File: create_repo_secret.rs

package info (click to toggle)
rust-octocrab 0.43.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 4,532 kB
  • sloc: makefile: 2
file content (37 lines) | stat: -rw-r--r-- 1,202 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
use base64::{engine::general_purpose::STANDARD as B64, Engine};
use crypto_box::{self, aead::OsRng, PublicKey};
use octocrab::{models::repos::secrets::CreateRepositorySecret, Octocrab};
use std::convert::TryInto;

#[tokio::main]
async fn main() -> octocrab::Result<()> {
    let token = std::env::var("GITHUB_TOKEN").expect("GITHUB_TOKEN env variable is required");

    let octocrab = Octocrab::builder().personal_token(token).build()?;
    let repo = octocrab.repos("owner", "repo");
    let secrets = repo.secrets();

    let public_key = secrets.get_public_key().await?;

    let crypto_pk = {
        let pk_bytes = B64.decode(public_key.key).unwrap();
        let pk_array: [u8; crypto_box::KEY_SIZE] = pk_bytes.try_into().unwrap();
        PublicKey::from(pk_array)
    };

    let encrypted_value = crypto_box::seal(&mut OsRng, &crypto_pk, b"Very secret value").unwrap();

    let result = secrets
        .create_or_update_secret(
            "TEST_SECRET_RS",
            &CreateRepositorySecret {
                encrypted_value: &B64.encode(encrypted_value),
                key_id: &public_key.key_id,
            },
        )
        .await?;

    println!("{:?}", result);

    Ok(())
}