github.com/google/go-github/v69@v69.2.0/github/dependabot_secrets.go (about) 1 // Copyright 2022 The go-github AUTHORS. All rights reserved. 2 // 3 // Use of this source code is governed by a BSD-style 4 // license that can be found in the LICENSE file. 5 6 package github 7 8 import ( 9 "context" 10 "fmt" 11 ) 12 13 func (s *DependabotService) getPublicKey(ctx context.Context, url string) (*PublicKey, *Response, error) { 14 req, err := s.client.NewRequest("GET", url, nil) 15 if err != nil { 16 return nil, nil, err 17 } 18 19 pubKey := new(PublicKey) 20 resp, err := s.client.Do(ctx, req, pubKey) 21 if err != nil { 22 return nil, resp, err 23 } 24 25 return pubKey, resp, nil 26 } 27 28 // GetRepoPublicKey gets a public key that should be used for Dependabot secret encryption. 29 // 30 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-a-repository-public-key 31 // 32 //meta:operation GET /repos/{owner}/{repo}/dependabot/secrets/public-key 33 func (s *DependabotService) GetRepoPublicKey(ctx context.Context, owner, repo string) (*PublicKey, *Response, error) { 34 url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/public-key", owner, repo) 35 return s.getPublicKey(ctx, url) 36 } 37 38 // GetOrgPublicKey gets a public key that should be used for Dependabot secret encryption. 39 // 40 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-an-organization-public-key 41 // 42 //meta:operation GET /orgs/{org}/dependabot/secrets/public-key 43 func (s *DependabotService) GetOrgPublicKey(ctx context.Context, org string) (*PublicKey, *Response, error) { 44 url := fmt.Sprintf("orgs/%v/dependabot/secrets/public-key", org) 45 return s.getPublicKey(ctx, url) 46 } 47 48 func (s *DependabotService) listSecrets(ctx context.Context, url string, opts *ListOptions) (*Secrets, *Response, error) { 49 u, err := addOptions(url, opts) 50 if err != nil { 51 return nil, nil, err 52 } 53 54 req, err := s.client.NewRequest("GET", u, nil) 55 if err != nil { 56 return nil, nil, err 57 } 58 59 secrets := new(Secrets) 60 resp, err := s.client.Do(ctx, req, &secrets) 61 if err != nil { 62 return nil, resp, err 63 } 64 65 return secrets, resp, nil 66 } 67 68 // ListRepoSecrets lists all Dependabot secrets available in a repository 69 // without revealing their encrypted values. 70 // 71 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#list-repository-secrets 72 // 73 //meta:operation GET /repos/{owner}/{repo}/dependabot/secrets 74 func (s *DependabotService) ListRepoSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) { 75 url := fmt.Sprintf("repos/%v/%v/dependabot/secrets", owner, repo) 76 return s.listSecrets(ctx, url, opts) 77 } 78 79 // ListOrgSecrets lists all Dependabot secrets available in an organization 80 // without revealing their encrypted values. 81 // 82 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#list-organization-secrets 83 // 84 //meta:operation GET /orgs/{org}/dependabot/secrets 85 func (s *DependabotService) ListOrgSecrets(ctx context.Context, org string, opts *ListOptions) (*Secrets, *Response, error) { 86 url := fmt.Sprintf("orgs/%v/dependabot/secrets", org) 87 return s.listSecrets(ctx, url, opts) 88 } 89 90 func (s *DependabotService) getSecret(ctx context.Context, url string) (*Secret, *Response, error) { 91 req, err := s.client.NewRequest("GET", url, nil) 92 if err != nil { 93 return nil, nil, err 94 } 95 96 secret := new(Secret) 97 resp, err := s.client.Do(ctx, req, secret) 98 if err != nil { 99 return nil, resp, err 100 } 101 102 return secret, resp, nil 103 } 104 105 // GetRepoSecret gets a single repository Dependabot secret without revealing its encrypted value. 106 // 107 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-a-repository-secret 108 // 109 //meta:operation GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name} 110 func (s *DependabotService) GetRepoSecret(ctx context.Context, owner, repo, name string) (*Secret, *Response, error) { 111 url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/%v", owner, repo, name) 112 return s.getSecret(ctx, url) 113 } 114 115 // GetOrgSecret gets a single organization Dependabot secret without revealing its encrypted value. 116 // 117 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-an-organization-secret 118 // 119 //meta:operation GET /orgs/{org}/dependabot/secrets/{secret_name} 120 func (s *DependabotService) GetOrgSecret(ctx context.Context, org, name string) (*Secret, *Response, error) { 121 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v", org, name) 122 return s.getSecret(ctx, url) 123 } 124 125 // DependabotEncryptedSecret represents a secret that is encrypted using a public key for Dependabot. 126 // 127 // The value of EncryptedValue must be your secret, encrypted with 128 // LibSodium (see documentation here: https://libsodium.gitbook.io/doc/bindings_for_other_languages) 129 // using the public key retrieved using the GetPublicKey method. 130 type DependabotEncryptedSecret struct { 131 Name string `json:"-"` 132 KeyID string `json:"key_id"` 133 EncryptedValue string `json:"encrypted_value"` 134 Visibility string `json:"visibility,omitempty"` 135 SelectedRepositoryIDs DependabotSecretsSelectedRepoIDs `json:"selected_repository_ids,omitempty"` 136 } 137 138 func (s *DependabotService) putSecret(ctx context.Context, url string, eSecret *DependabotEncryptedSecret) (*Response, error) { 139 req, err := s.client.NewRequest("PUT", url, eSecret) 140 if err != nil { 141 return nil, err 142 } 143 144 return s.client.Do(ctx, req, nil) 145 } 146 147 // CreateOrUpdateRepoSecret creates or updates a repository Dependabot secret with an encrypted value. 148 // 149 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#create-or-update-a-repository-secret 150 // 151 //meta:operation PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name} 152 func (s *DependabotService) CreateOrUpdateRepoSecret(ctx context.Context, owner, repo string, eSecret *DependabotEncryptedSecret) (*Response, error) { 153 url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/%v", owner, repo, eSecret.Name) 154 return s.putSecret(ctx, url, eSecret) 155 } 156 157 // CreateOrUpdateOrgSecret creates or updates an organization Dependabot secret with an encrypted value. 158 // 159 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#create-or-update-an-organization-secret 160 // 161 //meta:operation PUT /orgs/{org}/dependabot/secrets/{secret_name} 162 func (s *DependabotService) CreateOrUpdateOrgSecret(ctx context.Context, org string, eSecret *DependabotEncryptedSecret) (*Response, error) { 163 repoIDs := make([]string, len(eSecret.SelectedRepositoryIDs)) 164 for i, secret := range eSecret.SelectedRepositoryIDs { 165 repoIDs[i] = fmt.Sprintf("%v", secret) 166 } 167 params := struct { 168 *DependabotEncryptedSecret 169 SelectedRepositoryIDs []string `json:"selected_repository_ids,omitempty"` 170 }{ 171 DependabotEncryptedSecret: eSecret, 172 SelectedRepositoryIDs: repoIDs, 173 } 174 175 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v", org, eSecret.Name) 176 req, err := s.client.NewRequest("PUT", url, params) 177 if err != nil { 178 return nil, err 179 } 180 181 return s.client.Do(ctx, req, nil) 182 } 183 184 func (s *DependabotService) deleteSecret(ctx context.Context, url string) (*Response, error) { 185 req, err := s.client.NewRequest("DELETE", url, nil) 186 if err != nil { 187 return nil, err 188 } 189 190 return s.client.Do(ctx, req, nil) 191 } 192 193 // DeleteRepoSecret deletes a Dependabot secret in a repository using the secret name. 194 // 195 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#delete-a-repository-secret 196 // 197 //meta:operation DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name} 198 func (s *DependabotService) DeleteRepoSecret(ctx context.Context, owner, repo, name string) (*Response, error) { 199 url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/%v", owner, repo, name) 200 return s.deleteSecret(ctx, url) 201 } 202 203 // DeleteOrgSecret deletes a Dependabot secret in an organization using the secret name. 204 // 205 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#delete-an-organization-secret 206 // 207 //meta:operation DELETE /orgs/{org}/dependabot/secrets/{secret_name} 208 func (s *DependabotService) DeleteOrgSecret(ctx context.Context, org, name string) (*Response, error) { 209 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v", org, name) 210 return s.deleteSecret(ctx, url) 211 } 212 213 // ListSelectedReposForOrgSecret lists all repositories that have access to a Dependabot secret. 214 // 215 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#list-selected-repositories-for-an-organization-secret 216 // 217 //meta:operation GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories 218 func (s *DependabotService) ListSelectedReposForOrgSecret(ctx context.Context, org, name string, opts *ListOptions) (*SelectedReposList, *Response, error) { 219 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories", org, name) 220 u, err := addOptions(url, opts) 221 if err != nil { 222 return nil, nil, err 223 } 224 225 req, err := s.client.NewRequest("GET", u, nil) 226 if err != nil { 227 return nil, nil, err 228 } 229 230 result := new(SelectedReposList) 231 resp, err := s.client.Do(ctx, req, result) 232 if err != nil { 233 return nil, resp, err 234 } 235 236 return result, resp, nil 237 } 238 239 // DependabotSecretsSelectedRepoIDs are the repository IDs that have access to the dependabot secrets. 240 type DependabotSecretsSelectedRepoIDs []int64 241 242 // SetSelectedReposForOrgSecret sets the repositories that have access to a Dependabot secret. 243 // 244 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#set-selected-repositories-for-an-organization-secret 245 // 246 //meta:operation PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories 247 func (s *DependabotService) SetSelectedReposForOrgSecret(ctx context.Context, org, name string, ids DependabotSecretsSelectedRepoIDs) (*Response, error) { 248 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories", org, name) 249 type repoIDs struct { 250 SelectedIDs DependabotSecretsSelectedRepoIDs `json:"selected_repository_ids"` 251 } 252 253 req, err := s.client.NewRequest("PUT", url, repoIDs{SelectedIDs: ids}) 254 if err != nil { 255 return nil, err 256 } 257 258 return s.client.Do(ctx, req, nil) 259 } 260 261 // AddSelectedRepoToOrgSecret adds a repository to an organization Dependabot secret. 262 // 263 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#add-selected-repository-to-an-organization-secret 264 // 265 //meta:operation PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id} 266 func (s *DependabotService) AddSelectedRepoToOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) { 267 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories/%v", org, name, *repo.ID) 268 req, err := s.client.NewRequest("PUT", url, nil) 269 if err != nil { 270 return nil, err 271 } 272 273 return s.client.Do(ctx, req, nil) 274 } 275 276 // RemoveSelectedRepoFromOrgSecret removes a repository from an organization Dependabot secret. 277 // 278 // GitHub API docs: https://docs.github.com/rest/dependabot/secrets#remove-selected-repository-from-an-organization-secret 279 // 280 //meta:operation DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id} 281 func (s *DependabotService) RemoveSelectedRepoFromOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) { 282 url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories/%v", org, name, *repo.ID) 283 req, err := s.client.NewRequest("DELETE", url, nil) 284 if err != nil { 285 return nil, err 286 } 287 288 return s.client.Do(ctx, req, nil) 289 }