Set SPECTRAL_DSN environment from JS instead of end-user workflow fil…

…e (#12) * Update index.js * Update README.md * Update main.yml * Update README.md * Update README.md * Update CI.yml * Update main.yml * Update CI.yml
CheckPointSW · Jun 14, 2023 · ab90f8a · ab90f8a
1 parent a5026d7
commit ab90f8a
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 39 deletions.
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -1,11 +1,8 @@
-name: CI
+name: CI on branch
 
 # Controls when the workflow will run
 on: [push, workflow_dispatch, pull_request]
 
-env:
-  SPECTRAL_DSN: ${{ secrets.SPECTRAL_DSN }}
-
 jobs:
   ubuntu-ci:
     name: Spectral ubuntu CI
@@ -15,7 +12,7 @@ jobs:
       - name: Install and run Spectral CI
         uses: ./
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
   ubuntu-audit:
     name: Spectral ubuntu audit
@@ -25,7 +22,7 @@ jobs:
       - name: Install and run Spectral Audit
         uses: ./
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
   macos-ci:
     name: Spectral macos CI
@@ -35,7 +32,7 @@ jobs:
       - name: Install and run Spectral CI
         uses: ./
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
   macos-audit:
     name: Spectral macos audit
@@ -45,7 +42,7 @@ jobs:
       - name: Install and run Spectral Audit
         uses: ./
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
   windows-ci:
     name: Spectral windows CI
@@ -55,7 +52,7 @@ jobs:
       - name: Install and run Spectral CI
         uses: ./
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
   windows-audit:
     name: Spectral windows audit
@@ -65,5 +62,5 @@ jobs:
       - name: Install and run Spectral Audit
         uses: ./
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,69 +1,66 @@
-name: CI
+name: CI (example)
 
 # Controls when the workflow will run
 on: [push, workflow_dispatch]
 
-env:
-  SPECTRAL_DSN: ${{ secrets.SPECTRAL_DSN }}
-
 jobs:
   ubuntu-ci:
     name: Spectral ubuntu CI
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral CI
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
   ubuntu-audit:
     name: Spectral ubuntu audit
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral Audit
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
   macos-ci:
     name: Spectral macos CI
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral CI
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
   macos-audit:
     name: Spectral macos audit
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral Audit
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
   windows-ci:
     name: Spectral windows CI
     runs-on: windows-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral CI
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
   windows-audit:
     name: Spectral windows audit
     runs-on: windows-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral Audit
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
           spectral-dsn: ${{ env.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
diff --git a/README.md b/README.md
@@ -22,7 +22,7 @@ Spectral Scan is a single self-contained binary, that's easy to get and use. Thi
 Include this Action as a step in your workflow:
 
 ```
-uses: spectralops/spectral-github-action@v3
+uses: spectralops/spectral-github-action@v4
 with:
   spectral-dsn: $SPECTRAL_DSN
   spectral-args: scan --ok
@@ -32,47 +32,41 @@ You can see an example of this Action [here](https://github.com/SpectralOps/spec
 
 ## Configuration
 
-You'll need to provide Spectral dsn. You can do so via the `SPECTRAL_DSN` environment variable. In the below example, the Spectral dsn is retrieved from [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).
+You'll need to provide Spectral DSN as an input variable. You should always store your DSN in a secure way, like below in [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).
 
 ```yaml
 name: Spectral
 
 on: [push]
 
-env:
-  SPECTRAL_DSN: ${{ secrets.SPECTRAL_DSN }}
-
 jobs:
   scan:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral CI
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: scan --ok
 ```
 
-Spectral provides another scan option to audit your Github/Gitlab organizaion, user or repo.
+Spectral provides another scan option to audit your Github/Gitlab organization, user or repo.
 
 ```yaml
 name: Spectral
 
 on: [push]
 
-env:
-  SPECTRAL_DSN: ${{ secrets.SPECTRAL_DSN }}
-
 jobs:
   scan:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - name: Install and run Spectral Audit
-        uses: spectralops/spectral-github-action@v3
+        uses: spectralops/spectral-github-action@v4
         with:
-          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
           spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
 ```
 

diff --git a/index.js b/index.js
@@ -7,6 +7,9 @@ const workspace = process.env.GITHUB_WORKSPACE;
 const spectralDsn = core.getInput('spectral-dsn')
 const binDir = `${workspace}/bin`;
 
+// Provide SPECTRAL_DSN to spectral binary through env
+core.exportVariable('SPECTRAL_DSN', spectralDsn);
+
 main().catch(error => {
     core.setFailed(error)
 })
@@ -55,4 +58,4 @@ async function runSpectral() {
 function getScanCommand() {
     const spectralArgs = core.getInput('spectral-args')
     return `${process.platform === 'win32' ? 'spectral.exe' : 'spectral'} ${spectralArgs}`
-}
+}