mirror of
https://github.com/hashicorp/vault-action.git
synced 2025-11-07 15:16:56 +00:00
feat: add http2 support for Vault communication
This commit is contained in:
Michel Hiemstra
parent
2c5827061f
commit
df5f6ffc17
3 changed files with 51 additions and 1 deletions
43
README.md
43
README.md
|
|
@ -25,20 +25,54 @@ is not meant to modify Vault’s state.
|
||||||
- [Userpass](#userpass)
|
- [Userpass](#userpass)
|
||||||
- [Ldap](#ldap)
|
- [Ldap](#ldap)
|
||||||
- [Other Auth Methods](#other-auth-methods)
|
- [Other Auth Methods](#other-auth-methods)
|
||||||
- [Custom Path](#custom-path-name)
|
- [Custom Path Name](#custom-path-name)
|
||||||
- [Key Syntax](#key-syntax)
|
- [Key Syntax](#key-syntax)
|
||||||
- [Simple Key](#simple-key)
|
- [Simple Key](#simple-key)
|
||||||
- [Set Output Variable Name](#set-output-variable-name)
|
- [Set Output Variable Name](#set-output-variable-name)
|
||||||
- [Multiple Secrets](#multiple-secrets)
|
- [Multiple Secrets](#multiple-secrets)
|
||||||
- [KV secrets engine version 2](#kv-secrets-engine-version-2)
|
- [KV secrets engine version 2](#kv-secrets-engine-version-2)
|
||||||
|
- [PKI Certificate Requests](#pki-certificate-requests)
|
||||||
- [Other Secret Engines](#other-secret-engines)
|
- [Other Secret Engines](#other-secret-engines)
|
||||||
- [Adding Extra Headers](#adding-extra-headers)
|
- [Adding Extra Headers](#adding-extra-headers)
|
||||||
- [HashiCorp Cloud Platform or Vault Enterprise](#hashicorp-cloud-platform-or-vault-enterprise)
|
- [HashiCorp Cloud Platform or Vault Enterprise](#hashicorp-cloud-platform-or-vault-enterprise)
|
||||||
- [Namespace](#namespace)
|
- [Namespace](#namespace)
|
||||||
- [Reference](#reference)
|
- [Reference](#reference)
|
||||||
|
- [`url`](#url)
|
||||||
|
- [`secrets`](#secrets)
|
||||||
|
- [`namespace`](#namespace-1)
|
||||||
|
- [`method`](#method)
|
||||||
|
- [`role`](#role)
|
||||||
|
- [`path`](#path)
|
||||||
|
- [`token`](#token-1)
|
||||||
|
- [`roleId`](#roleid)
|
||||||
|
- [`secretId`](#secretid)
|
||||||
|
- [`githubToken`](#githubtoken)
|
||||||
|
- [`jwtPrivateKey`](#jwtprivatekey)
|
||||||
|
- [`jwtKeyPassword`](#jwtkeypassword)
|
||||||
|
- [`jwtGithubAudience`](#jwtgithubaudience)
|
||||||
|
- [`jwtTtl`](#jwtttl)
|
||||||
|
- [`kubernetesTokenPath`](#kubernetestokenpath)
|
||||||
|
- [`username`](#username)
|
||||||
|
- [`password`](#password)
|
||||||
|
- [`authPayload`](#authpayload)
|
||||||
|
- [`extraHeaders`](#extraheaders)
|
||||||
|
- [`http2`](#http2)
|
||||||
|
- [`exportEnv`](#exportenv)
|
||||||
|
- [`exportToken`](#exporttoken)
|
||||||
|
- [`outputToken`](#outputtoken)
|
||||||
|
- [`caCertificate`](#cacertificate)
|
||||||
|
- [`clientCertificate`](#clientcertificate)
|
||||||
|
- [`clientKey`](#clientkey)
|
||||||
|
- [`tlsSkipVerify`](#tlsskipverify)
|
||||||
|
- [`ignoreNotFound`](#ignorenotfound)
|
||||||
- [Masking - Hiding Secrets from Logs](#masking---hiding-secrets-from-logs)
|
- [Masking - Hiding Secrets from Logs](#masking---hiding-secrets-from-logs)
|
||||||
- [Normalization](#normalization)
|
- [Normalization](#normalization)
|
||||||
- [Contributing](#contributing)
|
- [Contributing](#contributing)
|
||||||
|
- [Build](#build)
|
||||||
|
- [Vault test instance](#vault-test-instance)
|
||||||
|
- [Running unit tests](#running-unit-tests)
|
||||||
|
- [Running acceptance tests](#running-acceptance-tests)
|
||||||
|
- [Running the action locally](#running-the-action-locally)
|
||||||
|
|
||||||
<!-- /TOC -->
|
<!-- /TOC -->
|
||||||
|
|
||||||
|
|
@ -673,6 +707,13 @@ The JSON payload to be sent to Vault when using a custom authentication method.
|
||||||
|
|
||||||
A string of newline separated extra headers to include on every request.
|
A string of newline separated extra headers to include on every request.
|
||||||
|
|
||||||
|
### `http2`
|
||||||
|
|
||||||
|
**Type: `string`**\
|
||||||
|
**Default: `false`**
|
||||||
|
|
||||||
|
Whether or not to use HTTP/2 when communicating with the Vault server.
|
||||||
|
|
||||||
### `exportEnv`
|
### `exportEnv`
|
||||||
|
|
||||||
**Type: `string`**\
|
**Type: `string`**\
|
||||||
|
|
|
||||||
|
|
@ -51,6 +51,10 @@ inputs:
|
||||||
extraHeaders:
|
extraHeaders:
|
||||||
description: 'A string of newline separated extra headers to include on every request.'
|
description: 'A string of newline separated extra headers to include on every request.'
|
||||||
required: false
|
required: false
|
||||||
|
http2:
|
||||||
|
description: 'Whether or not to use HTTP/2 when communicating with the Vault server.'
|
||||||
|
default: 'false'
|
||||||
|
required: false
|
||||||
exportEnv:
|
exportEnv:
|
||||||
description: 'Whether or not export secrets as environment variables.'
|
description: 'Whether or not export secrets as environment variables.'
|
||||||
default: 'true'
|
default: 'true'
|
||||||
|
|
|
||||||
|
|
@ -54,6 +54,11 @@ async function exportSecrets() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const http2 = (core.getInput('http2', { required: false }) || 'false').toLowerCase() != 'false';
|
||||||
|
if (http2 === true) {
|
||||||
|
defaultOptions.http2 = true;
|
||||||
|
}
|
||||||
|
|
||||||
const tlsSkipVerify = (core.getInput('tlsSkipVerify', { required: false }) || 'false').toLowerCase() != 'false';
|
const tlsSkipVerify = (core.getInput('tlsSkipVerify', { required: false }) || 'false').toLowerCase() != 'false';
|
||||||
if (tlsSkipVerify === true) {
|
if (tlsSkipVerify === true) {
|
||||||
defaultOptions.https.rejectUnauthorized = false;
|
defaultOptions.https.rejectUnauthorized = false;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue