Merge branch 'develop'

Author: clivewalkden

.github/dependabot.yml

@@ -0,0 +1,26 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+    groups:
+      actions-minor:
+        update-types:
+          - minor
+          - patch
+
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: weekly
+    groups:
+      npm-development:
+        dependency-type: development
+        update-types:
+          - minor
+          - patch
+      npm-production:
+        dependency-type: production
+        update-types:
+          - patch

.github/workflows/test.yml

@@ -4,6 +4,7 @@ on:
     push:
         branches:
             - main
+            - develop
     pull_request:
 
 jobs:
@@ -22,9 +23,9 @@ jobs:
             - name: Test OpenVPN
               uses: "./"
               with:
-                  config_file: ${{ secrets.VPN_CONFIG_FILE }}
+                  config_file: ${{ secrets.VPN_CONFIG }}
                   certificate: ${{ secrets.VPN_CERTIFICATE }}
                   certificate_name: ${{ secrets.VPN_CERTIFICATE_NAME }}
 
             - name: Check if connected
-              run: curl -v http://172.16.0.61
+              run: ping -c 1 -W 5 172.16.0.61 >/dev/null && echo 'Successfully pinged device!'

.husky/pre-commit

@@ -2,5 +2,5 @@
 . "$(dirname "$0")/_/husky.sh"
 
 npm install
-nom run build
-git add dist/index.js
+npm run build
+git add dist_main/index.js dist_post/index.js

README.md

@@ -21,7 +21,19 @@ To use this action, you need to provide the necessary configuration details for
         certificate_name: ${{ secrets.VPN_CERTIFICATE_NAME }}
 ```
 
-Make sure to store your sensitive information (such as the config, certificate, and certificate_name) as secrets in your GitHub repository to keep them secure.
+Make sure to store your sensitive information (such as the config, certificate, and certificate_name) as secrets in your GitHub repository to keep them secure. 
 
-For more information on how to use this action, please refer to the [GitHub Action documentation](https://docs.github.com/actions).
+The certificate will need to be converted to base 64 before you can save the value as a GitHub secret.
+
+```shell
+# Mac/Linux
+base64 <file_name> > output.txt
+
+# Windows
+certutil -encode <file_name> output.txt
+```
+Replace `<file_name>` with the name of the file you want to encode. The encoded output will be saved in `output.txt`.
+
+Remember to replace `<file_name>` with the actual name of the file you want to encode.
 
+For more information on how to use this action, please refer to the [GitHub Action documentation](https://docs.github.com/actions).

action.yml

@@ -16,5 +16,5 @@ inputs:
     default: "certificate.p12"
 runs:
   using: "node20"
-  main: "dist/index.js"
-  post: "dist/index.js"
+  main: "dist_main/index.js"
+  post: "dist_post/index.js"

dist/index.js renamed to dist_main/index.js

@@ -25378,6 +25378,7 @@ const core = __nccwpck_require__(2186);
 const exec = (command) => {
   core.info(`Executing ${command}`);
   const result = shelljsExec(command);
+  core.debug(JSON.stringify(result));
   if (result.code !== 0) {
     core.warning(result.stdout);
     throw new Error(
@@ -25397,89 +25398,69 @@ module.exports = exec;
 
 const fs = __nccwpck_require__(7147);
 const core = __nccwpck_require__(2186);
-const exec = __nccwpck_require__(1861);
+const exec = __nccwpck_require__(3264);
 const Tail = (__nccwpck_require__(5824)/* .Tail */ .x);
 
 /*global clearTimeout, setTimeout*/
 /*eslint no-undef: "error"*/
 
 const run = (callback) => {
   const configFile = core.getInput("config_file", { required: true });
+  const configFileName = "config.ovpn";
   const certificate = core.getInput("certificate", { required: true });
+  const certificateName = core.getInput("certificate_name", { required: true });
+  const openVpnLog = "openvpn.log";
 
-  if (!fs.existsSync(configFile)) {
-    throw new Error(`Config file not found: ${configFile}`);
-  }
+  // If the certificate is base64 encoded, decode it and write it to a temporary file
+  exec(`echo "${configFile}" > ${configFileName}`);
 
-  fs.appendFileSync(configFile, "\n# -- GHA Modified --\n");
+  if (!fs.existsSync(configFileName)) {
+    throw new Error(`Config file not found: ${configFileName}`);
+  }
 
   // If the certificate is base64 encoded, decode it and write it to a temporary file
-  exec(`echo "${certificate}" | base64 -d > /tmp/certificate.p12`);
+  exec(`echo "${certificate}" | base64 -d > ${certificateName}`);
 
-  fs.writeFileSync("/tmp/openvpn.log", "");
-  const tail = new Tail("/tmp/openvpn.log");
+  if (!fs.existsSync(`${certificateName}`)) {
+    throw new Error(`Config file not found: ${certificateName}`);
+  }
+
+  fs.appendFileSync(configFile, "\n# -- GHA Modified --\n");
+
+  fs.writeFileSync(openVpnLog, "");
+  const tail = new Tail(openVpnLog);
 
   try {
     exec(
-      `sudo openvpn --config ${configFile} --pkcs12 /tmp/certificate.p12 --daemon --log /tmp/openvpn.log --writepid openvpn.pid`,
+      `sudo openvpn --config ${configFileName} --pkcs12 ${certificateName} --daemon --log ${openVpnLog} --writepid openvpn.pid`,
     );
   } catch (error) {
     core.error(`Error starting OpenVPN: ${error.message}`);
     throw error;
   }
 
   tail.on("line", (line) => {
-    core.info(line);
-    if (line.includes("Initialization Sequence Completed")) {
-      core.info("OpenVPN started successfully");
+    core.debug(line);
+    if (line.includes("Peer Connection Initiated with")) {
       tail.unwatch();
       clearTimeout(timer);
       const pid = fs.readFileSync("openvpn.pid", "utf8").trim();
       core.info(`OpenVPN connected successfully with PID ${pid}`);
+      core.info(`Sleeping for 5 seconds to allow connection to stabilize`);
+      exec(`sleep 5`);
       callback(pid);
     }
   });
 
   const timer = setTimeout(() => {
-    core.setFailed("OpenVPN failed to start within 30 seconds");
-  }, 30000);
+    core.setFailed("OpenVPN failed to start within 15 seconds");
+    tail.unwatch();
+  }, 15000);
 };
 
 module.exports = run;
 
 
-/***/ }),
-
-/***/ 8303:
-/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
-
-const core = __nccwpck_require__(2186);
-const exec = __nccwpck_require__(3264);
-
-const post = (pid) => {
-  if (!pid) {
-    core.warning("No OpenVPN PID found");
-    return;
-  }
-
-  try {
-    exec(`sudo kill ${pid} || true`);
-  } catch (error) {
-    core.warning(`Error stopping OpenVPN: ${error.message}`);
-  }
-};
-
-module.exports = post;
-
-
-/***/ }),
-
-/***/ 1861:
-/***/ ((module) => {
-
-module.exports = eval("require")(".exec");
-
-
 /***/ }),
 
 /***/ 9491:
@@ -27382,30 +27363,13 @@ var __webpack_exports__ = {};
 (() => {
 const core = __nccwpck_require__(2186);
 const main = __nccwpck_require__(1713);
-const post = __nccwpck_require__(8303);
-
-// Detect the current running mode
-const isPost = core.getState("isPost");
 
-if (isPost) {
-  // If it's in post mode, then clean up the environment
-  const pid = core.getState("pid");
-  try {
-    post(pid);
-  } catch (error) {
-    core.setFailed(error.message);
-  }
-} else {
-  // If it's in pre mode, then run the main function
-  try {
-    main((pid) => {
-      core.saveState("pid", pid);
-    });
-  } catch (error) {
-    core.setFailed(error.message);
-  } finally {
-    core.saveState("isPost", true);
-  }
+try {
+  main((pid) => {
+    core.saveState("pid", pid);
+  });
+} catch (error) {
+  core.setFailed(error.message);
 }
 
 })();