feat(authenticate): add approle auth method (#10)

* feat(authenticate): add approle auth method * docs(readme): update readme * fix: update index.js * fix: update got to 10.2.2 to fix ncc * chore: clean up code slightly * chore: update tests to use got correctly * chore(test): fix integration tests * chore: streamline method logic * chore: make role and secret required in approle Co-authored-by: Sébastien FAUVART <sebastien.fauvart@gmail.com> Co-authored-by: Richard Simpson <richardsimpson@outlook.com>
2025-11-07 15:16:56 +00:00 · 2020-01-29 02:10:19 +01:00 · 2020-01-29 02:10:19 +01:00 · 3b9239de79
commit 3b9239de79
parent 7a9634236c
9 changed files with 2981 additions and 2159 deletions
--- a/README.md
+++ b/README.md
@ -22,6 +22,26 @@ jobs:
            # ...
 ```
 ## Authentication method
 The `method` parameter can have these value :
 - **token**: (by default) you must provide a token parameter
 ```yaml
 ...
 with:
  url: https://vault.mycompany.com:8200
  token: ${{ secrets.VaultToken }}
 ```
 - **approle**: you must provide a roleId & secretId parameter
 ```yaml
 ...
 with:
  url: https://vault.mycompany.com:8200
  method: approle
  roleId: ${{ secrets.roleId }}
  secretId : ${{ secrets.secretId }}
 ```
 ## Key Syntax
 The `secrets` parameter is a set of multiple secret requests separated by the `;` character.
@ -84,6 +104,7 @@ steps:
      uses: RichiCoder1/vault-action
      with:
        url: https://vault-enterprise.mycompany.com:8200
        method: token
        token: ${{ secrets.VaultToken }}
        namespace: ns1
        secrets: |
--- a/action.js
+++ b/action.js
@ -2,23 +2,58 @@ const core = require('@actions/core');
 const command = require('@actions/core/lib/command');
 const got = require('got');
 const AUTH_METHODS = ['approle', 'token'];
 async function exportSecrets() {
    const vaultUrl = core.getInput('url', { required: true });
    const vaultToken = core.getInput('token', { required: true });
    const vaultNamespace = core.getInput('namespace', { required: false });
    const secretsInput = core.getInput('secrets', { required: true });
    const secrets = parseSecretsInput(secretsInput);
    const vaultMethod = core.getInput('method', { required: false }) || 'token';
    if (!AUTH_METHODS.includes(vaultMethod)) {
        throw Error(`Sorry, the authentication method ${vaultMethod} is not currently supported.`);
    }
    let vaultToken = null;
    switch (vaultMethod) {
        case 'approle':
            const vaultRoleId = core.getInput('roleId', { required: true });
            const vaultSecretId = core.getInput('secretId', { required: true });
            core.debug('Try to retrieve Vault Token from approle');
            var options = { 
                headers: {}, 
                json: { role_id: vaultRoleId, secret_id: vaultSecretId }, 
                responseType: 'json' 
            };
            if (vaultNamespace != null) {
                options.headers["X-Vault-Namespace"] = vaultNamespace;
            }
            const result = await got.post(`${vaultUrl}/v1/auth/approle/login`, options);
            if (result && result.body && result.body.auth && result.body.auth.client_token) {
                vaultToken = result.body.auth.client_token;
                core.debug('✔ Vault Token has retrieved from approle');
            } else {
                throw Error(`No token was retrieved with the role_id and secret_id provided.`);
            }
            break;
        default:
            vaultToken = core.getInput('token', { required: true });
            break;
    }
    for (const secret of secrets) {
        const { secretPath, outputName, secretKey } = secret;
        const requestOptions = {
            headers: {
                'X-Vault-Token': vaultToken
-            }};
+            },
        };
-        if (vaultNamespace != null){
+        if (vaultNamespace != null) {
-            requestOptions.headers["X-Vault-Namespace"] = vaultNamespace
+            requestOptions.headers["X-Vault-Namespace"] = vaultNamespace;
        }
        const result = await got(`${vaultUrl}/v1/secret/data/${secretPath}`, requestOptions);
--- a/dist/index.js
+++ b/dist/index.js
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -13,5 +13,5 @@ services:
    environment:
      VAULT_DEV_ROOT_TOKEN_ID: testtoken
    ports:
-      - 8201:8201
+      - 8201:8200
    privileged: true
--- a/integrationTests/basic/integration.test.js
+++ b/integrationTests/basic/integration.test.js
@ -23,12 +23,11 @@ describe('integration', () => {
            headers: {
                'X-Vault-Token': 'testtoken',
            },
-            body: {
+            json: {
                data: {
                    secret: 'SUPERSECRET',
                },
            },
            json: true,
        });
        await got(`${vaultUrl}/v1/secret/data/nested/test`, {
@ -36,12 +35,11 @@ describe('integration', () => {
            headers: {
                'X-Vault-Token': 'testtoken',
            },
-            body: {
+            json: {
                data: {
                    otherSecret: 'OTHERSUPERSECRET',
                },
            },
            json: true,
        });
    });
--- a/integrationTests/e2e/setup.js
+++ b/integrationTests/e2e/setup.js
@ -14,12 +14,11 @@ const got = require('got');
            headers: {
                'X-Vault-Token': 'testtoken',
            },
-            body: {
+            json: {
                data: {
                    secret: 'SUPERSECRET',
                },
            },
            json: true,
        });
        await got(`http://${process.env.VAULT_HOST}:${process.env.VAULT_PORT}/v1/secret/data/nested/test`, {
@ -27,12 +26,11 @@ const got = require('got');
            headers: {
                'X-Vault-Token': 'testtoken',
            },
-            body: {
+            json: {
                data: {
                    otherSecret: 'OTHERSUPERSECRET',
                },
            },
            json: true,
        });
    } catch (error) {
        console.log(error);
--- a/integrationTests/enterprise/enterprise.test.js
+++ b/integrationTests/enterprise/enterprise.test.js
@ -11,6 +11,7 @@ const vaultUrl = `http://${process.env.VAULT_HOST || 'localhost'}:${process.env.
 describe('integration', () => {
    beforeAll(async () => {
        try {
            // Verify Connection
            await got(`${vaultUrl}/v1/secret/config`, {
                headers: {
@ -23,8 +24,7 @@ describe('integration', () => {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
-            },
+                }
            json: true,
            });
            // Enable secret engine
@ -34,8 +34,7 @@ describe('integration', () => {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns1',
                },
-            body: { path: 'secret', type: 'kv', config: {}, options: { version: 2 }, generate_signing_key: true },
+                json: { path: 'secret', type: 'kv', config: {}, options: { version: 2 }, generate_signing_key: true },
            json: true,
            });
            await got(`${vaultUrl}/v1/secret/data/test`, {
@ -44,12 +43,11 @@ describe('integration', () => {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns1',
                },
-            body: {
+                json: {
                    data: {
                        secret: 'SUPERSECRET_IN_NAMESPACE',
                    },
                },
            json: true,
            });
            await got(`${vaultUrl}/v1/secret/data/nested/test`, {
@ -58,13 +56,16 @@ describe('integration', () => {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns1',
                },
-            body: {
+                json: {
                    data: {
                        otherSecret: 'OTHERSUPERSECRET_IN_NAMESPACE',
                    },
                },
            json: true,
            });
        } catch (e) {
            console.error('Failed to setup test', e);
            throw e;
        }
    });
    beforeEach(() => {
@ -128,3 +129,145 @@ describe('integration', () => {
        expect(core.exportVariable).toBeCalledWith('OTHERSECRET', 'OTHERSUPERSECRET_IN_NAMESPACE');
    });
 });
 describe('authenticate with approle', () => {
    let roleId;
    let secretId;
    beforeAll(async () => {
        try {
            // Verify Connection
            await got(`${vaultUrl}/v1/secret/config`, {
                headers: {
                    'X-Vault-Token': 'testtoken',
                },
            });
            // Create namespace
            await got(`${vaultUrl}/v1/sys/namespaces/ns2`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                },
            });
            // Enable secret engine
            await got(`${vaultUrl}/v1/sys/mounts/secret`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                json: { path: 'secret', type: 'kv', config: {}, options: { version: 2 }, generate_signing_key: true },
            });
            // Add secret
            await got(`${vaultUrl}/v1/secret/data/test`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                json: {
                    data: {
                        secret: 'SUPERSECRET_WITH_APPROLE',
                    },
                },
            });
            // Enable approle
            await got(`${vaultUrl}/v1/sys/auth/approle`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                json: {
                    type: 'approle'
                },
            });
            // Create policies
            await got(`${vaultUrl}/v1/sys/policies/acl/test`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                json: {
                    "name":"test",
                    "policy":"path \"auth/approle/*\" {\n    capabilities = [\"read\", \"list\"]\n}\npath \"auth/approle/role/my-role/role-id\"\n{\n    capabilities = [\"create\", \"read\", \"update\", \"delete\", \"list\"]\n}\npath \"auth/approle/role/my-role/secret-id\"\n{\n    capabilities = [\"create\", \"read\", \"update\", \"delete\", \"list\"]\n}\n\npath \"secret/data/*\" {\n    capabilities = [\"list\"]\n}\npath \"secret/metadata/*\" {\n    capabilities = [\"list\"]\n}\n\npath \"secret/data/test\" {\n    capabilities = [\"read\", \"list\"]\n}\npath \"secret/metadata/test\" {\n    capabilities = [\"read\", \"list\"]\n}\npath \"secret/data/test/*\" {\n    capabilities = [\"read\", \"list\"]\n}\npath \"secret/metadata/test/*\" {\n    capabilities = [\"read\", \"list\"]\n}\n"
                },
            });
            // Create approle
            await got(`${vaultUrl}/v1/auth/approle/role/my-role`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                json: {
                    policies: 'test'
                },
            });
            // Get role-id
            const roldIdResponse = await got(`${vaultUrl}/v1/auth/approle/role/my-role/role-id`, {
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                responseType: 'json',
            });
            roleId = roldIdResponse.body.data.role_id;
            // Get secret-id
            const secretIdResponse = await got(`${vaultUrl}/v1/auth/approle/role/my-role/secret-id`, {
                method: 'POST',
                headers: {
                    'X-Vault-Token': 'testtoken',
                    'X-Vault-Namespace': 'ns2',
                },
                responseType: 'json',
            });
            secretId = secretIdResponse.body.data.secret_id;
        } catch(err) {
            console.warn('Create approle', err);
            throw err;
        }
    });
    beforeEach(() => {
        jest.resetAllMocks();
        when(core.getInput)
            .calledWith('method')
            .mockReturnValue('approle');
        when(core.getInput)
            .calledWith('roleId')
            .mockReturnValue(roleId);
        when(core.getInput)
            .calledWith('secretId')
            .mockReturnValue(secretId);
        when(core.getInput)
            .calledWith('url')
            .mockReturnValue(`${vaultUrl}`);
        when(core.getInput)
            .calledWith('namespace')
            .mockReturnValue('ns2');
    });
    function mockInput(secrets) {
        when(core.getInput)
            .calledWith('secrets')
            .mockReturnValue(secrets);
    }
    it('authenticate with approle', async()=> {
        mockInput('test secret');
        await exportSecrets();
        expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET_WITH_APPROLE');
    })
 });
--- a/package-lock.json
+++ b/package-lock.json
@ -810,16 +810,16 @@
      }
    },
    "@sindresorhus/is": {
-      "version": "0.14.0",
+      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-0.14.0.tgz",
+      "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-1.2.0.tgz",
-      "integrity": "sha512-9NET910DNaIPngYnLLPeg+Ogzqsi9uM4mSboU5y6p8S5DzMTVEsJZrawi+BoDNUVBa2DhJqQYUFvMDfgU062LQ=="
+      "integrity": "sha512-mwhXGkRV5dlvQc4EgPDxDxO6WuMBVymGFd1CA+2Y+z5dG9MNspoQ+AWjl/Ld1MnpCL8AKbosZlDVohqcIwuWsw=="
    },
    "@szmarczak/http-timer": {
-      "version": "1.1.2",
+      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-1.1.2.tgz",
+      "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-4.0.0.tgz",
-      "integrity": "sha512-XIB2XbzHTN6ieIjfIMV9hlVcfPU26s2vafYWQcZHWXHOxiaRZYEDKEwdl129Zyg50+foYV2jCgtrqSA6qNuNSA==",
+      "integrity": "sha512-3yoXv8OtGr/r3R5gaWWNQ3VUoQ5G3Gmo8DXX95V14ZVvE2b7Pj6Ide9uIDON8ym4D/ItyfL9ejohYUPqOyvRXw==",
      "requires": {
-        "defer-to-connect": "^1.0.1"
+        "defer-to-connect": "^1.1.1"
      }
    },
    "@types/babel__core": {
@ -863,6 +863,17 @@
        "@babel/types": "^7.3.0"
      }
    },
    "@types/cacheable-request": {
      "version": "6.0.1",
      "resolved": "https://registry.npmjs.org/@types/cacheable-request/-/cacheable-request-6.0.1.tgz",
      "integrity": "sha512-ykFq2zmBGOCbpIXtoVbz4SKY5QriWPh3AjyU4G74RYbtt5yOc5OfaY75ftjg7mikMOla1CTGpX3lLbuJh8DTrQ==",
      "requires": {
        "@types/http-cache-semantics": "*",
        "@types/keyv": "*",
        "@types/node": "*",
        "@types/responselike": "*"
      }
    },
    "@types/events": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/@types/events/-/events-3.0.0.tgz",
@ -880,6 +891,11 @@
        "@types/node": "*"
      }
    },
    "@types/http-cache-semantics": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.0.tgz",
      "integrity": "sha512-c3Xy026kOF7QOTn00hbIllV1dLR9hG9NkSrLQgCVs8NF6sBU+VGWjD3wLPhmh1TYAc7ugCFsvHYMN4VcBN1U1A=="
    },
    "@types/istanbul-lib-coverage": {
      "version": "2.0.1",
      "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.1.tgz",
@ -920,6 +936,14 @@
      "integrity": "sha512-yALhelO3i0hqZwhjtcr6dYyaLoCHbAMshwtj6cGxTvHZAKXHsYGdff6E8EPw3xLKY0ELUTQ69Q1rQiJENnccMA==",
      "dev": true
    },
    "@types/keyv": {
      "version": "3.1.1",
      "resolved": "https://registry.npmjs.org/@types/keyv/-/keyv-3.1.1.tgz",
      "integrity": "sha512-MPtoySlAZQ37VoLaPcTHCu1RWJ4llDkULYZIzOYxlhxBqYPB0RsRlmMU0R6tahtFe27mIdkHV+551ZWV4PLmVw==",
      "requires": {
        "@types/node": "*"
      }
    },
    "@types/minimatch": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.3.tgz",
@ -929,8 +953,7 @@
    "@types/node": {
      "version": "12.7.5",
      "resolved": "https://registry.npmjs.org/@types/node/-/node-12.7.5.tgz",
-      "integrity": "sha512-9fq4jZVhPNW8r+UYKnxF1e2HkDWOWKM5bC2/7c9wPV835I0aOrVbS/Hw/pWPk2uKrNXQqg9Z959Kz+IYDd5p3w==",
+      "integrity": "sha512-9fq4jZVhPNW8r+UYKnxF1e2HkDWOWKM5bC2/7c9wPV835I0aOrVbS/Hw/pWPk2uKrNXQqg9Z959Kz+IYDd5p3w=="
      "dev": true
    },
    "@types/normalize-package-data": {
      "version": "2.4.0",
@ -938,6 +961,14 @@
      "integrity": "sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA==",
      "dev": true
    },
    "@types/responselike": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/@types/responselike/-/responselike-1.0.0.tgz",
      "integrity": "sha512-85Y2BjiufFzaMIlvJDvTTB8Fxl2xfLo4HgmHzVBz08w4wDePCTjYw66PdrolO0kzli3yam/YCgRufyo1DdQVTA==",
      "requires": {
        "@types/node": "*"
      }
    },
    "@types/retry": {
      "version": "0.12.0",
      "resolved": "https://registry.npmjs.org/@types/retry/-/retry-0.12.0.tgz",
@ -1463,10 +1494,18 @@
        "unset-value": "^1.0.0"
      }
    },
    "cacheable-lookup": {
      "version": "0.2.1",
      "resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-0.2.1.tgz",
      "integrity": "sha512-BQ8MRjxJASEq2q+w0SusPU3B054gS278K8sj58QCLMZIso5qG05+MdCdmXxuyVlfvI8h4bPsNOavVUauVCGxrg==",
      "requires": {
        "keyv": "^3.1.0"
      }
    },
    "cacheable-request": {
-      "version": "6.1.0",
+      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-6.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-7.0.0.tgz",
-      "integrity": "sha512-Oj3cAGPCqOZX7Rz64Uny2GYAZNliQSqfbePrgAQ1wKAihYmCUnraBtJtKcGR4xz7wF+LoJC+ssFZvv5BgF9Igg==",
+      "integrity": "sha512-UVG4gMn3WjnAeFBBx7RFoprgOANIAkMwN5Dta6ONmfSwrCxfm0Ip7g0mIBxIRJZX9aDsoID0Ry3dU5Pr0csKKA==",
      "requires": {
        "clone-response": "^1.0.2",
        "get-stream": "^5.1.0",
@ -1474,7 +1513,7 @@
        "keyv": "^3.0.0",
        "lowercase-keys": "^2.0.0",
        "normalize-url": "^4.1.0",
-        "responselike": "^1.0.2"
+        "responselike": "^2.0.0"
      },
      "dependencies": {
        "get-stream": {
@ -1484,11 +1523,6 @@
          "requires": {
            "pump": "^3.0.0"
          }
        },
        "lowercase-keys": {
          "version": "2.0.0",
          "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-2.0.0.tgz",
          "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA=="
        }
      }
    },
@ -1646,6 +1680,13 @@
      "integrity": "sha1-0dyXOSAxTfZ/vrlCI7TuNQI56Ws=",
      "requires": {
        "mimic-response": "^1.0.0"
      },
      "dependencies": {
        "mimic-response": {
          "version": "1.0.1",
          "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz",
          "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ=="
        }
      }
    },
    "co": {
@ -1952,11 +1993,11 @@
      "dev": true
    },
    "decompress-response": {
-      "version": "3.3.0",
+      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-5.0.0.tgz",
-      "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=",
+      "integrity": "sha512-TLZWWybuxWgoW7Lykv+gq9xvzOsUjQ9tF09Tj6NSTYGMTCHNXzrPnD6Hi+TgZq19PyTAGH4Ll/NIM/eTGglnMw==",
      "requires": {
-        "mimic-response": "^1.0.0"
+        "mimic-response": "^2.0.0"
      }
    },
    "deep-extend": {
@ -1972,9 +2013,9 @@
      "dev": true
    },
    "defer-to-connect": {
-      "version": "1.0.2",
+      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-1.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-1.1.1.tgz",
-      "integrity": "sha512-k09hcQcTDY+cwgiwa6PYKLm3jlagNzQ+RSvhjzESOGOx+MNOuXkxTfEvPrO1IOQ81tArCFYQgi631clB70RpQw=="
+      "integrity": "sha512-J7thop4u3mRTkYRQ+Vpfwy2G5Ehoy82I14+14W4YMDLKdWloI9gSzRbV30s/NckQGVJtPkWNcW4oMAUigTdqiQ=="
    },
    "define-properties": {
      "version": "1.1.3",
@ -3184,6 +3225,7 @@
      "version": "4.1.0",
      "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz",
      "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==",
      "dev": true,
      "requires": {
        "pump": "^3.0.0"
      }
@ -3282,21 +3324,39 @@
      }
    },
    "got": {
-      "version": "9.6.0",
+      "version": "10.2.2",
-      "resolved": "https://registry.npmjs.org/got/-/got-9.6.0.tgz",
+      "resolved": "https://registry.npmjs.org/got/-/got-10.2.2.tgz",
-      "integrity": "sha512-R7eWptXuGYxwijs0eV+v3o6+XH1IqVK8dJOEecQfTmkncw9AV4dcw/Dhxi8MdlqPthxxpZyizMzyg8RTmEsG+Q==",
+      "integrity": "sha512-QibZN13xHH/mc7H5uuU2xq28xxs8moEPsJrW9AQQX0jAV4DkGdllHDVE9cxw1nntIPFk8xzzOrgJZBg194AWrg==",
      "requires": {
-        "@sindresorhus/is": "^0.14.0",
+        "@sindresorhus/is": "^1.0.0",
-        "@szmarczak/http-timer": "^1.1.2",
+        "@szmarczak/http-timer": "^4.0.0",
-        "cacheable-request": "^6.0.0",
+        "@types/cacheable-request": "^6.0.1",
-        "decompress-response": "^3.3.0",
+        "cacheable-lookup": "^0.2.1",
        "cacheable-request": "^7.0.0",
        "decompress-response": "^5.0.0",
        "duplexer3": "^0.1.4",
-        "get-stream": "^4.1.0",
+        "get-stream": "^5.0.0",
-        "lowercase-keys": "^1.0.1",
+        "lowercase-keys": "^2.0.0",
-        "mimic-response": "^1.0.1",
+        "mimic-response": "^2.0.0",
-        "p-cancelable": "^1.0.0",
+        "p-cancelable": "^2.0.0",
-        "to-readable-stream": "^1.0.0",
+        "responselike": "^2.0.0",
-        "url-parse-lax": "^3.0.0"
+        "to-readable-stream": "^2.0.0",
        "type-fest": "^0.8.0"
      },
      "dependencies": {
        "get-stream": {
          "version": "5.1.0",
          "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz",
          "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==",
          "requires": {
            "pump": "^3.0.0"
          }
        },
        "type-fest": {
          "version": "0.8.1",
          "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz",
          "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA=="
        }
      }
    },
    "graceful-fs": {
@ -4669,9 +4729,9 @@
      }
    },
    "lowercase-keys": {
-      "version": "1.0.1",
+      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz",
+      "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-2.0.0.tgz",
-      "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA=="
+      "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA=="
    },
    "lru-cache": {
      "version": "5.1.1",
@ -4889,9 +4949,9 @@
      "dev": true
    },
    "mimic-response": {
-      "version": "1.0.1",
+      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz",
+      "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-2.0.0.tgz",
-      "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ=="
+      "integrity": "sha512-8ilDoEapqA4uQ3TwS0jakGONKXVJqpy+RpM+3b7pLdOjghCrEiGp9SRkFbUHAmZW9vdnrENWHjaweIoTIJExSQ=="
    },
    "minimatch": {
      "version": "3.0.4",
@ -8791,9 +8851,9 @@
      }
    },
    "p-cancelable": {
-      "version": "1.1.0",
+      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-1.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.0.0.tgz",
-      "integrity": "sha512-s73XxOZ4zpt1edZYZzvhqFa6uvQc1vwUa0K0BdtIZgQMAJj9IbebH+JkgKZc9h+B05PKHLOTl4ajG1BmNrVZlw=="
+      "integrity": "sha512-wvPXDmbMmu2ksjkB4Z3nZWTSkJEb9lqVdMaCKpZUGJG9TMiNp9XcbG3fn9fPKjem04fJMJnXoyFPk2FmgiaiNg=="
    },
    "p-each-series": {
      "version": "1.0.0",
@ -9041,11 +9101,6 @@
      "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=",
      "dev": true
    },
    "prepend-http": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-2.0.0.tgz",
      "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc="
    },
    "pretty-format": {
      "version": "24.9.0",
      "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-24.9.0.tgz",
@ -9342,11 +9397,11 @@
      "dev": true
    },
    "responselike": {
-      "version": "1.0.2",
+      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/responselike/-/responselike-2.0.0.tgz",
-      "integrity": "sha1-kYcg7ztjHFZCvgaPFa3lpG9Loec=",
+      "integrity": "sha512-xH48u3FTB9VsZw7R+vvgaKeLKzT6jOogbQhEe/jewwnZgzPcnyWui2Av6JpoYZF/91uueC+lqhWqeURw5/qhCw==",
      "requires": {
-        "lowercase-keys": "^1.0.0"
+        "lowercase-keys": "^2.0.0"
      }
    },
    "ret": {
@ -10257,9 +10312,9 @@
      }
    },
    "to-readable-stream": {
-      "version": "1.0.0",
+      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/to-readable-stream/-/to-readable-stream-1.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/to-readable-stream/-/to-readable-stream-2.1.0.tgz",
-      "integrity": "sha512-Iq25XBt6zD5npPhlLVXGFN3/gyR2/qODcKNNyTMd4vbm39HUaOiAM4PMq0eMVC/Tkxz+Zjdsc55g9yyz+Yq00Q=="
+      "integrity": "sha512-o3Qa6DGg1CEXshSdvWNX2sN4QHqg03SPq7U6jPXRahlQdl5dK8oXjkU/2/sGrnOZKeGV1zLSO8qPwyKklPPE7w=="
    },
    "to-regex": {
      "version": "3.0.2",
@ -10455,14 +10510,6 @@
      "integrity": "sha512-jk1+QP6ZJqyOiuEI9AEWQfju/nB2Pw466kbA0LEZljHwKeMgd9WrAEgEGxjPDD2+TNbbb37rTyhEfrCXfuKXnA==",
      "dev": true
    },
    "url-parse-lax": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-3.0.0.tgz",
      "integrity": "sha1-FrXK/Afb42dsGxmZF3gj1lA6yww=",
      "requires": {
        "prepend-http": "^2.0.0"
      }
    },
    "use": {
      "version": "3.1.1",
      "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz",
--- a/package.json
+++ b/package.json
@ -39,7 +39,7 @@
    "homepage": "https://github.com/RichiCoder1/vault-action#readme",
    "dependencies": {
        "@actions/core": "^1.1.1",
-        "got": "^9.6.0"
+        "got": "^10.2.2"
    },
    "devDependencies": {
        "@types/jest": "^24.0.18",