Action setup

Author: moniyazi

.github/workflows/publish.yml

@@ -0,0 +1,37 @@
+name: Publish to Marketplace
+
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Version tag (e.g., v1.0.0)'
+        required: true
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      
+      - name: Validate action.yml
+        run: |
+          # Basic validation
+          if ! grep -q "name:" action.yml; then
+            echo "❌ action.yml missing name"
+            exit 1
+          fi
+          if ! grep -q "runs:" action.yml; then
+            echo "❌ action.yml missing runs section"
+            exit 1
+          fi
+          echo "✅ action.yml is valid"
+      
+      - name: Create Release
+        if: github.event_name == 'release'
+        run: |
+          echo "Release published: ${{ github.event.release.tag_name }}"
+          echo "Release notes: ${{ github.event.release.body }}"
+

.github/workflows/test-action.yml

@@ -0,0 +1,32 @@
+name: Test Action
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      
+      - name: Test Code Discovery Action
+        uses: ./
+        id: discovery
+        with:
+          api-endpoint: ${{ secrets.API_DISCOVERY_ENDPOINT || 'https://api.example.com' }}
+          api-token: ${{ secrets.API_DISCOVERY_TOKEN || 'test-token' }}
+          dry-run: 'true'
+      
+      - name: Display outputs
+        run: |
+          echo "Spec path: ${{ steps.discovery.outputs.spec-path }}"
+          echo "Success: ${{ steps.discovery.outputs.success }}"
+

.gitignore

@@ -0,0 +1,43 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+env/
+venv/
+ENV/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+Thumbs.db
+
+# GitHub Actions
+.github/workflows/*.yml.bak
+
+# Test files
+*.log
+test-results/
+

IMPLEMENTATION_SUMMARY.md

@@ -0,0 +1,144 @@
+# GitHub Action Implementation Summary
+
+## Repository Structure
+
+```
+apisec-bolt-code-discovery-action/
+├── .github/
+│   └── workflows/
+│       ├── test-action.yml      # Test workflow for the action
+│       └── publish.yml          # Publishing workflow
+├── action.yml                   # Main action definition (REQUIRED)
+├── README.md                    # Documentation
+├── LICENSE                      # MIT License
+├── .gitignore                   # Git ignore rules
+└── IMPLEMENTATION_SUMMARY.md    # This file
+```
+
+## Key Features Implemented
+
+### ✅ Simplified Inputs
+- **Required:** `api-endpoint`, `api-token`
+- **Optional:** `repo-path`, `config-path`, `pr-title`, `pr-body`, `dry-run`
+- **Removed:** `output-path`, `output-format`, `commit-spec`, `create-pr`, `cli-version`
+
+### ✅ Hardcoded Values
+- **Output Path:** `apisec-bolt-code-discovery/openapi_spec.yaml`
+- **Output Format:** Always YAML
+- **CLI Version:** Pinned to `0.2.0`
+- **PR Creation:** Always enabled (never direct commit)
+
+### ✅ State Management
+- State file location: `apisec-bolt-code-discovery/state.yaml`
+- Same directory as OpenAPI spec (no extra folders)
+- Automatically committed in PR
+
+### ✅ Error Handling
+- Non-blocking: Uses `continue-on-error: true`
+- Warnings don't fail workflow
+- Graceful degradation
+
+### ✅ PR Creation Flow
+1. Creates new branch: `code-discovery/update-openapi-{timestamp}`
+2. Commits generated files
+3. Pushes branch
+4. Creates PR using `gh` CLI
+5. Handles existing PRs (reuses if branch exists)
+
+## Action Workflow Steps
+
+1. **Install Code Discovery CLI**
+   - Upgrades pip
+   - Installs `code-discovery==0.2.0`
+
+2. **Configure API Credentials**
+   - Creates `~/.apisec` file
+   - Sets permissions (600)
+
+3. **Run API Discovery**
+   - Executes CLI with proper arguments
+   - Extracts outputs from state file
+   - Sets GitHub outputs
+
+4. **Create Pull Request**
+   - Only runs if discovery succeeded and not dry-run
+   - Creates branch, commits, pushes, creates PR
+   - Handles edge cases (existing PRs, no changes, etc.)
+
+## Outputs
+
+- `spec-path`: Path to OpenAPI spec
+- `application-id`: From state file
+- `instance-id`: From state file
+- `pr-url`: Created PR URL
+- `success`: Boolean
+
+## Required Permissions
+
+```yaml
+permissions:
+  contents: write      # To commit files
+  pull-requests: write # To create PRs
+```
+
+## Next Steps for Publishing
+
+1. **Initialize Git Repository**
+   ```bash
+   cd /Users/mohsinniyazi/apisec-bolt-code-discovery-action
+   git init
+   git add .
+   git commit -m "Initial commit: Code Discovery GitHub Action"
+   ```
+
+2. **Create GitHub Repository**
+   - Create public repository: `apisec-bolt/code-discovery-action`
+   - Push code
+
+3. **Create First Release**
+   - Tag: `v1.0.0`
+   - This makes the action available as `@v1` or `@v1.0.0`
+
+4. **Publish to Marketplace**
+   - Go to repository Settings → Marketplace
+   - Click "Publish to GitHub Marketplace"
+   - Fill in details:
+     - Category: Security
+     - Icon: search
+     - Color: blue
+   - Submit for review
+
+## Testing
+
+The action includes a test workflow (`.github/workflows/test-action.yml`) that can be used to test the action locally or in CI.
+
+## Usage Example
+
+```yaml
+name: API Discovery
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  discover:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: apisec-bolt/code-discovery-action@v1
+        with:
+          api-endpoint: ${{ secrets.API_DISCOVERY_ENDPOINT }}
+          api-token: ${{ secrets.API_DISCOVERY_TOKEN }}
+```
+
+## Notes
+
+- Action name: `apisec-bolt-code-discovery-action`
+- Marketplace category: Security
+- All files are in the same directory: `apisec-bolt-code-discovery/`
+- State management is automatic and default behavior
+

LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2025 APIsec Bolt
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+