feat: use dash notation for inputs (deprecates underscore notation) (#59)

smockle · web-flow · commit 7b1d2aef87b4 · 2023-10-06T13:10:49.000-07:00
Fixes #57 This PR implements the 3-step plan proposed by @gr2m in #57 (comment): > 1. Support both input types > 2. Log a deprecation warning for the old notation > 3. Add a test for deprecations Although this PR supports both input formats simultaneously, I opted _not_ to document the old format in the updated README. That’s a decision I’m happy to revisit, if y’all would prefer to have documentation for both the old and new formats.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -17,8 +17,8 @@ jobs:
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:
-          app_id: ${{ vars.RELEASER_APP_ID }}
-          private_key: ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
+          app-id: ${{ vars.RELEASER_APP_ID }}
+          private-key: ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
       - uses: actions/checkout@v4
         with:
           token: ${{ steps.app-token.outputs.token }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -38,8 +38,8 @@ jobs:
       - uses: ./ # Uses the action in the root directory
         id: test
         with:
-          app_id: ${{ vars.TEST_APP_ID }}
-          private_key: ${{ secrets.TEST_APP_PRIVATE_KEY }}
+          app-id: ${{ vars.TEST_APP_ID }}
+          private-key: ${{ secrets.TEST_APP_PRIVATE_KEY }}
       - uses: octokit/request-action@v2.x
         id: get-repository
         env:
diff --git a/README.md b/README.md
@@ -22,8 +22,8 @@ jobs:
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:
-          app_id: ${{ vars.APP_ID }}
-          private_key: ${{ secrets.PRIVATE_KEY }}
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
       - uses: peter-evans/create-or-update-comment@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
@@ -44,8 +44,8 @@ jobs:
         id: app-token
         with:
           # required
-          app_id: ${{ vars.APP_ID }}
-          private_key: ${{ secrets.PRIVATE_KEY }}
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
       - uses: actions/checkout@v3
         with:
           token: ${{ steps.app-token.outputs.token }}
@@ -69,8 +69,8 @@ jobs:
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:
-          app_id: ${{ vars.APP_ID }}
-          private_key: ${{ secrets.PRIVATE_KEY }}
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
       - uses: peter-evans/create-or-update-comment@v3
         with:
@@ -91,8 +91,8 @@ jobs:
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:
-          app_id: ${{ vars.APP_ID }}
-          private_key: ${{ secrets.PRIVATE_KEY }}
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
           repositories: "repo1,repo2"
       - uses: peter-evans/create-or-update-comment@v3
@@ -114,8 +114,8 @@ jobs:
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:
-          app_id: ${{ vars.APP_ID }}
-          private_key: ${{ secrets.PRIVATE_KEY }}
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
           owner: another-owner
       - uses: peter-evans/create-or-update-comment@v3
         with:
@@ -126,11 +126,11 @@ jobs:
 
 ## Inputs
 
-### `app_id`
+### `app-id`
 
 **Required:** GitHub App ID.
 
-### `private_key`
+### `private-key`
 
 **Required:** GitHub App private key.
 
@@ -145,7 +145,7 @@ jobs:
 > [!NOTE]
 > If `owner` is set and `repositories` is empty, access will be scoped to all repositories in the provided repository owner's installation. If `owner` and `repositories` are empty, access will be scoped to only the current repository.
 
-### `skip_token_revoke`
+### `skip-token-revoke`
 
 **Optional:** If truthy, the token will not be revoked when the current job is complete.
 
diff --git a/action.yml b/action.yml
@@ -5,21 +5,33 @@ branding:
   icon: "lock"
   color: "gray-dark"
 inputs:
+  app-id:
+    description: "GitHub App ID"
+    required: false # TODO: When 'app_id' is removed, make 'app-id' required
   app_id:
     description: "GitHub App ID"
-    required: true
+    required: false
+    deprecationMessage: "'app_id' is deprecated and will be removed in a future version. Use 'app-id' instead."
+  private-key:
+    description: "GitHub App private key"
+    required: false # TODO: When 'private_key' is removed, make 'private-key' required
   private_key:
     description: "GitHub App private key"
-    required: true
+    required: false
+    deprecationMessage: "'private_key' is deprecated and will be removed in a future version. Use 'private-key' instead."
   owner:
     description: "GitHub App owner (defaults to current repository owner)"
     required: false
   repositories:
     description: "Repositories to install the GitHub App on (defaults to current repository if owner is unset)"
     required: false
+  skip-token-revoke:
+    description: "If truthy, the token will not be revoked when the current job is complete"
+    required: false
   skip_token_revoke:
     description: "If truthy, the token will not be revoked when the current job is complete"
     required: false
+    deprecationMessage: "'skip_token_revoke' is deprecated and will be removed in a future version. Use 'skip-token-revoke' instead."
 outputs:
   token:
     description: "GitHub installation access token"
diff --git a/dist/main.cjs b/dist/main.cjs
@@ -10103,11 +10103,19 @@ if (!process.env.GITHUB_REPOSITORY) {
 if (!process.env.GITHUB_REPOSITORY_OWNER) {
   throw new Error("GITHUB_REPOSITORY_OWNER missing, must be set to '<owner>'");
 }
-var appId = import_core.default.getInput("app_id");
-var privateKey = import_core.default.getInput("private_key");
+var appId = import_core.default.getInput("app-id") || import_core.default.getInput("app_id");
+if (!appId) {
+  throw new Error("Input required and not supplied: app-id");
+}
+var privateKey = import_core.default.getInput("private-key") || import_core.default.getInput("private_key");
+if (!privateKey) {
+  throw new Error("Input required and not supplied: private-key");
+}
 var owner = import_core.default.getInput("owner");
 var repositories = import_core.default.getInput("repositories");
-var skipTokenRevoke = Boolean(import_core.default.getInput("skip_token_revoke"));
+var skipTokenRevoke = Boolean(
+  import_core.default.getInput("skip-token-revoke") || import_core.default.getInput("skip_token_revoke")
+);
 main(
   appId,
   privateKey,
diff --git a/dist/post.cjs b/dist/post.cjs
@@ -2973,7 +2973,9 @@ var import_core = __toESM(require_core(), 1);
 
 // lib/post.js
 async function post(core2, request2) {
-  const skipTokenRevoke = Boolean(core2.getInput("skip_token_revoke"));
+  const skipTokenRevoke = Boolean(
+    core2.getInput("skip-token-revoke") || core2.getInput("skip_token_revoke")
+  );
   if (skipTokenRevoke) {
     core2.info("Token revocation was skipped");
     return;
diff --git a/lib/post.js b/lib/post.js
@@ -5,7 +5,9 @@
  * @param {import("@octokit/request").request} request
  */
 export async function post(core, request) {
-  const skipTokenRevoke = Boolean(core.getInput("skip_token_revoke"));
+  const skipTokenRevoke = Boolean(
+    core.getInput("skip-token-revoke") || core.getInput("skip_token_revoke")
+  );
 
   if (skipTokenRevoke) {
     core.info("Token revocation was skipped");
diff --git a/main.js b/main.js
@@ -14,12 +14,22 @@ if (!process.env.GITHUB_REPOSITORY_OWNER) {
   throw new Error("GITHUB_REPOSITORY_OWNER missing, must be set to '<owner>'");
 }
 
-const appId = core.getInput("app_id");
-const privateKey = core.getInput("private_key");
+const appId = core.getInput("app-id") || core.getInput("app_id");
+if (!appId) {
+  // The 'app_id' input was previously required, but it and 'app-id' are both optional now, until the former is removed. Still, we want to ensure that at least one of them is set.
+  throw new Error("Input required and not supplied: app-id");
+}
+const privateKey = core.getInput("private-key") || core.getInput("private_key");
+if (!privateKey) {
+  // The 'private_key' input was previously required, but it and 'private-key' are both optional now, until the former is removed. Still, we want to ensure that at least one of them is set.
+  throw new Error("Input required and not supplied: private-key");
+}
 const owner = core.getInput("owner");
 const repositories = core.getInput("repositories");
 
-const skipTokenRevoke = Boolean(core.getInput("skip_token_revoke"));
+const skipTokenRevoke = Boolean(
+  core.getInput("skip-token-revoke") || core.getInput("skip_token_revoke")
+);
 
 main(
   appId,
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -23,7 +23,8 @@
     "esbuild": "^0.19.4",
     "execa": "^8.0.1",
     "open-cli": "^7.2.0",
-    "undici": "^5.25.2"
+    "undici": "^5.25.2",
+    "yaml": "^2.3.2"
   },
   "release": {
     "branches": [
@@ -48,4 +49,4 @@
       ]
     ]
   }
-}
+}
diff --git a/tests/action-deprecated-inputs.test.js b/tests/action-deprecated-inputs.test.js
@@ -0,0 +1,16 @@
+import { readFileSync } from "node:fs";
+import * as url from "node:url";
+import YAML from "yaml";
+
+const action = YAML.parse(
+  readFileSync(
+    url.fileURLToPath(new URL("../action.yml", import.meta.url)),
+    "utf8"
+  )
+);
+
+for (const [key, value] of Object.entries(action.inputs)) {
+  if ("deprecationMessage" in value) {
+    console.log(`${key} — ${value.deprecationMessage}`);
+  }
+}
diff --git a/tests/main-missing-app-id.test.js b/tests/main-missing-app-id.test.js
@@ -0,0 +1,9 @@
+process.env.GITHUB_REPOSITORY_OWNER = "actions";
+process.env.GITHUB_REPOSITORY = "actions/create-github-app-token";
+
+// Verify `main` exits with an error when neither the `app-id` nor `app_id` input is set.
+try {
+  await import("../main.js");
+} catch (error) {
+  console.error(error.message);
+}
diff --git a/tests/main-missing-private-key.test.js b/tests/main-missing-private-key.test.js
@@ -0,0 +1,10 @@
+process.env.GITHUB_REPOSITORY_OWNER = "actions";
+process.env.GITHUB_REPOSITORY = "actions/create-github-app-token";
+process.env["INPUT_APP-ID"] = "123456";
+
+// Verify `main` exits with an error when neither the `private-key` nor `private_key` input is set.
+try {
+  await import("../main.js");
+} catch (error) {
+  console.error(error.message);
+}
diff --git a/tests/main.js b/tests/main.js
@@ -8,8 +8,8 @@ export async function test(cb = (_mockPool) => {}) {
   process.env.GITHUB_REPOSITORY = "actions/create-github-app-token";
   // inputs are set as environment variables with the prefix INPUT_
   // https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
-  process.env.INPUT_APP_ID = "123456";
-  process.env.INPUT_PRIVATE_KEY = `-----BEGIN RSA PRIVATE KEY-----
+  process.env["INPUT_APP-ID"] = "123456";
+  process.env["INPUT_PRIVATE-KEY"] = `-----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEA280nfuUM9w00Ib9E2rvZJ6Qu3Ua3IqR34ZlK53vn/Iobn2EL
 Z9puc5Q/nFBU15NKwHyQNb+OG2hTCkjd1Xi9XPzEOH1r42YQmTGq8YCkUSkk6KZA
 5dnhLwN9pFquT9fQgrf4r1D5GJj3rqvj8JDr1sBmunArqY5u4gziSrIohcjLIZV0
diff --git a/tests/post-token-skipped.test.js b/tests/post-token-skipped.test.js
@@ -6,7 +6,7 @@ process.env.STATE_token = "secret123";
 
 // inputs are set as environment variables with the prefix INPUT_
 // https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
-process.env.INPUT_SKIP_TOKEN_REVOKE = "true";
+process.env["INPUT_SKIP-TOKEN-REVOKE"] = "true";
 
 const mockAgent = new MockAgent();
 
diff --git a/tests/snapshots/index.js.md b/tests/snapshots/index.js.md
@@ -4,6 +4,28 @@ The actual snapshot is saved in `index.js.snap`.
 
 Generated by [AVA](https://avajs.dev).
 
+## action-deprecated-inputs.test.js
+
+> stderr
+
+    ''
+
+> stdout
+
+    `app_id — 'app_id' is deprecated and will be removed in a future version. Use 'app-id' instead.␊
+    private_key — 'private_key' is deprecated and will be removed in a future version. Use 'private-key' instead.␊
+    skip_token_revoke — 'skip_token_revoke' is deprecated and will be removed in a future version. Use 'skip-token-revoke' instead.`
+
+## main-missing-app-id.test.js
+
+> stderr
+
+    'Input required and not supplied: app-id'
+
+> stdout
+
+    ''
+
 ## main-missing-owner.test.js
 
 > stderr
@@ -14,6 +36,16 @@ Generated by [AVA](https://avajs.dev).
 
     ''
 
+## main-missing-private-key.test.js
+
+> stderr
+
+    'Input required and not supplied: private-key'
+
+> stdout
+
+    ''
+
 ## main-missing-repository.test.js
 
 > stderr
diff --git a/tests/snapshots/index.js.snap b/tests/snapshots/index.js.snap

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,8 @@`
`23`	`23`	`"esbuild": "^0.19.4",`
`24`	`24`	`"execa": "^8.0.1",`
`25`	`25`	`"open-cli": "^7.2.0",`
`26`		`- "undici": "^5.25.2"`
	`26`	`+ "undici": "^5.25.2",`
	`27`	`+ "yaml": "^2.3.2"`
`27`	`28`	`},`
`28`	`29`	`"release": {`
`29`	`30`	`"branches": [`
`@@ -48,4 +49,4 @@`
`48`	`49`	`]`
`49`	`50`	`]`
`50`	`51`	`}`
`51`		`-}`
	`52`	`+}`