From 3684e9d97b63670e3ec0214d5f9b62c961466375 Mon Sep 17 00:00:00 2001 From: Alejandro Menocal Date: Tue, 19 Nov 2024 16:33:02 -0600 Subject: [PATCH] use private key through env var dependencies updates --- cmd/byRepos.go | 7 ++----- go.mod | 9 ++++++--- go.sum | 16 ++++++++++++++-- internal/api/api.go | 17 ++++++++--------- 4 files changed, 30 insertions(+), 19 deletions(-) diff --git a/cmd/byRepos.go b/cmd/byRepos.go index 3ed393c..3d4f065 100644 --- a/cmd/byRepos.go +++ b/cmd/byRepos.go @@ -4,7 +4,6 @@ Copyright © 2024 NAME HERE package cmd import ( - "fmt" "os" "github.com/mona-actions/gh-migrate-teams/pkg/sync" @@ -20,7 +19,6 @@ var byReposCmd = &cobra.Command{ It will migrate all the teams that have access to the repositories in the list.`, Run: func(cmd *cobra.Command, args []string) { - fmt.Println("byRepos called") targetOrganization := cmd.Flag("target-organization").Value.String() sourceToken := cmd.Flag("source-token").Value.String() @@ -29,7 +27,6 @@ var byReposCmd = &cobra.Command{ ghHostname := cmd.Flag("source-hostname").Value.String() repoFile := cmd.Flag("from-file").Value.String() skipTeams := cmd.Flag("skip-teams").Value.String() - tPrivateKeyPath := cmd.Flag("target-private-key").Value.String() tAppId := cmd.Flag("target-app-id").Value.String() tInstallationId := cmd.Flag("target-installation-id").Value.String() @@ -41,7 +38,6 @@ var byReposCmd = &cobra.Command{ os.Setenv("GHMT_SOURCE_HOSTNAME", ghHostname) os.Setenv("GHMT_REPO_FILE", repoFile) os.Setenv("GHMT_SKIP_TEAMS", skipTeams) - os.Setenv("GHMT_TARGET_PRIVATE_KEY", tPrivateKeyPath) os.Setenv("GHMT_TARGET_APP_ID", tAppId) os.Setenv("GHMT_TARGET_INSTALLATION_ID", tInstallationId) @@ -85,7 +81,8 @@ func init() { byReposCmd.Flags().StringP("source-hostname", "u", os.Getenv("SOURCE_HOST"), "GitHub Enterprise source hostname url (optional) Ex. https://github.example.com") - byReposCmd.Flags().StringP("target-private-key", "p", "", "Private key for GitHub App authentication") + byReposCmd.Flags().StringP("target-private-key", "p", "", "Private key for GitHub App authentication. Ideally set as an env variable `GHMT_TARGET_PRIVATE_KEY`") + viper.BindPFlag("TARGET_PRIVATE_KEY", byReposCmd.Flags().Lookup("target-private-key")) byReposCmd.Flags().StringP("target-app-id", "i", "", "GitHub App ID") diff --git a/go.mod b/go.mod index cf8f231..7810cbd 100644 --- a/go.mod +++ b/go.mod @@ -1,17 +1,18 @@ module github.com/mona-actions/gh-migrate-teams -go 1.21 +go 1.23 -toolchain go1.21.6 +toolchain go1.23.3 require ( github.com/gofri/go-github-ratelimit v1.1.0 github.com/google/go-github/v62 v62.0.0 + github.com/jferrl/go-githubauth v1.1.1 github.com/pterm/pterm v0.12.79 github.com/shurcooL/githubv4 v0.0.0-20240429030203-be2daab69064 github.com/spf13/cobra v1.8.0 github.com/spf13/viper v1.18.2 - golang.org/x/oauth2 v0.20.0 + golang.org/x/oauth2 v0.24.0 ) require ( @@ -20,6 +21,8 @@ require ( atomicgo.dev/schedule v0.1.0 // indirect github.com/containerd/console v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/golang-jwt/jwt/v5 v5.2.1 // indirect + github.com/google/go-github/v64 v64.0.0 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/gookit/color v1.5.4 // indirect github.com/hashicorp/hcl v1.0.0 // indirect diff --git a/go.sum b/go.sum index d9b911b..05b1a9d 100644 --- a/go.sum +++ b/go.sum @@ -30,21 +30,29 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/gofri/go-github-ratelimit v1.1.0 h1:ijQ2bcv5pjZXNil5FiwglCg8wc9s8EgjTmNkqjw8nuk= github.com/gofri/go-github-ratelimit v1.1.0/go.mod h1:OnCi5gV+hAG/LMR7llGhU7yHt44se9sYgKPnafoL7RY= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-github/v62 v62.0.0 h1:/6mGCaRywZz9MuHyw9gD1CwsbmBX8GWsbFkwMmHdhl4= github.com/google/go-github/v62 v62.0.0/go.mod h1:EMxeUqGJq2xRu9DYBMwel/mr7kZrzUOfQmmpYrZn2a4= +github.com/google/go-github/v64 v64.0.0 h1:4G61sozmY3eiPAjjoOHponXDBONm+utovTKbyUb2Qdg= +github.com/google/go-github/v64 v64.0.0/go.mod h1:xB3vqMQNdHzilXBiO2I+M7iEFtHf+DP/omBOv6tQzVo= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/gookit/color v1.4.2/go.mod h1:fqRyamkC1W8uxl+lxCQxOT09l/vYfZ+QeiX3rKQHCoQ= github.com/gookit/color v1.5.0/go.mod h1:43aQb+Zerm/BWh2GnrgOQm7ffz7tvQXEKV6BFMl7wAo= github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0= github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w= +github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= +github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jferrl/go-githubauth v1.1.1 h1:HfF3eeWFL+9jV9KHAatBaEnFGm9R2LkTqo5Z2GcDk20= +github.com/jferrl/go-githubauth v1.1.1/go.mod h1:FC1jqgik3xdaZDg8CUmGbvDwfP/egXkrq6Ygl9pSz/Y= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.0.10/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c= github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c= @@ -64,6 +72,8 @@ github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3v github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/migueleliasweb/go-github-mock v1.0.1 h1:amLEECVny28RCD1ElALUpQxrAimamznkg9rN2O7t934= +github.com/migueleliasweb/go-github-mock v1.0.1/go.mod h1:8PJ7MpMoIiCBBNpuNmvndHm0QicjsE+hjex1yMGmjYQ= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= @@ -141,8 +151,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= -golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= +golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -173,6 +183,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= diff --git a/internal/api/api.go b/internal/api/api.go index 148d484..2ada37a 100644 --- a/internal/api/api.go +++ b/internal/api/api.go @@ -5,7 +5,6 @@ import ( "fmt" "log" "net/http" - "os" "strconv" "strings" "time" @@ -22,25 +21,22 @@ func newHTTPClient() *http.Client { token := viper.GetString("TARGET_TOKEN") appId := viper.GetString("TARGET_APP_ID") - privateKey := viper.GetString("TARGET_PRIVATE_KEY") + privateKey := []byte(viper.GetString("TARGET_PRIVATE_KEY")) installationId := viper.GetInt64("TARGET_INSTALLATION_ID") // check that Target token or GitHub App values are set - if token != "" && (appId == "" || privateKey == "" || installationId == 0) { + if token != "" && (appId == "" || len(privateKey) == 0 || installationId == 0) { log.Fatalf("Please provide a target token or a target GitHub App ID and private key") } - if appId != "" && privateKey != "" && installationId != 0 { + if appId != "" && len(privateKey) != 0 && installationId != 0 { // GitHub App authentication - pemBytes, err := os.ReadFile(privateKey) - if err != nil { - log.Fatalf("Error reading private key: %v", err) - } + appIdInt, err := strconv.ParseInt(appId, 10, 64) if err != nil { log.Fatalf("Error converting app ID to int64: %v", err) } - appToken, err := githubauth.NewApplicationTokenSource(appIdInt, pemBytes) + appToken, err := githubauth.NewApplicationTokenSource(appIdInt, privateKey) if err != nil { log.Fatalf("Error creating app token: %v", err) } @@ -499,6 +495,9 @@ func GetAuthenticatedUser() (*github.User, error) { user, _, err := client.Users.Get(ctx, "") if err != nil { + if strings.Contains(err.Error(), "403 Resource not accessible by integration") { + return nil, nil + } return nil, err } return user, nil