[action] iCloud API trust token acquisition #43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "[action] iCloud API trust token acquisition" | |
| # If the MFA token stored in the secrets of this repository expires, this workflow can be executed manually in order to acquire a new token. | |
| # Use the 'acquire-trust-token.sh' script, located in the .github directory to run this action | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| wg-endpoint: | |
| description: The endpoint of the wireguard server | |
| required: true | |
| type: string | |
| wg-peer-public-key: | |
| description: The wireguard peer's public key | |
| required: true | |
| type: string | |
| wg-local-address: | |
| description: The IP address to assign to the runner | |
| required: true | |
| type: string | |
| wg-remote-address: | |
| description: The IP address of the peer | |
| required: true | |
| type: string | |
| wg-allowed-ips: | |
| description: The IPs to route through the wireguard tunnel | |
| required: true | |
| type: string | |
| wg-private-key: | |
| description: The private key for the runner | |
| required: true | |
| type: string | |
| wg-preshared-key: | |
| description: The preshared key | |
| required: true | |
| type: string | |
| permissions: write-all | |
| jobs: | |
| acquire-token: | |
| name: acquire-token | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'workflow_dispatch' | |
| steps: | |
| - name: setup/checkout | |
| uses: actions/checkout@v4 | |
| - name: setup/api-token | |
| uses: ./.github/actions/helper/api-token-setup | |
| with: | |
| wg-endpoint: ${{ inputs.wg-endpoint}} | |
| wg-peer-public-key: ${{ inputs.wg-peer-public-key }} | |
| wg-local-address: ${{ inputs.wg-local-address }} | |
| wg-remote-address: ${{ inputs.wg-remote-address }} | |
| wg-allowed-ips: ${{ inputs.wg-allowed-ips }} | |
| wg-private-key: ${{ inputs.wg-private-key }} | |
| wg-preshared-key: ${{ inputs.wg-preshared-key }} | |
| - name: action/api-token | |
| uses: ./.github/actions/helper/api-token | |
| with: | |
| test-apple-id-user: ${{ secrets.TEST_APPLE_ID_USER }} | |
| test-apple-id-pwd: ${{ secrets.TEST_APPLE_ID_PWD }} | |
| gh-token: ${{ secrets.GH_SECRETS_PAT }} |