adding 3 retries with 3 second delay for core.getIDToken and added jwt test case

2025-11-07 07:06:56 +00:00 · 2025-02-27 15:12:33 -06:00 · 2025-02-27 15:12:33 -06:00 · 9acb952c4c
commit 9acb952c4c
parent a1b77a0929
3 changed files with 76 additions and 2 deletions
--- a/dist/index.js
+++ b/dist/index.js
@ -18847,7 +18847,10 @@ async function retrieveToken(method, client) {
            const githubAudience = core.getInput('jwtGithubAudience', { required: false });

            if (!privateKey) {
-                jwt = await core.getIDToken(githubAudience)
+                jwt = await retryAsyncFunction( 3, 3000, core.getIDToken, githubAudience)
+                  .then((result) => {
+                    return result;
+                });
            } else {
                jwt = generateJwt(privateKey, keyPassword, Number(tokenTtl));
            }
@ -18954,6 +18957,30 @@ async function getClientToken(client, method, path, payload) {
    }
 }

+/***
+ * Generic function for retrying an async function
+ * @param {number} retries
+ * @param {number} delay milliseconds
+ * @param {Function} func
+ * @param {any[]} args
+ */
+async function retryAsyncFunction(retries, delay, func, ...args) {
+  let attempt = 0;
+  while (attempt < retries) {
+    try {
+      const result = await func(...args);
+      return result;
+    } catch (error) {
+      attempt++;
+      if (attempt < retries) {
+        await new Promise(resolve => setTimeout(resolve, delay));
+      } else {
+        throw error;
+      }
+    }
+  }
+}
+
 /***
 * @typedef {Object} VaultLoginResponse
 * @property {{
--- a/src/auth.js
+++ b/src/auth.js
@ -35,7 +35,10 @@ async function retrieveToken(method, client) {
            const githubAudience = core.getInput('jwtGithubAudience', { required: false });

            if (!privateKey) {
-                jwt = await core.getIDToken(githubAudience)
+                jwt = await retryAsyncFunction( 3, 3000, core.getIDToken, githubAudience)
+                  .then((result) => {
+                    return result;
+                });
            } else {
                jwt = generateJwt(privateKey, keyPassword, Number(tokenTtl));
            }
@ -142,6 +145,30 @@ async function getClientToken(client, method, path, payload) {
    }
 }

+/***
+ * Generic function for retrying an async function
+ * @param {number} retries
+ * @param {number} delay milliseconds
+ * @param {Function} func
+ * @param {any[]} args
+ */
+async function retryAsyncFunction(retries, delay, func, ...args) {
+  let attempt = 0;
+  while (attempt < retries) {
+    try {
+      const result = await func(...args);
+      return result;
+    } catch (error) {
+      attempt++;
+      if (attempt < retries) {
+        await new Promise(resolve => setTimeout(resolve, delay));
+      } else {
+        throw error;
+      }
+    }
+  }
+}
+
 /***
 * @typedef {Object} VaultLoginResponse
 * @property {{
--- a/src/auth.test.js
+++ b/src/auth.test.js
@ -85,4 +85,24 @@ describe("test retrival for token", () => {
        const url = got.post.mock.calls[0][0]
        expect(url).toContain('differentK8sPath')
    })
+
+    it("test retrieval with jwt", async () => {
+        const method = "jwt"
+        const jwtToken = "someTestToken"
+        const testRole = "testRole"
+        const privateKeyRaw = ""
+
+        mockApiResponse()
+        mockInput("role", testRole)
+        mockInput("jwtPrivateKey", privateKeyRaw)
+        core.getIDToken = jest.fn()
+        core.getIDToken.mockReturnValueOnce(jwtToken)
+        const token = await retrieveToken(method, got)
+        expect(token).toEqual(testToken)
+        const payload = got.post.mock.calls[0][1].json
+        expect(payload).toEqual({ jwt: jwtToken,  role: testRole })
+        const url = got.post.mock.calls[0][0]
+        expect(url).toContain('jwt')
+  })
+
 })