Authenticate to the GitHub API in workflows (#425)

This commit is contained in:
Naïm Favier 2022-02-05 15:24:16 +01:00 committed by GitHub
parent bb82e171f8
commit b4163eb8b2
Failed to generate hash of commit
2 changed files with 23 additions and 11 deletions

View file

@ -50,6 +50,8 @@ jobs:
nix -vL build .#flake-info nix -vL build .#flake-info
- name: Import ${{ matrix.channel }} channel - name: Import ${{ matrix.channel }} channel
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: | run: |
./result/bin/flake-info --push --elastic-schema-version=$(< VERSION) nixpkgs ${{ matrix.channel }} ./result/bin/flake-info --push --elastic-schema-version=$(< VERSION) nixpkgs ${{ matrix.channel }}
if: github.repository_owner == 'NixOS' if: github.repository_owner == 'NixOS'

View file

@ -99,16 +99,25 @@ impl Source {
sha: String, sha: String,
} }
let git_ref = reqwest::Client::builder() let request = reqwest::Client::builder()
.user_agent("curl") // thank you github .user_agent("nixos-search")
.build()? .build()?
.get(format!( .get(format!(
"https://api.github.com/repos/nixos/nixpkgs/branches/nixos-{}", "https://api.github.com/repos/nixos/nixpkgs/branches/nixos-{}",
channel channel
)) ));
.send()
.await? let request = match std::env::var("GITHUB_TOKEN") {
.json::<ApiResult>() Ok(token) => request.bearer_auth(token),
_ => request,
};
let response = request.send().await?;
if !response.status().is_success() {
Err(anyhow::anyhow!("GitHub returned {:?} {}", response.status(), response.text().await?))
} else {
let git_ref = response.json::<ApiResult>()
.await? .await?
.commit .commit
.sha; .sha;
@ -117,6 +126,7 @@ impl Source {
Ok(nixpkgs) Ok(nixpkgs)
} }
}
} }
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]