New Task: github_org_to_env

[jlantz]

New task to upsert a GitHub Environment with secrets and variables of relevant info.

The purpose is to allow either local publishing of a cci org either created or imported from sfdx to be published to a GitHub Repository Environment that can be used in GitHub Actions builds to access the org securely.

Review Notes

• Full test coverage for all changes
• Adds a dependency on PyNaCL per GitHub documentation
• Moves the logic of SfdxOrgConfig.sfdx_info to get_sfdx_info which supports the optional verbose argument.
  • If True, the --verbose option flag is used when calling sfdx and the retrieved sfdx_info is not stored in the org config to prevent accidentally storing the sfdxAuthUrl's value.
  • This change was done to allow the OrgToEnvironment task to get the sfdxAuthUrl value securely.
  • Since this change allows tasks to get the sfdxAuthUrl, verbose mode emits a warning log message: Using --verbose mode to retrieve the sfdxAuthUrl
  • Question: Should this be _get_sfdx_info?

Demo

Example Output:

$ cci task run github_org_to_env --environment-name JasonDevScratch
[10/21/24 14:45:07] Beginning task: OrgToEnvironment                                              
                    As user: test-********@example.com                                        
                    In org: 00D*************                                                       
                                                                                                  
Collecting Salesforce org information...
                    Getting org info from Salesforce CLI for test-********@example.com        
Getting or Creating GitHub environment JasonDevScratch...
[10/21/24 14:45:12] ORG_ID of environment matches, proceeding with update.                        
Updating secrets ACCESS_TOKEN,SFDX_AUTH_URL
                    Updated secret ACCESS_TOKEN in environment JasonDevScratch                    
                    Updated secret SFDX_AUTH_URL in environment JasonDevScratch                   
Updating variables 
CUMULUSCI_CONFIG,INSTANCE_NAME,INSTANCE_URL,NAMESPACE,NAMESPACED,ORG_ID,ORG_TYPE,SCRATCH,SCRATCHDE
F,USERNAME
                    Variable CUMULUSCI_CONFIG in environment JasonDevScratch is already up to     
                    date.                                                                         
                    Variable INSTANCE_NAME in environment JasonDevScratch is already up to date.  
                    Variable INSTANCE_URL in environment JasonDevScratch is already up to date.   
                    Variable NAMESPACE in environment JasonDevScratch is already up to date.      
                    Variable NAMESPACED in environment JasonDevScratch is already up to date.     
                    Variable ORG_ID in environment JasonDevScratch is already up to date.         
                    Variable ORG_TYPE in environment JasonDevScratch is already up to date.       
                    Variable SCRATCH in environment JasonDevScratch is already up to date.        
                    Variable SCRATCHDEF in environment JasonDevScratch is already up to date.     
                    Variable USERNAME in environment JasonDevScratch is already up to date.       
╭──────── GitHub Environment JasonDevScratch Updated Successfully ────╮
│ Successfully updated the GitHub environment with Salesforce org information.                   │
╰─────────────────────────────────────────╯

And the resulting GitHub Environment: