actions/vault-action
5
0
Fork 0
mirror of https://github.com/hashicorp/vault-action.git synced 2025-11-09 08:06:55 +00:00
Code Activity Actions

chore: clean up code slightly

Browse source
This commit is contained in:
Richard Simpson 2020-01-14 20:17:34 -06:00
parent 0fb9cd6253
commit 333e4389dc
2 changed files with 34 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
action.js
View file

@ -6,30 +6,37 @@ async function exportSecrets() {
const _methods = ['approle', 'token']; const _methods = ['approle', 'token'];
const vaultUrl = core.getInput('url', { required: true }); const vaultUrl = core.getInput('url', { required: true });
var vaultMethod = core.getInput('method', { required: false });
const vaultRoleId = core.getInput('roleId', { required: false }); const vaultRoleId = core.getInput('roleId', { required: false });
const vaultSecretId = core.getInput('secretId', { required: false }); const vaultSecretId = core.getInput('secretId', { required: false });
var vaultToken = core.getInput('token', { required: false });
const vaultNamespace = core.getInput('namespace', { required: false }); const vaultNamespace = core.getInput('namespace', { required: false });
let vaultMethod = core.getInput('method', { required: false });
let vaultToken = core.getInput('token', { required: false });
const secretsInput = core.getInput('secrets', { required: true }); const secretsInput = core.getInput('secrets', { required: true });
const secrets = parseSecretsInput(secretsInput); const secrets = parseSecretsInput(secretsInput);
if (!vaultMethod){ if (!vaultMethod) {
vaultMethod = 'token' vaultMethod = 'token';
} }
if (!_methods.includes(vaultMethod)) { if (!_methods.includes(vaultMethod)) {
throw Error(`Sorry, method ${vaultMethod} currently not implemented.`); throw Error(`Sorry, the authentication method ${vaultMethod} is not currently supported.`);
} }
switch (vaultMethod) { switch (vaultMethod) {
case 'approle': case 'approle':
core.debug('Try to retrieve Vault Token from approle'); core.debug('Try to retrieve Vault Token from approle');
var options = { headers: { }, json: true, body: { role_id: vaultRoleId, secret_id: vaultSecretId }, responseType: 'json' }; var options = {
if (vaultNamespace != null){ headers: {},
options.headers["X-Vault-Namespace"] = vaultNamespace json: { role_id: vaultRoleId, secret_id: vaultSecretId },
responseType: 'json'
};
if (vaultNamespace != null) {
options.headers["X-Vault-Namespace"] = vaultNamespace;
} }
const result = await got.post(`${vaultUrl}/v1/auth/approle/login`, options); const result = await got.post(`${vaultUrl}/v1/auth/approle/login`, options);
if (result && result.body && result.body.auth && result.body.auth.client_token) { if (result && result.body && result.body.auth && result.body.auth.client_token) {
vaultToken = result.body.auth.client_token; vaultToken = result.body.auth.client_token;
@ -39,6 +46,9 @@ async function exportSecrets() {
} }
break; break;
default: default:
if (!vaultToken) {
throw Error(`No token was provided. You must provided a valid vault token if using token authentication.`);
}
break; break;
} }

22
dist/index.js vendored
View file

@ -4069,30 +4069,37 @@ async function exportSecrets() {
const _methods = ['approle', 'token']; const _methods = ['approle', 'token'];
const vaultUrl = core.getInput('url', { required: true }); const vaultUrl = core.getInput('url', { required: true });
var vaultMethod = core.getInput('method', { required: false });
const vaultRoleId = core.getInput('roleId', { required: false }); const vaultRoleId = core.getInput('roleId', { required: false });
const vaultSecretId = core.getInput('secretId', { required: false }); const vaultSecretId = core.getInput('secretId', { required: false });
var vaultToken = core.getInput('token', { required: false });
const vaultNamespace = core.getInput('namespace', { required: false }); const vaultNamespace = core.getInput('namespace', { required: false });
let vaultMethod = core.getInput('method', { required: false });
let vaultToken = core.getInput('token', { required: false });
const secretsInput = core.getInput('secrets', { required: true }); const secretsInput = core.getInput('secrets', { required: true });
const secrets = parseSecretsInput(secretsInput); const secrets = parseSecretsInput(secretsInput);
if (!vaultMethod){ if (!vaultMethod) {
vaultMethod = 'token' vaultMethod = 'token';
} }
if (!_methods.includes(vaultMethod)) { if (!_methods.includes(vaultMethod)) {
throw Error(`Sorry, method ${vaultMethod} currently not implemented.`); throw Error(`Sorry, the authentication method ${vaultMethod} is not currently supported.`);
} }
switch (vaultMethod) { switch (vaultMethod) {
case 'approle': case 'approle':
core.debug('Try to retrieve Vault Token from approle'); core.debug('Try to retrieve Vault Token from approle');
var options = { headers: { }, json: true, body: { role_id: vaultRoleId, secret_id: vaultSecretId }, responseType: 'json' }; var options = {
headers: {},
json: { role_id: vaultRoleId, secret_id: vaultSecretId },
responseType: 'json'
};
if (vaultNamespace != null){ if (vaultNamespace != null){
options.headers["X-Vault-Namespace"] = vaultNamespace options.headers["X-Vault-Namespace"] = vaultNamespace
} }
const result = await got.post(`${vaultUrl}/v1/auth/approle/login`, options); const result = await got.post(`${vaultUrl}/v1/auth/approle/login`, options);
if (result && result.body && result.body.auth && result.body.auth.client_token) { if (result && result.body && result.body.auth && result.body.auth.client_token) {
vaultToken = result.body.auth.client_token; vaultToken = result.body.auth.client_token;
@ -4102,6 +4109,9 @@ async function exportSecrets() {
} }
break; break;
default: default:
if (!vaultToken) {
throw Error(`No token was provided. You must provided a valid vault token if using token authentication.`);
}
break; break;
} }