Switch to using `github.request`

2025-02-25 18:55:22 -06:00 · 2023-07-24 16:08:01 +01:00 · 2023-07-24 16:08:01 +01:00 · f9c89e5d84
commit f9c89e5d84
parent 52c7f66ce1
1 changed files with 11 additions and 10 deletions
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@ -41,20 +41,21 @@ jobs:
            // retrieve the ambient OIDC token
            const oidc_request_token = process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN;
            const oidc_request_url = process.env.ACTIONS_ID_TOKEN_REQUEST_URL;
-            const oidc_resp = await fetch(`${oidc_request_url}&audience=testpypi`, {
+            const oidc_resp = await github.request({
+                url: `${oidc_request_url}&audience=testpypi`,
                headers: {Authorization: `bearer ${oidc_request_token}`},
              }
            );
-            const oidc_token = (await oidc_resp.json()).value;
-  
+            const oidc_token = oidc_resp.data.value;
+
            // exchange the OIDC token for an API token
-            const mint_resp = await fetch('https://test.pypi.org/_/oidc/github/mint-token', {
-                method: 'post',
-                body: '{"token": "oidc_token"}' ,
-                headers: {'Content-Type': 'application/json'},
-              }
-            );
-            const api_token = (await mint_resp.json()).token;
+            const mint_resp = await github.request({
+              url: 'https://test.pypi.org/_/oidc/github/mint-token',
+              method: 'post',
+              headers: {'Content-Type': 'application/json'},
+              token: oidc_token,
+            });
+            const api_token = mint_resp.data.token;

            // mask the newly minted API token, so that we don't accidentally leak it
            core.setSecret(api_token)