feat: add api version parameter to action.yml file (#42)

BeyondTrust · Jan 28, 2025 · 4d53f86 · 4d53f86
1 parent 1a56bdf
commit 4d53f86
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -38,6 +38,10 @@ Runners must use a Linux operating system. Additionally, self-hosted runners wil
 https://example.com:443/BeyondTrust/api/public/v3
 ```
 
+### `api_version`
+
+**Optional:** The recommended version is 3.1. If no version is specified, the default API version 3.0 will be used
+
 ### `secret_path`
 **Required:** Path of the secret to retrieve.
 ```json
@@ -108,6 +112,7 @@ env:
   CLIENT_SECRET: ${{secrets.CLIENT_SECRET}}
   CERTIFICATE: ${{secrets.CERTIFICATE}}
   CERTIFICATE_KEY: ${{secrets.CERTIFICATE_KEY}}
+  API_VERSION: ${{vars.API_VERSION}}
 with:
   SECRET_PATH: '{"path": "folder1/folder2/title", "output_id": "title"}'
   MANAGED_ACCOUNT_PATH: '{"path": "system/account", "output_id": "account"}'

diff --git a/action.yml b/action.yml
@@ -6,6 +6,10 @@ inputs:
     description: 'The API Key configured in BeyondInsight for your application. If not set, then client credentials must be provided.'
     required: false
     default: ''
+  api_version:
+    description: 'The recommended version is 3.1. If no version is specified, the default API version 3.0 will be used.'
+    required: false
+    default: ''
   client_id:
     description: 'The API OAuth Client ID is configured in BeyondInsight for your application. For use when authenticating to Secrets Safe'
     required: false
@@ -54,6 +58,7 @@ runs:
   image: 'Dockerfile'
   args:
     - ${{ inputs.api_key }}
+    - ${{ inputs.api_version }}
     - ${{ inputs.client_id }}
     - ${{ inputs.client_secret }}
     - ${{ inputs.api_url }}

diff --git a/requirements.txt b/requirements.txt
@@ -1,4 +1,4 @@
 requests==2.32.3
 retry-requests==2.0.0
 github_action_utils==1.1.0
-beyondtrust-bips-library~=1.0
+beyondtrust-bips-library~=1.2
diff --git a/src/main.py b/src/main.py
@@ -16,6 +16,7 @@
 CLIENT_ID = env.get("CLIENT_ID")
 CLIENT_SECRET = env.get("CLIENT_SECRET")
 API_URL = env.get("API_URL")
+API_VERSION = env.get("API_VERSION")
 VERIFY_CA = env.get("VERIFY_CA", "true").lower() != "false"
 
 SECRET_PATH = env.get("INPUT_SECRET_PATH", "").strip() or None
@@ -190,6 +191,11 @@ def main() -> None:
                 "logger": logger,
             }
 
+            # The recommended version is 3.1. If no version is specified, 
+            # the default API version 3.0 will be used
+            if API_VERSION:
+                auth_config.update({"api_version": API_VERSION})
+
             # If API_KEY is set, we're using API Key authentication
             # otherwise we're using OAuth/Client Credentials.
             if API_KEY: