* Initial check-in of wildcard to get all secrets in path (Issue#234)
* Fix wildcard for K/V v2 and Cubbyhole. Add more tests
* Refactored out selectAndAppendResults
* Use selectAndAppendResults for wildcard
* Use normalizeOutputKey in action.js
* Refactored wildcard
---------
Co-authored-by: Scott Lemme <68233981+slemme1@users.noreply.github.com>
Co-authored-by: Lemme <slemme@massmutual.com>
* fix secrets stored in JSON format
* add more tests
* fix lint and pass token to build
* add test cases
* add debug
* fix ordering of build steps
* fix test string format
* update test check
* fix test string format
* final cleanup
* remove comment
* remove unused var assignment
* simplify more
* simplify code and add more comments
* fix secrets in json format
* fix actionlint
* add more comments and docs
* revert build.yml test
* add test for json
* fix selector
* fix e2e test
* fix e2e test 2
* remove test
* remove isNaN check
* update changelog
* fix(auth): added approle test in basic integration
* feat(auth): adding userpass and and ldap auth
* chore(changelog): added support for userpass and ldap auth
+ added a contribution section to the readme
+ added a local workflow to test changes
+ made the vault token configurable for tests
* bumped action/checkout
* chore(deps): bump jsrsasign from 10.5.24 to 10.5.25
Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.5.24 to 10.5.25.
- [Release notes](https://github.com/kjur/jsrsasign/releases)
- [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt)
- [Commits](https://github.com/kjur/jsrsasign/compare/10.5.24...10.5.25)
---
updated-dependencies:
- dependency-name: jsrsasign
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* Use RSA-2048 key instead of 4096
After bumping jest, the RSA signing performance went down by a factor of
2 or so, which causes tests to fail (since they went from ~3 seconds to
~6 seconds to generate a 4096-bit RSA signature). The tests generate
these signatures to fake responses from GitHub.
After replacing the keys with a 2048-bit key, the signing times are now
under a second.
* Revert unnecessary change to test timeout
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Swenson <christopher.swenson@hashicorp.com>
* make "role" input optional
Per Vault documentation it doesn't have to be provided,
and the auth provider's "default_role" parameter is required
precisely for this case.
https://www.vaultproject.io/api/auth/jwt
* feat: add generic auth
Adds the ability to authenticate against any normal Vault endpoint by added the `authPayload` input.
When an unrecognized method is provided, the action will attempt to hit `v1/auth/<method>/login` with the provided `authPayload and parse out the token in the response
* feat: add support for (nearly) any engine
* cache response and fixup data depth logic
* use starting slash as non-kv sentinel value
* add tests for custom engines
* improve docs and add descriptor of generic support
* update dist
