We're using a serverless approach to GitHub GraphQL API authentication thanks to a Cloud Function. It acts as a proxy to the API handling the Personal Access Token on the server side.
It requires the following environment variables to be setup
ALLOWED_ORIGINSGITHUB_GRAPHQL_API_URLGITHUB_PAT
To run locally, build and run with:
npx tsc
source .env
npx functions-framework --target=main
The serverless function has unit tests covering CORS, environment validation, and proxy functionality.
# Run all tests once
yarn test
# Run tests in watch mode (development)
yarn test:watch
# Run tests with coverage report
yarn test:coverageAfter running yarn test:coverage, open coverage/index.html in a browser to view the coverage report.
Tests run automatically on every push via GitHub Actions. The workflow:
- Installs dependencies
- Runs all tests
- Reports results
Tests use mocked GitHub API responses - no real API calls are made during testing.
The Cloud Function is deployed using Terraform from the project root directory.
make devops/terraform/apply