Use bash

rancher · Feb 4, 2025 · 48bf93d · 48bf93d
1 parent 8407319
commit 48bf93d
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 38,266 deletions.
diff --git a/actions/create-github-app-token/action.yml b/actions/create-github-app-token/action.yml
@@ -1,5 +1,6 @@
 name: 'Create GitHub App Token'
 description: 'Create a GitHub App installation token'
+
 inputs:
   app-id:
     description: 'GitHub App ID'
@@ -10,9 +11,33 @@ inputs:
   installation-id:
     description: 'GitHub App installation ID'
     required: true
+
 outputs:
   token:
     description: 'Generated installation token'
+
 runs:
-  using: 'node20'
-  main: 'dist/index.js'
+  using: 'composite'
+  steps:
+    - shell: bash
+      run: |
+        NOW=$(date +%s)
+        EXP=$((NOW+540))
+        HEADER=$(echo -n '{"alg":"RS256","typ":"JWT"}' | base64 | tr -d '=' | tr '/+' '_-' | tr -d '\n')
+        PAYLOAD=$(echo -n "{\"iat\":$NOW,\"exp\":$EXP,\"iss\":${{ inputs.app-id }}}" | base64 | tr -d '=' | tr '/+' '_-' | tr -d '\n')
+        
+        SIGNATURE=$(echo -n "$HEADER.$PAYLOAD" \
+          | openssl dgst -sha256 -sign <(echo "${{ inputs.private-key }}") \
+          | openssl base64 -A \
+          | tr -d '=' | tr '/+' '_-' | tr -d '\n')
+        
+        JWT="$HEADER.$PAYLOAD.$SIGNATURE"
+        
+        TOKEN=$(curl -s -X POST \
+          -H "Authorization: Bearer $JWT" \
+          -H "Accept: application/vnd.github+json" \
+          "https://api.github.com/app/installations/${{ inputs.installation-id }}/access_tokens" \
+          | jq -r '.token')
+        
+        echo "::add-mask::$TOKEN"
+        echo "token=$TOKEN" >> $GITHUB_OUTPUT