DEVOPS-49 delete repo secret

Author: githubofkrishnadhas

.github/workflows/delete_repo_secret.yml

@@ -0,0 +1,45 @@
+name: delete-github-repository-secrets-using-workflow
+on:
+  workflow_dispatch:
+    inputs:
+      organization:
+        type: string
+        default: 'devwithkrishna'
+        description: 'The GitHub organization where the Secret will be delted from.'
+        required: true
+      repository_name:
+        type: string
+        description: 'Repository from which secret to be deleted'
+        required: true
+      secret_name:
+        type: string
+        description: "Secret name to delete from org"
+        required: true
+
+run-name: ${{ github.actor }} deleting secret ${{ inputs.secret_name }} from ${{ inputs.repository_name }}
+jobs:
+  delete-github-repository-secrets-using-workflow:
+    runs-on: ubuntu-latest
+    steps:
+      - name: git checkout
+        uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.11'
+      - name: package installations
+        run: |
+          pip install pipenv
+          pipenv install
+      - name: delete github org secret
+        env:
+          GH_TOKEN: ${{ secrets.DEVWITHKRISHNA_PERSONAL_ACCESS_TOKEN }}
+          repository_name: ${{ inputs.repository_name }}
+          secret_name: ${{ inputs.secret_name }}
+          organization: ${{ inputs.organization }}
+        run: |
+          pipenv run python3 delete_repo_secret.py 
+          echo "Secret deleted"
+      - name: Completed
+        run: |
+          echo "program completed successfully"

create_or_update_repo_secret.py

@@ -14,7 +14,7 @@ def current_ist_time():
     return ist_now_formatted
 
 
-def create_or_update_organization_secret_github(organization: str, secret_name: str):
+def create_or_update_repository_secret_github(organization: str, secret_name: str):
     """
     Create or update org level secret in GitHub
     Ref https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret
@@ -48,15 +48,12 @@ def create_or_update_organization_secret_github(organization: str, secret_name:
 
 def main():
     """To test the code"""
-    # Configuring to read ENCRYPTED_SECRET
-    # encrypted_secret = os.getenv('ENCRYPTED_SECRET')
-    # organization = 'devwithkrishna'
-    # secret_name = 'noidea'
+
     organization = os.getenv('organization')
     secret_name = os.getenv('secret_name')
 
     # Function call
-    create_or_update_organization_secret_github(organization, secret_name)
+    create_or_update_repository_secret_github(organization, secret_name)
 
 if __name__ == "__main__":
     main()

delete_repo_secret.py

@@ -0,0 +1,51 @@
+import requests
+import os
+from datetime import datetime
+import pytz
+
+def current_ist_time():
+    """code to return time in IST"""
+    # Get the current time in IST
+    ist = pytz.timezone('Asia/Kolkata')
+    ist_now = datetime.now(ist)
+
+    # Format and print the current time in IST
+    ist_now_formatted = ist_now.strftime('%Y-%m-%d %H:%M:%S %Z%z')
+    return ist_now_formatted
+
+
+def delete_repository_secret_github(organization: str, repository_name:str, secret_name: str):
+    """
+    Create or update org level secret in GitHub
+    Ref https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret
+
+    The token must have the following permission set: organization_secrets:write
+    """
+    ist_now_formatted = current_ist_time()
+    github_repo_secret_endpoint = f"https://api.github.com/repos/{organization}/{repository_name}/actions/secrets/{secret_name}"
+
+    headers = {
+        "Accept": "application/vnd.github+json",
+        "Authorization": f"Bearer {os.getenv('GH_TOKEN')}",
+        "X-GitHub-Api-Version": "2022-11-28"
+    }
+
+    response = requests.delete(github_repo_secret_endpoint, headers=headers)
+    if response.status_code == 204:
+        print(f"Secret {secret_name} deleted from {repository_name} at {ist_now_formatted} ")
+    else:
+        print(f"Something happened while deleting {secret_name} from {repository_name} at {ist_now_formatted} ")
+
+
+def main():
+    """To test the code"""
+
+    organization = os.getenv('organization')
+    secret_name = os.getenv('secret_name')
+    repository_name = os.getenv('repository_name')
+
+    # Function call
+    delete_repository_secret_github(organization,repository_name, secret_name)
+
+if __name__ == "__main__":
+    main()