From 7d0c3225ecb4032de45497b377e9025178bc8fa2 Mon Sep 17 00:00:00 2001 From: Arkadiusz Szarama Date: Wed, 29 Oct 2025 23:18:00 +0100 Subject: [PATCH] feat: add GitHub scaffolder support with custom header authentication --- .../accept_files/accept.github.app.json | 7 +++--- .../snykbroker/plugins/github-app-scaffolder | 22 +++++++++++++++++++ 2 files changed, 25 insertions(+), 4 deletions(-) create mode 100755 agent/server/snykbroker/plugins/github-app-scaffolder diff --git a/agent/server/snykbroker/accept_files/accept.github.app.json b/agent/server/snykbroker/accept_files/accept.github.app.json index f3b97a8..27412d5 100644 --- a/agent/server/snykbroker/accept_files/accept.github.app.json +++ b/agent/server/snykbroker/accept_files/accept.github.app.json @@ -9,10 +9,8 @@ "method": "any", "path": "/*", "origin": "${GITHUB:github.com}", - "auth": { - "scheme": "basic", - "username": "github", - "password": "${plugin:github-app-token}" + "headers": { + "Authorization": "Basic ${plugin:github-app-scaffolder}" }, "valid": [ { @@ -43,3 +41,4 @@ } ] } + diff --git a/agent/server/snykbroker/plugins/github-app-scaffolder b/agent/server/snykbroker/plugins/github-app-scaffolder new file mode 100755 index 0000000..48d91b3 --- /dev/null +++ b/agent/server/snykbroker/plugins/github-app-scaffolder @@ -0,0 +1,22 @@ +#! /bin/bash + +set -euo pipefail + +echo_to_stderr() { + echo "$1" >&2 +} + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" + +echo_to_stderr "Fetching GitHub installation token..." + +# Execute github-app-token and capture output +if ! token=$("${SCRIPT_DIR}/github-app-token"); then + echo "Error: Failed to get GitHub installation token" >&2 + exit 1 +fi + +echo_to_stderr "Converting GitHub installation token for scaffolder" + +echo -n "x-cortex-user:${token}" | base64 +