actions
/
toolkit
mirror of https://github.com/actions/toolkit
1
0
Fork 0
Code

setSecret (#174) 

* setSecret
pull/177/head
Bryan MacFarlane 2019-10-01 17:13:05 -04:00 committed by GitHub
parent 713902387e
commit 9d54cd22ea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 22 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/commands.md
View File

@ -67,15 +67,16 @@ export function setOutput(name: string, value: string): void {}
If a script or action does work to create a secret at runtime, it can be registered with the runner to be masked in logs. If a script or action does work to create a secret at runtime, it can be registered with the runner to be masked in logs.
To mask a value in the logs, use `::set-secret`: To mask a value in the logs, use `::add-mask`:
```sh ```sh
echo ::set-secret::BAR echo ::add-mask::mysecretvalue
``` ```
This is wrapped by the core method which both sets the value as a variable for future steps and registers the secret to mask This is wrapped by the core setSecret method
```javascript ```javascript
function exportSecret(name: string, val: string): void {} function setSecret(secret: string): void {}
``` ```
Now, future logs containing BAR will be masked. E.g. running `echo "Hello FOO BAR World"` will now print `Hello FOO **** World`. Now, future logs containing BAR will be masked. E.g. running `echo "Hello FOO BAR World"` will now print `Hello FOO **** World`.

6
packages/core/README.md
View File

@ -32,10 +32,12 @@ Since each step runs in a separate process, you can use `exportVariable` to add
core.exportVariable('envVar', 'Val'); core.exportVariable('envVar', 'Val');
``` ```
Exporting a secret exports the variable but also registers the secret with the runner to ensure it is masked in logs. #### Setting a secret
Setting a secret registers the secret with the runner to ensure it is masked in logs.
```js ```js
core.exportSecret('myPassword', mypass); core.setSecret('myPassword');
``` ```
#### PATH Manipulation #### PATH Manipulation

5
packages/core/RELEASES.md
View File

@ -1,8 +1,9 @@
# @actions/core Releases # @actions/core Releases
### 1.1.2 ### 1.1.3
- set-secret is now available for use [#141](https://github.com/actions/toolkit/issues/141) - setSecret added to register a secret with the runner to be masked from the logs
- exportSecret which was not implemented and never worked was removed after clarification from product.
### 1.1.1 ### 1.1.1

32
packages/core/__tests__/lib.test.ts
View File

@ -51,34 +51,10 @@ describe('@actions/core', () => {
assertWriteCalls([`::set-env name=my var2,::var val%0D%0A${os.EOL}`]) assertWriteCalls([`::set-env name=my var2,::var val%0D%0A${os.EOL}`])
}) })
// it('exportSecret produces the correct commands and sets the env', () => { it('setSecret produces the correct command', () => {
// core.exportSecret('my secret', 'secret val') core.setSecret('secret val')
// expect(process.env['my secret']).toBe('secret val') assertWriteCalls([`::add-mask::secret val${os.EOL}`])
// assertWriteCalls([ })
// `::set-env name=my secret,::secret val${os.EOL}`,
// `::set-secret]secret val${os.EOL}`
// ])
// })
// it('exportSecret escapes secret names', () => {
// core.exportSecret('special char secret \r\n];', 'special secret val')
// expect(process.env['special char secret \r\n];']).toBe('special secret val')
// assertWriteCalls([
// `::set-env name=special char secret %0D%0A%5D%3B,::special secret val${
// os.EOL
// }`,
// `::set-secret]special secret val${os.EOL}`
// ])
// })
// it('exportSecret escapes secret values', () => {
// core.exportSecret('my secret2', 'secret val\r\n')
// expect(process.env['my secret2']).toBe('secret val\r\n')
// assertWriteCalls([
// `::set-env name=my secret2,::secret val%0D%0A${os.EOL}`,
// `::set-secret]secret val%0D%0A${os.EOL}`
// ])
// })
it('prependPath produces the correct commands and sets the env', () => { it('prependPath produces the correct commands and sets the env', () => {
core.addPath('myPath') core.addPath('myPath')

2
packages/core/package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "@actions/core", "name": "@actions/core",
"version": "1.1.2", "version": "1.1.3",
"description": "Actions core lib", "description": "Actions core lib",
"keywords": [ "keywords": [
"github", "github",

15
packages/core/src/core.ts
View File

@ -31,7 +31,7 @@ export enum ExitCode {
//----------------------------------------------------------------------- //-----------------------------------------------------------------------
/** /**
* sets env variable for this action and future actions in the job * Sets env variable for this action and future actions in the job
* @param name the name of the variable to set * @param name the name of the variable to set
* @param val the value of the variable * @param val the value of the variable
*/ */
@ -41,16 +41,11 @@ export function exportVariable(name: string, val: string): void {
} }
/** /**
* exports the variable and registers a secret which will get masked from logs * Registers a secret which will get masked from logs
* @param name the name of the variable to set * @param secret value of the secret
* @param val value of the secret
*/ */
export function exportSecret(name: string, val: string): void { export function setSecret(secret: string): void {
exportVariable(name, val) issueCommand('add-mask', {}, secret)
// the runner will error with not implemented
// leaving the function but raising the error earlier
issueCommand('set-secret', {}, val)
} }
/** /**