From 22e5c895940e593919cde2140ccbf1ec8bcd5d44 Mon Sep 17 00:00:00 2001 From: Koen Rouwhorst Date: Fri, 3 Jan 2020 12:10:49 +0100 Subject: [PATCH] Add support for Cloudflare API token --- action.yml | 3 +++ entrypoint.sh | 16 +++++++++++++++- test/entrypoint.bats | 11 +++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index f36854d..43eba22 100644 --- a/action.yml +++ b/action.yml @@ -6,6 +6,9 @@ branding: icon: cloud color: yellow inputs: + cloudflareApiToken: + description: Cloudflare API token + required: false cloudflareApiUser: description: Cloudflare API user required: false diff --git a/entrypoint.sh b/entrypoint.sh index bacaebb..bce440b 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -10,6 +10,7 @@ add_key () { cat <<< "$(jq "$1 = \"$2\"" < creds.json)" > creds.json } +CLOUDFLARE_API_TOKEN="${INPUT_CLOUDFLAREAPITOKEN:-$CLOUDFLARE_API_TOKEN}" CLOUDFLARE_API_USER="${INPUT_CLOUDFLAREAPIUSER:-$CLOUDFLARE_API_USER}" CLOUDFLARE_API_KEY="${INPUT_CLOUDFLAREAPIKEY:-$CLOUDFLARE_API_KEY}" CLOUDFLARE_ACCOUNT_ID="${INPUT_CLOUDFLAREACCOUNTID:-$CLOUDFLARE_ACCOUNT_ID}" @@ -53,12 +54,25 @@ SOFTLAYER_API_KEY="${INPUT_SOFTLAYERAPIKEY:-$SOFTLAYER_API_KEY}" VULTR_TOKEN="${INPUT_VULTRTOKEN:-$VULTR_TOKEN}" -if [[ -n "$CLOUDFLARE_API_USER" && -n "$CLOUDFLARE_API_KEY" ]] +if [[ -n "$CLOUDFLARE_API_TOKEN" ]] then + add_key ".cloudflare.apitoken" "\$CLOUDFLARE_API_TOKEN" + # NOTE: https://stackexchange.github.io/dnscontrol/providers/cloudflare + if [[ -n "$CLOUDFLARE_ACCOUNT_ID" && -n "$CLOUDFLARE_ACCOUNT_NAME" ]] + then + add_key ".cloudflare.accountid" "\$CLOUDFLARE_ACCOUNT_ID" + add_key ".cloudflare.accountname" "\$CLOUDFLARE_ACCOUNT_NAME" + fi + +# NOTE: Using the Cloudflare global API key is discouraged as that gives full +# access to your Cloudflare account. +elif [[ -n "$CLOUDFLARE_API_USER" && -n "$CLOUDFLARE_API_KEY" ]] +then add_key ".cloudflare.apiuser" "\$CLOUDFLARE_API_USER" add_key ".cloudflare.apikey" "\$CLOUDFLARE_API_KEY" + # NOTE: https://stackexchange.github.io/dnscontrol/providers/cloudflare if [[ -n "$CLOUDFLARE_ACCOUNT_ID" && -n "$CLOUDFLARE_ACCOUNT_NAME" ]] then add_key ".cloudflare.accountid" "\$CLOUDFLARE_ACCOUNT_ID" diff --git a/test/entrypoint.bats b/test/entrypoint.bats index b2c4ced..c3368ec 100644 --- a/test/entrypoint.bats +++ b/test/entrypoint.bats @@ -42,6 +42,17 @@ function assert_key_not_exists { } # Cloudflare +@test "Cloudflare API token is set in credentials file" { + export CLOUDFLARE_API_TOKEN="foo-bar-baz" + + run "$WORKSPACE/entrypoint.sh" + + assert_key_equals ".cloudflare.apitoken" "\$CLOUDFLARE_API_TOKEN" + + assert_key_not_exists ".cloudflare.accountid" + assert_key_not_exists ".cloudflare.accountname" +} + @test "Cloudflare API user and key are set in credentials file" { export CLOUDFLARE_API_USER="info@example.com" export CLOUDFLARE_API_KEY="foo"