Support OIDC subject claim customization templates for actions (#2615)

Fixes: #2614.
google · Jan 5, 2023 · 93166f4 · 93166f4
1 parent 8ec1e49
commit 93166f4
Show file tree

Hide file tree

Showing 4 changed files with 241 additions and 0 deletions.
diff --git a/github/actions_oidc.go b/github/actions_oidc.go
@@ -0,0 +1,73 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// OIDCSubjectClaimCustomTemplate represents an OIDC subject claim customization template.
+type OIDCSubjectClaimCustomTemplate struct {
+	UseDefault       *bool    `json:"use_default,omitempty"`
+	IncludeClaimKeys []string `json:"include_claim_keys"`
+}
+
+// GetOrgOIDCSubjectClaimCustomTemplate gets the subject claim customization template for an organization.
+//
+// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-an-organization
+func (s *ActionsService) GetOrgOIDCSubjectClaimCustomTemplate(ctx context.Context, org string) (*OIDCSubjectClaimCustomTemplate, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/oidc/customization/sub", org)
+	return s.getOIDCSubjectClaimCustomTemplate(ctx, u)
+}
+
+// GetRepoOIDCSubjectClaimCustomTemplate gets the subject claim customization template for a repository.
+//
+// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-a-repository
+func (s *ActionsService) GetRepoOIDCSubjectClaimCustomTemplate(ctx context.Context, owner, repo string) (*OIDCSubjectClaimCustomTemplate, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/oidc/customization/sub", owner, repo)
+	return s.getOIDCSubjectClaimCustomTemplate(ctx, u)
+}
+
+func (s *ActionsService) getOIDCSubjectClaimCustomTemplate(ctx context.Context, url string) (*OIDCSubjectClaimCustomTemplate, *Response, error) {
+	req, err := s.client.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	tmpl := new(OIDCSubjectClaimCustomTemplate)
+	resp, err := s.client.Do(ctx, req, tmpl)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return tmpl, resp, nil
+}
+
+// SetOrgOIDCSubjectClaimCustomTemplate sets the subject claim customization for an organization.
+//
+// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization
+func (s *ActionsService) SetOrgOIDCSubjectClaimCustomTemplate(ctx context.Context, org string, template *OIDCSubjectClaimCustomTemplate) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/oidc/customization/sub", org)
+	return s.setOIDCSubjectClaimCustomTemplate(ctx, u, template)
+}
+
+// SetRepoOIDCSubjectClaimCustomTemplate sets the subject claim customization for a repository.
+//
+// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository
+func (s *ActionsService) SetRepoOIDCSubjectClaimCustomTemplate(ctx context.Context, owner, repo string, template *OIDCSubjectClaimCustomTemplate) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/oidc/customization/sub", owner, repo)
+	return s.setOIDCSubjectClaimCustomTemplate(ctx, u, template)
+}
+
+func (s *ActionsService) setOIDCSubjectClaimCustomTemplate(ctx context.Context, url string, template *OIDCSubjectClaimCustomTemplate) (*Response, error) {
+	req, err := s.client.NewRequest("PUT", url, template)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/github/actions_oidc_test.go b/github/actions_oidc_test.go
@@ -0,0 +1,150 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"testing"
+
+	"github.com/google/go-cmp/cmp"
+)
+
+func TestActionsService_GetOrgOIDCSubjectClaimCustomTemplate(t *testing.T) {
+	client, mux, _, teardown := setup()
+	defer teardown()
+
+	mux.HandleFunc("/orgs/o/actions/oidc/customization/sub", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `{"include_claim_keys":["repo","context"]}`)
+	})
+
+	ctx := context.Background()
+	template, _, err := client.Actions.GetOrgOIDCSubjectClaimCustomTemplate(ctx, "o")
+	if err != nil {
+		t.Errorf("Actions.GetOrgOIDCSubjectClaimCustomTemplate returned error: %v", err)
+	}
+
+	want := &OIDCSubjectClaimCustomTemplate{IncludeClaimKeys: []string{"repo", "context"}}
+	if !cmp.Equal(template, want) {
+		t.Errorf("Actions.GetOrgOIDCSubjectClaimCustomTemplate returned %+v, want %+v", template, want)
+	}
+
+	const methodName = "GetOrgOIDCSubjectClaimCustomTemplate"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Actions.GetOrgOIDCSubjectClaimCustomTemplate(ctx, "\n")
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Actions.GetOrgOIDCSubjectClaimCustomTemplate(ctx, "o")
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestActionsService_GetRepoOIDCSubjectClaimCustomTemplate(t *testing.T) {
+	client, mux, _, teardown := setup()
+	defer teardown()
+
+	mux.HandleFunc("/repos/o/r/actions/oidc/customization/sub", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `{"use_default":false,"include_claim_keys":["repo","context"]}`)
+	})
+
+	ctx := context.Background()
+	template, _, err := client.Actions.GetRepoOIDCSubjectClaimCustomTemplate(ctx, "o", "r")
+	if err != nil {
+		t.Errorf("Actions.GetRepoOIDCSubjectClaimCustomTemplate returned error: %v", err)
+	}
+
+	want := &OIDCSubjectClaimCustomTemplate{UseDefault: Bool(false), IncludeClaimKeys: []string{"repo", "context"}}
+	if !cmp.Equal(template, want) {
+		t.Errorf("Actions.GetOrgOIDCSubjectClaimCustomTemplate returned %+v, want %+v", template, want)
+	}
+
+	const methodName = "GetRepoOIDCSubjectClaimCustomTemplate"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Actions.GetRepoOIDCSubjectClaimCustomTemplate(ctx, "\n", "\n")
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Actions.GetRepoOIDCSubjectClaimCustomTemplate(ctx, "o", "r")
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestActionsService_SetOrgOIDCSubjectClaimCustomTemplate(t *testing.T) {
+	client, mux, _, teardown := setup()
+	defer teardown()
+
+	mux.HandleFunc("/orgs/o/actions/oidc/customization/sub", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "PUT")
+		testHeader(t, r, "Content-Type", "application/json")
+		testBody(t, r, `{"include_claim_keys":["repo","context"]}`+"\n")
+		w.WriteHeader(http.StatusCreated)
+	})
+
+	input := &OIDCSubjectClaimCustomTemplate{
+		IncludeClaimKeys: []string{"repo", "context"},
+	}
+	ctx := context.Background()
+	_, err := client.Actions.SetOrgOIDCSubjectClaimCustomTemplate(ctx, "o", input)
+	if err != nil {
+		t.Errorf("Actions.SetOrgOIDCSubjectClaimCustomTemplate returned error: %v", err)
+	}
+
+	const methodName = "SetOrgOIDCSubjectClaimCustomTemplate"
+
+	testBadOptions(t, methodName, func() (err error) {
+		_, err = client.Actions.SetOrgOIDCSubjectClaimCustomTemplate(ctx, "\n", input)
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		return client.Actions.SetOrgOIDCSubjectClaimCustomTemplate(ctx, "o", input)
+	})
+}
+
+func TestActionsService_SetRepoOIDCSubjectClaimCustomTemplate(t *testing.T) {
+	client, mux, _, teardown := setup()
+	defer teardown()
+
+	mux.HandleFunc("/repos/o/r/actions/oidc/customization/sub", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "PUT")
+		testHeader(t, r, "Content-Type", "application/json")
+		testBody(t, r, `{"use_default":false,"include_claim_keys":["repo","context"]}`+"\n")
+		w.WriteHeader(http.StatusCreated)
+	})
+
+	input := &OIDCSubjectClaimCustomTemplate{
+		UseDefault:       Bool(false),
+		IncludeClaimKeys: []string{"repo", "context"},
+	}
+	ctx := context.Background()
+	_, err := client.Actions.SetRepoOIDCSubjectClaimCustomTemplate(ctx, "o", "r", input)
+	if err != nil {
+		t.Errorf("Actions.SetRepoOIDCSubjectClaimCustomTemplate returned error: %v", err)
+	}
+
+	const methodName = "SetRepoOIDCSubjectClaimCustomTemplate"
+
+	testBadOptions(t, methodName, func() (err error) {
+		_, err = client.Actions.SetRepoOIDCSubjectClaimCustomTemplate(ctx, "\n", "\n", input)
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		return client.Actions.SetRepoOIDCSubjectClaimCustomTemplate(ctx, "o", "r", input)
+	})
+}
diff --git a/github/github-accessors.go b/github/github-accessors.go
diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go