do some cleanup and some type fixes

2025-11-14 18:13:45 +00:00 · 2020-04-04 13:17:53 -05:00 · 2020-04-04 13:17:53 -05:00 · 133471acb8
commit 133471acb8
parent a3d9453865
4 changed files with 47 additions and 25 deletions
--- a/package.json
+++ b/package.json
@ -38,8 +38,8 @@
    },
    "homepage": "https://github.com/RichiCoder1/vault-action#readme",
    "dependencies": {
-        "@actions/core": "^1.2.2",
-        "got": "^10.2.2"
+        "got": "^10.2.2",
+        "@actions/core": "^1.2.3"
    },
    "devDependencies": {
        "@types/got": "^9.6.9",
--- a/src/action.js
+++ b/src/action.js
@ -1,9 +1,7 @@
 // @ts-check
-// @ts-ignore
 const core = require('@actions/core');
-// @ts-ignore
 const command = require('@actions/core/lib/command');
-const got = require('got');
+const got = require('got').default;
 const { retrieveToken } = require('./auth');

 const AUTH_METHODS = ['approle', 'token', 'github'];
@ -16,6 +14,7 @@ async function exportSecrets() {
    const exportEnv = core.getInput('exportEnv', { required: false }) != 'false';

    let enginePath = core.getInput('path', { required: false });
+    /** @type {number | string} */
    let kvVersion = core.getInput('kv-version', { required: false });

    const secretsInput = core.getInput('secrets', { required: true });
@ -40,7 +39,7 @@ async function exportSecrets() {
    }

    const client = got.extend(defaultOptions);
-    const vaultToken = await retrieveToken(vaultMethod, /** @type {any} */ (client));
+    const vaultToken = await retrieveToken(vaultMethod, client);

    if (!enginePath) {
        enginePath = 'secret';
@ -209,17 +208,6 @@ function normalizeOutputKey(dataKey) {
    return dataKey.replace('/', '__').replace(/[^\w-]/, '').toUpperCase();
 }

-// @ts-ignore
-/**
- * @param {string} input
- */
-function parseBoolInput(input) {
-    if (input === null || input === undefined || input.trim() === '') {
-        return null;
-    }
-    return Boolean(input);
-}
-
 /**
 * @param {string} inputKey
 * @param {any} inputOptions
--- a/src/auth.js
+++ b/src/auth.js
@ -1,9 +1,10 @@
+// @ts-check
 const core = require('@actions/core');

 /***
- * Authentication with Vault and retrieve a vault token
+ * Authenticate with Vault and retrieve a Vault token that can be used for requests.
 * @param {string} method
- * @param {import('got')} client
+ * @param {import('got').Got} client
 */
 async function retrieveToken(method, client) {
    switch (method) {
@ -32,28 +33,49 @@ async function retrieveToken(method, client) {
 }

 /***
- * Authentication with Vault and retrieve a vault token
- * @param {import('got')} client
+ * Call the appropriate login endpoint and parse out the token in the response.
+ * @param {import('got').Got} client
 * @param {string} method
 * @param {any} payload
 */
 async function getClientToken(client, method, payload) {
-    /** @type {any} */
+    /** @type {'json'} */
+    const responseType = 'json';
    var options = {
        json: payload,
-        responseType: 'json'
+        responseType,
    };

    core.debug(`Retrieving Vault Token from v1/auth/${method}/login endpoint`);
+
+    /** @type {import('got').Response<VaultLoginResponse>} */
    const response = await client.post(`v1/auth/${method}/login`, options);
    if (response && response.body && response.body.auth && response.body.auth.client_token) {
        core.debug('✔ Vault Token successfully retrieved');
+
+        core.startGroup('Token Info');
+        core.debug(`Operating under policies: ${JSON.stringify(response.body.auth.policies)}`);
+        core.debug(`Token Metadata: ${JSON.stringify(response.body.auth.metadata)}`);
+        core.endGroup();
+
        return response.body.auth.client_token;
    } else {
        throw Error(`Unable to retrieve token from ${method}'s login endpoint.`);
    }
 }

+/***
+ * @typedef {Object} VaultLoginResponse
+ * @property {{
+ *  client_token: string;
+ *  accessor: string;
+ *  policies: string[];
+ *  metadata: unknown;
+ *  lease_duration: number;
+ *  renewable: boolean;
+ * }} auth
+ */
+
 module.exports = {
-    retrieveToken
-}
+    retrieveToken,
+};
--- a/tsconfig.json
+++ b/tsconfig.json
@ -0,0 +1,12 @@
+{
+    "compilerOptions": {
+        "module": "commonjs",
+        "target": "es2019",
+        "moduleResolution": "node",
+        "allowJs": true,
+        "noEmit": true
+    },
+    "exclude": [
+        "node_modules"
+    ]
+}