Skip to content

Commit

Permalink
make "role" input optional
Browse files Browse the repository at this point in the history
Per Vault documentation it doesn't have to be provided,
and the auth provider's "default_role" parameter is required
precisely for this case.
https://www.vaultproject.io/api/auth/jwt
  • Loading branch information
kdomanski committed Apr 7, 2022
1 parent 6728115 commit 4bd5334
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
9 changes: 9 additions & 0 deletions integrationTests/basic/jwt_auth.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,15 @@ describe('jwt auth', () => {
expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
})

it('successfully authenticates as default role without specifying it', async () => {
when(core.getInput)
.calledWith('role')
.mockReturnValueOnce(null);

await exportSecrets();
expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
})

});

});
2 changes: 1 addition & 1 deletion src/auth.js
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ async function retrieveToken(method, client) {
case 'jwt': {
/** @type {string} */
let jwt;
const role = core.getInput('role', { required: true });
const role = core.getInput('role', { required: false });
const privateKeyRaw = core.getInput('jwtPrivateKey', { required: false });
const privateKey = Buffer.from(privateKeyRaw, 'base64').toString();
const keyPassword = core.getInput('jwtKeyPassword', { required: false });
Expand Down

0 comments on commit 4bd5334

Please sign in to comment.