Swizec Teller - a geek with a hatswizec.com

Senior Mindset Book

Get promoted, earn a bigger salary, work for top companies

Senior Engineer Mindset cover
Learn more

    Using JavaScript to commit to Github – CodeWithSwiz 7

    Update code with a JavaScript function? Easier than you think 😍

    CodeWithSwiz is a twice-a-week live show. Like a podcast with video and fun hacking. Focused on experiments. Join live Wednesdays and Sundays

    Episode 7 continues where we left off – got the server /api routes, need to write to GitHub.

    You can't do this in the browser, you'd leak API tokens. Easy mistake to ignore, but GitHub tokens are serious.

    GitHub tokens are keys to your kingdom. An attacker could take this and overwrite any and all code you own.

    Leaking important tokens is serious enough that AWS blocked my whole account when I shared a token.

    Why write to GitHub

    We're exploring NextJS by building a headless CMS. Modern static site generators use markdown files to represent each article.

    Add a dash of Netlify or Vercel and you get a wonderful workflow: Write markdown, commit to git, push to GitHub, trigger deploy.

    And that's what our /api method needs to do.

    // pages/api/publishArticle.js
    
    export default async (req, res) => {
      const status = await commitArticle(req.body)
    
      res.status(status).json({ success: true })
    }
    

    Think of the API method as your controller. Gets a request, does work, returns the result. In this case the status code we get from GitHub.

    How to use JavaScript to commit to GitHub

    GitHub maintains an open source @octokit/rest library. Works great, but I find the documentation difficult to untangle.

    Here's what you do:

    1. auth with your GitHub token
    2. prep data to commit
    3. check for an existing file SHA hash
    4. commit your code

    1. auth with your GitHub token

    We're using Github's personal access token stored in a .env.local file for now. We'll add an authentication flow later.

    // pages/api/publishArticle.js
    import { Octokit } from "@octokit/rest"
    
    const octokit = new Octokit({
      auth: process.env.GITHUB_TOKEN,
    })
    

    This gives you an authenticated octokit library to use. Hardcoded to your user.

    2. prep data to commit

    GitHub requires that you send files encoded as Base64.

    We use the js-base64 library for that. Dealing with native Node buffers and encoding/decoding felt like too much.

    // pages/api/publishArticle.js
    
        content: Base64.encode(
            `${frontmatter(article)}\n\n${article.markdown}`
        ),
    

    Calls the frontmatter method on our article, smashes it together with the markdown content, and encodes them both into Base64.

    You get a string that's safe to send over the internets without losing character encodings or binary info.

    PS: we share the frontmatter method between server and browser via a utils library. Both ends are JavaScript and that makes code sharing super convenient ✌️

    3. check for an existing file SHA hash

    GitHub freaks out when you commit over a file that exists. You need to say you're doing this on purpose.

    For that, you'll need the current SHA blob of the file you're overwriting. Thanks to Aleš for finding the right method to use on chat during the stream.

    // pages/api/publishArticle.js
    
    async function getSHA(path) {
      const result = await octokit.repos.getContent({
        owner: "Swizec",
        repo: "test-repo",
        path,
      })
    
      const sha = result?.data?.sha
    
      return sha
    }
    

    Call that method with the path to your file and it returns the correct SHA string to use. Among other info like the contents of the file, the commit it belongs to, etc.

    4. commit your code

    The final "publish an article as a single Markdown file" method looks like this:

    // pages/api/publishArticle.js
    
    async function commitArticle(article) {
      const path = `${slug(article.title)}.mdx`
      const sha = await getSHA(path)
    
      const result = await octokit.repos.createOrUpdateFileContents({
        owner: "Swizec",
        repo: "test-repo",
        path,
        message: `Add article "${article.title}"`,
        content: Base64.encode(`${frontmatter(article)}\n\n${article.markdown}`),
        sha,
      })
    
      return result?.status || 500
    }
    

    Create our filename from the title, check for any existing SHA, create or update the file.

    You get a test repository with 2 files and a couple commits

    Commit change for a test article
    Commit change for a test article

    Cheers, ~Swizec

    Published on September 17th, 2020 in CodeWithSwiz, Technical, NextJS, Livecoding

    Did you enjoy this article?

    Continue reading about Using JavaScript to commit to Github – CodeWithSwiz 7

    Semantically similar articles hand-picked by GPT-4

    Senior Mindset Book

    Get promoted, earn a bigger salary, work for top companies

    Learn more

    Have a burning question that you think I can answer? Hit me up on twitter and I'll do my best.

    Who am I and who do I help? I'm Swizec Teller and I turn coders into engineers with "Raw and honest from the heart!" writing. No bullshit. Real insights into the career and skills of a modern software engineer.

    Want to become a true senior engineer? Take ownership, have autonomy, and be a force multiplier on your team. The Senior Engineer Mindset ebook can help 👉 swizec.com/senior-mindset. These are the shifts in mindset that unlocked my career.

    Curious about Serverless and the modern backend? Check out Serverless Handbook, for frontend engineers 👉 ServerlessHandbook.dev

    Want to Stop copy pasting D3 examples and create data visualizations of your own? Learn how to build scalable dataviz React components your whole team can understand with React for Data Visualization

    Want to get my best emails on JavaScript, React, Serverless, Fullstack Web, or Indie Hacking? Check out swizec.com/collections

    Did someone amazing share this letter with you? Wonderful! You can sign up for my weekly letters for software engineers on their path to greatness, here: swizec.com/blog

    Want to brush up on your modern JavaScript syntax? Check out my interactive cheatsheet: es6cheatsheet.com

    By the way, just in case no one has told you it yet today: I love and appreciate you for who you are ❤️

    Created by Swizec with ❤️