add more tests

2025-11-07 15:16:56 +00:00 · 2023-07-05 12:25:38 -05:00 · 2023-07-05 12:25:38 -05:00 · 788264dddd
commit 788264dddd
parent a24b038252
3 changed files with 70 additions and 20 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -185,6 +185,23 @@ jobs:
      env:
        OTHER_SECRET_OUTPUT: ${{ steps.kv-secrets.outputs.otherSecret }}

+    - name: Test Parsing Secrets (part 1/2)
+      # this step sets up secres to be used in Test Parsing Secrets (part 2/2)
+      uses: ./
+      with:
+        url: https://localhost:8200
+        token: ${{ env.VAULT_TOKEN }}
+        secrets: |
+          secret/data/test-json-string jsonString;
+          secret/data/test-json-multiline jsonStringMultiline;
+
+    - name: Test Parsing Secrets (part 2/2)
+      # this step will call a JS script to test that we can successfully parse
+      # JSON string data into JS objects
+      run: |
+        node ./scripts/parse.js
+
+
  e2e-tls:
    runs-on: ubuntu-latest

--- a/scripts/parse.js
+++ b/scripts/parse.js
@ -1,20 +1,12 @@
-// const core = require('@actions/core');
-
 try {
    let inputs = [
        process.env.JSONSTRING,
        process.env.JSONSTRINGMULTILINE,
-        process.env.JSONDATA,
-        process.env.SINGLELINE,
-        process.env.MULTILINE,
    ];

    let names = [
        "test-json-string",
        "test-json-string-multiline",
-        "test-json-data",
-        "singleline",
-        "multiline",
    ];

    let i = 0;
@ -23,7 +15,7 @@ try {
        i++;
        input = (input || '').trim();
        if (!input) {
-            throw new Error(`Missing service account key JSON (got empty value)`);
+            throw new Error(`missing input`);
        }

        // If the string doesn't start with a JSON object character, it is probably
@ -39,12 +31,10 @@ try {
            console.log('success!')
            return creds;
        } catch (err) {
-            console.log('error parsing')
-            console.log(err)
+            throw new Error(`error parsing: ${err}`);
        }
    })
-
 } catch (error) {
-    console.log(error)
+    throw new Error(`error in parse.js: ${err}`);
 }

--- a/src/action.test.js
+++ b/src/action.test.js
@ -220,7 +220,26 @@ describe('exportSecrets', () => {
        expect(core.setOutput).toBeCalledWith('key', '1');
    });

-    it('json secret retrieval', async () => {
+    it('JSON data secret retrieval', async () => {
+        const jsonData = {"x":1,"y":2};
+
+        // for secrets stored in Vault as pure JSON, we call stringify twice
+        // and remove the added surrounding quotes
+        let result = JSON.stringify(JSON.stringify(jsonData));
+        result = result.substring(1, result.length - 1);
+
+        mockInput('test key');
+        mockVaultData({
+            key: jsonData,
+        });
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('KEY', result);
+        expect(core.setOutput).toBeCalledWith('key', result);
+    });
+
+    it('JSON string secret retrieval', async () => {
        const jsonString = '{"x":1,"y":2}';

        mockInput('test key');
@ -234,13 +253,14 @@ describe('exportSecrets', () => {
        expect(core.setOutput).toBeCalledWith('key', jsonString);
    });

-    it('multi-line json secret retrieval', async () => {
+    it('multi-line JSON string secret retrieval', async () => {
        const jsonString = `
        {
            "x":1,
            "y":"bar"
        }
        `;
+
        mockInput('test key');
        mockVaultData({
            key: jsonString,
@ -366,7 +386,30 @@ describe('exportSecrets', () => {
        expect(core.setOutput).toBeCalledWith('key', 'secret');
    })

-    it('multi-line secret gets masked for each line', async () => {
+    it('multi-line secret', async () => {
+        const multiLineString = `ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU
+GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3
+Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA
+NrRFi9wrf+M7Q==`;
+
+        mockInput('test key');
+        mockVaultData({
+            key: multiLineString
+        });
+        mockExportToken("false")
+
+        await exportSecrets();
+
+        expect(core.setSecret).toBeCalledTimes(5); // 1 for each non-empty line + VAULT_TOKEN
+
+        expect(core.setSecret).toBeCalledWith("ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU");
+        expect(core.setSecret).toBeCalledWith("GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3");
+        expect(core.setSecret).toBeCalledWith("Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA");
+        expect(core.setSecret).toBeCalledWith("NrRFi9wrf+M7Q==");
+        expect(core.setOutput).toBeCalledWith('key', multiLineString);
+    })
+
+    it('multi-line secret gets masked for each non-empty line', async () => {
        const multiLineString = `a multi-line string

 with blank lines