Add test case, and other updates

2025-11-09 16:16:55 +00:00 · 2023-01-17 10:10:05 -06:00 · 2023-01-17 10:10:05 -06:00 · 90b1fb477d
commit 90b1fb477d
parent 3e767302eb
3 changed files with 25 additions and 5 deletions
--- a/action.yml
+++ b/action.yml
@ -76,8 +76,8 @@ inputs:
    description: 'Time in seconds, after which token expires'
    required: false
    default: 3600
-  secretEncoding:
-    description: 'Encoding of the secret value. Can be "base64", "hex", "utf8".'
+  secretEncodingType:
+    description: 'The encoding type of the secret to decode. If not specified, the secret will not be decoded. Supported values: base64, hex, utf8'
    required: false
 runs:
  using: 'node16'
--- a/src/action.js
+++ b/src/action.js
@ -6,6 +6,7 @@ const jsonata = require('jsonata');
 const { auth: { retrieveToken }, secrets: { getSecrets } } = require('./index');

 const AUTH_METHODS = ['approle', 'token', 'github', 'jwt', 'kubernetes'];
+const ENCODING_TYPES = ['base64', 'hex', 'utf8'];

 async function exportSecrets() {
    const vaultUrl = core.getInput('url', { required: true });
@ -17,7 +18,7 @@ async function exportSecrets() {
    const secretsInput = core.getInput('secrets', { required: false });
    const secretRequests = parseSecretsInput(secretsInput);

-    const secretEncoding = core.getInput('secretEncoding', { required: false });
+    const secretEncodingType = core.getInput('secretEncodingType', { required: false });

    const vaultMethod = (core.getInput('method', { required: false }) || 'token').toLowerCase();
    const authPayload = core.getInput('authPayload', { required: false });
@ -96,8 +97,8 @@ async function exportSecrets() {
        }

        // if a secret is encoded, decode it
-        if (secretEncoding) {
-            value = Buffer.from(value, secretEncoding).toString();
+        if (ENCODING_TYPES.includes(secretEncodingType)) {
+            value = Buffer.from(value, secretEncodingType).toString();
        }

        for (const line of value.replace(/\r/g, '').split('\n')) {
--- a/src/action.test.js
+++ b/src/action.test.js
@ -184,6 +184,12 @@ describe('exportSecrets', () => {
            .mockReturnValueOnce(doExport);
    }

+    function mockEncodeType(doEncode) {
+        when(core.getInput)
+            .calledWith('secretEncodingType', expect.anything())
+            .mockReturnValueOnce(doEncode);
+    }
+
    it('simple secret retrieval', async () => {
        mockInput('test key');
        mockVaultData({
@ -196,6 +202,19 @@ describe('exportSecrets', () => {
        expect(core.setOutput).toBeCalledWith('key', '1');
    });

+    it('encoded secret retrieval', async () => {
+        mockInput('test key');
+        mockVaultData({
+            key: 'MQ=='
+        });
+        mockEncodeType('base64');
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('KEY', '1');
+        expect(core.setOutput).toBeCalledWith('key', '1');
+    });
+
    it('intl secret retrieval', async () => {
        mockInput('测试 测试');
        mockVaultData({