2.3.0

Bump node-fetch from 2.6.1 to 2.6.7

CHANGELOG.md

@@ -1,5 +1,18 @@
 # Changelog
 
+## [2.3.0] - 2022-06-05
+- Now defaults `repo_token` to `${{ github.token }}` and `tag` to `${{ github.ref }}` [#69](https://github.com/svenstaro/upload-release-action/pull/69) (thanks @leighmcculloch)
+
+## [2.2.1] - 2020-12-16
+- Added support for the GitHub pagination API for repositories with many releases [#36](https://github.com/svenstaro/upload-release-action/pull/36) (thanks @djpohly)
+
+## [2.2.0] - 2020-10-07
+- Add support for ceating a new release in a foreign repository [#25](https://github.com/svenstaro/upload-release-action/pull/25) (thanks @kittaakos)
+- Upgrade all deps
+
+## [2.1.1] - 2020-09-25
+- Fix `release_name` option [#27](https://github.com/svenstaro/upload-release-action/pull/27) (thanks @kittaakos)
+
 ## [2.1.0] - 2020-08-10
 - Strip refs/heads/ from the input tag [#23](https://github.com/svenstaro/upload-release-action/pull/23) (thanks @OmarEmaraDev)
 

README.md

@@ -7,19 +7,20 @@ It runs on all operating systems types offered by GitHub.
 
 You must provide:
 
-- `repo_token`: Usually you'll want to set this to `${{ secrets.GITHUB_TOKEN }}`.
 - `file`: A local file to be uploaded as the asset.
-- `tag`: The tag to upload into. If you want the current event's tag or branch name, use `${{ github.ref }}` (the `refs/tags/` and `refs/heads/` prefixes will be automatically stripped).
 
 Optional Arguments
 
+- `repo_token`: Defaults to `github.token`.
+- `tag`: The tag to upload into. If you want the current event's tag or branch name, use `${{ github.ref }}` (the `refs/tags/` and `refs/heads/` prefixes will be automatically stripped). Defaults to `github.ref`.
 - `asset_name`: The name the file gets as an asset on a release. Use `$tag` to include the tag name. When not provided it will default to the filename.
                 This is not used if `file_glob` is set to `true`.
 - `file_glob`: If set to true, the file argument can be a glob pattern (`asset_name` is ignored in this case) (Default: `false`)
 - `overwrite`: If an asset with the same name already exists, overwrite it (Default: `false`).
 - `prerelease`: Mark the release as a pre-release (Default: `false`).
 - `release_name`: Explicitly set a release name. (Defaults: implicitly same as `tag` via GitHub API).
-- `body`: Content of the release text (Defaut: `""`).
+- `body`: Content of the release text (Default: `""`).
+- `repo_name`: Specify the name of the GitHub repository in which the GitHub release will be created, edited, and deleted. If the repository is other than the current, it is required to create a personal access token with `repo`, `user`, `admin:repo_hook` scopes to the foreign repository and add it as a secret. (Default: current repository).
 
 ## Output variables
 
@@ -101,12 +102,14 @@ jobs:
 ```
 
 Example with `file_glob`:
+
 ```yaml
 name: Publish
 on:
   push:
     tags:
       - '*'
+
 jobs:
   build:
     name: Publish binaries
@@ -125,6 +128,85 @@ jobs:
         file_glob: true
 ```
 
+Example for creating a release in a foreign repository using `repo_name`:
+
+```yaml
+name: Publish
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  build:
+    name: Publish binaries
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build
+      run: cargo build --release
+    - name: Upload binaries to release
+      uses: svenstaro/upload-release-action@v2
+      with:
+        repo_name: owner/repository-name
+        # A personal access token for the GitHub repository in which the release will be created and edited.
+        # It is recommended to create the access token with the following scopes: `repo, user, admin:repo_hook`.
+        repo_token: ${{ secrets.YOUR_PERSONAL_ACCESS_TOKEN }}
+        file: target/release/mything
+        asset_name: mything
+        tag: ${{ github.ref }}
+        overwrite: true
+        body: "This is my release text"
+```
+
+**Example for feeding a file from repo to the `body` tag:**
+
+This example covers following points:
+* Reading a file present on the repo. For example, `release.md` which is placed in root directory of the repo.
+* Modify & push the `release.md` file before triggering this action (create tag for this example) to dynamically change the body of the release.
+
+```yaml
+name: Publish
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+
+  build:
+    name: Publish binaries
+    runs-on: ubuntu-latest
+         
+    steps:
+      - uses: actions/checkout@v2
+
+      # This step reads a file from repo and use it for body of the release
+      # This works on any self-hosted runner OS
+      - name: Read release.md and use it as a body of new release
+        id: read_release
+        shell: bash
+        run: |
+          r=$(cat path/to/release.md)                       # <--- Read release.md (Provide correct path as per your repo)
+          r="${r//'%'/'%25'}"                               # Multiline escape sequences for %
+          r="${r//$'\n'/'%0A'}"                             # Multiline escape sequences for '\n'
+          r="${r//$'\r'/'%0D'}"                             # Multiline escape sequences for '\r'
+          echo "::set-output name=RELEASE_BODY::$r"         # <--- Set environment variable
+
+      - name: Upload Binaries to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ github.ref }}
+          body: |
+            ${{ steps.read_release.outputs.RELEASE_BODY }}  # <--- Use environment variables that was created earlier
+
+```
+
+
 ## Releasing
 
 To release this Action:

action.yml

@@ -8,12 +8,14 @@ inputs:
   repo_token:
     description: 'GitHub token.'
     required: true
+    default: ${{ github.token }}
   file:
     description: 'Local file to upload.'
     required: true
   tag:
     description: 'Tag to use as a release.'
     required: true
+    default: ${{ github.ref }}
   asset_name:
     description: 'Name of the asset. When not provided will use the file name. Unused if file_glob is set to "true".'
   overwrite:
@@ -26,6 +28,8 @@ inputs:
     description: 'Explicitly set a release name. Defaults to empty which will cause the release to take the tag as name on GitHub.'
   body:
     description: 'Content of the release text. Empty by default.'
+  repo_name:
+    description: 'Specify the name of the GitHub repository in which the GitHub release will be created, edited, and deleted. If the repository is other than the current, it is required to create a personal access token with `repo`, `user`, `admin:repo_hook` scopes to the foreign repository and add it as a secret. Defaults to the current repository'
 outputs:
   browser_download_url:
     description: 'The publicly available URL of the asset.'

dist/index.js

@@ -385,6 +385,32 @@ const windowsRelease = release => {
 module.exports = windowsRelease;
 
 
+/***/ }),
+
+/***/ 82:
+/***/ (function(__unusedmodule, exports) {
+
+"use strict";
+
+// We use any as a valid input type
+/* eslint-disable @typescript-eslint/no-explicit-any */
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * Sanitizes an input into a string so it can be passed into issueCommand safely
+ * @param input input to sanitize into a string
+ */
+function toCommandValue(input) {
+    if (input === null || input === undefined) {
+        return '';
+    }
+    else if (typeof input === 'string' || input instanceof String) {
+        return input;
+    }
+    return JSON.stringify(input);
+}
+exports.toCommandValue = toCommandValue;
+//# sourceMappingURL=utils.js.map
+
 /***/ }),
 
 /***/ 87:
@@ -1322,6 +1348,42 @@ function regExpEscape (s) {
 }
 
 
+/***/ }),
+
+/***/ 102:
+/***/ (function(__unusedmodule, exports, __webpack_require__) {
+
+"use strict";
+
+// For internal use, subject to change.
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// We use any as a valid input type
+/* eslint-disable @typescript-eslint/no-explicit-any */
+const fs = __importStar(__webpack_require__(747));
+const os = __importStar(__webpack_require__(87));
+const utils_1 = __webpack_require__(82);
+function issueCommand(command, message) {
+    const filePath = process.env[`GITHUB_${command}`];
+    if (!filePath) {
+        throw new Error(`Unable to find environment variable for file command ${command}`);
+    }
+    if (!fs.existsSync(filePath)) {
+        throw new Error(`Missing file at path: ${filePath}`);
+    }
+    fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, {
+        encoding: 'utf8'
+    });
+}
+exports.issueCommand = issueCommand;
+//# sourceMappingURL=file-command.js.map
+
 /***/ }),
 
 /***/ 117:
@@ -2205,13 +2267,13 @@ function get_release_by_tag(tag, prerelease, release_name, body, octokit) {
     return __awaiter(this, void 0, void 0, function* () {
         try {
             core.debug(`Getting release by tag ${tag}.`);
-            return yield octokit.repos.getReleaseByTag(Object.assign(Object.assign({}, github.context.repo), { tag: tag }));
+            return yield octokit.repos.getReleaseByTag(Object.assign(Object.assign({}, repo()), { tag: tag }));
         }
         catch (error) {
             // If this returns 404, we need to create the release first.
             if (error.status === 404) {
                 core.debug(`Release for tag ${tag} doesn't exist yet so we'll create it now.`);
-                return yield octokit.repos.createRelease(Object.assign(Object.assign({}, github.context.repo), { tag_name: tag, prerelease: prerelease, release_name: release_name, body: body }));
+                return yield octokit.repos.createRelease(Object.assign(Object.assign({}, repo()), { tag_name: tag, prerelease: prerelease, name: release_name, body: body }));
             }
             else {
                 throw error;
@@ -2229,12 +2291,12 @@ function upload_to_release(release, file, asset_name, tag, overwrite, octokit) {
         const file_size = stat.size;
         const file_bytes = fs.readFileSync(file);
         // Check for duplicates.
-        const assets = yield octokit.repos.listReleaseAssets(Object.assign(Object.assign({}, github.context.repo), { release_id: release.data.id }));
-        const duplicate_asset = assets.data.find(a => a.name === asset_name);
+        const assets = yield octokit.paginate(octokit.repos.listReleaseAssets, Object.assign(Object.assign({}, repo()), { release_id: release.data.id }));
+        const duplicate_asset = assets.find(a => a.name === asset_name);
         if (duplicate_asset !== undefined) {
             if (overwrite) {
                 core.debug(`An asset called ${asset_name} already exists in release ${tag} so we'll overwrite it.`);
-                yield octokit.repos.deleteReleaseAsset(Object.assign(Object.assign({}, github.context.repo), { asset_id: duplicate_asset.id }));
+                yield octokit.repos.deleteReleaseAsset(Object.assign(Object.assign({}, repo()), { asset_id: duplicate_asset.id }));
             }
             else {
                 core.setFailed(`An asset called ${asset_name} already exists.`);
@@ -2257,13 +2319,35 @@ function upload_to_release(release, file, asset_name, tag, overwrite, octokit) {
         return uploaded_asset.data.browser_download_url;
     });
 }
+function repo() {
+    const repo_name = core.getInput('repo_name');
+    // If we're not targeting a foreign repository, we can just return immediately and don't have to do extra work.
+    if (!repo_name) {
+        return github.context.repo;
+    }
+    const owner = repo_name.substr(0, repo_name.indexOf('/'));
+    if (!owner) {
+        throw new Error(`Could not extract 'owner' from 'repo_name': ${repo_name}.`);
+    }
+    const repo = repo_name.substr(repo_name.indexOf('/') + 1);
+    if (!repo) {
+        throw new Error(`Could not extract 'repo' from 'repo_name': ${repo_name}.`);
+    }
+    return {
+        owner,
+        repo
+    };
+}
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
             // Get the inputs from the workflow file: https://github.com/actions/toolkit/tree/master/packages/core#inputsoutputs
             const token = core.getInput('repo_token', { required: true });
             const file = core.getInput('file', { required: true });
-            const tag = core.getInput('tag', { required: true }).replace('refs/tags/', '').replace('refs/heads/', '');
+            const tag = core
+                .getInput('tag', { required: true })
+                .replace('refs/tags/', '')
+                .replace('refs/heads/', '');
             const file_glob = core.getInput('file_glob') == 'true' ? true : false;
             const overwrite = core.getInput('overwrite') == 'true' ? true : false;
             const prerelease = core.getInput('prerelease') == 'true' ? true : false;
@@ -6403,6 +6487,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const os = __importStar(__webpack_require__(87));
+const utils_1 = __webpack_require__(82);
 /**
  * Commands
  *
@@ -6456,28 +6541,14 @@ class Command {
         return cmdStr;
     }
 }
-/**
- * Sanitizes an input into a string so it can be passed into issueCommand safely
- * @param input input to sanitize into a string
- */
-function toCommandValue(input) {
-    if (input === null || input === undefined) {
-        return '';
-    }
-    else if (typeof input === 'string' || input instanceof String) {
-        return input;
-    }
-    return JSON.stringify(input);
-}
-exports.toCommandValue = toCommandValue;
 function escapeData(s) {
-    return toCommandValue(s)
+    return utils_1.toCommandValue(s)
         .replace(/%/g, '%25')
         .replace(/\r/g, '%0D')
         .replace(/\n/g, '%0A');
 }
 function escapeProperty(s) {
-    return toCommandValue(s)
+    return utils_1.toCommandValue(s)
         .replace(/%/g, '%25')
         .replace(/\r/g, '%0D')
         .replace(/\n/g, '%0A')
@@ -7232,6 +7303,12 @@ function convertBody(buffer, headers) {
 	// html4
 	if (!res && str) {
 		res = /<meta[\s]+?http-equiv=(['"])content-type\1[\s]+?content=(['"])(.+?)\2/i.exec(str);
+		if (!res) {
+			res = /<meta[\s]+?content=(['"])(.+?)\1[\s]+?http-equiv=(['"])content-type\3/i.exec(str);
+			if (res) {
+				res.pop(); // drop last quote
+			}
+		}
 
 		if (res) {
 			res = /charset=(.*)/i.exec(res.pop());
@@ -8239,7 +8316,7 @@ function fetch(url, opts) {
 				// HTTP fetch step 5.5
 				switch (request.redirect) {
 					case 'error':
-						reject(new FetchError(`redirect mode is set to error: ${request.url}`, 'no-redirect'));
+						reject(new FetchError(`uri requested responds with a redirect, redirect mode is set to error: ${request.url}`, 'no-redirect'));
 						finalize();
 						return;
 					case 'manual':
@@ -8278,7 +8355,8 @@ function fetch(url, opts) {
 							method: request.method,
 							body: request.body,
 							signal: request.signal,
-							timeout: request.timeout
+							timeout: request.timeout,
+							size: request.size
 						};
 
 						// HTTP-redirect fetch step 9
@@ -8593,6 +8671,8 @@ var __importStar = (this && this.__importStar) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const command_1 = __webpack_require__(431);
+const file_command_1 = __webpack_require__(102);
+const utils_1 = __webpack_require__(82);
 const os = __importStar(__webpack_require__(87));
 const path = __importStar(__webpack_require__(622));
 /**
@@ -8619,10 +8699,18 @@ var ExitCode;
  */
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 function exportVariable(name, val) {
-    const convertedVal = command_1.toCommandValue(val);
+    const convertedVal = utils_1.toCommandValue(val);
     process.env[name] = convertedVal;
+    const filePath = process.env['GITHUB_ENV'] || '';
+    if (filePath) {
+        const delimiter = '_GitHubActionsFileCommandDelimeter_';
+        const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`;
+        file_command_1.issueCommand('ENV', commandValue);
+    }
+    else {
         command_1.issueCommand('set-env', { name }, convertedVal);
     }
+}
 exports.exportVariable = exportVariable;
 /**
  * Registers a secret which will get masked from logs
@@ -8637,7 +8725,13 @@ exports.setSecret = setSecret;
  * @param inputPath
  */
 function addPath(inputPath) {
+    const filePath = process.env['GITHUB_PATH'] || '';
+    if (filePath) {
+        file_command_1.issueCommand('PATH', inputPath);
+    }
+    else {
         command_1.issueCommand('add-path', {}, inputPath);
+    }
     process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;
 }
 exports.addPath = addPath;

package.json

@@ -1,6 +1,6 @@
 {
   "name": "upload-release-action",
-  "version": "2.1.0",
+  "version": "2.3.0",
   "private": true,
   "description": "Upload files to a GitHub release",
   "main": "lib/main.js",
@@ -27,24 +27,24 @@
   "author": "Sven-Hendrik Haase",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.2.0",
+    "@actions/core": "^1.2.6",
     "@actions/github": "^4.0.0",
     "@types/glob": "^7.1.2",
     "glob": "^7.1.6"
   },
   "devDependencies": {
     "@types/jest": "^24.9.1",
-    "@types/node": "^12.12.47",
+    "@types/node": "^12.12.64",
     "@typescript-eslint/parser": "^3.5.0",
     "@zeit/ncc": "^0.22.3",
-    "eslint": "^7.3.1",
+    "eslint": "^7.10.0",
     "eslint-plugin-github": "^4.0.1",
     "eslint-plugin-jest": "^23.17.1",
-    "jest": "^26.1.0",
-    "jest-circus": "^26.1.0",
+    "jest": "^26.5.2",
+    "jest-circus": "^26.5.2",
     "js-yaml": "^3.14.0",
     "prettier": "^2.0.5",
-    "ts-jest": "^26.1.1",
+    "ts-jest": "^26.4.1",
     "typescript": "^3.9.6"
   }
 }

src/main.ts

@@ -6,7 +6,7 @@ import * as github from '@actions/github'
 import * as path from 'path'
 import * as glob from 'glob'
 
-type RepoAssetsResp = Endpoints['GET /repos/:owner/:repo/releases/:release_id/assets']['response']
+type RepoAssetsResp = Endpoints['GET /repos/:owner/:repo/releases/:release_id/assets']['response']['data']
 type ReleaseByTagResp = Endpoints['GET /repos/:owner/:repo/releases/tags/:tag']['response']
 type CreateReleaseResp = Endpoints['POST /repos/:owner/:repo/releases']['response']
 type UploadAssetResp = Endpoints['POST /repos/:owner/:repo/releases/:release_id/assets{?name,label}']['response']
@@ -21,7 +21,7 @@ async function get_release_by_tag(
   try {
     core.debug(`Getting release by tag ${tag}.`)
     return await octokit.repos.getReleaseByTag({
-      ...github.context.repo,
+      ...repo(),
       tag: tag
     })
   } catch (error) {
@@ -31,10 +31,10 @@ async function get_release_by_tag(
         `Release for tag ${tag} doesn't exist yet so we'll create it now.`
       )
       return await octokit.repos.createRelease({
-        ...github.context.repo,
+        ...repo(),
         tag_name: tag,
         prerelease: prerelease,
-        release_name: release_name,
+        name: release_name,
         body: body
       })
     } else {
@@ -60,18 +60,21 @@ async function upload_to_release(
   const file_bytes = fs.readFileSync(file)
 
   // Check for duplicates.
-  const assets: RepoAssetsResp = await octokit.repos.listReleaseAssets({
-    ...github.context.repo,
+  const assets: RepoAssetsResp = await octokit.paginate(
+    octokit.repos.listReleaseAssets,
+    {
+      ...repo(),
       release_id: release.data.id
-  })
-  const duplicate_asset = assets.data.find(a => a.name === asset_name)
+    }
+  )
+  const duplicate_asset = assets.find(a => a.name === asset_name)
   if (duplicate_asset !== undefined) {
     if (overwrite) {
       core.debug(
         `An asset called ${asset_name} already exists in release ${tag} so we'll overwrite it.`
       )
       await octokit.repos.deleteReleaseAsset({
-        ...github.context.repo,
+        ...repo(),
         asset_id: duplicate_asset.id
       })
     } else {
@@ -99,6 +102,26 @@ async function upload_to_release(
   return uploaded_asset.data.browser_download_url
 }
 
+function repo(): {owner: string; repo: string} {
+  const repo_name = core.getInput('repo_name')
+  // If we're not targeting a foreign repository, we can just return immediately and don't have to do extra work.
+  if (!repo_name) {
+    return github.context.repo
+  }
+  const owner = repo_name.substr(0, repo_name.indexOf('/'))
+  if (!owner) {
+    throw new Error(`Could not extract 'owner' from 'repo_name': ${repo_name}.`)
+  }
+  const repo = repo_name.substr(repo_name.indexOf('/') + 1)
+  if (!repo) {
+    throw new Error(`Could not extract 'repo' from 'repo_name': ${repo_name}.`)
+  }
+  return {
+    owner,
+    repo
+  }
+}
+
 async function run(): Promise<void> {
   try {
     // Get the inputs from the workflow file: https://github.com/actions/toolkit/tree/master/packages/core#inputsoutputs