make "role" input optional

Per Vault documentation it doesn't have to be provided, and the auth provider's "default_role" parameter is required precisely for this case. https://www.vaultproject.io/api/auth/jwt
2025-11-14 18:13:45 +00:00 · 2022-01-27 22:33:06 +01:00 · 2022-01-27 22:33:06 +01:00 · 4bd533450e
commit 4bd533450e
parent 67281159df
2 changed files with 10 additions and 1 deletions
--- a/integrationTests/basic/jwt_auth.test.js
+++ b/integrationTests/basic/jwt_auth.test.js
@ -233,6 +233,15 @@ describe('jwt auth', () => {
            expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
        })

+        it('successfully authenticates as default role without specifying it', async () => {
+            when(core.getInput)
+                .calledWith('role')
+                .mockReturnValueOnce(null);
+
+            await exportSecrets();
+            expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
+        })
+
    });

 });
--- a/src/auth.js
+++ b/src/auth.js
@ -25,7 +25,7 @@ async function retrieveToken(method, client) {
        case 'jwt': {
            /** @type {string} */
            let jwt;
-            const role = core.getInput('role', { required: true });
+            const role = core.getInput('role', { required: false });
            const privateKeyRaw = core.getInput('jwtPrivateKey', { required: false });
            const privateKey = Buffer.from(privateKeyRaw, 'base64').toString();
            const keyPassword = core.getInput('jwtKeyPassword', { required: false });