(process.argv).catch((error) => {
|
||||
console.error("Fatal error:", error);
|
||||
process.exit(1);
|
||||
});
|
||||
|
||||
Generated
+975
-170
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,356 @@
|
||||
#!/usr/bin/env tsx
|
||||
|
||||
/**
|
||||
* GitHub App Installation Token Generator
|
||||
*
|
||||
* Generates a temporary installation token for a GitHub App to access a specific repository.
|
||||
* Uses environment variables for configuration and supports multiple installations.
|
||||
*
|
||||
* Usage:
|
||||
* node scripts/generate-installation-token.ts [--repo owner/name] [--update-env]
|
||||
*
|
||||
* Environment variables required:
|
||||
* GITHUB_APP_ID - GitHub App ID
|
||||
* GITHUB_PRIVATE_KEY - GitHub App private key (PEM format)
|
||||
* REPO_OWNER - Target repository owner (default)
|
||||
* REPO_NAME - Target repository name (default)
|
||||
*/
|
||||
|
||||
import { createSign } from "node:crypto";
|
||||
import { readFileSync, writeFileSync } from "node:fs";
|
||||
import { join } from "node:path";
|
||||
import { config } from "dotenv";
|
||||
|
||||
// Load environment variables
|
||||
config();
|
||||
|
||||
interface GitHubAppConfig {
|
||||
appId: string;
|
||||
privateKey: string;
|
||||
repoOwner: string;
|
||||
repoName: string;
|
||||
}
|
||||
|
||||
interface Installation {
|
||||
id: number;
|
||||
account: {
|
||||
login: string;
|
||||
type: string;
|
||||
};
|
||||
}
|
||||
|
||||
interface Repository {
|
||||
owner: {
|
||||
login: string;
|
||||
};
|
||||
name: string;
|
||||
}
|
||||
|
||||
interface InstallationTokenResponse {
|
||||
token: string;
|
||||
expires_at: string;
|
||||
}
|
||||
|
||||
interface RepositoriesResponse {
|
||||
repositories: Repository[];
|
||||
}
|
||||
|
||||
class GitHubAppTokenGenerator {
|
||||
private config: GitHubAppConfig;
|
||||
|
||||
constructor(config: GitHubAppConfig) {
|
||||
// Process private key to handle escaped newlines
|
||||
config.privateKey = config.privateKey.replace(/\\n/g, "\n");
|
||||
this.config = config;
|
||||
this.validateConfig();
|
||||
}
|
||||
|
||||
private validateConfig(): void {
|
||||
const { appId, privateKey, repoOwner, repoName } = this.config;
|
||||
|
||||
if (!appId) {
|
||||
throw new Error("GITHUB_APP_ID environment variable is required");
|
||||
}
|
||||
|
||||
if (!privateKey) {
|
||||
throw new Error("GITHUB_PRIVATE_KEY environment variable is required");
|
||||
}
|
||||
|
||||
if (!repoOwner || !repoName) {
|
||||
throw new Error("REPO_OWNER and REPO_NAME environment variables are required");
|
||||
}
|
||||
|
||||
if (!privateKey.includes("BEGIN") || !privateKey.includes("END")) {
|
||||
throw new Error("GITHUB_PRIVATE_KEY must be in PEM format");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a JWT for GitHub App authentication
|
||||
*/
|
||||
private generateJWT(): string {
|
||||
const now = Math.floor(Date.now() / 1000);
|
||||
const payload = {
|
||||
iat: now - 60, // issued 1 minute ago to account for clock skew
|
||||
exp: now + 5 * 60, // expires in 5 minutes
|
||||
iss: this.config.appId,
|
||||
};
|
||||
|
||||
const header = {
|
||||
alg: "RS256",
|
||||
typ: "JWT",
|
||||
};
|
||||
|
||||
const encodedHeader = this.base64UrlEncode(JSON.stringify(header));
|
||||
const encodedPayload = this.base64UrlEncode(JSON.stringify(payload));
|
||||
const signaturePart = `${encodedHeader}.${encodedPayload}`;
|
||||
|
||||
const signature = createSign("RSA-SHA256")
|
||||
.update(signaturePart)
|
||||
.sign(this.config.privateKey, "base64")
|
||||
.replace(/\+/g, "-")
|
||||
.replace(/\//g, "_")
|
||||
.replace(/=/g, "");
|
||||
|
||||
return `${signaturePart}.${signature}`;
|
||||
}
|
||||
|
||||
private base64UrlEncode(str: string): string {
|
||||
return Buffer.from(str)
|
||||
.toString("base64")
|
||||
.replace(/\+/g, "-")
|
||||
.replace(/\//g, "_")
|
||||
.replace(/=/g, "");
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes authenticated requests to GitHub API
|
||||
*/
|
||||
private async githubRequest<T>(
|
||||
path: string,
|
||||
options: {
|
||||
method?: string;
|
||||
headers?: Record<string, string>;
|
||||
body?: string;
|
||||
} = {}
|
||||
): Promise<T> {
|
||||
const { method = "GET", headers = {}, body } = options;
|
||||
|
||||
const url = `https://api.github.com${path}`;
|
||||
const requestHeaders = {
|
||||
Accept: "application/vnd.github.v3+json",
|
||||
"User-Agent": "Pullfrog-Installation-Token-Generator/1.0",
|
||||
...headers,
|
||||
};
|
||||
|
||||
const response = await fetch(url, {
|
||||
method,
|
||||
headers: requestHeaders,
|
||||
...(body && { body }),
|
||||
});
|
||||
|
||||
if (!response.ok) {
|
||||
const errorText = await response.text();
|
||||
throw new Error(
|
||||
`GitHub API request failed: ${response.status} ${response.statusText}\n${errorText}`
|
||||
);
|
||||
}
|
||||
|
||||
return response.json() as T;
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds the installation ID for the target repository
|
||||
*/
|
||||
private async findInstallationId(jwt: string): Promise<number> {
|
||||
console.log("🔍 Finding GitHub App installation...");
|
||||
|
||||
const installations = await this.githubRequest<Installation[]>("/app/installations", {
|
||||
headers: { Authorization: `Bearer ${jwt}` },
|
||||
});
|
||||
|
||||
console.log(`📋 Found ${installations.length} installation(s)`);
|
||||
|
||||
// Check each installation for access to target repository
|
||||
for (const installation of installations) {
|
||||
console.log(`🔎 Checking installation ${installation.id} (${installation.account.login})`);
|
||||
|
||||
try {
|
||||
// Create a temporary token to check repository access
|
||||
const tempToken = await this.createInstallationToken(jwt, installation.id);
|
||||
const hasAccess = await this.checkRepositoryAccess(tempToken);
|
||||
|
||||
if (hasAccess) {
|
||||
console.log(
|
||||
`✅ Installation ${installation.id} has access to ${this.config.repoOwner}/${this.config.repoName}`
|
||||
);
|
||||
return installation.id;
|
||||
}
|
||||
} catch (error) {
|
||||
console.log(
|
||||
`❌ Installation ${installation.id} check failed:`,
|
||||
error instanceof Error ? error.message : String(error)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
throw new Error(
|
||||
`No installation found with access to ${this.config.repoOwner}/${this.config.repoName}. ` +
|
||||
"Ensure the GitHub App is installed on the target repository."
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the installation token has access to the target repository
|
||||
*/
|
||||
private async checkRepositoryAccess(token: string): Promise<boolean> {
|
||||
try {
|
||||
const response = await this.githubRequest<RepositoriesResponse>(
|
||||
"/installation/repositories",
|
||||
{
|
||||
headers: { Authorization: `token ${token}` },
|
||||
}
|
||||
);
|
||||
|
||||
return response.repositories.some(
|
||||
(repo) => repo.owner.login === this.config.repoOwner && repo.name === this.config.repoName
|
||||
);
|
||||
} catch {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates an installation access token
|
||||
*/
|
||||
private async createInstallationToken(jwt: string, installationId: number): Promise<string> {
|
||||
const response = await this.githubRequest<InstallationTokenResponse>(
|
||||
`/app/installations/${installationId}/access_tokens`,
|
||||
{
|
||||
method: "POST",
|
||||
headers: { Authorization: `Bearer ${jwt}` },
|
||||
}
|
||||
);
|
||||
|
||||
return response.token;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new installation token for the configured repository
|
||||
*/
|
||||
async generateToken(): Promise<{
|
||||
token: string;
|
||||
installationId: number;
|
||||
expiresAt: string;
|
||||
}> {
|
||||
console.log(
|
||||
`🚀 Generating installation token for ${this.config.repoOwner}/${this.config.repoName}`
|
||||
);
|
||||
console.log(`📱 App ID: ${this.config.appId}`);
|
||||
|
||||
// Step 1: Generate JWT for app authentication
|
||||
const jwt = this.generateJWT();
|
||||
console.log("🔐 Generated JWT token");
|
||||
|
||||
// Step 2: Find installation with repository access
|
||||
const installationId = await this.findInstallationId(jwt);
|
||||
|
||||
// Step 3: Create installation access token
|
||||
console.log(`🎫 Creating installation token for installation ${installationId}...`);
|
||||
const token = await this.createInstallationToken(jwt, installationId);
|
||||
|
||||
// Calculate expiration (GitHub tokens expire after 1 hour)
|
||||
const expiresAt = new Date(Date.now() + 60 * 60 * 1000).toISOString();
|
||||
|
||||
console.log("✅ Installation token generated successfully!");
|
||||
console.log(`🎟️ Token: ${token.substring(0, 20)}...`);
|
||||
console.log(`📅 Expires: ${expiresAt}`);
|
||||
console.log(`🏢 Installation ID: ${installationId}`);
|
||||
|
||||
return { token, installationId, expiresAt };
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the .env file with the new installation token
|
||||
*/
|
||||
updateEnvFile(token: string): void {
|
||||
const envPath = join(process.cwd(), ".env");
|
||||
|
||||
try {
|
||||
let envContent = readFileSync(envPath, "utf8");
|
||||
|
||||
// Update or add the installation token
|
||||
const tokenLine = `GITHUB_INSTALLATION_TOKEN=${token}`;
|
||||
const tokenRegex = /^GITHUB_INSTALLATION_TOKEN=.*$/m;
|
||||
|
||||
if (tokenRegex.test(envContent)) {
|
||||
envContent = envContent.replace(tokenRegex, tokenLine);
|
||||
} else {
|
||||
envContent += `\n${tokenLine}\n`;
|
||||
}
|
||||
|
||||
writeFileSync(envPath, envContent);
|
||||
console.log(`📝 Updated ${envPath} with new installation token`);
|
||||
} catch (error) {
|
||||
console.error(
|
||||
"❌ Failed to update .env file:",
|
||||
error instanceof Error ? error.message : String(error)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* CLI interface
|
||||
*/
|
||||
async function main(): Promise<void> {
|
||||
try {
|
||||
const args = process.argv.slice(2);
|
||||
const updateEnv = args.includes("--update-env");
|
||||
|
||||
// Parse repository from args if provided
|
||||
const repoArg = args.find((arg) => arg.startsWith("--repo="));
|
||||
let repoOwner = process.env.REPO_OWNER || "pullfrogai";
|
||||
let repoName = process.env.REPO_NAME || "scratch";
|
||||
|
||||
if (repoArg) {
|
||||
const [owner, name] = repoArg.split("=")[1].split("/");
|
||||
if (owner && name) {
|
||||
repoOwner = owner;
|
||||
repoName = name;
|
||||
} else {
|
||||
throw new Error("Invalid --repo format. Use: --repo=owner/name");
|
||||
}
|
||||
}
|
||||
|
||||
const config: GitHubAppConfig = {
|
||||
appId: process.env.GITHUB_APP_ID!,
|
||||
privateKey: process.env.GITHUB_PRIVATE_KEY!,
|
||||
repoOwner,
|
||||
repoName,
|
||||
};
|
||||
|
||||
const generator = new GitHubAppTokenGenerator(config);
|
||||
const result = await generator.generateToken();
|
||||
|
||||
if (updateEnv) {
|
||||
generator.updateEnvFile(result.token);
|
||||
}
|
||||
|
||||
console.log("\n🎉 Token generation complete!");
|
||||
|
||||
if (!updateEnv) {
|
||||
console.log("\n💡 To automatically update your .env file, run with --update-env flag");
|
||||
}
|
||||
} catch (error) {
|
||||
console.error("❌ Error:", error instanceof Error ? error.message : String(error));
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
// Run if called directly
|
||||
if (import.meta.url === `file://${process.argv[1]}`) {
|
||||
main();
|
||||
}
|
||||
|
||||
export { GitHubAppTokenGenerator };
|
||||
+17
-40
@@ -1,45 +1,22 @@
|
||||
{
|
||||
// Visit https://aka.ms/tsconfig to read more about this file
|
||||
"compilerOptions": {
|
||||
// File Layout
|
||||
// "rootDir": "./src",
|
||||
"outDir": "./dist",
|
||||
|
||||
// Environment Settings
|
||||
// See also https://aka.ms/tsconfig/module
|
||||
"module": "esnext",
|
||||
"moduleResolution": "bundler",
|
||||
"target": "esnext",
|
||||
"types": [],
|
||||
// For nodejs:
|
||||
// "lib": ["esnext"],
|
||||
// "types": ["node"],
|
||||
// and npm install -D @types/node
|
||||
|
||||
// Other Outputs
|
||||
"sourceMap": true,
|
||||
"declaration": true,
|
||||
"declarationMap": true,
|
||||
|
||||
// Stricter Typechecking Options
|
||||
"noUncheckedIndexedAccess": true,
|
||||
"exactOptionalPropertyTypes": true,
|
||||
|
||||
// Style Options
|
||||
// "noImplicitReturns": true,
|
||||
// "noImplicitOverride": true,
|
||||
// "noUnusedLocals": true,
|
||||
// "noUnusedParameters": true,
|
||||
// "noFallthroughCasesInSwitch": true,
|
||||
// "noPropertyAccessFromIndexSignature": true,
|
||||
|
||||
// Recommended Options
|
||||
"strict": true,
|
||||
"jsx": "react-jsx",
|
||||
"verbatimModuleSyntax": true,
|
||||
"isolatedModules": true,
|
||||
"noUncheckedSideEffectImports": true,
|
||||
"moduleDetection": "force",
|
||||
"skipLibCheck": true
|
||||
"module": "NodeNext",
|
||||
"target": "ESNext",
|
||||
"moduleResolution": "NodeNext",
|
||||
"lib": ["ESNext"],
|
||||
"allowImportingTsExtensions": true,
|
||||
"rewriteRelativeImportExtensions": true,
|
||||
"skipLibCheck": true,
|
||||
"strict": true,
|
||||
"noUncheckedSideEffectImports": true,
|
||||
"declaration": true,
|
||||
"verbatimModuleSyntax": true,
|
||||
"esModuleInterop": true,
|
||||
"resolveJsonModule": true,
|
||||
"exactOptionalPropertyTypes": true,
|
||||
"forceConsistentCasingInFileNames": true,
|
||||
"stripInternal": true,
|
||||
"moduleDetection": "force"
|
||||
}
|
||||
}
|
||||
|
||||
+24
-43
@@ -1,59 +1,36 @@
|
||||
import { execSync } from "node:child_process";
|
||||
import { existsSync, readFileSync } from "node:fs";
|
||||
import { existsSync } from "node:fs";
|
||||
import { dirname, join } from "node:path";
|
||||
import { fileURLToPath } from "node:url";
|
||||
import { config, parse } from "dotenv";
|
||||
import { config } from "dotenv";
|
||||
import { buildAction, setupTestRepo } from "./setup.ts";
|
||||
|
||||
const __filename = fileURLToPath(import.meta.url);
|
||||
const __dirname = dirname(__filename);
|
||||
|
||||
const tempDir = join(__dirname, "..", ".temp");
|
||||
const actionPath = join(__dirname, "..");
|
||||
const envPath = join(__dirname, "..", "..", ".env");
|
||||
|
||||
// Environment variables that should be passed as secrets to the workflow
|
||||
const ENV_VARS = ["ANTHROPIC_API_KEY", "GITHUB_INSTALLATION_TOKEN"];
|
||||
|
||||
export function runAct(prompt: string): void {
|
||||
// First, ensure the scratch repo is cloned
|
||||
const tempDir = join(__dirname, "..", ".temp");
|
||||
// Setup test repository
|
||||
setupTestRepo({ tempDir });
|
||||
|
||||
// Check if .temp exists and either reset it or clone it
|
||||
if (existsSync(tempDir)) {
|
||||
console.log("📦 Resetting existing .temp repository...");
|
||||
execSync("git reset --hard HEAD && git clean -fd", {
|
||||
cwd: tempDir,
|
||||
stdio: "inherit",
|
||||
});
|
||||
} else {
|
||||
console.log("📦 Cloning pullfrogai/scratch into .temp...");
|
||||
const repoUrl = "git@github.com:pullfrogai/scratch.git";
|
||||
execSync(`git clone ${repoUrl} ${tempDir}`, { stdio: "inherit" });
|
||||
}
|
||||
|
||||
const workflowPath = join(tempDir, ".github", "workflows", "pullfrog.yml");
|
||||
const envPath = join(__dirname, "..", "..", ".env");
|
||||
|
||||
// Load environment variables into process
|
||||
// Load environment variables
|
||||
config({ path: envPath });
|
||||
|
||||
// Parse environment variables from .env file to get keys
|
||||
let envVars: string[] = [];
|
||||
try {
|
||||
const content = readFileSync(envPath, "utf8");
|
||||
const parsed = parse(content);
|
||||
envVars = Object.keys(parsed);
|
||||
} catch (error) {
|
||||
console.warn(
|
||||
`Warning: Could not read .env file: ${(error as Error).message}`,
|
||||
);
|
||||
}
|
||||
// Build action bundles
|
||||
buildAction(actionPath);
|
||||
|
||||
// Build fresh bundles with esbuild
|
||||
const actionPath = join(__dirname, "..");
|
||||
console.log("🔨 Building fresh bundles with esbuild...");
|
||||
execSync("node esbuild.config.js", {
|
||||
cwd: actionPath,
|
||||
stdio: "inherit",
|
||||
});
|
||||
const workflowPath = join(tempDir, ".github", "workflows", "pullfrog.yml");
|
||||
|
||||
// Create minimal dist for act (avoids pnpm symlink issues)
|
||||
const distPath = join(actionPath, ".act-dist");
|
||||
console.log("📦 Creating minimal distribution for act...");
|
||||
execSync(`rm -rf "${distPath}" && mkdir -p "${distPath}"`, { shell: true });
|
||||
execSync(`rm -rf "${distPath}" && mkdir -p "${distPath}"`, { shell: "/bin/bash" });
|
||||
|
||||
// Copy only necessary files (bundled, no node_modules needed)
|
||||
["action.yml", "entry.cjs", "index.cjs", "package.json"].forEach((file) => {
|
||||
@@ -79,11 +56,15 @@ export function runAct(prompt: string): void {
|
||||
`pullfrog/action@v0=${distPath}`, // Use minimal dist without symlinks
|
||||
];
|
||||
|
||||
// Add all environment variables as secrets (without values)
|
||||
envVars.forEach((key) => {
|
||||
actCommandParts.push("-s", key);
|
||||
// Add environment variables as secrets that will be available to the workflow
|
||||
ENV_VARS.forEach((key) => {
|
||||
if (process.env[key]) {
|
||||
actCommandParts.push("-s", key);
|
||||
}
|
||||
});
|
||||
|
||||
// We only need the specific ENV_VARS, no need to add other variables
|
||||
|
||||
const actCommand = actCommandParts.join(" ");
|
||||
|
||||
console.log("🚀 Running act with prompt:");
|
||||
|
||||
@@ -0,0 +1,71 @@
|
||||
import * as core from "@actions/core";
|
||||
|
||||
export interface InstallationToken {
|
||||
token: string;
|
||||
expires_at: string;
|
||||
installation_id: number;
|
||||
repository: string;
|
||||
ref: string;
|
||||
runner_environment: string;
|
||||
owner?: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setup GitHub installation token for the action
|
||||
*/
|
||||
export async function setupGitHubInstallationToken(): Promise<string> {
|
||||
// Check if we have an installation token from inputs or environment
|
||||
const inputToken = core.getInput("github_installation_token");
|
||||
const envToken = process.env.GITHUB_INSTALLATION_TOKEN;
|
||||
|
||||
const existingToken = inputToken || envToken;
|
||||
if (existingToken) {
|
||||
// Mask the existing token in logs for security
|
||||
core.setSecret(existingToken);
|
||||
core.info("Using provided GitHub installation token");
|
||||
return existingToken;
|
||||
}
|
||||
|
||||
core.info("Generating OIDC token...");
|
||||
|
||||
try {
|
||||
// Generate OIDC token for our API
|
||||
const oidcToken = await core.getIDToken("pullfrog-api");
|
||||
core.info("OIDC token generated successfully");
|
||||
|
||||
// Exchange OIDC token for installation token
|
||||
const apiUrl = process.env.API_URL || "https://pullfrog.ai";
|
||||
|
||||
core.info("Exchanging OIDC token for installation token...");
|
||||
const tokenResponse = await fetch(`${apiUrl}/api/github/installation-token`, {
|
||||
method: "POST",
|
||||
headers: {
|
||||
Authorization: `Bearer ${oidcToken}`,
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
});
|
||||
|
||||
if (!tokenResponse.ok) {
|
||||
const errorText = await tokenResponse.text();
|
||||
throw new Error(
|
||||
`Token exchange failed: ${tokenResponse.status} ${tokenResponse.statusText} - ${errorText}`
|
||||
);
|
||||
}
|
||||
|
||||
// This type is enforced by us when the response is created
|
||||
const tokenData = (await tokenResponse.json()) as InstallationToken;
|
||||
core.info(`Installation token obtained for ${tokenData.repository || "all repositories"}`);
|
||||
|
||||
// Mask the token in logs for security
|
||||
core.setSecret(tokenData.token);
|
||||
|
||||
// Set the token as an environment variable for this run
|
||||
process.env.GITHUB_INSTALLATION_TOKEN = tokenData.token;
|
||||
|
||||
return tokenData.token;
|
||||
} catch (error) {
|
||||
throw new Error(
|
||||
`Failed to setup GitHub installation token: ${error instanceof Error ? error.message : "Unknown error"}`
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -1,3 +0,0 @@
|
||||
export * from "./files";
|
||||
export * from "./subprocess";
|
||||
export * from "./table";
|
||||
@@ -0,0 +1,51 @@
|
||||
import { execSync } from "node:child_process";
|
||||
import { existsSync, rmSync } from "node:fs";
|
||||
|
||||
export interface SetupOptions {
|
||||
tempDir: string;
|
||||
repoUrl?: string;
|
||||
forceClean?: boolean;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setup the test repository for running actions
|
||||
*/
|
||||
export function setupTestRepo(options: SetupOptions): void {
|
||||
const {
|
||||
tempDir,
|
||||
repoUrl = "git@github.com:pullfrogai/scratch.git",
|
||||
forceClean = false,
|
||||
} = options;
|
||||
|
||||
// Handle existing temp directory
|
||||
if (existsSync(tempDir)) {
|
||||
if (forceClean) {
|
||||
console.log("🗑️ Removing existing .temp directory...");
|
||||
rmSync(tempDir, { recursive: true, force: true });
|
||||
|
||||
// Clone the repository
|
||||
console.log("📦 Cloning pullfrogai/scratch into .temp...");
|
||||
execSync(`git clone ${repoUrl} ${tempDir}`, { stdio: "inherit" });
|
||||
} else {
|
||||
console.log("📦 Resetting existing .temp repository...");
|
||||
execSync("git reset --hard HEAD && git clean -fd", {
|
||||
cwd: tempDir,
|
||||
stdio: "inherit",
|
||||
});
|
||||
}
|
||||
} else {
|
||||
console.log("📦 Cloning pullfrogai/scratch into .temp...");
|
||||
execSync(`git clone ${repoUrl} ${tempDir}`, { stdio: "inherit" });
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Build the action bundles
|
||||
*/
|
||||
export function buildAction(actionPath: string): void {
|
||||
console.log("🔨 Building fresh bundles with esbuild...");
|
||||
execSync("node esbuild.config.js", {
|
||||
cwd: actionPath,
|
||||
stdio: "inherit",
|
||||
});
|
||||
}
|
||||
Reference in New Issue
Block a user