open an issue instead

Signed-off-by: Jason Hall <jason@chainguard.dev>
octo-sts · Jan 28, 2024 · 4a85125 · 4a85125
1 parent 2971e50
commit 4a85125
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 20 deletions.
diff --git a/.github/chainguard/use-action.sts.yaml b/.github/chainguard/use-action.sts.yaml
@@ -4,6 +4,4 @@ claim_pattern:
   job_workflow_ref: chainguard-dev/octo-sts-js/.github/workflows/use-action.yaml@refs/heads/main
 
 permissions:
-  pull_requests: write
-  contents: write
-  workflows: write
+  issues: write
diff --git a/.github/workflows/use-action.yaml b/.github/workflows/use-action.yaml
@@ -19,12 +19,6 @@ jobs:
           scope: chainguard-dev/octo-sts-js
           identity: use-action
 
-      - uses: actions/checkout@v2
-      - run: date +%s > date.txt
-      - uses: peter-evans/create-pull-request@v5
-        with:
-          token: ${{ steps.octo-sts.outputs.token }}
-          commit-message: Use Action
-          title: Use Action
-          body: |
-            This PR was created using an Octo STS token
+      - env:
+          GITHUB_TOKEN: ${{ steps.octo-sts.outputs.token }}
+        run: gh issue create --title "Use Action" --body "This issue was created using an Octo STS token"
diff --git a/index.js b/index.js
@@ -16,16 +16,10 @@ if (!scope || !identity) {
 
 fetch(`${actionsUrl}&audience=octo-sts.dev`, { headers: { 'Authorization': `Bearer ${actionsToken}` } })
     .then(res => {
-        console.log('Fetching workflow OIDC...');
-        console.log(res.status);
         res.json()
             .then(json => {
-                console.log('Got JSON', json);
-                const ghtok = json.value;
-                console.log('Fetching from octo-sts.dev...');
-                fetch(`https://octo-sts.dev/sts/exchange?scope=${scope}&identity=${identity}`, { headers: { 'Authorization': `Bearer ${ghtok}` } })
+                fetch(`https://octo-sts.dev/sts/exchange?scope=${scope}&identity=${identity}`, { headers: { 'Authorization': `Bearer ${json.value}` } })
                     .then(res => res.json()
-                        .catch(err => { console.log(`::error::${err.stack}`); process.exit(1); })
                         .then(json => {
                             if (!json.token) { console.log(`::error::${json.message}`); process.exit(1); }
                             const tok = json.token;
@@ -35,7 +29,6 @@ fetch(`${actionsUrl}&audience=octo-sts.dev`, { headers: { 'Authorization': `Bear
                             fs.appendFile(process.env.GITHUB_STATE, `token=${tok}`, function (err) { if (err) throw err; }); // Write the state, so the post job can delete the token.
                         })
                     )
-                    .catch(err => { console.log(`::error::${err.stack}`); process.exit(1); });
             })
     })
     .catch(err => { console.log(`::error::${err.stack}`); process.exit(1); });