-
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathrun.js
91 lines (78 loc) · 2.17 KB
/
run.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
const axios = require('axios').default
const core = require('@actions/core')
ALLOWED_PROTOCOLS = ['tcp', 'udp']
const accessToken = core.getInput('access-token', { required: true })
const firewallId = core.getInput('firewall-id', { required: true })
const dryRun = core.getBooleanInput('dry-run')
/**
* Parse ports from string. This also add protocol if not specified.
* @param { string } ports Ports as string, separated by comma.
* @returns { string[] } Ports with protocol
*/
function parsePorts(ports) {
return ports.split(',').map((port) => {
if (!port.includes('/')) {
return `${port}/tcp`
}
return port
})
}
/**
* Get current IP
* @returns {string} Current IP
*/
async function getIP() {
const response = await axios.get('https://api.ipify.org')
return response.data
}
/**
*
* @param { 'add' | 'remove' } method Action to do with firewall rules
* @param { { protocol: string, ports: string, sources: { addresses: string[] } } } rules Inbound rules to add/delete
* @returns
*/
async function updateFirewallRules(method, rules) {
const httpMethod = method === 'add' ? 'post' : 'delete'
const data = {
inbound_rules: rules,
}
core.info(`Rules to ${method}:`)
const rulesString = JSON.stringify(rules, null, 2)
core.info(rulesString)
if (!dryRun) {
await axios({
method: httpMethod,
url: `https://api.digitalocean.com/v2/firewalls/${firewallId}/rules`,
headers: {
Authorization: `Bearer ${accessToken}`,
},
data,
responseType: 'json',
})
core.info('Sent')
} else {
core.info('Done (dry run)')
}
}
/**
* Run an action
* @param { 'add' | 'remove' } method Action to do with firewall rules
*/
module.exports = async function (method) {
try {
const ports = parsePorts(core.getInput('ports'))
const ip = await getIP()
core.info(`Current IP: ${ip}`)
core.setOutput('runner-ip', ip)
const inboundRules = ports.map((port) => ({
protocol: port.split('/')[1],
ports: port.split('/')[0],
sources: {
addresses: [ip],
},
}))
await updateFirewallRules(method, inboundRules)
} catch (error) {
core.setFailed(error.message)
}
}