Update deps, fix file permissions, auto-generate readme (#302)

Fixes
#301

.github/workflows/draft-release.yml

@@ -21,4 +21,4 @@ jobs:
       version_strategy: '${{ github.event.inputs.version_strategy }}'
     # secrets must be explicitly passed to reusable workflows https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/reusing-workflows#using-inputs-and-secrets-in-a-reusable-workflow
     secrets:
-      ACTIONS_BOT_TOKEN: '${{ secrets.ACTIONS_BOT_TOKEN }}'
+      ACTIONS_BOT_TOKEN: '${{ secrets.ACTIONS_BOT_TOKEN }}'

.github/workflows/integration.yml

@@ -24,57 +24,57 @@ jobs:
     if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
     runs-on: 'ubuntu-latest'
     steps:
-    - uses: 'actions/checkout@v4'
+      - uses: 'actions/checkout@v4'
 
-    - uses: 'actions/setup-node@v4'
-      with:
-        node-version: '20.x'
+      - uses: 'actions/setup-node@v4'
+        with:
+          node-version: '20.x'
 
-    - name: 'npm build'
-      run: 'npm ci && npm run build'
+      - name: 'npm build'
+        run: 'npm ci && npm run build'
 
-    - uses: 'google-github-actions/auth@v2'
-      with:
-        workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
-        service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+      - uses: 'google-github-actions/auth@v2'
+        with:
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
 
-    - name: 'get-gke-credentials'
-      uses: './'
-      with:
-        project_id: '${{ vars.PROJECT_ID }}'
-        cluster_name: '${{ vars.PUBLIC_CLUSTER_NAME }}'
-        location: '${{ vars.PUBLIC_CLUSTER_LOCATION }}'
+      - name: 'get-gke-credentials'
+        uses: './'
+        with:
+          project_id: '${{ vars.PROJECT_ID }}'
+          cluster_name: '${{ vars.PUBLIC_CLUSTER_NAME }}'
+          location: '${{ vars.PUBLIC_CLUSTER_LOCATION }}'
 
-    - name: 'kubectl'
-      run: |-
-        kubectl get ns
+      - name: 'kubectl'
+        run: |-
+          kubectl get ns
 
   private:
     if: ${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name && github.actor != 'dependabot[bot]' }}
     runs-on: 'ubuntu-latest'
     steps:
-    - uses: 'actions/checkout@v4'
+      - uses: 'actions/checkout@v4'
 
-    - uses: 'actions/setup-node@v4'
-      with:
-        node-version: '20.x'
+      - uses: 'actions/setup-node@v4'
+        with:
+          node-version: '20.x'
 
-    - name: 'npm build'
-      run: 'npm ci && npm run build'
+      - name: 'npm build'
+        run: 'npm ci && npm run build'
 
-    - uses: 'google-github-actions/auth@v2'
-      with:
-        workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
-        service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+      - uses: 'google-github-actions/auth@v2'
+        with:
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
 
-    - name: 'get-gke-credentials'
-      uses: './'
-      with:
-        project_id: '${{ vars.PROJECT_ID }}'
-        cluster_name: '${{ vars.PRIVATE_CLUSTER_NAME }}'
-        location: '${{ vars.PRIVATE_CLUSTER_LOCATION }}'
-        use_connect_gateway: 'true'
+      - name: 'get-gke-credentials'
+        uses: './'
+        with:
+          project_id: '${{ vars.PROJECT_ID }}'
+          cluster_name: '${{ vars.PRIVATE_CLUSTER_NAME }}'
+          location: '${{ vars.PRIVATE_CLUSTER_LOCATION }}'
+          use_connect_gateway: 'true'
 
-    - name: 'kubectl'
-      run: |-
-        kubectl get ns
+      - name: 'kubectl'
+        run: |-
+          kubectl get ns

.github/workflows/release.yml

@@ -8,6 +8,7 @@ on:
 
 jobs:
   release:
-    if: "startsWith(github.event.head_commit.message, 'Release: v')"
+    if: |-
+      ${{ startsWith(github.event.head_commit.message, 'Release: v') }}
     name: 'Release'
     uses: 'google-github-actions/.github/.github/workflows/release.yml@v0'

.github/workflows/unit.yml

@@ -25,35 +25,35 @@ jobs:
       fail-fast: false
       matrix:
         os:
-        - 'ubuntu-latest'
-        - 'windows-latest'
-        - 'macos-latest'
+          - 'ubuntu-latest'
+          - 'windows-latest'
+          - 'macos-latest'
     runs-on: '${{ matrix.os }}'
 
     steps:
-    - uses: 'actions/checkout@v4'
-
-    - uses: 'actions/setup-node@v4'
-      with:
-        node-version: '20.x'
-
-    - name: 'npm build'
-      run: 'npm ci && npm run build'
-
-    - name: 'npm lint'
-      # There's no need to run the linter for each operating system, since it
-      # will find the same thing 3x and clog up the PR review.
-      if: ${{ matrix.os == 'ubuntu-latest' }}
-      run: 'npm run lint'
-
-    - uses: 'google-github-actions/auth@v2'
-      with:
-        workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
-        service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
-
-    - name: 'npm test'
-      env:
-        TEST_PROJECT_ID: '${{ vars.PROJECT_ID }}'
-        TEST_CLUSTER_NAME: '${{ vars.PUBLIC_CLUSTER_NAME }}'
-        TEST_CLUSTER_LOCATION: '${{ vars.PUBLIC_CLUSTER_LOCATION }}'
-      run: 'npm run test'
+      - uses: 'actions/checkout@v4'
+
+      - uses: 'actions/setup-node@v4'
+        with:
+          node-version: '20.x'
+
+      - name: 'npm build'
+        run: 'npm ci && npm run build'
+
+      - name: 'npm lint'
+        # There's no need to run the linter for each operating system, since it
+        # will find the same thing 3x and clog up the PR review.
+        if: ${{ matrix.os == 'ubuntu-latest' }}
+        run: 'npm run lint'
+
+      - uses: 'google-github-actions/auth@v2'
+        with:
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_NAME }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+
+      - name: 'npm test'
+        env:
+          TEST_PROJECT_ID: '${{ vars.PROJECT_ID }}'
+          TEST_CLUSTER_NAME: '${{ vars.PUBLIC_CLUSTER_NAME }}'
+          TEST_CLUSTER_LOCATION: '${{ vars.PUBLIC_CLUSTER_LOCATION }}'
+        run: 'npm run test'

.gitignore

@@ -1,5 +1,6 @@
 node_modules/
 runner/
+tmp/
 
 # Rest of the file pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
 # Logs

README.md

@@ -60,53 +60,69 @@ jobs:
 
 ## Inputs
 
--   `cluster_name` - (Required) Name of the cluster for which to get
-    credentials. If specified as a full resource name (e.g.
-    "projects/p/locations/l/clusters/c"), then then "project_id" and "location"
-    inputs are optional. If only specified as the name (e.g. "my-cluster"), then
-    the "project_id" and "location" inputs may be required.
+<!-- BEGIN_AUTOGEN_INPUTS -->
 
--   `location` - (Optional) Location (e.g. region or zone) in which the cluster
-    resides. This value is required unless you specify "cluster_name" as a full
-    resource name.
+-   <a name="cluster_name"></a><a href="#user-content-cluster_name"><code>cluster_name</code></a>: _(Required)_ Name of the cluster for which to get credentials. This can be specified as
+    a full resource name:
 
--   `project_id` - (Optional) Project ID where the cluster is deployed. If
-    provided, this will override the project configured by previous steps or
-    environment variables. If not provided, the project will be inferred,
-    best-effort.
+        projects/<project>/locations/<location>/clusters/<cluster>
 
--   `use_auth_provider` - (Optional) If true, use the Google Cloud auth plugin in
-    kubectl instead of a short-lived access token. The default value is false.
+    In which case the `project_id` and `location` inputs are optional. If only
+    specified as a name:
 
--   `use_internal_ip` - (Optional) If true, use the internal IP address for the
-    cluster endpoint. This is mostly used with private GKE clusters. The default
-    value is false.
+        <cluster>
 
--   `use_connect_gateway` - (Optional) If true, uses the [Connect Gateway
+    then both the `project_id` and `location` may be required.
+
+-   <a name="location"></a><a href="#user-content-location"><code>location</code></a>: _(Optional)_ Location (region or zone) in which the cluster resides. This value is
+    required unless `cluster_name` is a full resource name.
+
+-   <a name="project_id"></a><a href="#user-content-project_id"><code>project_id</code></a>: _(Optional)_ Project ID where the cluster is deployed. If provided, this will override
+    the project configured by previous steps or environment variables. If not
+    provided, the project will be inferred from the environment, best-effort.
+
+-   <a name="context_name"></a><a href="#user-content-context_name"><code>context_name</code></a>: _(Optional)_ Name to use when creating the `kubectl` context. If not specified, the
+    default value is `gke_<project>_<location>_<cluster>`.
+
+-   <a name="use_auth_provider"></a><a href="#user-content-use_auth_provider"><code>use_auth_provider</code></a>: _(Optional, default: `false`)_ Set this to true to use the Google Cloud auth plugin in `kubectl` instead
+    of inserting a short-lived access token.
+
+-   <a name="use_internal_ip"></a><a href="#user-content-use_internal_ip"><code>use_internal_ip</code></a>: _(Optional, default: `false`)_ Set this to true to use the internal IP address for the cluster endpoint.
+    This is mostly used with private GKE clusters.
+
+-   <a name="use_connect_gateway"></a><a href="#user-content-use_connect_gateway"><code>use_connect_gateway</code></a>: _(Optional, default: `false`)_ Set this to true to use the [Connect Gateway
     endpoint](https://cloud.google.com/anthos/multicluster-management/gateway)
-    to connect to the cluster. The default value is false.
+    to connect to cluster.
+
+-   <a name="fleet_membership_name"></a><a href="#user-content-fleet_membership_name"><code>fleet_membership_name</code></a>: _(Optional)_ Fleet membership name to use for generating Connect Gateway endpoint, of
+    the form:
 
--   `fleet_membership_name` - (Optional) Fleet membership name of form
-    "projects/PROJECT_ID/locations/LOCATION/memberships/MEMBERSHIP_NAME" to use
-    for generating the Connect Gateway endpoint. This only applies if
-    "use_connect_gateway" is true. Defaults to auto discovery if empty.
+        projects/<project>/locations/<location>/memberships/<membership>
 
--   `quota_project_id` - (Optional) Project ID from which to pull quota. The
-    caller must have `serviceusage.services.use` permission on the project. If
-    unspecified, this defaults to the project of the authenticated principle.
-    This is an advanced setting, most users should leave this blank.
+    This only applies if `use_connect_gateway` is true. Defaults to auto
+    discovery if empty.
 
--   `context_name` - (Optional) Name to use when creating the kubectl context.
-    If not specified, the default value is
-    "gke_{PROJECT_ID}_{LOCATION}_${CLUSTER_NAME}".
+-   <a name="quota_project_id"></a><a href="#user-content-quota_project_id"><code>quota_project_id</code></a>: _(Optional)_ Project ID from which to pull quota. The caller must have
+    `serviceusage.services.use` permission on the project. If unspecified,
+    this defaults to the project of the authenticated principle. This is an
+    advanced setting, most users should leave this blank.
+
+
+<!-- END_AUTOGEN_INPUTS -->
 
 ## Outputs
 
--   `kubeconfig_path` - Path on the local filesystem where the generated
-    KUBECONFIG file resides.
+In addition to setting the `$KUBECONFIG` environment variable, this GitHub
+Action produces the following outputs:
+
+<!-- BEGIN_AUTOGEN_OUTPUTS -->
+
+-   `kubeconfig_path`: Path on the local filesystem where the generated Kubernetes configuration
+    file resides.
+
+
+<!-- END_AUTOGEN_OUTPUTS -->
 
--   Exports env var `KUBECONFIG` which is set to the generated `kubeconfig` file
-    path.
 
 ## Authorization