v1

.github/workflows/test.yml

@@ -0,0 +1,15 @@
+on: [push]
+
+jobs:
+  test_simple_workflow:
+    runs-on: ubuntu-latest
+    name: Testing the Action
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Copy Gem To Github Packages Action Step
+        uses: ./
+        env:
+          GITHUB_TOKEN:  ${{ secrets.GITHUB_TOKEN }}
+        with:
+          gem_name: 'httparty'

Dockerfile

@@ -0,0 +1,11 @@
+FROM alpine:3.11
+
+RUN apk update && apk upgrade && \
+    apk add --no-cache ruby-bundler
+
+COPY entrypoint.sh /entrypoint.sh
+COPY fetch.sh /fetch.sh
+COPY repack.sh /repack.sh
+COPY push.sh /push.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

README.md

@@ -0,0 +1,63 @@
+# Copy Gem to Github Packages Action
+
+![.github/workflows/test.yml](https://github.com/alessio-signorini/copy-gem-to-github-packages-action/workflows/.github/workflows/test.yml/badge.svg)
+
+This action copies a Gem from any repository (even if they required
+authentication) into the Github Packages repository of your organization.
+
+This can be useful to make availabe a private/protected gem
+(e.g., `sidekiq-pro` or `sidekiq-ent`) to the entire organization without
+having to include the credentials in the Gemfile, or to create and
+keep updated a private repository of known/verified gems.
+
+## Inputs
+  * `gem_name` - The name of the gem to copy [**required**]
+  * `gem_repository` - The URL of the repository (default `https://rubygems.org`)
+
+## Output
+The gem will be copied in the packages of the organization's repository
+where this action is ran.
+
+## ENVs
+Until Github sets the `GITHUB_TOKEN` automatically it is necessary to
+manually specify it in the configuration below as
+```yaml
+  env:
+     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+```
+
+## Single Step
+This is the minimum code necessary for a single `step` to copy the
+`httparty` gem from the standard RubyGems repository into Github packages
+associated to the current git repository in your organization.
+```yaml
+uses: alessio-signorini/copy-gem-to-github-packages@v1
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+with:
+  gem_name: 'httparty'
+```
+
+## Advanced usage
+This action will run every day at midnight and will copy the `sidekiq-ent`
+package from the private/protected repository into your organization.
+The basic auth credentials used to access the private repository are saved
+as secrets.
+```yaml
+on:
+  schedule:
+    - cron:  '0 0 * * *'    # Run every day at midnight
+
+jobs:
+  refresh:
+    runs-on: ubuntu-latest
+    name: Refresh Packages
+    steps:
+      - name: sidekiq-ent
+        uses: alessio-signorini/copy-gem-to-github-packages@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          gem_name: 'sidekiq-ent'
+          gem_repository: 'https://${{ secrets.SIDEKIQ_AUTH }}@enterprise.contribsys.com'
+```

action.yml

@@ -0,0 +1,16 @@
+name: 'Copy Gem to Github Packages'
+author: 'Alessio Signorini <[email protected]>'
+description: "Copy a Gem from any repository into your Organization's Github packages"
+branding:
+  icon: 'copy'
+inputs:
+  gem_name:
+    description: 'Name of the gem to copy'
+    required: true
+  gem_repository:
+    description: 'The repository containing the gem (include auth if needed)'
+    required: false
+    default: 'https://rubygems.org'
+runs:
+  using: 'docker'
+  image: 'Dockerfile'

entrypoint.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+set -eu
+
+/fetch.sh && /repack.sh && /push.sh

fetch.sh

@@ -0,0 +1 @@
+gem fetch $INPUT_GEM_NAME -s $INPUT_GEM_REPOSITORY && ls *.gem >/dev/null

push.sh

@@ -0,0 +1,13 @@
+mkdir -p ~/.gem
+echo ":github: Bearer $GITHUB_TOKEN" > ~/.gem/credentials
+chmod 0600 ~/.gem/credentials
+
+output=`gem push --k github --host "https://rubygems.pkg.github.com/$GITHUB_ACTOR" *.gem`
+
+if [ $? -eq 0 ] || [ `echo $output | grep -c 'already been pushed'` -eq 1 ]; then
+  echo $output
+  exit 0
+else
+  echo $output
+  exit 1
+fi

repack.sh

@@ -0,0 +1,24 @@
+TARGET=`ls -1 *.gem`
+
+tar xf $TARGET
+
+gzip -d -c metadata.gz  | \
+  grep -v  'github_repo' | \
+  sed "s!allowed_push_host.*!allowed_push_host: https://rubygems.pkg.github.com!"  | \
+  sed "s!metadata:.*!metadata:\n  github_repo: ssh://github.com/$GITHUB_REPOSITORY!" | \
+  gzip -c > metadata.gz.new
+mv -f metadata.gz.new metadata.gz
+
+text="---
+SHA256:
+  metadata.gz: $(sha256sum metadata.gz | cut -f 1 -d ' ')
+  data.tar.gz: $(sha256sum data.tar.gz | cut -f 1 -d ' ')
+SHA512:
+  metadata.gz: $(sha512sum metadata.gz | cut -f 1 -d ' ')
+  data.tar.gz: $(sha512sum data.tar.gz | cut -f 1 -d ' ')"
+
+echo "$text" | gzip -c > checksums.yaml.gz.new
+mv -f checksums.yaml.gz.new checksums.yaml.gz
+
+chmod 0444 metadata.gz data.tar.gz checksums.yaml.gz
+tar cf $TARGET metadata.gz data.tar.gz checksums.yaml.gz