wesley/load-secrets-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix merge confict

Browse Source
This commit is contained in:
Jill Regan
2026-02-20 08:41:37 -05:00
parent ffffc2db51 9d7acefac9
commit d7da1c3ae2
2 changed files with 18 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/utils.test.ts
View File

@@ -26,6 +26,7 @@ jest.mock("@actions/exec", () => ({
jest.mock("@1password/op-js"); jest.mock("@1password/op-js");
jest.mock("@1password/sdk", () => ({ jest.mock("@1password/sdk", () => ({
createClient: jest.fn(), createClient: jest.fn(),
// eslint-disable-next-line @typescript-eslint/naming-convention
Secrets: { Secrets: {
validateSecretReference: jest.fn(), validateSecretReference: jest.fn(),
}, },
@@ -153,6 +154,12 @@ describe("extractSecret", () => {
}); });
describe("loadSecrets when using Connect", () => { describe("loadSecrets when using Connect", () => {
beforeEach(() => {
process.env[envConnectHost] = "https://localhost:8000";
process.env[envConnectToken] = "token";
process.env[envServiceAccountToken] = "";
});
beforeEach(() => { beforeEach(() => {
process.env[envConnectHost] = "https://connect.example"; process.env[envConnectHost] = "https://connect.example";
process.env[envConnectToken] = "test-token"; process.env[envConnectToken] = "test-token";
@@ -310,6 +317,15 @@ describe("loadSecrets when using Service Account", () => {
expect(core.exportVariable).not.toHaveBeenCalled(); expect(core.exportVariable).not.toHaveBeenCalled();
}); });
it("wraps createClient errors with a descriptive message", async () => {
(createClient as jest.Mock).mockRejectedValue(
new Error("invalid token format"),
);
await expect(loadSecrets(false)).rejects.toThrow(
"Service account authentication failed: invalid token format",
);
});
describe("multiple refs", () => { describe("multiple refs", () => {
const ref1 = "op://vault/item/field"; const ref1 = "op://vault/item/field";
const ref2 = "op://vault/other/item"; const ref2 = "op://vault/other/item";

15
src/utils.ts
View File

@@ -266,7 +266,7 @@ export const validateAuth = (): void => {
core.info(`Authenticated with ${authType}.`); core.info(`Authenticated with ${authType}.`);
}; };
export const getEnvVarNamesWithSecretRefs = (): string[] => const getEnvVarNamesWithSecretRefs = (): string[] =>
Object.keys(process.env).filter( Object.keys(process.env).filter(
(key) => (key) =>
typeof process.env[key] === "string" && typeof process.env[key] === "string" &&
@@ -317,8 +317,6 @@ export const extractSecret = (
envName: string, envName: string,
shouldExportEnv: boolean, shouldExportEnv: boolean,
): void => { ): void => {
core.info(`Populating variable: ${envName}`);
const ref = process.env[envName]; const ref = process.env[envName];
if (!ref) { if (!ref) {
return; return;
@@ -329,16 +327,7 @@ export const extractSecret = (
return; return;
} }
if (shouldExportEnv) { setResolvedSecret(envName, secretValue, shouldExportEnv);
core.exportVariable(envName, secretValue);
} else {
core.setOutput(envName, secretValue);
}
// Skip setSecret for empty strings to avoid the warning:
// "Can't add secret mask for empty string in ##[add-mask] command."
if (secretValue) {
core.setSecret(secretValue);
}
}; };
// Connect loads secrets via the Connect JS SDK // Connect loads secrets via the Connect JS SDK