1
/*---------------------------------------------------------------------------------------------
2
 *  Copyright (c) Microsoft Corporation. All rights reserved.
3
 *  Licensed under the MIT License. See License.txt in the project root for license information.
4
 *--------------------------------------------------------------------------------------------*/
5

6
import crypto from 'crypto';
7
import https from 'https';
8

9
function createJwt(appId: string, privateKey: string): string {
10
	const now = Math.floor(Date.now() / 1000);
11
	const header = Buffer.from(JSON.stringify({ alg: 'RS256', typ: 'JWT' })).toString('base64url');
12
	const payload = Buffer.from(JSON.stringify({ iat: now - 60, exp: now + 600, iss: appId })).toString('base64url');
13
	const signature = crypto.sign('sha256', Buffer.from(`${header}.${payload}`), privateKey).toString('base64url');
14
	return `${header}.${payload}.${signature}`;
15
}
16

17
function request(options: https.RequestOptions, body?: object): Promise<Record<string, unknown>> {
18
	return new Promise((resolve, reject) => {
19
		const req = https.request(options, res => {
20
			let data = '';
21
			res.on('data', chunk => data += chunk);
22
			res.on('end', () => {
23
				if (res.statusCode && res.statusCode >= 200 && res.statusCode < 300) {
24
					resolve(JSON.parse(data));
25
				} else {
26
					reject(new Error(`HTTP ${res.statusCode}: ${data}`));
27
				}
28
			});
29
		});
30
		req.on('error', reject);
31
		if (body) {
32
			req.write(JSON.stringify(body));
33
		}
34
		req.end();
35
	});
36
}
37

38
async function getInstallationToken(jwt: string, installationId: string): Promise<string> {
39
	const result = await request({
40
		hostname: 'api.github.com',
41
		path: `/app/installations/${encodeURIComponent(installationId)}/access_tokens`,
42
		method: 'POST',
43
		headers: {
44
			'Authorization': `Bearer ${jwt}`,
45
			'Accept': 'application/vnd.github+json',
46
			'User-Agent': 'VSCode-ADO-Pipeline',
47
			'X-GitHub-Api-Version': '2022-11-28'
48
		}
49
	});
50
	return result.token as string;
51
}
52

53
function updateCheckRun(token: string, checkRunId: string, conclusion: string, detailsUrl: string) {
54
	return request({
55
		hostname: 'api.github.com',
56
		path: `/repos/microsoft/vscode/check-runs/${encodeURIComponent(checkRunId)}`,
57
		method: 'PATCH',
58
		headers: {
59
			'Authorization': `token ${token}`,
60
			'Accept': 'application/vnd.github+json',
61
			'User-Agent': 'VSCode-ADO-Pipeline',
62
			'X-GitHub-Api-Version': '2022-11-28'
63
		}
64
	}, {
65
		status: 'completed',
66
		conclusion,
67
		completed_at: new Date().toISOString(),
68
		details_url: detailsUrl
69
	});
70
}
71

72
async function main() {
73
	const appId = process.env.GITHUB_APP_ID;
74
	const privateKey = process.env.GITHUB_APP_PRIVATE_KEY;
75
	const installationId = process.env.GITHUB_APP_INSTALLATION_ID;
76
	const checkRunId = process.env.CHECK_RUN_ID;
77
	const jobStatus = process.env.AGENT_JOBSTATUS;
78
	const detailsUrl = `${process.env.SYSTEM_COLLECTIONURI}${process.env.SYSTEM_TEAMPROJECT}/_build/results?buildId=${process.env.BUILD_BUILDID}`;
79

80
	if (!appId || !privateKey || !installationId || !checkRunId) {
81
		throw new Error('Missing required environment variables');
82
	}
83

84
	const jwt = createJwt(appId, privateKey);
85
	const token = await getInstallationToken(jwt, installationId);
86

87
	let conclusion: string;
88
	switch (jobStatus) {
89
		case 'Succeeded':
90
		case 'SucceededWithIssues':
91
			conclusion = 'success';
92
			break;
93
		case 'Canceled':
94
			conclusion = 'cancelled';
95
			break;
96
		default:
97
			conclusion = 'failure';
98
			break;
99
	}
100

101
	await updateCheckRun(token, checkRunId, conclusion, detailsUrl);
102
	console.log(`Updated check run ${checkRunId} with conclusion: ${conclusion}`);
103
}
104

105
main().catch(err => {
106
	console.error(err);
107
	process.exit(1);
108
});
109

110