Code cleanup

src/utils.test.ts

@@ -148,6 +148,12 @@ describe("extractSecret", () => {
 });
 
 describe("loadSecrets when using Connect", () => {
+	beforeEach(() => {
+		process.env[envConnectHost] = "https://localhost:8000";
+		process.env[envConnectToken] = "token";
+		process.env[envServiceAccountToken] = "";
+	});
+
 	it("sets the client info and gets the executed output", async () => {
 		await loadSecrets(true);
 
@@ -275,6 +281,15 @@ describe("loadSecrets when using Service Account", () => {
 		expect(core.exportVariable).not.toHaveBeenCalled();
 	});
 
+	it("wraps createClient errors with a descriptive message", async () => {
+		(createClient as jest.Mock).mockRejectedValue(
+			new Error("invalid token format"),
+		);
+		await expect(loadSecrets(false)).rejects.toThrow(
+			"Service account authentication failed: invalid token format",
+		);
+	});
+
 	describe("multiple refs", () => {
 		const ref1 = "op://vault/item/field";
 		const ref2 = "op://vault/other/item";