adding getToken Command (#1)

Basic functionality

Author: gagoar

.github/workflows/release.yml

@@ -1,3 +1,5 @@
+name: Release
+
 on:
   push:
     # Sequence of patterns matched against refs/tags
@@ -19,3 +21,49 @@ jobs:
       - run: npm publish
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - run: npm run build-binaries
+      - name: Zip binaries
+        run: |
+          zip zip --junk-paths linux index-linux 
+          zip zip --junk-paths macosx index-macos
+          zip zip --junk-paths win index-win.exe
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          draft: false
+          prerelease: false
+      - name: Upload Release Asset - WIN
+        id: upload-release-asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
+          asset_path: ./win.zip
+          asset_name: win.zip
+          asset_content_type: application/zip
+      - name: Upload Release Asset - MACOSX
+        id: upload-release-asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
+          asset_path: ./macosx.zip
+          asset_name: macosx.zip
+          asset_content_type: application/zip
+      - name: Upload Release Asset - linux
+        id: upload-release-asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
+          asset_path: ./linux.zip
+          asset_name: linux.zip
+          asset_content_type: application/zip

.gitignore

@@ -6,3 +6,5 @@ coverage/
 cli/
 # ignore dist/ output
 dist/
+# ignoring binaries
+index-*

README.md

@@ -1,33 +1,100 @@
 <p align="center">
-  <h3 align="center">Template for typescript applications</h3>
+    <a href="https://codecov.io/gh/gagoar/github-app-installation-token">
+      <img src="https://codecov.io/gh/gagoar/github-app-installation-token/branch/main/graph/badge.svg?token=E9CdygqJc4"/>
+    </a>
+    <a href="https://github.com/gagoar/github-app-installation-token/blob/main/LICENSE">
+      <img src="https://img.shields.io/npm/l/github-app-installation-token.svg?style=flat-square" alt="MIT license" />
+    </a>
+  <h3 align="center">Github App Installation Token</h3>
 
   <p align="center">
-     ⚙ Template repository for typescript applications meant to run in node ⚙
+      npm/script and binary 📦 to get generate a token from a GitHub App. 
     <br />
-    <a href="https://github.com/gagoar/ts-node-template#table-of-contents"><strong>Explore the docs »</strong></a>
+    <a href="https://github.com/gagoar/github-app-installation-token#table-of-contents"><strong>Explore the docs »</strong></a>
     <br />
-    <a href="https://github.com/gagoar/ts-node-template/issues">Report Bug</a>
+    <a href="https://github.com/gagoar/github-app-installation-token/issues">Report Bug</a>
     ·
-    <a href="https://github.com/gagoar/ts-node-template/issues">Request Feature</a>
+    <a href="https://github.com/gagoar/github-app-installation-token/issues">Request Feature</a>
   </p>
 </p>
 
 ## Table of Contents
 
 - [Built With](#built-with)
-- [Getting Started](#getting-started)
+- [Installation and use](#installation-and-use)
+
+  - [NPX](#npx)
+  - [NPM](#npm-global)
+  - [YARN](#yarn-global)
+  - [GitHub Workflow](#github-Workflow)
+  - [Binary](#binary)
+  - [Programmatically](#programmatically)
+
 - [Contributing](#contributing)
 - [License](#license)
 
-<!-- CONTRIBUTING -->
+### Getting Started
+
+GitHub Apps are the most powerful entity in the GitHub universe today. These Apps allow you to change a PR, add checks to a commit, trigger workflows and even (with the right permissions) commit code! But The tricky thing is, You need to generate a token every time you you want to use them.
+
+This npm package / command line tool / binary will do just that!
+
+## Installation and Use
+
+You can install and use this package in different ways:
+
+### NPX
+
+```bash
+  npx github-app-installation-token --appID <APP_ID> --installationId <INSTALLATION_ID> --privateKeyLocation <path/to/the/private.key>
+```
+
+### NPM (global)
+
+```bash
+  npm -g install github-app-installation-token
+
+  npm run github-app-installation-token --appID <APP_ID> --installationId <INSTALLATION_ID> --privateKeyLocation <path/to/the/private.key>
+```
+
+### YARN (global)
+
+```bash
+  yarn global install github-app-installation-token
+
+  yarn github-app-installation-token --appID <APP_ID> --installationId <INSTALLATION_ID> --privateKeyLocation <path/to/the/private.key>
+```
+
+### Programmatically
+
+```typescript
+const { getToken } = 'github-app-installation-token';
+
+const { token } = await getToken({
+  appId: '1234',
+  installationId: '112345555', // https://developer.github.com/v3/apps/#list-installations-for-the-authenticated-app
+  privateKey: '-----BEGIN RSA PRIVATE KEY----- ......-----END RSA PRIVATE KEY-----', // the private key you took from  the app. https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#generating-a-private-key
+});
+```
+
+#### Binary
+
+If you don't want any dependencies, you can use the binary directly.
+
+_commit soon_
+
+### Github Workflow
+
+If you are looking for a solution for your GitHub workflows, take a look at [github-app-installation-token-action](https://github.com/jnwng/github-app-installation-token-action)
 
-### Built With
+## Built With
 
 - [ncc](https://github.com/vercel/ncc/)
 - [jest](https://github.com/facebook/jest)
 - [ora](https://github.com/sindresorhus/ora)
 - [commander](https://github.com/tj/commander.js/)
-- [cosmiconfig](https://github.com/davidtheclark/cosmiconfig)
+- [octokit/rest](https://github.com/octokit/rest.js/)
+- [octokit/auth-app](https://github.com/octokit/auth-app.js/)
 
 ## Contributing
 

__mocks__/ora.ts

@@ -0,0 +1,10 @@
+export const stopAndPersist = jest.fn();
+export const fail = jest.fn();
+
+const ora = {
+  start: jest.fn(() => ({
+    stopAndPersist,
+    fail,
+  })),
+};
+export default (): typeof ora => ora;

__mocks__/private.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA1c7+9z5Pad7OejecsQ0bu3aozN3tihPmljnnudb9G3HECdnH
+lWu2/a1gB9JW5TBQ+AVpum9Okx7KfqkfBKL9mcHgSL0yWMdjMfNOqNtrQqKlN4kE
+p6RD++7sGbzbfZ9arwrlD/HSDAWGdGGJTSOBM6pHehyLmSC3DJoR/CTu0vTGTWXQ
+rO64Z8tyXQPtVPb/YXrcUhbBp8i72b9Xky0fD6PkEebOy0Ip58XVAn2UPNlNOSPS
+ye+Qjtius0Md4Nie4+X8kwVI2Qjk3dSm0sw/720KJkdVDmrayeljtKBx6AtNQsSX
+gzQbeMmiqFFkwrG1+zx6E7H7jqIQ9B6bvWKXGwIDAQABAoIBAD8kBBPL6PPhAqUB
+K1r1/gycfDkUCQRP4DbZHt+458JlFHm8QL6VstKzkrp8mYDRhffY0WJnYJL98tr4
+4tohsDbqFGwmw2mIaHjl24LuWXyyP4xpAGDpl9IcusjXBxLQLp2m4AKXbWpzb0OL
+Ulrfc1ZooPck2uz7xlMIZOtLlOPjLz2DuejVe24JcwwHzrQWKOfA11R/9e50DVse
+hnSH/w46Q763y4I0E3BIoUMsolEKzh2ydAAyzkgabGQBUuamZotNfvJoDXeCi1LD
+8yNCWyTlYpJZJDDXooBU5EAsCvhN1sSRoaXWrlMSDB7r/E+aQyKua4KONqvmoJuC
+21vSKeECgYEA7yW6wBkVoNhgXnk8XSZv3W+Q0xtdVpidJeNGBWnczlZrummt4xw3
+xs6zV+rGUDy59yDkKwBKjMMa42Mni7T9Fx8+EKUuhVK3PVQyajoyQqFwT1GORJNz
+c/eYQ6VYOCSC8OyZmsBM2p+0D4FF2/abwSPMmy0NgyFLCUFVc3OECpkCgYEA5OAm
+I3wt5s+clg18qS7BKR2DuOFWrzNVcHYXhjx8vOSWV033Oy3yvdUBAhu9A1LUqpwy
+Ma+unIgxmvmUMQEdyHQMcgBsVs10dR/g2xGjMLcwj6kn+xr3JVIZnbRT50YuPhf+
+ns1ScdhP6upo9I0/sRsIuN96Gb65JJx94gQ4k9MCgYBO5V6gA2aMQvZAFLUicgzT
+u/vGea+oYv7tQfaW0J8E/6PYwwaX93Y7Q3QNXCoCzJX5fsNnoFf36mIThGHGiHY6
+y5bZPPWFDI3hUMa1Hu/35XS85kYOP6sGJjf4kTLyirEcNKJUWH7CXY+00cwvTkOC
+S4Iz64Aas8AilIhRZ1m3eQKBgQCUW1s9azQRxgeZGFrzC3R340LL530aCeta/6FW
+CQVOJ9nv84DLYohTVqvVowdNDTb+9Epw/JDxtDJ7Y0YU0cVtdxPOHcocJgdUGHrX
+ZcJjRIt8w8g/s4X6MhKasBYm9s3owALzCuJjGzUKcDHiO2DKu1xXAb0SzRcTzUCn
+7daCswKBgQDOYPZ2JGmhibqKjjLFm0qzpcQ6RPvPK1/7g0NInmjPMebP0K6eSPx0
+9/49J6WTD++EajN7FhktUSYxukdWaCocAQJTDNYP0K88G4rtC2IYy5JFn9SWz5oh
+x//0u+zd/R/QRUzLOw4N72/Hu+UG6MNt5iDZFCtapRaKt6OvSBwy8w==
+-----END RSA PRIVATE KEY-----

__tests__/getToken.spec.ts

@@ -0,0 +1,129 @@
+import { mockProcessExit } from 'jest-mock-process';
+import { readFileSync } from 'fs';
+import { stopAndPersist, fail } from '../__mocks__/ora';
+import nock from 'nock';
+
+import { getToken, getTokenCommand } from '../';
+const GITHUB_URL = 'https://api.github.com';
+
+describe('getToken', () => {
+  beforeEach(() => {
+    stopAndPersist.mockReset();
+    fail.mockReset();
+  });
+
+  const APP_ID = 1;
+  const KEY_LOCATION = '__mocks__/private.key';
+
+  const PRIVATE_KEY = readFileSync(KEY_LOCATION).toString();
+
+  const getAccessTokensURL = (installationID: number) => `/app/installations/${installationID}/access_tokens`;
+  const installationID = 1234;
+  const response = {
+    token: `secret-installation-token-${installationID}`,
+    expires_at: '1970-01-01T01:00:00.000Z',
+    permissions: {
+      metadata: 'read',
+    },
+    repository_selection: 'all',
+  };
+  it('It tries to get the token, but it gets a malformed response from Github', async () => {
+    const { token, ...responseWithoutToken } = response;
+    const github = nock(GITHUB_URL).post(getAccessTokensURL(installationID)).reply(201, responseWithoutToken);
+
+    try {
+      await getToken({
+        appId: APP_ID,
+        installationId: installationID,
+        privateKey: PRIVATE_KEY,
+      });
+    } catch (e) {
+      expect(e).toMatchInlineSnapshot(
+        '[Error: Something went wrong on the token retrieval, we got instead: {"type":"token","tokenType":"installation","installationId":1234,"permissions":{"metadata":"read"},"expiresAt":"1970-01-01T01:00:00.000Z","repositorySelection":"all"}]'
+      );
+    }
+
+    expect(github.isDone()).toBe(true);
+  });
+  it('Retrieves the token', async () => {
+    const github = nock(GITHUB_URL).post(getAccessTokensURL(installationID)).reply(201, response);
+
+    const { token } = await getToken({
+      appId: APP_ID,
+      installationId: installationID,
+      privateKey: PRIVATE_KEY,
+    });
+
+    expect(token).toMatchInlineSnapshot('"secret-installation-token-1234"');
+    expect(github.isDone()).toBe(true);
+  });
+
+  it('fails when invoking the command', async () => {
+    const mockExit = mockProcessExit();
+    const github = nock(GITHUB_URL)
+      .post(getAccessTokensURL(installationID))
+      .replyWithError('failed with some server error');
+
+    await getTokenCommand({
+      appId: APP_ID,
+      installationId: installationID,
+      privateKey: PRIVATE_KEY,
+    });
+
+    expect(mockExit).toHaveBeenCalled();
+    expect(fail).toHaveBeenCalledTimes(1);
+    expect(github.isDone()).toBe(true);
+  });
+  it('invokes getToken via command', async () => {
+    const github = nock(GITHUB_URL).post(getAccessTokensURL(installationID)).reply(201, response);
+
+    const mockExit = mockProcessExit();
+    await getTokenCommand({
+      appId: APP_ID,
+      installationId: installationID,
+      privateKey: PRIVATE_KEY,
+    });
+
+    expect(mockExit).not.toHaveBeenCalled();
+    expect(stopAndPersist).toHaveBeenCalledTimes(1);
+    expect(github.isDone()).toBe(true);
+  });
+
+  it('invokes getToken via command providing a private.key location', async () => {
+    const github = nock(GITHUB_URL).post(getAccessTokensURL(installationID)).reply(201, response);
+
+    const mockExit = mockProcessExit();
+    await getTokenCommand({
+      appId: APP_ID,
+      installationId: installationID,
+      privateKeyLocation: KEY_LOCATION,
+    });
+
+    expect(mockExit).not.toHaveBeenCalled();
+    expect(stopAndPersist).toHaveBeenCalledTimes(1);
+    expect(stopAndPersist.mock.calls).toMatchInlineSnapshot(`
+      Array [
+        Array [
+          Object {
+            "symbol": "💫",
+            "text": "The token is: secret-installation-token-1234",
+          },
+        ],
+      ]
+    `);
+    expect(github.isDone()).toBe(true);
+  });
+
+  it('invokes getToken via command not providing a private.key or private.keyLocation', async () => {
+    const mockExit = mockProcessExit();
+    await getTokenCommand({
+      appId: APP_ID,
+      installationId: installationID,
+    });
+
+    expect(mockExit).toHaveBeenCalled();
+    expect(fail.mock.calls[0][0]).toMatchInlineSnapshot(
+      '"Input is not valid, either privateKey or privateKeyLocation should be provided"'
+    );
+  });
+});