actions/vault-action
5
0
Fork 0
mirror of https://github.com/hashicorp/vault-action.git synced 2025-11-07 07:06:56 +00:00
Code Activity Actions

Update to v2.1.1 (#168)

Browse source
This commit is contained in:
Jason O'Donnell 2020-12-15 11:55:39 -05:00 committed by GitHub
parent c261a0ad69
commit 2fb78ab91e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 48 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
CHANGELOG.md
View file

@ -1,5 +1,14 @@
## Unreleased ## Unreleased
## 2.1.1 (December 15th, 2020)
Improvements:
* bump jest from 26.5.0 to 26.6.3 [GH-150](https://github.com/hashicorp/vault-action/pull/150)
* bump semantic-release from 17.1.2 to 17.3.0 [GH-158](https://github.com/hashicorp/vault-action/pull/158)
* bump got from 11.7.0 to 11.8.1 [GH-163](https://github.com/hashicorp/vault-action/pull/163)
* bump @types/jest from 26.0.14 to 26.0.19 [GH-164](https://github.com/hashicorp/vault-action/pull/164)
* bump ini from 1.3.5 to 1.3.8 [GH-167](https://github.com/hashicorp/vault-action/pull/167)
## 2.1.0 (October 6th, 2020) ## 2.1.0 (October 6th, 2020)
Features: Features:

10
README.md
View file

@ -36,7 +36,7 @@ jobs:
steps: steps:
# ... # ...
- name: Import Secrets - name: Import Secrets
uses: hashicorp/vault-action@v2.1.0 uses: hashicorp/vault-action@v2.1.1
with: with:
url: https://vault.mycompany.com:8200 url: https://vault.mycompany.com:8200
token: ${{ secrets.VaultToken }} token: ${{ secrets.VaultToken }}
@ -161,9 +161,9 @@ with:
## Other Secret Engines ## Other Secret Engines
Vault Action currently supports retrieving secrets from any engine where secrets Vault Action currently supports retrieving secrets from any engine where secrets
are retrieved via `GET` requests. This means secret engines such as PKI are currently are retrieved via `GET` requests. This means secret engines such as PKI are currently
not supported due to their requirement of sending parameters along with the request not supported due to their requirement of sending parameters along with the request
(such as `common_name`). (such as `common_name`).
For example, to request a secret from the `cubbyhole` secret engine: For example, to request a secret from the `cubbyhole` secret engine:
@ -254,7 +254,7 @@ Here are all the inputs available through `with`:
| `caCertificate` | Base64 encoded CA certificate the server certificate was signed with. | | | | `caCertificate` | Base64 encoded CA certificate the server certificate was signed with. | | |
| `clientCertificate` | Base64 encoded client certificate the action uses to authenticate with Vault when mTLS is enabled. | | | | `clientCertificate` | Base64 encoded client certificate the action uses to authenticate with Vault when mTLS is enabled. | | |
| `clientKey` | Base64 encoded client key the action uses to authenticate with Vault when mTLS is enabled. | | | | `clientKey` | Base64 encoded client key the action uses to authenticate with Vault when mTLS is enabled. | | |
| `tlsSkipVerify` | When set to true, disables verification of server certificates when testing the action. | `false` | | | `tlsSkipVerify` | When set to true, disables verification of server certificates when testing the action. | `false` | |
## Masking - Hiding Secrets from Logs ## Masking - Hiding Secrets from Logs

73
dist/index.js vendored
View file

@ -163,7 +163,7 @@ exports.default = (url) => {
href: url.href, href: url.href,
path: `${url.pathname || ''}${url.search || ''}` path: `${url.pathname || ''}${url.search || ''}`
}; };
if (is_1.default.string(url.port) && url.port.length !== 0) { if (is_1.default.string(url.port) && url.port.length > 0) {
options.port = Number(url.port); options.port = Number(url.port);
} }
if (url.username || url.password) { if (url.username || url.password) {
@ -2509,7 +2509,7 @@ const create = (defaults) => {
return result; return result;
})); }));
// Got interface // Got interface
const got = ((url, options, _defaults) => { const got = ((url, options = {}, _defaults) => {
var _a, _b; var _a, _b;
let iteration = 0; let iteration = 0;
const iterateHandlers = (newOptions) => { const iterateHandlers = (newOptions) => {
@ -2530,7 +2530,7 @@ const create = (defaults) => {
let initHookError; let initHookError;
try { try {
callInitHooks(defaults.options.hooks.init, options); callInitHooks(defaults.options.hooks.init, options);
callInitHooks((_a = options === null || options === void 0 ? void 0 : options.hooks) === null || _a === void 0 ? void 0 : _a.init, options); callInitHooks((_a = options.hooks) === null || _a === void 0 ? void 0 : _a.init, options);
} }
catch (error) { catch (error) {
initHookError = error; initHookError = error;
@ -2544,11 +2544,11 @@ const create = (defaults) => {
return iterateHandlers(normalizedOptions); return iterateHandlers(normalizedOptions);
} }
catch (error) { catch (error) {
if (options === null || options === void 0 ? void 0 : options.isStream) { if (options.isStream) {
throw error; throw error;
} }
else { else {
return create_rejection_1.default(error, defaults.options.hooks.beforeError, (_b = options === null || options === void 0 ? void 0 : options.hooks) === null || _b === void 0 ? void 0 : _b.beforeError); return create_rejection_1.default(error, defaults.options.hooks.beforeError, (_b = options.hooks) === null || _b === void 0 ? void 0 : _b.beforeError);
} }
} }
}); });
@ -12083,7 +12083,11 @@ class CacheableLookup {
const newPromise = this.queryAndCache(hostname); const newPromise = this.queryAndCache(hostname);
this._pending[hostname] = newPromise; this._pending[hostname] = newPromise;
cached = await newPromise; try {
cached = await newPromise;
} finally {
delete this._pending[hostname];
}
} }
} }
@ -12197,29 +12201,21 @@ class CacheableLookup {
return this._dnsLookup(hostname, all); return this._dnsLookup(hostname, all);
} }
try { let query = await this._resolve(hostname);
let query = await this._resolve(hostname);
if (query.entries.length === 0 && this._fallback) { if (query.entries.length === 0 && this._fallback) {
query = await this._lookup(hostname); query = await this._lookup(hostname);
if (query.entries.length !== 0) { if (query.entries.length !== 0) {
// Use `dns.lookup(...)` for that particular hostname // Use `dns.lookup(...)` for that particular hostname
this._hostnamesToFallback.add(hostname); this._hostnamesToFallback.add(hostname);
}
} }
const cacheTtl = query.entries.length === 0 ? this.errorTtl : query.cacheTtl;
await this._set(hostname, query.entries, cacheTtl);
delete this._pending[hostname];
return query.entries;
} catch (error) {
delete this._pending[hostname];
throw error;
} }
const cacheTtl = query.entries.length === 0 ? this.errorTtl : query.cacheTtl;
await this._set(hostname, query.entries, cacheTtl);
return query.entries;
} }
_tick(ms) { _tick(ms) {
@ -12458,9 +12454,10 @@ function asPromise(normalizedOptions) {
reject(error); reject(error);
}; };
request.once('error', onError); request.once('error', onError);
const previousBody = request.options.body;
request.once('retry', (newRetryCount, error) => { request.once('retry', (newRetryCount, error) => {
var _a; var _a, _b;
if (is_1.default.nodeStream((_a = error.request) === null || _a === void 0 ? void 0 : _a.options.body)) { if (previousBody === ((_a = error.request) === null || _a === void 0 ? void 0 : _a.options.body) && is_1.default.nodeStream((_b = error.request) === null || _b === void 0 ? void 0 : _b.options.body)) {
onError(error); onError(error);
return; return;
} }
@ -12884,6 +12881,9 @@ exports.default = async (body, headers) => {
} }
if (body instanceof fs_1.ReadStream) { if (body instanceof fs_1.ReadStream) {
const { size } = await statAsync(body.path); const { size } = await statAsync(body.path);
if (size === 0) {
return undefined;
}
return size; return size;
} }
return undefined; return undefined;
@ -14440,7 +14440,7 @@ class RequestError extends Error {
} }
this.timings = (_a = this.request) === null || _a === void 0 ? void 0 : _a.timings; this.timings = (_a = this.request) === null || _a === void 0 ? void 0 : _a.timings;
// Recover the original stacktrace // Recover the original stacktrace
if (!is_1.default.undefined(error.stack)) { if (is_1.default.string(error.stack) && is_1.default.string(this.stack)) {
const indexOfMessage = this.stack.indexOf(this.message) + this.message.length; const indexOfMessage = this.stack.indexOf(this.message) + this.message.length;
const thisStackTrace = this.stack.slice(indexOfMessage).split('\n').reverse(); const thisStackTrace = this.stack.slice(indexOfMessage).split('\n').reverse();
const errorStackTrace = error.stack.slice(error.stack.indexOf(error.message) + error.message.length).split('\n').reverse(); const errorStackTrace = error.stack.slice(error.stack.indexOf(error.message) + error.message.length).split('\n').reverse();
@ -14916,7 +14916,7 @@ class Request extends stream_1.Duplex {
if (defaults && !areHooksDefault) { if (defaults && !areHooksDefault) {
for (const event of exports.knownHookEvents) { for (const event of exports.knownHookEvents) {
const defaultHooks = defaults.hooks[event]; const defaultHooks = defaults.hooks[event];
if (defaultHooks.length !== 0) { if (defaultHooks.length > 0) {
// See https://github.com/microsoft/TypeScript/issues/31445#issuecomment-576929044 // See https://github.com/microsoft/TypeScript/issues/31445#issuecomment-576929044
options.hooks[event] = [ options.hooks[event] = [
...defaults.hooks[event], ...defaults.hooks[event],
@ -15238,12 +15238,7 @@ class Request extends stream_1.Duplex {
request.destroy(); request.destroy();
// Node.js <= 12.18.2 mistakenly emits the response `end` first. // Node.js <= 12.18.2 mistakenly emits the response `end` first.
(_a = request.res) === null || _a === void 0 ? void 0 : _a.removeAllListeners('end'); (_a = request.res) === null || _a === void 0 ? void 0 : _a.removeAllListeners('end');
if (error instanceof timed_out_1.TimeoutError) { error = error instanceof timed_out_1.TimeoutError ? new TimeoutError(error, this.timings, this) : new RequestError(error.message, error, this);
error = new TimeoutError(error, this.timings, this);
}
else {
error = new RequestError(error.message, error, this);
}
this._beforeError(error); this._beforeError(error);
}); });
this[kUnproxyEvents] = proxy_events_1.default(request, this, proxiedRequestEvents); this[kUnproxyEvents] = proxy_events_1.default(request, this, proxiedRequestEvents);
@ -15607,7 +15602,7 @@ class Request extends stream_1.Duplex {
}); });
// TODO: What happens if it's from cache? Then this[kRequest] won't be defined. // TODO: What happens if it's from cache? Then this[kRequest] won't be defined.
this[kRequest].write(chunk, encoding, (error) => { this[kRequest].write(chunk, encoding, (error) => {
if (!error && this._progressCallbacks.length !== 0) { if (!error && this._progressCallbacks.length > 0) {
this._progressCallbacks.shift()(); this._progressCallbacks.shift()();
} }
callback(error); callback(error);
@ -15671,7 +15666,7 @@ class Request extends stream_1.Duplex {
*/ */
get ip() { get ip() {
var _a; var _a;
return (_a = this[kRequest]) === null || _a === void 0 ? void 0 : _a.socket.remoteAddress; return (_a = this.socket) === null || _a === void 0 ? void 0 : _a.remoteAddress;
} }
/** /**
Indicates whether the request has been aborted or not. Indicates whether the request has been aborted or not.
@ -15681,8 +15676,8 @@ class Request extends stream_1.Duplex {
return ((_b = (_a = this[kRequest]) === null || _a === void 0 ? void 0 : _a.destroyed) !== null && _b !== void 0 ? _b : this.destroyed) && !((_c = this[kOriginalResponse]) === null || _c === void 0 ? void 0 : _c.complete); return ((_b = (_a = this[kRequest]) === null || _a === void 0 ? void 0 : _a.destroyed) !== null && _b !== void 0 ? _b : this.destroyed) && !((_c = this[kOriginalResponse]) === null || _c === void 0 ? void 0 : _c.complete);
} }
get socket() { get socket() {
var _a; var _a, _b;
return (_a = this[kRequest]) === null || _a === void 0 ? void 0 : _a.socket; return (_b = (_a = this[kRequest]) === null || _a === void 0 ? void 0 : _a.socket) !== null && _b !== void 0 ? _b : undefined;
} }
/** /**
Progress event for downloading (receiving a response). Progress event for downloading (receiving a response).