neon/.github/actions/neon-project-create/action.yml

name: 'Create Neon Project'
description: 'Create Neon Project using API'

inputs:
  api_key:
    desctiption: 'Neon API key'
    required: true
  region_id:
    desctiption: 'Region ID, if not set the project will be created in the default region'
    default: aws-us-east-2
  postgres_version:
    desctiption: 'Postgres version; default is 15'
    default: 15
  api_host:
    desctiption: 'Neon API host'
    default: console.stage.neon.tech

outputs:
  dsn:
    description: 'Created Project DSN (for main database)'
    value: ${{ steps.create-neon-project.outputs.dsn }}
  project_id:
    description: 'Created Project ID'
    value: ${{ steps.create-neon-project.outputs.project_id }}

runs:
  using: "composite"
  steps:
    - name: Create Neon Project
      id: create-neon-project
      # A shell without `set -x` to not to expose password/dsn in logs
      shell: bash -euo pipefail {0}
      run: |
        project=$(curl \
          "https://${API_HOST}/api/v2/projects" \
          --fail \
          --header "Accept: application/json" \
          --header "Content-Type: application/json" \
          --header "Authorization: Bearer ${API_KEY}" \
          --data "{
            \"project\": {
              \"name\": \"Created by actions/neon-project-create; GITHUB_RUN_ID=${GITHUB_RUN_ID}\",
              \"pg_version\": ${POSTGRES_VERSION},
              \"region_id\": \"${REGION_ID}\",
              \"settings\": { }
            }
          }")

        # Mask password
        echo "::add-mask::$(echo $project | jq --raw-output '.roles[] | select(.name != "web_access") | .password')"

        dsn=$(echo $project | jq --raw-output '.connection_uris[0].connection_uri')
        echo "::add-mask::${dsn}"
        echo "dsn=${dsn}" >> $GITHUB_OUTPUT

        project_id=$(echo $project | jq --raw-output '.project.id')
        echo "project_id=${project_id}" >> $GITHUB_OUTPUT

        echo "Project ${project_id} has been created"
      env:
        API_HOST: ${{ inputs.api_host }}
        API_KEY: ${{ inputs.api_key }}
        REGION_ID: ${{ inputs.region_id }}
        POSTGRES_VERSION: ${{ inputs.postgres_version }}