first commit

Author: pirafrank

.gitignore

@@ -0,0 +1 @@
+node_modules

.nvmrc

@@ -0,0 +1 @@
+v18.18.2

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Francesco Pira
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,77 @@
+# GitHub GraphQL API client in Node.js
+
+A thin wrapper to commit on a GitHub repo through their GraphQL APIs. Useful to create signed commits in CI/CD environments.
+
+Offered as node module and CLI tool.
+
+## Why
+
+- Commit changes to a GitHub repository without cloning it locally
+- By using the GitHub GraphQL API, we can commit multiple changes at once
+- By using GitHub APIs, we can implicitly sign commits via web-flow signing, like vscode.dev does
+
+## Use cases
+
+- Automate the process of committing file additions, changes, or deletions to a GitHub repository without cloning it locally
+- Integrate with existing CI/CD pipelines perform signed commits on behalf of the pipeline, without hard-to-setup GPG config
+- Avoid storing private SSH keys in CI/CD environments (only the GITHUB_TOKEN is needed and can be easily saved as secret string passed as environment variable at pipeline runtime)
+- you name it...
+
+## ⚠️ Before you start
+
+- Changed (or new) files must exist locally
+  - for practial reasons, those files must have the same file name and file path as the ones in the repository you are replacing with your commit (or the same file name and file path you want them to have in the repository)
+- Deleted files may not exist locally, and their path may just be provided as argument
+- GraphQL APIs are not meant to be used to push a lot of code! If that is your case, please consider using a local clone and `git`.
+
+## Requirements
+
+- Node.js (18+)
+- A GitHub token with the `repo` scope.
+  - The token must be set in the environment variable called `GITHUB_TOKEN`.
+
+Note: in GitHub Actions the `GITHUB_TOKEN` is automatically generated per each run and is available as an environment variable. More info [here](https://docs.github.com/en/actions/security-guides/automatic-token-authentication).
+
+## Installation
+
+```sh
+npm install
+```
+
+## Usage examples
+
+```sh
+export GITHUB_TOKEN='your_github_token_here'
+node github.js commit \
+  --owner yourname \
+  --repo some_repo_of_yours \
+  --branch main \
+  --added .gitignore \
+  --commitMessage 'added .gitignore'
+```
+
+```sh
+export GITHUB_TOKEN='your_github_token_here'
+node github.js commit \
+  --owner yourname \
+  --repo some_repo_of_yours \
+  --branch main \
+  --deleted .gitignore \
+  --commitMessage 'remove .gitignore'
+```
+
+```sh
+export GITHUB_TOKEN='your_github_token_here'
+node github.js commit \
+  --owner yourname \
+  --repo some_repo_of_yours \
+  --branch main \
+  --changed 'some_dir/some_file.txt' \
+  --changed 'some_other_dir/some_other_file.txt' \
+  --deleted 'some_dir/delete_me.txt' \
+  --commitMessage 'stuff'
+```
+
+## License
+
+MIT

github.js

@@ -0,0 +1,266 @@
+const fs = require("fs");
+const { createClient, cacheExchange, fetchExchange } = require("@urql/core");
+const yargs = require("yargs");
+const CURRENT_VERSION = require("./package.json").version;
+
+const GITHUB_GRAPHQL_URL =
+  process.env.GITHUB_GRAPHQL_URL || "https://api.github.com/graphql";
+
+const githubToken = process.env.GITHUB_TOKEN;
+if (!githubToken) {
+  throw new Error("ERROR: GITHUB_TOKEN environment variable not set.");
+}
+
+const client = createClient({
+  url: GITHUB_GRAPHQL_URL,
+  exchanges: [cacheExchange, fetchExchange],
+  fetchOptions: {
+    headers: {
+      Authorization: `Bearer ${githubToken}`,
+    },
+  },
+});
+
+function arrayHasElements(array) {
+  return (array && Array.isArray(array) && array.length > 0)
+}
+
+function extractChangedOrDeletedFiles(changedFiles, deletedFiles) {
+  const changedFilesExist = arrayHasElements(changedFiles);
+  const deletedFilesExist = arrayHasElements(deletedFiles);
+
+  if (!changedFilesExist && !deletedFilesExist) {
+    throw new Error("No files specified as changed or deleted. Quitting.");
+  }
+
+  return {
+    changedFiles: changedFilesExist ? changedFiles : [],
+    deletedFiles: deletedFilesExist ? deletedFiles : [],
+  }
+}
+
+async function fetchBranchData(repoOwner, repoName, branchName) {
+  const query = `
+    query($owner: String!, $repo: String!, $branch: String!) {
+      repository(owner: $owner, name: $repo) {
+        ref(qualifiedName: $branch) {
+          name,
+          target {
+            oid
+          }
+        }
+      }
+    }
+  `;
+
+  const variables = {
+    owner: repoOwner,
+    repo: repoName,
+    branch: branchName,
+  };
+
+  try {
+    const response = await client.query(query, variables);
+    return response
+  } catch (error) {
+    console.error(`Error while trying to fetching data from API: ${error.message}`);
+    throw error;
+  }
+}
+
+async function checkIfBranchExists(repoOwner, repoName, branchName) {
+  const response = await fetchBranchData(repoOwner, repoName, branchName);
+  // NB. if response.data.repository.ref is null the remote branch does not exist!
+  return response?.data?.repository?.ref || null;
+}
+
+async function getShaOfParentCommit(repoOwner, repoName, branchName) {
+  const response = await fetchBranchData(repoOwner, repoName, branchName);
+  return response?.data?.repository?.ref?.target?.oid || null;
+}
+
+async function createCommitOnBranch(
+  repoOwner, // Owner of the repository
+  repoName, // Name of the repository
+  branchName, // Name of the branch to commit to
+  changedFiles, // Array of paths of new or modified files
+  deletedFiles, // Array of paths of tracked deleted files
+  commitMessage, // Mandatory commit message
+  commitDescription = null // Optional commit description
+) {
+
+  const parentCommit = await getShaOfParentCommit(repoOwner, repoName, branchName);
+  if (!parentCommit) {
+    throw new Error("Could not get SHA of parent commit. Does the branch exist? Aborting.");
+  }
+
+  const graphqlRequest = {
+    query: `mutation ($input: CreateCommitOnBranchInput!) { createCommitOnBranch(input: $input) { commit { url } } }`,
+    variables: {
+      input: {
+        branch: {
+          repositoryNameWithOwner: repoOwner + "/" + repoName,
+          branchName: branchName,
+        },
+        message: {
+          headline: commitMessage,
+        },
+        fileChanges: {},
+        expectedHeadOid: parentCommit,
+      },
+    },
+  };
+
+  ({ changedFiles, deletedFiles } = extractChangedOrDeletedFiles(changedFiles, deletedFiles));
+  console.log("Changed files:", JSON.stringify(changedFiles, null, 2));
+  console.log("Deleted files:", JSON.stringify(deletedFiles, null, 2));
+
+  if (!commitMessage) { throw new Error("No commit message provided. Aborting."); }
+
+  if (commitDescription) {
+    graphqlRequest.variables.input.message.body = commitDescription;
+  }
+
+  const changedFilesGraphqlArray = changedFiles.map((file_path) => {
+    const contents = fs.readFileSync(file_path, { encoding: "base64" });
+    return { path: file_path, contents: contents };
+  });
+  if (changedFilesGraphqlArray && changedFilesGraphqlArray.length > 0) {
+    graphqlRequest.variables.input.fileChanges.additions = changedFilesGraphqlArray;
+  }
+
+  const deletedFilesGraphqlArray = deletedFiles.map((file_path) => {
+    return { path: file_path };
+  });
+  if (deletedFilesGraphqlArray && deletedFilesGraphqlArray.length > 0) {
+    graphqlRequest.variables.input.fileChanges.deletions = deletedFilesGraphqlArray;
+  }
+
+  try {
+    const response = await client
+      .mutation(graphqlRequest.query, graphqlRequest.variables)
+      .toPromise();
+    return response;
+  } catch (error) {
+    console.error(`Error while performing commit action via GraphQL API: ${error.message}`);
+    throw error;
+  }
+}
+
+module.exports = createCommitOnBranch;
+
+yargs
+  .command(
+    "commit",
+    "Create a commit on a branch",
+    (yargs) => {
+      yargs
+        .option("owner", {
+          describe: "Owner of the repository",
+          demandOption: true,
+          type: "string",
+        })
+        .option("repo", {
+          describe: "Name of the repository",
+          demandOption: true,
+          type: "string",
+        })
+        .option("branch", {
+          describe: "Name of the branch to commit to",
+          demandOption: true,
+          type: "string",
+        })
+        .option("changed", {
+          describe: "Paths of new or modified files",
+          alias: "added",
+          type: "array",
+        })
+        .option("deleted", {
+          describe: "Paths of tracked deleted files",
+          type: "array",
+        })
+        .option("commitMessage", {
+          describe: "Mandatory commit message",
+          demandOption: true,
+          type: "string",
+        })
+        .option("commitDescription", {
+          describe: "Optional commit description",
+          type: "string",
+        })
+        .check((argv) => {
+          if (!argv.changed && !argv.deleted) {
+            throw new Error("Missing required argument: either specify changed or deleted files.");
+          }
+          extractChangedOrDeletedFiles(argv.changed, argv.deleted);
+          return true;
+        })
+        ;
+    },
+    (argv) => {
+      const {
+        owner,
+        repo,
+        branch,
+        changed,
+        deleted,
+        commitMessage,
+        commitDescription,
+      } = argv;
+
+      createCommitOnBranch(
+        owner,
+        repo,
+        branch,
+        changed,
+        deleted,
+        commitMessage,
+        commitDescription
+      )
+        .then((response) => {
+          console.log(JSON.stringify(response, null, 2));
+        })
+        .catch((error) => {
+          console.error("Failed to create commit:", error.message);
+        });
+    }
+  )
+  .command(
+    "branch",
+    "Check if a branch exists",
+    (yargs) => {
+      yargs
+        .option("owner", {
+          describe: "Owner of the repository",
+          demandOption: true,
+          type: "string",
+        })
+        .option("repo", {
+          describe: "Name of the repository",
+          demandOption: true,
+          type: "string",
+        })
+        .option("branch", {
+          describe: "Name of the branch to check for existence",
+          demandOption: true,
+          type: "string",
+        });
+    },
+    (argv) => {
+      const { owner, repo, branch } = argv;
+      checkIfBranchExists(owner, repo, branch)
+        .then((response) => {
+          const n = response ? "a" : "no";
+          //console.log(JSON.stringify(response, null, 2));
+          console.log(
+            `Repository ${owner}/${repo} has ${n} branch named '${branch}'`
+          );
+        })
+        .catch((error) => {
+          console.error("Failed to check if branch exists:", error.message);
+        });
+    }
+  )
+  .demandCommand()
+  .version(CURRENT_VERSION)
+  .help().argv;