build(release): 1.2.2 [skip ci]

## [1.2.2](https://github.com/actions/create-github-app-token/compare/v1.2.1...v1.2.2) (2023-10-02)

### Bug Fixes

* **deps:** bump the production-dependencies group with 3 updates ([#51](https://github.com/actions/create-github-app-token/issues/51)) ([6d98b25](https://github.com/actions/create-github-app-token/commit/6d98b259d9c6bef17db279eb4aefbbd031400ba4)), closes [#1511](https://github.com/actions/create-github-app-token/issues/1511) [#535](https://github.com/actions/create-github-app-token/issues/535) [#535](https://github.com/actions/create-github-app-token/issues/535) [#533](https://github.com/actions/create-github-app-token/issues/533) [#531](https://github.com/actions/create-github-app-token/issues/531) [#530](https://github.com/actions/create-github-app-token/issues/530) [#524](https://github.com/actions/create-github-app-token/issues/524) [#637](https://github.com/actions/create-github-app-token/issues/637) [#637](https://github.com/actions/create-github-app-token/issues/637) [#631](https://github.com/actions/create-github-app-token/issues/631) [#626](https://github.com/actions/create-github-app-token/issues/626)

.github/workflows/release.yml

@@ -19,7 +19,7 @@ jobs:
         with:
           app_id: ${{ vars.RELEASER_APP_ID }}
           private_key: ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           token: ${{ steps.app-token.outputs.token }}
       - run: npm install --no-save @semantic-release/git semantic-release-plugin-github-breaking-version-tag

.github/workflows/test.yml

@@ -1,5 +1,8 @@
 name: test
 on:
+  push:
+    branches:
+      - main
   pull_request:
 
 concurrency:
@@ -7,13 +10,28 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  test:
+  integration:
+    name: Integration
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-node@v3
         with:
-          node-version: "16.16"
+          node-version: 20
+          cache: "npm"
+      - run: npm ci
+      - run: npm test
+
+  end-to-end:
+    name: End-to-End
+    runs-on: ubuntu-latest
+    # do not run from forks, as forks don’t have access to repository secrets
+    if: github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 20
           cache: "npm"
       - run: npm ci
       - run: npm run build

dist/main.cjs

@@ -1602,7 +1602,7 @@ var require_oidc_utils = __commonJS({
  
         Error Code : ${error.statusCode}
  
-        Error Message: ${error.result.message}`);
+        Error Message: ${error.message}`);
           });
           const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;
           if (!id_token) {
@@ -2793,7 +2793,7 @@ var require_dist_node5 = __commonJS({
     module2.exports = __toCommonJS2(dist_src_exports);
     var import_endpoint = require_dist_node2();
     var import_universal_user_agent = require_dist_node();
-    var VERSION = "8.1.1";
+    var VERSION = "8.1.2";
     var import_is_plain_object = require_is_plain_object();
     var import_request_error = require_dist_node4();
     function getBufferResponse(response) {
@@ -14984,7 +14984,7 @@ var require_dist_node12 = __commonJS({
         return sendRequestWithRetries(state, request2, options, createdAt, retries);
       }
     }
-    var VERSION = "6.0.0";
+    var VERSION = "6.0.1";
     var import_auth_oauth_user2 = require_dist_node9();
     function createAppAuth2(options) {
       if (!options.appId) {

dist/post.cjs

@@ -1602,7 +1602,7 @@ var require_oidc_utils = __commonJS({
  
         Error Code : ${error.statusCode}
  
-        Error Message: ${error.result.message}`);
+        Error Message: ${error.message}`);
           });
           const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;
           if (!id_token) {
@@ -2793,7 +2793,7 @@ var require_dist_node5 = __commonJS({
     module2.exports = __toCommonJS2(dist_src_exports);
     var import_endpoint = require_dist_node2();
     var import_universal_user_agent = require_dist_node();
-    var VERSION = "8.1.1";
+    var VERSION = "8.1.2";
     var import_is_plain_object = require_is_plain_object();
     var import_request_error = require_dist_node4();
     function getBufferResponse(response) {
@@ -2956,8 +2956,10 @@ var import_core = __toESM(require_core(), 1);
 // lib/post.js
 async function post(core2, request2) {
   const token = core2.getState("token");
-  if (!token)
+  if (!token) {
+    core2.info("Token is not set");
     return;
+  }
   await request2("DELETE /installation/token", {
     headers: {
       authorization: `token ${token}`

lib/post.js

@@ -7,7 +7,10 @@
 export async function post(core, request) {
   const token = core.getState("token");
 
-  if (!token) return;
+  if (!token) {
+    core.info("Token is not set");
+    return;
+  }
 
   await request("DELETE /installation/token", {
     headers: {

package.json

@@ -2,21 +2,24 @@
   "name": "create-github-app-token",
   "private": true,
   "type": "module",
-  "version": "1.2.1",
+  "version": "1.2.2",
   "description": "GitHub Action for creating a GitHub App Installation Access Token",
   "scripts": {
     "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node16.16",
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "ava tests/index.js"
   },
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.10.0",
-    "@octokit/auth-app": "^6.0.0",
-    "@octokit/request": "^8.1.1"
+    "@actions/core": "^1.10.1",
+    "@octokit/auth-app": "^6.0.1",
+    "@octokit/request": "^8.1.2"
   },
   "devDependencies": {
+    "ava": "^5.3.1",
     "dotenv": "^16.3.1",
-    "esbuild": "^0.19.2"
+    "esbuild": "^0.19.4",
+    "execa": "^8.0.1",
+    "undici": "^5.25.2"
   },
   "release": {
     "branches": [

tests/README.md

@@ -0,0 +1,19 @@
+# Tests
+
+Add one test file per scenario. You can run them in isolation with:
+
+```bash
+node tests/post-token-set.test.js
+```
+
+All tests are run together in [tests/index.js](index.js), which can be execauted with ava
+
+```
+npx ava tests/index.js
+```
+
+or with npm
+
+```
+npm test
+```

tests/index.js

@@ -0,0 +1,14 @@
+import { readdirSync } from "node:fs";
+
+import { execa } from "execa";
+import test from "ava";
+
+const tests = readdirSync("tests").filter((file) => file.endsWith(".test.js"));
+
+for (const file of tests) {
+  test(file, async (t) => {
+    const { stderr, stdout } = await execa("node", [`tests/${file}`]);
+    t.snapshot(stderr, "stderr");
+    t.snapshot(stdout, "stdout");
+  });
+}

tests/post-token-set.test.js

@@ -0,0 +1,25 @@
+import { MockAgent, setGlobalDispatcher } from "undici";
+
+// state variables are set as environment variables with the prefix STATE_
+// https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#sending-values-to-the-pre-and-post-actions
+process.env.STATE_token = "secret123";
+
+const mockAgent = new MockAgent();
+
+setGlobalDispatcher(mockAgent);
+
+// Provide the base url to the request
+const mockPool = mockAgent.get("https://api.github.com");
+
+// intercept the request
+mockPool
+  .intercept({
+    path: "/installation/token",
+    method: "DELETE",
+    headers: {
+      authorization: "token secret123",
+    },
+  })
+  .reply(204);
+
+await import("../post.js");

tests/post-token-unset.test.js

@@ -0,0 +1,5 @@
+// state variables are set as environment variables with the prefix STATE_
+// https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#sending-values-to-the-pre-and-post-actions
+delete process.env.STATE_token;
+
+await import("../post.js");

tests/snapshots/index.js.md

@@ -0,0 +1,25 @@
+# Snapshot report for `tests/index.js`
+
+The actual snapshot is saved in `index.js.snap`.
+
+Generated by [AVA](https://avajs.dev).
+
+## post-token-set.test.js
+
+> stderr
+
+    ''
+
+> stdout
+
+    'Token revoked'
+
+## post-token-unset.test.js
+
+> stderr
+
+    ''
+
+> stdout
+
+    'Token is not set'