🤘 Implementation for #59 to support username and password as optional (#60)

Co-authored-by: Dawid Dziurla <dawidd0811@gmail.com>

.github/dependabot.yml

@@ -0,0 +1,24 @@
+version: 2
+updates:
+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "04:00"
+  pull-request-branch-name:
+    separator: "-"
+  open-pull-requests-limit: 10
+  ignore:
+  - dependency-name: nodemailer
+    versions:
+    - 6.4.18
+    - 6.5.0
+    - 6.6.0
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "04:00"
+  pull-request-branch-name:
+    separator: "-"
+  open-pull-requests-limit: 10

README.md

@@ -20,9 +20,9 @@ Some features:
     server_address: smtp.gmail.com
     # Required mail server port:
     server_port: 465
-    # Required mail server username:
+    # Optional (recommended): mail server username:
     username: ${{secrets.MAIL_USERNAME}}
-    # Required mail server password:
+    # Optional (recommended) mail server password:
     password: ${{secrets.MAIL_PASSWORD}}
     # Required mail subject:
     subject: Github Actions job result
@@ -30,6 +30,8 @@ Some features:
     to: obiwan@example.com,yoda@example.com
     # Required sender full name (address can be skipped):
     from: Luke Skywalker # <user@example.com>
+    # Optional whether this connection use TLS (default is true if server_port is 465)
+    secure: true
     # Optional plain body:
     body: Build job of ${{github.repository}} completed successfully!
     # Optional HTML body read from file:
@@ -60,3 +62,8 @@ Changes in Gmail settings may be necessary to get this action to work.
 3. If the Gmail account you're trying to use in this Action is already 2FA (Two Factor Authentication) enabled, the 2FA password will need to be provided as well, which isn't included in the default template.
 
 Users who have had problems have reported success by doing each of these three steps or by doing the first two steps and using a Gmail account that didn't have 2FA enabled.
+
+### Unauthenticated login (username/password fields)
+
+The parameters `username` and `password` are set as optional to support self-hosted runners access to on-premise infrastructure. If
+you are accessing public email servers make sure you provide a username/password authentication through [GitHub Secrets](https://docs.github.com/en/actions/reference/encrypted-secrets) to make the email delivery secure.

action.yml

@@ -13,10 +13,10 @@ inputs:
     required: true
   username:
     description: Authenticate as this user to SMTP server
-    required: true
+    required: false
   password:
     description: Authenticate with this password to SMTP server
-    required: true
+    required: false
   subject:
     description: Subject of mail message
     required: true
@@ -26,6 +26,9 @@ inputs:
   from:
     description: Full name of mail sender (might be with an email address specified in <>)
     required: true
+  secure:
+    description: Whether this connection use TLS (default is true if server_port is 465)
+    required: false
   body:
     description: Body of mail message (might be a filename prefixed with file:// to read from)
     required: false

main.js

@@ -33,11 +33,12 @@ async function main() {
     try {
         const serverAddress = core.getInput("server_address", { required: true })
         const serverPort = core.getInput("server_port", { required: true })
-        const username = core.getInput("username", { required: true })
-        const password = core.getInput("password", { required: true })
+        const username = core.getInput("username")
+        const password = core.getInput("password")
         const subject = core.getInput("subject", { required: true })
         const from = core.getInput("from", { required: true })
         const to = core.getInput("to", { required: true })
+        const secure = core.getInput("secure", { required: false })
         const body = core.getInput("body", { required: false })
         const htmlBody = core.getInput("html_body", { required: false })
         const cc = core.getInput("cc", { required: false })
@@ -47,17 +48,21 @@ async function main() {
         const convertMarkdown = core.getInput("convert_markdown", { required: false })
         const ignoreCert = core.getInput("ignore_cert", { required: false })
 
+        if (!username || !password) {
+            core.warning("Username and password not specified. You should only do this if you are using a self-hosted runner to access an on-premise mail server.")
+        }
+
         const transport = nodemailer.createTransport({
             host: serverAddress,
-            port: serverPort,
-            secure: serverPort == "465",
-            auth: {
+            auth: username && password ? {
                 user: username,
-                pass: password,
-            },
-            tls: ignoreCert ? {
+                pass: password
+            } : undefined,
+            port: serverPort,
+            secure: secure == "true" ? true : serverPort == "465",
+            tls: ignoreCert == "true" ? {
                 rejectUnauthorized: false
-            } : undefined
+            } : undefined,
         })
 
         const info = await transport.sendMail({

package.json

@@ -1,21 +1,6 @@
 {
   "name": "action-send-mail",
-  "version": "1.0.0",
-  "description": "An action that simply sends a mail to multiple recipients.",
   "main": "main.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/dawidd6/action-send-mail.git"
-  },
-  "author": "dawidd6",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/dawidd6/action-send-mail/issues"
-  },
-  "homepage": "https://github.com/dawidd6/action-send-mail#readme",
   "dependencies": {
     "@actions/core": "^1.2.7",
     "nodemailer": "^6.4.17",