actions/vault-action
5
0
Fork 0
mirror of https://github.com/hashicorp/vault-action.git synced 2025-11-06 23:06:54 +00:00
Code Activity Actions
309 commits 7 branches 48 tags 5.7 MiB
Commit graph

309 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tom Proctor
55a11671e0
Retry on 412 status codes (#333) 
* Retry on 412 status codes
* Add retry tests
 2022-06-29 12:55:26 +01:00
dependabot[bot]
ad04ab9377
chore(deps): bump minimist from 1.2.5 to 1.2.6 (#341) 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-28 14:39:20 -07:00
Christopher Swenson
2dcbd17a34
Add additional mocks needed for tests in new versions of @actions (#343) 
Tests started failing after @actions was bumped in
https://github.com/hashicorp/vault-action/pull/334
 2022-06-28 14:35:22 -07:00
dependabot[bot]
d2b5111993
chore(deps-dev): bump @actions/core from 1.6.0 to 1.9.0 (#334) 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.6.0 to 1.9.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-28 13:57:21 -07:00
dependabot[bot]
f5817917e5
chore(deps): bump jsrsasign from 10.5.24 to 10.5.25 (#340) 
* chore(deps): bump jsrsasign from 10.5.24 to 10.5.25

Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.5.24 to 10.5.25.
- [Release notes](https://github.com/kjur/jsrsasign/releases)
- [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt)
- [Commits](https://github.com/kjur/jsrsasign/compare/10.5.24...10.5.25)

---
updated-dependencies:
- dependency-name: jsrsasign
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Use RSA-2048 key instead of 4096

After bumping jest, the RSA signing performance went down by a factor of
2 or so, which causes tests to fail (since they went from ~3 seconds to
~6 seconds to generate a 4096-bit RSA signature). The tests generate
these signatures to fake responses from GitHub.

After replacing the keys with a 2048-bit key, the signing times are now
under a second.

* Revert unnecessary change to test timeout

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
 2022-06-28 13:53:04 -07:00
dependabot[bot]
bbf40c0251
chore(deps-dev): bump jest and @types/jest (#330) 
Bumps [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest) and [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest). These dependencies needed to be updated together.

Updates `jest` from 26.6.3 to 28.1.1
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v28.1.1/packages/jest)

Updates `@types/jest` from 27.4.1 to 28.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-major
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-28 10:54:00 -07:00
dependabot[bot]
cebb457349
chore(deps-dev): bump semantic-release from 17.2.3 to 19.0.3 (#331) 
Bumps [semantic-release](https://github.com/semantic-release/semantic-release) from 17.2.3 to 19.0.3.
- [Release notes](https://github.com/semantic-release/semantic-release/releases)
- [Commits](https://github.com/semantic-release/semantic-release/compare/v17.2.3...v19.0.3)

---
updated-dependencies:
- dependency-name: semantic-release
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-28 10:46:23 -07:00
Christopher Swenson
6ee4dd3797
Set node version to v16.14.0 to workaround node/npm bug (#335) 
Node 16.14.2 thinks the `package-lock.json` is out of sync when it is
not.

https://github.com/npm/cli/issues/4660
 2022-06-15 14:50:07 -07:00
dependabot[bot]
a502b7fa66
chore(deps): bump jsrsasign from 10.2.0 to 10.5.24 (#329) 
Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.2.0 to 10.5.24.
- [Release notes](https://github.com/kjur/jsrsasign/releases)
- [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt)
- [Commits](https://github.com/kjur/jsrsasign/compare/10.2.0...10.5.24)

---
updated-dependencies:
- dependency-name: jsrsasign
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-15 13:08:36 -07:00
Tom Proctor
abba4a3980
Update to v2.4.1 (#317) 2022-04-28 16:20:56 +01:00
Tom Proctor
e025870ee9
changelog++ 2022-04-28 11:29:22 +01:00
Tom Proctor
4f536680b6
Update default branch 2022-04-28 11:24:54 +01:00
dependabot[bot]
fd9b31c94c
chore(deps): bump jsonata from 1.8.4 to 1.8.6 (#312) 
Bumps [jsonata](https://github.com/jsonata-js/jsonata) from 1.8.4 to 1.8.6.
- [Release notes](https://github.com/jsonata-js/jsonata/releases)
- [Changelog](https://github.com/jsonata-js/jsonata/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jsonata-js/jsonata/compare/v1.8.4...v1.8.6)

---
updated-dependencies:
- dependency-name: jsonata
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-28 11:17:38 +01:00
Tom Proctor
8e9712e63b
Fix tests from jest-when version bump (#311) 
* Fix tests from jest-when version bump
* Delete unused test helpers
* Add workflow_dispatch for tests
 2022-04-28 11:12:56 +01:00
dependabot[bot]
25737aea2b
chore(deps-dev): bump jest-when from 2.7.2 to 3.5.1 (#294) 
Bumps [jest-when](https://github.com/timkindberg/jest-when) from 2.7.2 to 3.5.1.
- [Release notes](https://github.com/timkindberg/jest-when/releases)
- [Commits](https://github.com/timkindberg/jest-when/compare/v2.7.2...v3.5.1)

---
updated-dependencies:
- dependency-name: jest-when
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-26 13:16:46 +01:00
dependabot[bot]
c2b108a1cb
chore(deps): bump node-fetch from 2.6.1 to 2.6.7 (#308) 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-26 13:14:45 +01:00
dependabot[bot]
7c940db65a
chore(deps-dev): bump @types/jest from 26.0.23 to 27.4.1 (#297) 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 26.0.23 to 27.4.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-26 13:13:45 +01:00
dependabot[bot]
d9ec4185f7
chore(deps): bump trim-off-newlines from 1.0.1 to 1.0.3 (#309) 
Bumps [trim-off-newlines](https://github.com/stevemao/trim-off-newlines) from 1.0.1 to 1.0.3.
- [Release notes](https://github.com/stevemao/trim-off-newlines/releases)
- [Commits](https://github.com/stevemao/trim-off-newlines/compare/v1.0.1...v1.0.3)

---
updated-dependencies:
- dependency-name: trim-off-newlines
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-26 13:12:57 +01:00
dependabot[bot]
203b1c7ae9
chore(deps): bump moment from 2.28.0 to 2.29.2 (#304) 
Bumps [moment](https://github.com/moment/moment) from 2.28.0 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.28.0...2.29.2)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-26 13:12:06 +01:00
dependabot[bot]
0580f85e79
chore(deps-dev): bump @types/got from 9.6.11 to 9.6.12 (#266) 
Bumps [@types/got](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/got) from 9.6.11 to 9.6.12.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/got)

---
updated-dependencies:
- dependency-name: "@types/got"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-26 13:08:44 +01:00
Tom Proctor
b222012f94
changelog++ 2022-04-26 13:08:02 +01:00
Christopher Swenson
40fb8d7236
Write a better error message when secret not found (follow-up) (#306) 
* Write a better error message when key not found

* Address additional comments on #182

Co-authored-by: Simon Johansson <simon@simonjohansson.com>
 2022-04-20 15:53:24 -07:00
Prakash Manglanathan
4aed62f922
Updated the version in Readme doc. (#303) 
The Sample code provided in the readme doesn't work as expected unless the version has been updated to 2.4.0.
 2022-04-07 16:42:18 -07:00
Tom Proctor
4679f8aa3c
changelog++ 2022-04-07 15:35:48 +01:00
Kamil Domański
2f64a97498
make "role" input optional (#291) 
* make "role" input optional

Per Vault documentation it doesn't have to be provided,
and the auth provider's "default_role" parameter is required
precisely for this case.
https://www.vaultproject.io/api/auth/jwt
 2022-04-07 15:34:46 +01:00
Tom Proctor
25c4aec690
changelog++ 2022-04-07 14:11:27 +01:00
Kevin Schoonover
c14a190aaa
feat(): make secrets parameter optional (#299) 2022-04-07 14:10:23 +01:00
Joonas Venäläinen
843e7fa30a
fix(docs): Fix bound_audience example url in Github OIDC Token section (#302) 2022-04-04 10:11:40 +01:00
Rosemary Wang
876cdcfdd3
Update docs with GitHub OIDC token configuration (#301) 2022-03-28 09:23:28 -07:00
Tom Proctor
67281159df
Update jira action (#274) 
* No longer check for Vault team membership
* Tweak jira states and search parameters
 2021-11-08 11:16:29 +00:00
Theron Voran
61dd38f491
Update to v2.4.0 (#270) 2021-10-21 11:14:14 -07:00
Gary Frederick
168f9696e8
changelog++ 2021-10-08 10:06:23 -07:00
Alex Kulikovskikh
c502100fbe
feat(): add support for github provided jwt auth (#257) 
* fix: update `privateKeyRaw` condition

* fix: add `contents: read` permission

* fix: get token via `@actions/core`

- Update README
- Switch to use `getIDToken` method for Github token retrieval
- Bump `@actions/core` to 1.6.0
- Add `jwtGithubAudience` input
- Remove unnecessary code

* fix: add description for `jwtGithubAudience`

* fix: move default value for `jwtGithubAudience` to `action.yml`

* docs: fix typo in README & grammar

* test: add tests

* fix: reset `dist/index.js`

* fix: remove default value for `jwtGithubAudience` from `action.yml`

* fix: reset `dist/index.js`

* fix: reset `dist/index.js`
 2021-10-08 09:46:21 -07:00
Theron Voran
b8c90c7243
changelog++ 
fix release date
 2021-08-23 08:39:55 -07:00
Theron Voran
d5a69ceca1
Update to v2.3.1 (#242) 2021-08-23 08:36:01 -07:00
dependabot[bot]
f3e4110f8d
chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#239) 2021-08-12 19:00:07 +00:00
Theron Voran
8c00f7e4fd
set vault license for enterprise tests (#240) 
Since hashicorp/vault-enterprise:latest now requires a license to do
anything, we need to set $VAULT_LICENSE when provisioning the
enterprise docker container.
 2021-08-12 11:55:16 -07:00
dependabot[bot]
ab957d2aec
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 (#227) 2021-08-12 17:15:05 +00:00
Theron Voran
0451f06f9f
Update to v2.3.0 (#231) 2021-06-23 14:03:57 -07:00
dependabot[bot]
b6210c5a51
chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#216) 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-03 11:10:25 -04:00
Jason O'Donnell
09740f679f
changelog++ 2021-06-03 11:01:06 -04:00
Falcon Taylor-Carter
72c7a899ca
Implement kubernetes auth / Add customizable auth path (#218) 
* Implement kubernetes auth / Add customizable auth path

* Fix typo

* Apply suggestions from code review

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
 2021-06-03 10:59:51 -04:00
Jason O'Donnell
0cf3bd6a39
Update version in example doc (#215) 2021-05-06 14:27:48 -04:00
Jason O'Donnell
0723fd7348
Update to v2.2.0 (#214) 2021-05-06 13:51:05 -04:00
dependabot[bot]
0405c26bc9
chore(deps): bump jsonata from 1.8.3 to 1.8.4 (#171) 
Bumps [jsonata](https://github.com/jsonata-js/jsonata) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/jsonata-js/jsonata/releases)
- [Changelog](https://github.com/jsonata-js/jsonata/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jsonata-js/jsonata/compare/v1.8.3...v1.8.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-06 13:42:25 -04:00
dependabot[bot]
2eea93c25e
chore(deps-dev): bump @actions/core from 1.2.6 to 1.2.7 (#206) 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.6 to 1.2.7.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-06 13:42:11 -04:00
dependabot[bot]
4d9cf786d6
chore(deps-dev): bump @types/jest from 26.0.22 to 26.0.23 (#207) 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 26.0.22 to 26.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-06 13:41:52 -04:00
dependabot[bot]
575042000a
chore(deps): bump handlebars from 4.7.6 to 4.7.7 (#213) 
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-06 13:41:29 -04:00
dependabot[bot]
cc8ad16bec
chore(deps): bump lodash from 4.17.20 to 4.17.21 (#212) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-06 13:41:20 -04:00
dependabot[bot]
cd1614aee3
chore(deps): bump jsrsasign from 10.1.10 to 10.2.0 (#211) 
Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.1.10 to 10.2.0.
- [Release notes](https://github.com/kjur/jsrsasign/releases)
- [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt)
- [Commits](https://github.com/kjur/jsrsasign/compare/10.1.10...10.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-06 13:38:52 -04:00