I am developing a reusable workflow using Javascript actions by following this tutorial. My action.yml looks like this.
name: "Test"
description: "Reusable workflow"
inputs:
input-one:
required: false
type: string
runs:
using: 'node16'
main: 'dist/index.js'
But my question is how to access the secrets in dist/index.js?. Please note that I don't want the user to supply the secret as input, I would like to store the secret in my reusable workflow repository and use it whenever it's needed.
I tried to change the action.yml with env(So that I can use node process.env API to get the secret) but it's failing with an error saying that Unexpected value 'env'.
name: "Test"
description: "Reusable workflow"
inputs:
input-one:
required: false
type: string
runs:
using: 'node16'
main: 'dist/index.js'
env:
DUMMY_VAL: ${{ secrets.MY_REPOSITORY_SECRET }}
I don't think that's possible. That would be somewhat a security vulnerability.
Examples clearly show that secrets have to be explicitly passed https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-inputs-and-secrets-in-a-reusable-workflow
You can experiment with default value for it but looks like it's not supported for workflows.
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callsecrets
It would look like this (probably won't work):
on:
workflow_call:
secrets:
access-token:
description: 'Your secret'
required: false
default: ${{ secrets.your-secret }}
If it doesn't work you can try suggesting it as a feature here: https://github.com/orgs/community/discussions/categories/actions-and-packages
On GitHub.com, navigate to the main page of the repository. Under your repository name, click Settings. In the "Security" section of the sidebar, select Secrets, then click Actions. Click New repository secret.
Credit: Google
Related
I have been trying to use Firebase custom claims and successfully able to create user-based roles like, manager, editor, admin. This is how my custom claim is saved in my Firebase Emulator Suite.
For user custom clams are set like this {"role": "manager"}, but whenever I tried to login and get the custom claim of the user it doesn't work.
Just an FYI I tried to set custom claims like this too {"manager": true} but hasCustomClaim("manager") always works if I use this in if and else condition even if I set {"manager": false} also if i try to login using admin privileges but still manager level works properly
const adminOnly = () => hasCustomClaim("admin");
const editorOnly = () => hasCustomClaim("editor");
const managerOnly = () => hasCustomClaim("manager" );
const editorOnly2d = pipe(customClaims, map(claims => claims.role == "editor"));
const mngOnly2 = pipe(customClaims, map(claims => claims.role == "manager"));
How shall I get current logged in user custom claims so that I can set routes based on user role?
This is what I get after login authUser.getIdTokenResult(true)
aud: "testing"
auth_time: 1629796111
email: "test12#gmail.com"
email_verified:false
exp: 1629799711
firebase: {identities: {…}, sign_in_provider: "password"}
iat: 1629796111
iss: "https://securetoken.google.com/testing"
role: "manager"
name: "Testing"
sub: "ZUlXd59HMhFI5gyozxW1xw0IXtPi"
user_id: "ZUlXd59HMhFI5gyozxW1xw0IXtPi"
I tried to search the issue, but all of them suggest the same thing that I used above.
The {"role": "manager"} will not work, because hasCustomClaim("admin") (as far as I can see) only checks for the existence of a claim named admin.
That also explains why it works when you use "manager": false, hasCustomClaim merely checks for the presence of the claim regardless of its value. Non-admins should not have an admin claim.
So if you want to use the existing AngularFire pipes, you'll need claims that identify whether the user is an admin, editor, and/or manager.
If you want to use your own role-based access control, that is possible too, but you'll have to implement your own auth pipe filters. For those, you'll want to start by logging the claims, so you can see what you're map call is working against.
I'm working off of this documentation of FlutterFire
I'm trying to implement phone sign-in on web. The guide seems to recommend that RecaptchaVerifier is an optional argument:
FirebaseAuth auth = FirebaseAuth.instance
// Wait for the user to complete the reCAPTCHA & for a SMS code to be sent.
ConfirmationResult confirmationResult = await auth.signInWithPhoneNumber('+44 7123 123 456');
However, when I try to use the method I am forced to supply an argument for RecaptchaVerifier:
I have verified I'm using the correct version of the library -- firebase_auth: "^0.18.0+1".
So, in order to correctly display the Recaptcha verifier, how do I create an element on the DOM with the ID specified?
I found the following relevant code in their Github which shows how the element is accessed, however specific understanding of the source code eludes me.
What to do?
Yes so I have been through this exact same issue. the problem here is that the documentation is not sync with PR : The PR that changes the doc has been merged but the plugin firebase_auth you're using hasn't been changed yet so you still have the old plugin , and the new doc..
So the solution is :
You have to take a precise commit of the plugin like this below dependencies in your pubspec :
firebase_auth:
git:
url: https://github.com/FirebaseExtended/flutterfire
path: packages/firebase_auth/firebase_auth
ref: 4a05ceba74c805bc5528137d40c75865cd21d687
And also below dependencies_override, like this (add it if not there, below the dev_dependencies section) :
dependency_overrides:
firebase_auth_web:
git:
url: https://github.com/FirebaseExtended/flutterfire
path: packages/firebase_auth/firebase_auth_web
ref: 4a05ceba74c805bc5528137d40c75865cd21d687
firebase_auth_platform_interface:
git:
url: https://github.com/FirebaseExtended/flutterfire
path: packages/firebase_auth/firebase_auth_platform_interface
ref: 4a05ceba74c805bc5528137d40c75865cd21d687
Btw the reason you need override on dependencies is because the firebase_auth plugin, with the precise commit still uses old versions of the flutter web plugin
I am using React-GA, and it works as expected, but I have a requirement to put user email in event tracking:
I see this in the example:
ReactGA.event({
category: 'Editing',
action: 'Deleted Component',
label: 'Game Widget'
});
I have a email of each user as a string. Where do I better put it in the request?
yes i am with #davids answer but i want to give more proper answer.
first you need to import react-ga module
import ReactGA from 'react-ga';
and than whenever you initialize google analytics you can set userId there
ReactGA.initialize('UA-000000-01', {
gaOptions: {
userId: xxx-xxx-xxx-xxx
}
});
Or if you want to set userId after user logs into your system, than you can do the following way
1. initialize google analytics without userId
ReactGA.initialize('UA-000000-01');
2. and just after login you can set userId
ReactGA.set({ userId: 123 });
ref: https://github.com/react-ga/react-ga#reactgasetfieldsobject
You should not use an email address as that is personally identifiable information and as such to track it in GA is against Google's terms and conditions.
User ID ("userId") should be setup in the "initialize" or "set" GA command, not in an event. User ID is scoped to the user, so it shouldn't ever change for a user. Also, you'll have convert email to an anonymous (non-PII) id before it's used as userId
ReactGA.initialize('UA-000000-01', {
debug: true,
titleCase: false,
gaOptions: {
userId: 123
}
});
User ID doc: https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference#userId
My current Problem is: i need to be able to perform the following call:
https://{Net-IP}:{Net-Port}/rest/devices/{deviceName}.{deviceID}
First of all defining a host variable such as:
host: {Net-IP}:{Net-Port} is not possible.
Second, if i then try to implement the Path-Parameter in the paths such as:
/devices/{deviceName}.{deviceID}/measurePoints:
get:
summary: Method returns list of measure points
parameters:
- name: deviceName
in: path
type: string
required: true
description: device Name
- name: deviceID
in: path
type: string
required: true
description: device ID
then it says Path templating is not allowed.
I need this type of calls to be translated for Postman, i appreciate your help!
Why don't you make use of environmental variables/constants etc.
I use this plugin: http://ngcordova.com/docs/plugins/emailComposer/
This is my angular code:
$scope.report = function(){
var CEO_EMAIL_ADDRESS = 'support#example.com';
$cordovaEmailComposer.isAvailable().then(function() {
$cordovaEmailComposer.open({
to: CEO_EMAIL_ADDRESS,
subject: langTranslateService.getData('REPORT_A_PROBLEM'),
body: '',
isHtml: false
});
});
};
I need only the phone email will be opened or the option to choose from email applications only.
Why there is "bluetooth, dropbox..." in the options?
Can I change it..?
According to the plugin specification found here, you should be able to supply an app option to the open method to target a specific app for opening the email draft (at the time of writing Android only).
First an alias should be made for the desired app like so:
cordova.plugins.email.addAlias('outlook', 'com.microsoft.android.outlook');
This example creates an alias outlook for the Outlook app. The second parameter is the package name of the app, which I was able to find by installing a plugin like Package Name Viewer.
You can validate if the app is available with the following overload of the isAvailable function:
cordova.plugins.email.isAvailable(
'outlook', function (isAvailable, withScheme) {
// isAvailable indicates if sending emails is available at all
// withScheme is true if the desired app/scheme is available. When false the fallback of choosing an approriate app is applied
}
);
Then you can supply this alias to the open method like in the example below:
$cordovaEmailComposer.open({
app: 'outlook',
to: CEO_EMAIL_ADDRESS,
subject: langTranslateService.getData('REPORT_A_PROBLEM'),
body: '',
isHtml: false
});
Now the draft should open in Outlook when available. Give it a try!