From c3509cc0950f7119ffbf239d780373fb51acb32e Mon Sep 17 00:00:00 2001
From: JM Faircloth <jmfaircloth@hashicorp.com>
Date: Tue, 20 Jun 2023 11:14:41 -0500
Subject: [PATCH] add more comments and docs

---
 .github/workflows/build.yml       |  5 +----
 .github/workflows/local-test.yaml |  4 +++-
 Makefile                          |  2 +-
 README.md                         | 30 ++++++++++++++----------------
 src/secrets.js                    |  6 +++++-
 5 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 21d0f8b..9cf3ce8 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -160,12 +160,9 @@ jobs:
         url: http://localhost:8200
         token: testtoken
         secrets: |
-          secret/data/test-json-string jsonString ;
           secret/data/test-json-string jsonString | JSON_STRING ;
-
-    - name: Test Vault Action (verify JSON string format)
       run: |
-        echo "${{ steps.import-secrets.outputs.jsonString }}" > secrets.json
+        echo "${{ env.JSON_STRING }}" > secrets.json
         cat secrets.json
         # we should be able to parse the output as JSON
         jq -c . < secrets.json
diff --git a/.github/workflows/local-test.yaml b/.github/workflows/local-test.yaml
index 1b17b5d..4bb0613 100644
--- a/.github/workflows/local-test.yaml
+++ b/.github/workflows/local-test.yaml
@@ -38,7 +38,9 @@ jobs:
 
     - name: Import Secrets
       id: import-secrets
+      # use the local changes
       uses: ./
+      # run against a specific version of vault-action
       # uses: hashicorp/vault-action@v2.1.2
       with:
         url: http://localhost:8200
@@ -52,7 +54,7 @@ jobs:
         touch secrets.json
         echo "${{ steps.import-secrets.outputs.jsonString }}" >> secrets.json
 
-    - name: Check json file
+    - name: Check json file format
       run: |
         echo
         cat secrets.json
diff --git a/Makefile b/Makefile
index b27a661..91758e6 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,3 @@
 .PHONY: local-test
 local-test:
-	docker compose down && docker-compose up -d vault && act workflow_dispatch -j local-test
+	docker compose down;  docker-compose up -d vault && act workflow_dispatch -j local-test
diff --git a/README.md b/README.md
index 5613c61..4dd5c48 100644
--- a/README.md
+++ b/README.md
@@ -547,24 +547,22 @@ $ npm run test:integration:basic # Choose one of: basic, enterprise, e2e, e2e-tl
 ### Running the action locally
 
 You can use the [act](https://github.com/nektos/act) command to test your
-changes locally if desired. Unfortunately it is not currently possible to use
-uncommitted local changes for a shared workfow. You will still need to push the
-changes you would like to validate beforehand. Even if a commit is necessary,
-this is still a more detailed and faster feedback loop than waiting for the
-action to be executed by Github in a different repository.
+changes locally.
 
-Push your changes into a feature branch.
-```sh
-$ git checkout -b my-feature-branch
-$ git commit -m "testing new changes"
-$ git push
-```
+Edit the ./.github/workflows/local-test.yaml file and add any steps necessary
+to test your changes. You may have to additionally edit the Vault url, token
+and secret path if you are not using one of the provided containerized
+instances. The `local-test` job will call the ./integrationTests/e2e/setup.js
+script to bootstrap your local Vault instance with secrets.
 
-Edit the ./.github/workflows/local-test.yaml file to use your new feature
-branch. You may have to additionally edit the vault url, token and secret path
-if you are not using one of the provided containerized instance.  Run your
-feature branch locally.
+Run your feature branch locally:
 
 ```sh
-$ act workflow_dispatch -j local-test
+act workflow_dispatch -j local-test
+```
+
+Or use the provided make target which will also spin up a Vault container:
+
+```sh
+make local-test
 ```
diff --git a/src/secrets.js b/src/secrets.js
index 229d787..79c353f 100644
--- a/src/secrets.js
+++ b/src/secrets.js
@@ -75,7 +75,7 @@ async function selectData(data, selector) {
     if (isJSON(d)) {
         // If we already have JSON we will not "stringify" it yet so that we
         // don't end up calling JSON.parse. This would break the secrets that
-        // are stored as json. See: https://github.com/hashicorp/vault-action/issues/194
+        // are stored as JSON. See: https://github.com/hashicorp/vault-action/issues/194
         result = d;
     } else {
         result = JSON.stringify(d);
@@ -106,6 +106,10 @@ async function selectData(data, selector) {
     return result;
 }
 
+/**
+ * isJSON returns true if str parses as valid JSON
+ * @param {string} str
+ */
 function isJSON(str) {
     if (typeof str !== "string"){
         return false;