From 93d64baa8a7a480b849cd1716dbbdae6c17013d1 Mon Sep 17 00:00:00 2001
From: Leonardo Villela <leonardo.villela37@gmail.com>
Date: Mon, 24 Apr 2023 02:15:24 +0200
Subject: [PATCH] Test if it's possible to overwrite env var variable in action

---
 .github/actions/nested-vault-action/action.yml | 11 +++++++++++
 .github/workflows/build.yml                    | 11 +++++++++++
 integrationTests/e2e/e2e.test.js               |  1 +
 integrationTests/e2e/setup.js                  | 12 ++++++++++++
 4 files changed, 35 insertions(+)
 create mode 100644 .github/actions/nested-vault-action/action.yml

diff --git a/.github/actions/nested-vault-action/action.yml b/.github/actions/nested-vault-action/action.yml
new file mode 100644
index 0000000..32ebb98
--- /dev/null
+++ b/.github/actions/nested-vault-action/action.yml
@@ -0,0 +1,11 @@
+name: 'Nested Vault Action'
+description: 'A Nested Vault Action to be used in E2E tests'
+runs:
+  using: "composite"
+  steps:
+    - uses: ./
+      with:
+        url: http://localhost:8200
+        token: testtoken
+        secrets: |
+          secret/data/nested-vault-action secret | NESTED_VAULT_ACTION_SECRET;
\ No newline at end of file
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index f3898fc..cdec30a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -174,6 +174,17 @@ jobs:
           /cubbyhole/test foo ;
           /cubbyhole/test zip | NAMED_CUBBYSECRET ;
 
+    - name: Test Vault Action Overwrites Env Vars In Nested Action (part 1/2)
+      uses: ./
+      with:
+        url: http://localhost:8200
+        token: testtoken
+        secrets: |
+          secret/data/test secret | NESTED_VAULT_ACTION_SECRET;
+
+    - name: Test Vault Action Overwrites Env Vars In Nested Action (part 2/2)
+      uses: ./.github/actions/nested-vault-action 
+
     - name: Verify Vault Action Outputs
       run: npm run test:e2e
       env:
diff --git a/integrationTests/e2e/e2e.test.js b/integrationTests/e2e/e2e.test.js
index c5ed5af..2ba6688 100644
--- a/integrationTests/e2e/e2e.test.js
+++ b/integrationTests/e2e/e2e.test.js
@@ -9,5 +9,6 @@ describe('e2e', () => {
         expect(process.env.OTHERALTSECRET).toBe("OTHERCUSTOMSECRET");
         expect(process.env.FOO).toBe("bar");
         expect(process.env.NAMED_CUBBYSECRET).toBe("zap");
+        expect(process.env.NESTED_VAULT_ACTION_SECRET).toBe("NESTED_VAULT_ACTION_SECRET");
     });
 });
diff --git a/integrationTests/e2e/setup.js b/integrationTests/e2e/setup.js
index 846a9ed..582bde1 100644
--- a/integrationTests/e2e/setup.js
+++ b/integrationTests/e2e/setup.js
@@ -76,6 +76,18 @@ const vaultToken = `${process.env.VAULT_TOKEN}` === undefined ? `${process.env.V
                 zip: 'zap',
             },
         });
+
+        await got(`http://${vaultUrl}/v1/secret/data/nested-vault-action`, {
+            method: 'POST',
+            headers: {
+                'X-Vault-Token': vaultToken,
+            },
+            json: {
+                data: {
+                    secret: 'NESTED_VAULT_ACTION_SECRET',
+                },
+            },
+        });
     } catch (error) {
         console.log(error);
         process.exit(1);