From a20ebd97f3a48dd3781ae5b666ea428cb93948b9 Mon Sep 17 00:00:00 2001 From: Tom Keller Date: Mon, 25 May 2026 12:14:38 -0700 Subject: [PATCH] Revert "feat: add regex validation to role-session-name (#1765)" This reverts commit e35449909c6ede5083a48ba4b8bbfaaa1cf09ba1. --- dist/index.js | 11 ----------- src/index.ts | 12 ------------ test/index.test.ts | 21 --------------------- 3 files changed, 44 deletions(-) diff --git a/dist/index.js b/dist/index.js index 6d713b3..5e77544 100644 --- a/dist/index.js +++ b/dist/index.js @@ -72805,7 +72805,6 @@ function writeProfileFiles(profileName, credentials, region, overwriteAwsProfile var DEFAULT_ROLE_DURATION = 3600; var ROLE_SESSION_NAME = "GitHubActions"; var REGION_REGEX = /^[a-z0-9-]+$/g; -var ROLE_SESSION_NAME_REGEX = /^[\w+=,.@-]*$/; async function run() { try { translateEnvVariables(); @@ -72879,16 +72878,6 @@ async function run() { if (!region.match(REGION_REGEX)) { throw new Error(`Region is not valid: ${region}`); } - if (roleSessionName.length < 2 || roleSessionName.length > 64) { - throw new Error( - `Role session name must be between 2 and 64 characters, got ${roleSessionName.length}: '${roleSessionName}'` - ); - } - if (!roleSessionName.match(ROLE_SESSION_NAME_REGEX)) { - throw new Error( - `Role session name is not valid: '${roleSessionName}'. Must satisfy regular expression pattern: [\\w+=,.@-]*` - ); - } exportRegion(region, outputEnvCredentials); const clientProps = { region, diff --git a/src/index.ts b/src/index.ts index 40d6ae3..a53de0a 100644 --- a/src/index.ts +++ b/src/index.ts @@ -19,7 +19,6 @@ import { writeProfileFiles } from './profileManager'; const DEFAULT_ROLE_DURATION = 3600; // One hour (seconds) const ROLE_SESSION_NAME = 'GitHubActions'; const REGION_REGEX = /^[a-z0-9-]+$/g; -const ROLE_SESSION_NAME_REGEX = /^[\w+=,.@-]*$/; export async function run() { try { @@ -130,17 +129,6 @@ export async function run() { throw new Error(`Region is not valid: ${region}`); } - if (roleSessionName.length < 2 || roleSessionName.length > 64) { - throw new Error( - `Role session name must be between 2 and 64 characters, got ${roleSessionName.length}: '${roleSessionName}'`, - ); - } - if (!roleSessionName.match(ROLE_SESSION_NAME_REGEX)) { - throw new Error( - `Role session name is not valid: '${roleSessionName}'. Must satisfy regular expression pattern: [\\w+=,.@-]*`, - ); - } - exportRegion(region, outputEnvCredentials); // Instantiate credentials client diff --git a/test/index.test.ts b/test/index.test.ts index 9c351d5..bdccc1f 100644 --- a/test/index.test.ts +++ b/test/index.test.ts @@ -351,27 +351,6 @@ describe('Configure AWS Credentials', {}, () => { await run(); expect(core.setFailed).toHaveBeenCalled(); }); - it('fails with a role-session-name containing invalid characters', {}, async () => { - vi.mocked(core.getInput).mockImplementation( - mocks.getInput({ ...mocks.IAM_ASSUMEROLE_INPUTS, 'role-session-name': 'invalid session!' }), - ); - await run(); - expect(core.setFailed).toHaveBeenCalledWith(expect.stringContaining('Role session name is not valid')); - }); - it('fails with a role-session-name that is too short', {}, async () => { - vi.mocked(core.getInput).mockImplementation( - mocks.getInput({ ...mocks.IAM_ASSUMEROLE_INPUTS, 'role-session-name': 'a' }), - ); - await run(); - expect(core.setFailed).toHaveBeenCalledWith(expect.stringContaining('must be between 2 and 64 characters')); - }); - it('fails with a role-session-name that is too long', {}, async () => { - vi.mocked(core.getInput).mockImplementation( - mocks.getInput({ ...mocks.IAM_ASSUMEROLE_INPUTS, 'role-session-name': 'a'.repeat(65) }), - ); - await run(); - expect(core.setFailed).toHaveBeenCalledWith(expect.stringContaining('must be between 2 and 64 characters')); - }); it('fails if access key id is provided without secret access key', {}, async () => { vi.mocked(core.getInput).mockImplementation( mocks.getInput({ ...mocks.IAM_USER_INPUTS, 'aws-secret-access-key': '' }),