feat(API): add secret deletion functionality for repository (#26808)

- Modify the `CreateOrUpdateSecret` function in `api.go` to include a
`Delete` operation for the secret
- Modify the `DeleteOrgSecret` function in `action.go` to include a
`DeleteSecret` operation for the organization
- Modify the `DeleteSecret` function in `action.go` to include a
`DeleteSecret` operation for the repository
- Modify the `v1_json.tmpl` template file to update the `operationId`
and `summary` for the `deleteSecret` operation in both the organization
and repository sections

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
This commit is contained in:
Bo-Yi Wu 2023-09-01 21:02:49 +08:00 committed by GitHub
parent f01bed2443
commit 9eb4a9e601
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 107 additions and 4 deletions

View File

@ -935,7 +935,8 @@ func Routes() *web.Route {
}, reqToken()) }, reqToken())
m.Group("/actions/secrets", func() { m.Group("/actions/secrets", func() {
m.Combo("/{secretname}"). m.Combo("/{secretname}").
Put(reqToken(), reqOwner(), bind(api.CreateOrUpdateSecretOption{}), repo.CreateOrUpdateSecret) Put(reqToken(), reqOwner(), bind(api.CreateOrUpdateSecretOption{}), repo.CreateOrUpdateSecret).
Delete(reqToken(), reqOwner(), repo.DeleteSecret)
}) })
m.Group("/hooks/git", func() { m.Group("/hooks/git", func() {
m.Combo("").Get(repo.ListGitHooks) m.Combo("").Get(repo.ListGitHooks)
@ -1306,7 +1307,7 @@ func Routes() *web.Route {
m.Get("", reqToken(), reqOrgOwnership(), org.ListActionsSecrets) m.Get("", reqToken(), reqOrgOwnership(), org.ListActionsSecrets)
m.Combo("/{secretname}"). m.Combo("/{secretname}").
Put(reqToken(), reqOrgOwnership(), bind(api.CreateOrUpdateSecretOption{}), org.CreateOrUpdateSecret). Put(reqToken(), reqOrgOwnership(), bind(api.CreateOrUpdateSecretOption{}), org.CreateOrUpdateSecret).
Delete(reqToken(), reqOrgOwnership(), org.DeleteOrgSecret) Delete(reqToken(), reqOrgOwnership(), org.DeleteSecret)
}) })
m.Group("/public_members", func() { m.Group("/public_members", func() {
m.Get("", org.ListPublicMembers) m.Get("", org.ListPublicMembers)

View File

@ -125,8 +125,8 @@ func CreateOrUpdateSecret(ctx *context.APIContext) {
ctx.Status(http.StatusNoContent) ctx.Status(http.StatusNoContent)
} }
// DeleteOrgSecret delete one secret of the organization // DeleteSecret delete one secret of the organization
func DeleteOrgSecret(ctx *context.APIContext) { func DeleteSecret(ctx *context.APIContext) {
// swagger:operation DELETE /orgs/{org}/actions/secrets/{secretname} organization deleteOrgSecret // swagger:operation DELETE /orgs/{org}/actions/secrets/{secretname} organization deleteOrgSecret
// --- // ---
// summary: Delete a secret in an organization // summary: Delete a secret in an organization
@ -151,6 +151,10 @@ func DeleteOrgSecret(ctx *context.APIContext) {
// "403": // "403":
// "$ref": "#/responses/forbidden" // "$ref": "#/responses/forbidden"
secretName := ctx.Params(":secretname") secretName := ctx.Params(":secretname")
if err := actions.NameRegexMatch(secretName); err != nil {
ctx.Error(http.StatusBadRequest, "DeleteSecret", err)
return
}
err := secret_model.DeleteSecret( err := secret_model.DeleteSecret(
ctx, ctx.Org.Organization.ID, 0, secretName, ctx, ctx.Org.Organization.ID, 0, secretName,
) )

View File

@ -73,3 +73,57 @@ func CreateOrUpdateSecret(ctx *context.APIContext) {
ctx.Status(http.StatusNoContent) ctx.Status(http.StatusNoContent)
} }
// DeleteSecret delete one secret of the repository
func DeleteSecret(ctx *context.APIContext) {
// swagger:operation DELETE /repos/{owner}/{repo}/actions/secrets/{secretname} repository deleteRepoSecret
// ---
// summary: Delete a secret in a repository
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repository
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repository
// type: string
// required: true
// - name: secretname
// in: path
// description: name of the secret
// type: string
// required: true
// responses:
// "204":
// description: delete one secret of the organization
// "403":
// "$ref": "#/responses/forbidden"
owner := ctx.Repo.Owner
repo := ctx.Repo.Repository
secretName := ctx.Params(":secretname")
if err := actions.NameRegexMatch(secretName); err != nil {
ctx.Error(http.StatusBadRequest, "DeleteSecret", err)
return
}
err := secret_model.DeleteSecret(
ctx, owner.ID, repo.ID, secretName,
)
if secret_model.IsErrSecretNotFound(err) {
ctx.NotFound(err)
return
}
if err != nil {
ctx.Error(http.StatusInternalServerError, "DeleteSecret", err)
return
}
ctx.Status(http.StatusNoContent)
}

View File

@ -3287,6 +3287,50 @@
"$ref": "#/responses/forbidden" "$ref": "#/responses/forbidden"
} }
} }
},
"delete": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"repository"
],
"summary": "Delete a secret in a repository",
"operationId": "deleteRepoSecret",
"parameters": [
{
"type": "string",
"description": "owner of the repository",
"name": "owner",
"in": "path",
"required": true
},
{
"type": "string",
"description": "name of the repository",
"name": "repo",
"in": "path",
"required": true
},
{
"type": "string",
"description": "name of the secret",
"name": "secretname",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "delete one secret of the organization"
},
"403": {
"$ref": "#/responses/forbidden"
}
}
} }
}, },
"/repos/{owner}/{repo}/activities/feeds": { "/repos/{owner}/{repo}/activities/feeds": {