Ensure that the action is backwards-compatible (#25 )

Bring 2 changes that ensure that the GitHub Action is backwards compatible: - Append `http://` if the prefix is not provided in the `OP_CONNECT_HOST` (this is caused by the fact that `curl` guesses the protocol if not provided (https://linux.die.net/man/1/curl), which we missed when switching to using the 1Password CLI as the backend of the action) - Set the default of export-env to true, since that was the default behavior of the action until we added the possibility to export secrets as step's output. Also, the documentation is adjusted to reflect these changes.
Merge pull request #21 from simonwhitaker/simon/quote-ref
2022-12-22 12:46:28 +02:00 · 2022-12-16 16:44:11 +02:00 · 2022-12-16 14:40:27 +00:00
4 changed files with 22 additions and 8 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -15,11 +15,13 @@ jobs:
      - name: Configure 1Password Connect
        uses: ./configure # 1password/load-secrets-action/configure@<version>
        with:
-          connect-host: http://localhost:8080
+          connect-host: localhost:8080
          connect-token: ${{ secrets.OP_CONNECT_TOKEN }}
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: false
        env:
          SECRET: op://acceptance-tests/test-secret/password
          SECRET_IN_SECTION: op://acceptance-tests/test-secret/test-section/password
@@ -48,8 +50,6 @@ jobs:
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: true
        env:
          SECRET: op://acceptance-tests/test-secret/password
          SECRET_IN_SECTION: op://acceptance-tests/test-secret/test-section/password
@@ -80,6 +80,8 @@ jobs:
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: false
        env:
          SECRET: op://v5pz6venw4roosmkzdq2nhpv6u/hrgkzhrlvscomepxlgafb2m3ca/password
          SECRET_IN_SECTION: op://v5pz6venw4roosmkzdq2nhpv6u/hrgkzhrlvscomepxlgafb2m3ca/Section_tco6nsqycj6jcbyx63h5isxcny/doxu3mhkozcznnk5vjrkpdqayy
@@ -97,6 +99,8 @@ jobs:
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: false
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://acceptance-tests/test-secret/password
@@ -115,8 +119,6 @@ jobs:
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://acceptance-tests/test-secret/password
@@ -131,6 +133,8 @@ jobs:
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: false
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://v5pz6venw4roosmkzdq2nhpv6u/hrgkzhrlvscomepxlgafb2m3ca/password
@@ -149,6 +153,8 @@ jobs:
      - name: Load secrets
        id: load_secrets
        uses: ./ # 1password/load-secrets-action@<version>
        with:
          export-env: false
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://acceptance-tests/test-secret/password
--- a/README.md
+++ b/README.md
@@ -43,6 +43,8 @@ jobs:
      - name: Load secret
        id: op-load-secret
        uses: 1password/load-secrets-action@v1
        with:
          export-env: false
        env:
          OP_CONNECT_HOST: <Your Connect instance URL>
          OP_CONNECT_TOKEN: ${{ secrets.OP_CONNECT_TOKEN }}
@@ -77,6 +79,8 @@ jobs:
      - name: Load Docker credentials
        id: load-docker-credentials
        uses: 1password/load-secrets-action@v1
        with:
          export-env: false
        env:
          OP_CONNECT_TOKEN: ${{ secrets.OP_CONNECT_TOKEN }}
          DOCKERHUB_USERNAME: op://app-cicd/docker/username
@@ -194,7 +198,7 @@ jobs:
 | Name             | Default | Description                                                                        |
 | ---------------- | ------- | ---------------------------------------------------------------------------------- |
-| `export-env`     | `false` | Export the loaded secrets as environment variables                                 |
+| `export-env`     | `true`  | Export the loaded secrets as environment variables                                 |
 | `unset-previous` | `false` | Whether to unset environment variables populated by 1Password in earlier job steps |
 ## Secrets Reference Syntax
--- a/action.yml
+++ b/action.yml
@@ -10,7 +10,7 @@ inputs:
    default: false
  export-env:
    description: Export the secrets as environment variables
-    default: false
+    default: true
 runs:
  using: 'node16'
  main: 'dist/index.js'
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -14,6 +14,10 @@ auth_type=$CONNECT
 managed_variables_var="OP_MANAGED_VARIABLES"
 IFS=','
 if [[ "$OP_CONNECT_HOST" != "http://"* ]] && [[ "$OP_CONNECT_HOST" != "https://"* ]]; then
  export OP_CONNECT_HOST="http://"$OP_CONNECT_HOST
 fi
 # Unset all secrets managed by 1Password if `unset-previous` is set.
 unset_prev_secrets() {
  if [ "$INPUT_UNSET_PREVIOUS" == "true" ]; then
@@ -48,7 +52,7 @@ populating_secret() {
  ref=$(printenv $1)
  echo "Populating variable: $1"
-  secret_value=$(op read $ref)
+  secret_value=$(op read "$ref")
  if [ -z "$secret_value" ]; then
    echo "Could not find or access secret $ref"
Author	SHA1	Message	Date
Eduard Filip	0a7975f916	Ensure that the action is backwards-compatible (#25 ) Some checks failed Run acceptance tests / use-connect-without-export-env (push) Has been cancelled Details Run acceptance tests / use-connect-with-export-env (push) Has been cancelled Details Run acceptance tests / use-connect-with-references-with-id (push) Has been cancelled Details Run acceptance tests / use-service-account-without-export-env (push) Has been cancelled Details Run acceptance tests / use-service-account-with-export-env (push) Has been cancelled Details Run acceptance tests / use-service-account-with-references-with-id (push) Has been cancelled Details Run acceptance tests / run-on-macos-12 (push) Has been cancelled Details Bring 2 changes that ensure that the GitHub Action is backwards compatible: - Append `http://` if the prefix is not provided in the `OP_CONNECT_HOST` (this is caused by the fact that `curl` guesses the protocol if not provided (https://linux.die.net/man/1/curl), which we missed when switching to using the 1Password CLI as the backend of the action) - Set the default of export-env to true, since that was the default behavior of the action until we added the possibility to export secrets as step's output. Also, the documentation is adjusted to reflect these changes.	2022-12-22 12:46:28 +02:00
volodymyrZotov	ffba2a6966	Merge pull request #21 from simonwhitaker/simon/quote-ref Some checks failed Run acceptance tests / use-connect-without-export-env (push) Has been cancelled Details Run acceptance tests / use-connect-with-export-env (push) Has been cancelled Details Run acceptance tests / use-connect-with-references-with-id (push) Has been cancelled Details Run acceptance tests / use-service-account-without-export-env (push) Has been cancelled Details Run acceptance tests / use-service-account-with-export-env (push) Has been cancelled Details Run acceptance tests / use-service-account-with-references-with-id (push) Has been cancelled Details Run acceptance tests / run-on-macos-12 (push) Has been cancelled Details Quote $ref to avoid word splitting	2022-12-16 16:44:11 +02:00
Simon Whitaker	2ee4979efa	Quote $ref to avoid word splitting	2022-12-16 14:40:27 +00:00