v1.7.0

🚀 Add KeyVaultKeyReference parameter for GitHub App authentication (#63)

This PR adds support for authenticating GitHub Apps using Azure KeyVault key references, enabling secure private key storage in Azure KeyVault instead of GitHub secrets.

Changes Made

🔧 Core Implementation

• action.yml: Added new KeyVaultKeyReference input parameter with proper description and environment variable mapping
• scripts/init.ps1:
  • Added validation logic ensuring mutual exclusion between PrivateKey and KeyVaultKeyReference
  • Added requirement validation that ClientID must be provided with exactly one key parameter
  • Implemented new authentication path: Connect-GitHub -ClientID <ClientID> -KeyVaultKeyReference <url>
  • Updated module status reporting to include KeyVault key reference status

📚 Documentation

• README.md:
  • Added KeyVaultKeyReference to inputs documentation table
  • Added comprehensive Example 5 demonstrating Azure KeyVault authentication workflow
  • Updated example numbering consistently
  • Included note about required azure/login action for KeyVault authentication

Usage Example

jobs:
  Run-Script:
    runs-on: ubuntu-latest
    steps:
      - name: Login to Azure
        uses: azure/login@v1
        with:
          creds: ${{ secrets.AZURE_CREDENTIALS }}

      - name: Run script
        uses: PSModule/GitHub-Script@v1
        with:
          ClientID: ${{ secrets.CLIENT_ID }}
          KeyVaultKeyReference: ${{ secrets.KEYVAULT_KEY_REFERENCE }}
          Script: |
            LogGroup "Get-GitHubApp" {
              Get-GitHubApp
            }

Validation

The implementation includes comprehensive validation:

• ✅ Mutual exclusion: Only one of PrivateKey or KeyVaultKeyReference can be provided
• ✅ Requirement validation: ClientID must be provided with exactly one key parameter
• ✅ Error handling for invalid input combinations
• ✅ PowerShell and YAML syntax validation
• ✅ Integration testing with 6/6 test scenarios passing

Authentication Flow

The action now supports three authentication methods:

1. Token: Token parameter (existing)
2. GitHub App with Private Key: ClientID + PrivateKey (existing)
3. GitHub App with KeyVault: ClientID + KeyVaultKeyReference (new)

Fixes #62.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

v1.6.7

🪲 [Fix]: Fix debug and verbose inputs (#61)

This pull request introduces updates to improve debug and verbose output handling across the GitHub PowerShell-based action. The changes ensure consistent configuration of debug and verbose preferences and enhance clarity in documentation and workflow files.

Debug and Verbose Output Handling Updates:

• .github/workflows/TestWorkflow.yml: Added the -Debug parameter to the Get-GitHubUser command to enable debug output during the workflow execution.
• action.yml: Updated the descriptions for Debug and Verbose inputs to clarify that they enable debug and verbose output for the entire action. Additionally, configured $DebugPreference and $VerbosePreference based on input values to set PowerShell preferences dynamically. [1] [2]
• scripts/info.ps1: Removed redundant $DebugPreference and $VerbosePreference configuration from the end block, as these preferences are now set globally in the action runner.
• scripts/outputs.ps1: Removed hardcoded $DebugPreference and $VerbosePreference settings to align with the new dynamic configuration approach.

Documentation Updates:

• README.md: Improved descriptions for Debug and Verbose inputs to specify that they enable output for the entire action, enhancing clarity for users.

v1.6.6

🩹 [Patch]: Update test to connect a GitHub App using Connect-GitHubApp (#60)

Description

This pull request updates the .github/workflows/TestWorkflow.yml file to improve the organization and output formatting of GitHub-related logs in the workflow scripts. The most important changes include switching from Format-Table to Format-List for better readability, restructuring log groups for clarity, and replacing specific installation token-based connections with a streamlined Connect-GitHubApp command.

Improvements to output formatting:

• Changed the output formatting from Format-Table to Format-List for Get-GitHubApp and Get-GitHubConfig commands to enhance readability. [1] [2]

Workflow restructuring:

• Replaced the token-based connection logic (New-GitHubAppInstallationAccessToken and Connect-GitHub) with a simplified Connect-GitHubApp command to connect to all installations of the app. [1] [2]
• Added new log groups for Contexts (Get-GitHubContext -ListAvailable) and GitHubConfig (Get-GitHubConfig) to improve clarity and organization of workflow logs. [1] [2]

Type of change

• 📖 [Docs]
• 🪲 [Fix]
• 🩹 [Patch]
• ⚠️ [Security fix]
• 🚀 [Feature]
• 🌟 [Breaking change]

Checklist

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas

v1.6.5

🩹 [Patch]: Add output for GitHubRepos from PSModule (#59)

Description

This pull request updates GitHub Actions workflows to improve functionality and maintainability. The changes include removing a redundant comment from the Action-Test workflow and modifying the TestWorkflow to specify the repository owner explicitly in multiple job configurations.

Updates to GitHub Actions workflows:

• .github/workflows/Action-Test.yml: Removed a redundant comment related to skipping a Checkov rule for tag references.
• .github/workflows/TestWorkflow.yml: Updated the Get-GitHubRepository command in three job configurations (ActionTestWithUSERFGPAT, ActionTestWithORGFGPAT, and ActionTestWithGitHubAppEnt) to include the -Owner PSModule parameter for specifying the repository owner explicitly. [1] [2] [3]

Type of change

• 📖 [Docs]
• 🪲 [Fix]
• 🩹 [Patch]
• ⚠️ [Security fix]
• 🚀 [Feature]
• 🌟 [Breaking change]

Checklist

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas

v1.6.4

🪲 [Fix]: Ensure Prerelease input defaults to false in tests (#58)

Description

This pull request includes a small change to the .github/workflows/Action-Test.yml file. The change ensures that the Prerelease input defaults to false if not explicitly provided.

Type of change

• 📖 [Docs]
• 🪲 [Fix]
• 🩹 [Patch]
• ⚠️ [Security fix]
• 🚀 [Feature]
• 🌟 [Breaking change]

Checklist

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas

v1.6.3

🩹 [Patch]: Add Prerelease input option to Action-Test workflow (#57)

Description

This pull request updates the GitHub Actions workflow configuration for testing. The main changes include removing the Action-Test-Prerelease.yml file and integrating its functionality into the Action-Test.yml file by introducing a new Prerelease input parameter.

Workflow configuration updates:

• .github/workflows/Action-Test-Prerelease.yml: Removed the file entirely, consolidating its functionality into the main Action-Test.yml workflow.
• .github/workflows/Action-Test.yml: Added a new Prerelease input parameter to the workflow_dispatch event, allowing users to specify whether to use the prerelease version of the GitHub PowerShell module.
• .github/workflows/Action-Test.yml: Updated the jobs section to pass the Prerelease input parameter to the workflow, ensuring compatibility with the consolidated functionality.

Type of change

• 📖 [Docs]
• 🪲 [Fix]
• 🩹 [Patch]
• ⚠️ [Security fix]
• 🚀 [Feature]
• 🌟 [Breaking change]

Checklist

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas

v1.6.2

🪲 [Fix]: Fix setting the $ErrorView setting via inputs (#53)

This pull request introduces changes related to the handling of the ErrorView configuration in a GitHub Actions workflow. The changes streamline the ErrorView initialization logic by removing redundant code and adding validation to ensure ErrorView is set correctly during runtime.

Changes to ErrorView handling:

• .github/workflows/TestWorkflow.yml: Added a validation step to confirm that ErrorView is set to 'NormalView' during the workflow execution. If not, an exception is thrown.
• action.yml: Introduced the assignment of the ErrorView environment variable from the input parameter for use in subsequent scripts.
• scripts/init.ps1: Removed the redundant initialization and validation logic for ErrorView, as this is now handled directly in the workflow and action configuration.

v1.6.1

🩹 [Patch]: Updated the org level login test with quotes (#52)

Description

This pull request updates the TestWorkflow.yml file to test quoted inputs for GitHub App secrets and adjusts the job name to reflect this change.

Workflow updates:

• .github/workflows/TestWorkflow.yml: Updated the name field of the ActionTestWithGitHubAppOrg job to include "quoted inputs" for clarity.
• .github/workflows/TestWorkflow.yml: Modified the ClientID and PrivateKey inputs in the Action-Test step to use quoted syntax for testing purposes.

v1.6.0

🚀[Feature]: Control if GitHub credentials are persisted (#50)

You now have the option to decide if your GitHub credentials should be kept or automatically disconnected after the script finishes. This gives you more flexibility and helps improve security when needed.

How It Works

• By default, your GitHub credentials will be preserved, just like before—no changes needed on your part.
• If you want your credentials to be automatically disconnected after the script runs, set the new PreserveCredentials option to false.

Example

Here’s how to disconnect your credentials after running a script:

- name: Run script with credential cleanup
  uses: PSModule/GitHub-Script@v1
  with:
    PreserveCredentials: false
    Script: |
      Get-GitHubUser
      # Your credentials will be disconnected after this step

That’s it! Use this new option if you want to make sure your GitHub connection is cleaned up automatically after your workflow.

v1.5.1

🩹 [Patch]: Add tests for logging commands for GitHub Actions workflow (#51)

Description

This pull request adds tests various log functions that work in GitHub Actions.

Logging enhancements:

• .github/workflows/TestWorkflow.yml: Added some tests to show how log notices, warnings, errors, debug messages, and styled log messages with foreground and background colors work.