This commit is contained in:
jaime merino
commit
6cf8103742
9 changed files with 276 additions and 0 deletions
123
action.yml
Normal file
123
action.yml
Normal file
|
|
@ -0,0 +1,123 @@
|
|||
name: 'STACKIT Auth Action'
|
||||
description: 'Install STACKIT CLI and authenticate with a Service Account'
|
||||
author: 'STACKIT'
|
||||
branding:
|
||||
icon: 'lock'
|
||||
color: 'blue'
|
||||
|
||||
inputs:
|
||||
service-account-key:
|
||||
description: 'STACKIT Service Account Key (JSON content)'
|
||||
required: true
|
||||
project-id:
|
||||
description: 'STACKIT Project ID to scope the token (optional)'
|
||||
required: false
|
||||
cli-version:
|
||||
description: 'Version of STACKIT CLI to install (without "v" prefix)'
|
||||
required: false
|
||||
default: '0.61.0'
|
||||
|
||||
outputs:
|
||||
bearer-token:
|
||||
description: 'The generated STACKIT Bearer Token'
|
||||
value: ${{ steps.get-token.outputs.token }}
|
||||
|
||||
runs:
|
||||
using: 'composite'
|
||||
steps:
|
||||
- name: Install STACKIT CLI
|
||||
shell: bash
|
||||
run: |
|
||||
VERSION="${{ inputs.cli-version }}"
|
||||
|
||||
# Detect OS
|
||||
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
|
||||
case "$OS" in
|
||||
linux*) OS="linux" ;;
|
||||
darwin*) OS="darwin" ;;
|
||||
msys*|cygwin*|mingw*) OS="windows" ;;
|
||||
*) echo "Unsupported OS: $OS"; exit 1 ;;
|
||||
esac
|
||||
|
||||
# Detect ARCH
|
||||
ARCH=$(uname -m)
|
||||
case "$ARCH" in
|
||||
x86_64) ARCH="amd64" ;;
|
||||
aarch64|arm64) ARCH="arm64" ;;
|
||||
*) echo "Unsupported Architecture: $ARCH"; exit 1 ;;
|
||||
esac
|
||||
|
||||
EXT="tar.gz"
|
||||
if [ "$OS" = "windows" ]; then EXT="zip"; fi
|
||||
|
||||
URL="https://github.com/stackitcloud/stackit-cli/releases/download/v${VERSION}/stackit-cli_${VERSION}_${OS}_${ARCH}.${EXT}"
|
||||
|
||||
echo "Downloading STACKIT CLI v${VERSION} for ${OS}/${ARCH}..."
|
||||
if [ "$OS" = "windows" ]; then
|
||||
curl -sL "$URL" -o stackit.zip
|
||||
unzip -q stackit.zip
|
||||
rm stackit.zip
|
||||
else
|
||||
curl -sL "$URL" | tar -xz
|
||||
fi
|
||||
|
||||
if [ ! -f stackit ] && [ ! -f stackit.exe ]; then
|
||||
echo "Error: stackit binary not found after extraction"
|
||||
ls -R
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$OS" = "linux" ] || [ "$OS" = "darwin" ]; then
|
||||
sudo mv stackit /usr/local/bin/stackit
|
||||
chmod +x /usr/local/bin/stackit
|
||||
else
|
||||
# Windows handling (minimal)
|
||||
mkdir -p bin
|
||||
mv stackit.exe bin/stackit.exe
|
||||
echo "$(pwd)/bin" >> $GITHUB_PATH
|
||||
fi
|
||||
|
||||
echo "STACKIT CLI installed successfully."
|
||||
stackit version
|
||||
|
||||
- name: Authenticate and Get Token
|
||||
id: get-token
|
||||
shell: bash
|
||||
env:
|
||||
SA_KEY: ${{ inputs.service-account-key }}
|
||||
PROJECT_ID: ${{ inputs.project-id }}
|
||||
run: |
|
||||
# Write the service account key to a temporary file
|
||||
SA_KEY_FILE=$(mktemp)
|
||||
echo "$SA_KEY" > "$SA_KEY_FILE"
|
||||
|
||||
# Configure the CLI to use the service account key
|
||||
export STACKIT_SERVICE_ACCOUNT_KEY_PATH="$SA_KEY_FILE"
|
||||
|
||||
echo "Authenticating and retrieving access token..."
|
||||
|
||||
# Construct command
|
||||
CMD="stackit auth get-access-token --only-print-access-token"
|
||||
if [ -n "$PROJECT_ID" ]; then
|
||||
CMD="$CMD --project-id $PROJECT_ID"
|
||||
fi
|
||||
|
||||
# Execute and capture token
|
||||
TOKEN=$($CMD)
|
||||
|
||||
if [ -z "$TOKEN" ]; then
|
||||
echo "Error: Failed to retrieve access token"
|
||||
rm "$SA_KEY_FILE"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Mask the token in logs
|
||||
echo "::add-mask::$TOKEN"
|
||||
|
||||
# Set output and environment variable
|
||||
echo "token=$TOKEN" >> "$GITHUB_OUTPUT"
|
||||
echo "STACKIT_BEARER_TOKEN=$TOKEN" >> "$GITHUB_ENV"
|
||||
|
||||
# Clean up
|
||||
rm "$SA_KEY_FILE"
|
||||
echo "Successfully authenticated and exported STACKIT_BEARER_TOKEN."
|
||||
Loading…
Add table
Add a link
Reference in a new issue