feat: implement organization secret creation API

- Add a new `CreateSecretOption` struct for creating secrets
- Implement a `CreateOrgSecret` function to create a secret in an organization
- Add a new route in `api.go` to handle the creation of organization secrets
- Update the Swagger template to include the new `CreateOrgSecret` API endpoint
- Change the `basePath` in the Swagger template from `{{AppSubUrl | JSEscape | Safe}}/api/v1` to `/api/v1`

Signed-off-by: appleboy <[email protected]>

Author: appleboy

modules/structs/secret.go

@@ -13,3 +13,15 @@ type Secret struct {
 	// swagger:strfmt date-time
 	Created time.Time `json:"created_at"`
 }
+
+// CreateSecretOption options when creating secret
+// swagger:model
+type CreateSecretOption struct {
+	// Name of the secret to create
+	//
+	// required: true
+	// unique: true
+	Name string `json:"name" binding:"Required;AlphaDashDot;MaxSize(100)"`
+	// Data of the secret to create
+	Data string `json:"data" binding:"Required"`
+}

routers/api/v1/api.go

@@ -1300,6 +1300,7 @@ func Routes() *web.Route {
 			})
 			m.Group("/actions/secrets", func() {
 				m.Get("", reqToken(), reqOrgOwnership(), org.ListActionsSecrets)
+				m.Post("", reqToken(), reqOrgOwnership(), bind(api.CreateSecretOption{}), org.CreateOrgSecret)
 			})
 			m.Group("/public_members", func() {
 				m.Get("", org.ListPublicMembers)

routers/api/v1/org/action.go

@@ -7,9 +7,12 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/models/secret"
+	secret_model "code.gitea.io/gitea/models/secret"
 	"code.gitea.io/gitea/modules/context"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/routers/api/v1/utils"
+	"code.gitea.io/gitea/routers/web/shared/actions"
 )
 
 // ListActionsSecrets list an organization's actions secrets
@@ -70,3 +73,43 @@ func listActionsSecrets(ctx *context.APIContext) {
 	ctx.SetTotalCountHeader(count)
 	ctx.JSON(http.StatusOK, apiSecrets)
 }
+
+// CreateOrgSecret create one secret of the organization
+func CreateOrgSecret(ctx *context.APIContext) {
+	// swagger:operation POST /orgs/{org}/actions/secrets organization createOrgSecret
+	// ---
+	// summary: Create a secret in an organization
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of organization
+	//   type: string
+	//   required: true
+	// - name: body
+	//   in: body
+	//   schema:
+	//     "$ref": "#/definitions/CreateSecretOption"
+	// responses:
+	//   "201":
+	//     "$ref": "#/responses/Secret"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	//   "403":
+	//     "$ref": "#/responses/forbidden"
+	opt := web.GetForm(ctx).(*api.CreateSecretOption)
+	_, err := secret_model.InsertEncryptedSecret(
+		ctx, ctx.Org.Organization.ID, 0, opt.Name, actions.ReserveLineBreakForTextarea(opt.Data),
+	)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "InsertEncryptedSecret", err)
+		return
+	}
+
+	ctx.Status(http.StatusCreated)
+}