Merge pull request #79 from trinitronx/add-no-auth-option

Add no_auth option (Fixes #67)

.github/workflows/workflow.yml

@@ -39,6 +39,26 @@ jobs:
       - name: Verify log-in
         run: doctl compute region list
 
+  test_no_auth:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    steps:
+      - uses: actions/checkout@master
+
+      - name: Install doctl
+        uses: ./
+        with:
+          no_auth: true
+
+      - name: Verify installation
+        run: doctl version
+
+      - name: Verify not authenticated
+        run: |
+          doctl compute region list 2>&1 | grep -qi "Unable to initialize DigitalOcean API client: access token is required"
+
   test_custom_version_linux_and_mac:
     runs-on: ${{ matrix.os }}
     strategy:

README.md

@@ -26,6 +26,9 @@ See [this repository](https://github.com/do-community/example-doctl-action) for
 
 - `token` – (**Required**) A DigitalOcean personal access token ([more info](https://docs.digitalocean.com/reference/api/create-personal-access-token/)).
 - `version` – (Optional) The version of `doctl` to install. If excluded, the latest release will be used.
+- `no_auth` – (Optional) Set to `true` to skip the authentication step. The API `token` parameter is _Optional_ in this case.
+  - _Note:_ This can be useful when running in workflows in untrusted environments, or where auth isn't necessary (e.g. `doctl app spec validate --schema-only`)
+  - This depends on `doctl >= v1.101.0` (digitalocean/doctl#1450)
 
 ## Contributing
 

action.yml

@@ -8,9 +8,12 @@ inputs:
   version:
     description: 'Version of doctl to install'
     default: 'latest'
+  no_auth:
+    description: 'Skip authentication'
+    default: 'false'
   token:
     description: 'DigitalOcean API Token'
-    required: true
+    default: ''
 runs:
   using: 'node16'
   main: 'dist/index.js'

dist/index.js

@@ -17538,6 +17538,14 @@ Failed to retrieve latest version; falling back to: ${fallbackVersion}`);
     core.addPath(path);
     core.info(`>>> doctl version v${version} installed to ${path}`);
 
+    // Skip authentication if requested
+    // for workflows where auth isn't necessary (e.g. doctl app spec validate --schema-only)
+    var no_auth = core.getInput('no_auth');
+    if (no_auth.toLowerCase() === 'true') {
+      core.info('>>> Skipping doctl auth');
+      return;
+    }
+
     var token = core.getInput('token', { required: true });
     core.setSecret(token);
     await exec.exec('doctl auth init -t', [token]);

main.js

@@ -81,6 +81,14 @@ Failed to retrieve latest version; falling back to: ${fallbackVersion}`);
     core.addPath(path);
     core.info(`>>> doctl version v${version} installed to ${path}`);
 
+    // Skip authentication if requested
+    // for workflows where auth isn't necessary (e.g. doctl app spec validate --schema-only)
+    var no_auth = core.getInput('no_auth');
+    if (no_auth.toLowerCase() === 'true') {
+      core.info('>>> Skipping doctl auth');
+      return;
+    }
+
     var token = core.getInput('token', { required: true });
     core.setSecret(token);
     await exec.exec('doctl auth init -t', [token]);