vault-action

mirror of https://github.com/hashicorp/vault-action.git synced 2025-11-07 07:06:56 +00:00

Author	SHA1	Message	Date
John-Michael Faircloth	166100bd2a	fix warning about outputToken being an unexpected input (#461 )	2023-06-08 10:31:49 -05:00
John-Michael Faircloth	dc4f72debb	Revert "Test that overwrite env var works in nested action (#453 )" (#464 ) This reverts commit `d27529ebde`.	2023-06-08 10:25:58 -05:00
John-Michael Faircloth	a87a71c289	ensure we run the build for all branches (#463 ) * ensure we run the build for all branches * remove pull_request_target since push is sufficient * remove github.ref for checkouts	2023-06-08 09:43:08 -05:00
John-Michael Faircloth	bb61006b6d	Update to v2.6.0 (#458 )	2023-06-07 15:40:06 -05:00
dependabot[bot]	14a4a058b4	chore(deps): bump jsrsasign from 10.6.1 to 10.8.6 (#451 ) Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.6.1 to 10.8.6. - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](https://github.com/kjur/jsrsasign/compare/10.6.1...10.8.6) --- updated-dependencies: - dependency-name: jsrsasign dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-07 13:54:43 -05:00
Robert	2d9c2b9f1b	Update Jira workflow (#456 ) * Migrate jira sync to common workflow --------- Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>	2023-05-23 18:51:32 -05:00
Leonardo Villela	d27529ebde	Test that overwrite env var works in nested action (#453 )	2023-05-19 17:54:24 -07:00
TomNorth	cd5a8995f3	Scoped token access (#441 ) * feat: Always allow scoped access to vault token through outputs * Make optional instead of always, in case of untrusted steps --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Thomas <thomas.north@dazn.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-19 14:11:33 -04:00
Max Coulombe	72c092c8af	* document that the selector uses JSONata (#455 )	2023-05-19 13:24:23 -04:00
hashicorp-tsccr[bot]	9c1dce9ef6	Result of tsccr-helper -pin-all-workflows . (#450 ) Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>	2023-05-19 10:34:26 -04:00
dependabot[bot]	9866ce3e18	chore(deps): bump jsonata from 2.0.2 to 2.0.3 (#448 ) * chore(deps): bump jsonata from 2.0.2 to 2.0.3 Bumps [jsonata](https://github.com/jsonata-js/jsonata) from 2.0.2 to 2.0.3. - [Release notes](https://github.com/jsonata-js/jsonata/releases) - [Changelog](https://github.com/jsonata-js/jsonata/blob/master/CHANGELOG.md) - [Commits](https://github.com/jsonata-js/jsonata/compare/v2.0.2...v2.0.3) --- updated-dependencies: - dependency-name: jsonata dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: maxcoulombe <max.coulombe@hashicorp.com>	2023-05-19 10:29:27 -04:00
Max Wagner	1f5b7d55d8	Set output for the error message (#446 ) * Set output for the error message In the event vault-action throws an error, the error message is sent to the workflow log when with core.setFailed, but that output is not accessible to other steps in the workflow. This change sets an output for the error message, called errorMessage, than can be read by other steps within the workflow and parsed. * Add hashicorp/vault-action#446 to improvements in CHANGELOG	2023-05-19 09:21:14 -04:00
Sai Pranav	d1655aec40	chore(readme): adding readme for #440 (#444 )	2023-05-19 09:17:46 -04:00
Sai Pranav	1d767e3957	Add userpass auth and ldap auth support (#440 ) * fix(auth): added approle test in basic integration * feat(auth): adding userpass and and ldap auth * chore(changelog): added support for userpass and ldap auth	2023-03-31 17:58:12 -05:00
dependabot[bot]	c253c155ba	chore(deps-dev): bump jest from 29.4.3 to 29.5.0 (#438 ) Bumps [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest) from 29.4.3 to 29.5.0. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v29.5.0/packages/jest) --- updated-dependencies: - dependency-name: jest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-28 10:50:10 -04:00
Max Coulombe	3a9100e7d5	Enhanced "Example Usage" section (#435 ) +added documentation on how to use the retrieved secrets + added an example of converting the vault-action outputs to json * fix e2e test setup	2023-03-02 16:06:42 -05:00
Mike Dahl	256bfb9e6a	handle undefined response in getSecrets error handler (#431 )	2023-03-02 14:39:28 -05:00
Max Coulombe	3bbbc68bd0	Development flow enhancements (#430 ) + added a contribution section to the readme + added a local workflow to test changes + made the vault token configurable for tests * bumped action/checkout	2023-02-28 15:28:33 -05:00
dependabot[bot]	74bc2a617b	chore(deps): bump jsonata from 1.8.6 to 2.0.2 (#426 ) * chore(deps): bump jsonata from 1.8.6 to 2.0.2 Bumps [jsonata](https://github.com/jsonata-js/jsonata) from 1.8.6 to 2.0.2. - [Release notes](https://github.com/jsonata-js/jsonata/releases) - [Changelog](https://github.com/jsonata-js/jsonata/blob/master/CHANGELOG.md) - [Commits](https://github.com/jsonata-js/jsonata/compare/v1.8.6...v2.0.2) --- updated-dependencies: - dependency-name: jsonata dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * * waiting for result of evaluate to account for jsonata v2 changes --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: maxcoulombe <max.coulombe@hashicorp.com>	2023-02-28 08:29:18 -05:00
dependabot[bot]	76780d43f5	chore(deps-dev): bump @vercel/ncc from 0.36.0 to 0.36.1 (#417 ) Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.36.0 to 0.36.1. - [Release notes](https://github.com/vercel/ncc/releases) - [Commits](https://github.com/vercel/ncc/compare/0.36.0...0.36.1) --- updated-dependencies: - dependency-name: "@vercel/ncc" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-27 17:44:55 -05:00
dependabot[bot]	46540966f1	chore(deps-dev): bump jest from 29.3.1 to 29.4.3 (#425 ) Bumps [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest) from 29.3.1 to 29.4.3. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v29.4.3/packages/jest) --- updated-dependencies: - dependency-name: jest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-27 17:21:06 -05:00
dependabot[bot]	cc5270ec14	chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (#422 ) * chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * * built change --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: maxcoulombe <max.coulombe@hashicorp.com>	2023-02-27 17:19:17 -05:00
Austin Gebauer	130d1f5f4f	Update to v2.5.0 (#419 )	2023-01-26 13:40:24 -08:00
Austin Gebauer	d34ee148bc	Removes unused devDependencies from package.json (#416 ) * Removes unused devDependencies from package.json * Removes release section of package.json	2023-01-25 09:24:04 -08:00
dependabot[bot]	77bab83f42	chore(deps-dev): bump semantic-release from 19.0.5 to 20.0.4 (#415 ) Bumps [semantic-release](https://github.com/semantic-release/semantic-release) from 19.0.5 to 20.0.4. - [Release notes](https://github.com/semantic-release/semantic-release/releases) - [Commits](https://github.com/semantic-release/semantic-release/compare/v19.0.5...v20.0.4) --- updated-dependencies: - dependency-name: semantic-release dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-24 14:53:51 -08:00
dependabot[bot]	5e3dd4f01b	chore(deps-dev): bump @types/jest from 29.2.2 to 29.2.6 (#413 ) Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 29.2.2 to 29.2.6. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest) --- updated-dependencies: - dependency-name: "@types/jest" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-24 14:47:35 -08:00
Kevin Schoonover	7318a98db7	print vault error message on authentication failure (#409 ) Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>	2023-01-23 15:52:40 -08:00
dependabot[bot]	b08bc4993d	chore(deps): bump minimatch from 3.0.4 to 3.1.2 (#410 ) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-17 08:50:47 -08:00
dependabot[bot]	579f9fd8c2	chore(deps): bump json5 from 2.2.1 to 2.2.3 (#404 ) Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v2.2.1...v2.2.3) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-17 08:49:50 -08:00
dependabot[bot]	1226471c04	chore(deps): bump jsrsasign from 10.5.27 to 10.6.1 (#401 ) Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.5.27 to 10.6.1. - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](https://github.com/kjur/jsrsasign/compare/10.5.27...10.6.1) --- updated-dependencies: - dependency-name: jsrsasign dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-17 08:48:14 -08:00
dependabot[bot]	fdaeeffa26	chore(deps-dev): bump jest and @types/jest (#397 ) Bumps [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest) and [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest). These dependencies needed to be updated together. Updates `jest` from 28.1.1 to 29.3.1 - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v29.3.1/packages/jest) Updates `@types/jest` from 28.1.3 to 29.2.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest) --- updated-dependencies: - dependency-name: jest dependency-type: direct:development update-type: version-update:semver-major - dependency-name: "@types/jest" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-17 08:46:47 -08:00
Luis (LT) Carbonell	0f409d4023	Add Decoding to Secrets (#408 ) * Add decoding to secrets * remove index.js * Add test case, and other updates	2023-01-17 10:42:49 -06:00
Austin Gebauer	8fa61e9099	Update to v2.4.3 (#395 )	2022-11-08 15:23:50 -08:00
dependabot[bot]	132f1c6930	chore(deps-dev): bump jest-when from 3.5.1 to 3.5.2 (#388 ) Bumps [jest-when](https://github.com/timkindberg/jest-when) from 3.5.1 to 3.5.2. - [Release notes](https://github.com/timkindberg/jest-when/releases) - [Commits](https://github.com/timkindberg/jest-when/compare/v3.5.1...v3.5.2) --- updated-dependencies: - dependency-name: jest-when dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-26 16:28:06 -07:00
dependabot[bot]	f558cc7838	chore(deps-dev): bump semantic-release from 19.0.3 to 19.0.5 (#360 ) Bumps [semantic-release](https://github.com/semantic-release/semantic-release) from 19.0.3 to 19.0.5. - [Release notes](https://github.com/semantic-release/semantic-release/releases) - [Commits](https://github.com/semantic-release/semantic-release/compare/v19.0.3...v19.0.5) --- updated-dependencies: - dependency-name: semantic-release dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-26 16:25:24 -07:00
dependabot[bot]	d0e05af6a3	chore(deps): bump jsrsasign from 10.5.25 to 10.5.27 (#358 ) Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.5.25 to 10.5.27. - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](https://github.com/kjur/jsrsasign/compare/10.5.25...10.5.27) --- updated-dependencies: - dependency-name: jsrsasign dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-26 16:24:39 -07:00
Theron Voran	1f8e723e55	change example to vault-action@v2 (#391 ) so we don't have to keep remembering to update the version tag in the readme.	2022-10-26 11:48:17 -07:00
vinay-gopalan	32d00a142f	update changelog (#386 )	2022-10-24 16:46:21 -07:00
Theron Voran	32838a0d48	jira-sync: update the team to applications (#380 )	2022-10-13 17:01:10 -07:00
dependabot[bot]	ed59bea637	chore(deps-dev): bump @actions/core from 1.9.0 to 1.10.0 (#371 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-13 16:09:15 -07:00
prizov	2537991e61	use node16 in `action.yml` (#375 )	2022-10-13 16:07:48 -07:00
vinay-gopalan	7d98524254	Update to v2.4.2 (#357 )	2022-08-15 11:56:52 -07:00
Ben Ash	f380d921ae	Update jira sync (#354 )	2022-08-05 19:11:57 -04:00
Tom Proctor	ae2f303e37	Bump got to 11.8.5 (#344 )	2022-06-29 17:34:59 +01:00
Tom Proctor	55a11671e0	Retry on 412 status codes (#333 ) * Retry on 412 status codes * Add retry tests	2022-06-29 12:55:26 +01:00
dependabot[bot]	ad04ab9377	chore(deps): bump minimist from 1.2.5 to 1.2.6 (#341 ) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-06-28 14:39:20 -07:00
Christopher Swenson	2dcbd17a34	Add additional mocks needed for tests in new versions of @actions (#343 ) Tests started failing after @actions was bumped in https://github.com/hashicorp/vault-action/pull/334	2022-06-28 14:35:22 -07:00
dependabot[bot]	d2b5111993	chore(deps-dev): bump @actions/core from 1.6.0 to 1.9.0 (#334 ) Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.6.0 to 1.9.0. - [Release notes](https://github.com/actions/toolkit/releases) - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) --- updated-dependencies: - dependency-name: "@actions/core" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-06-28 13:57:21 -07:00
dependabot[bot]	f5817917e5	chore(deps): bump jsrsasign from 10.5.24 to 10.5.25 (#340 ) * chore(deps): bump jsrsasign from 10.5.24 to 10.5.25 Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.5.24 to 10.5.25. - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](https://github.com/kjur/jsrsasign/compare/10.5.24...10.5.25) --- updated-dependencies: - dependency-name: jsrsasign dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Use RSA-2048 key instead of 4096 After bumping jest, the RSA signing performance went down by a factor of 2 or so, which causes tests to fail (since they went from ~3 seconds to ~6 seconds to generate a 4096-bit RSA signature). The tests generate these signatures to fake responses from GitHub. After replacing the keys with a 2048-bit key, the signing times are now under a second. * Revert unnecessary change to test timeout Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>	2022-06-28 13:53:04 -07:00
dependabot[bot]	bbf40c0251	chore(deps-dev): bump jest and @types/jest (#330 ) Bumps [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest) and [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest). These dependencies needed to be updated together. Updates `jest` from 26.6.3 to 28.1.1 - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v28.1.1/packages/jest) Updates `@types/jest` from 27.4.1 to 28.1.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest) --- updated-dependencies: - dependency-name: jest dependency-type: direct:development update-type: version-update:semver-major - dependency-name: "@types/jest" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-06-28 10:54:00 -07:00

1 2 3 4 5 ...

253 commits