aws-actions/configure-aws-credentials
1
0
Fork 0
mirror of synced 2026-06-05 15:04:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

implement last changes for vNext

Browse source
This commit is contained in:
peterwoodworth 2023-07-03 16:13:19 -07:00
commit aa2675f083
No known key found for this signature in database
GPG key ID: 01931412FD685922
8 changed files with 858 additions and 677 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.eslintrc.yml
View file

@ -107,6 +107,7 @@ overrides:
'@typescript-eslint/prefer-includes': [warn] '@typescript-eslint/prefer-includes': [warn]
dot-notation: [off] dot-notation: [off]
'@typescript-eslint/dot-notation': [error] '@typescript-eslint/dot-notation': [error]
'@typescript-eslint/no-explicit-any': [off]
'@typescript-eslint/consistent-type-exports': [warn] '@typescript-eslint/consistent-type-exports': [warn]
'@typescript-eslint/consistent-type-imports': [warn] '@typescript-eslint/consistent-type-imports': [warn]
'@typescript-eslint/no-base-to-string': [error] '@typescript-eslint/no-base-to-string': [error]

15
action.yml
View file

@ -34,9 +34,6 @@ inputs:
description: The audience to use for the OIDC provider description: The audience to use for the OIDC provider
required: false required: false
default: sts.amazonaws.com default: sts.amazonaws.com
disable-oidc:
description: Strictly disable action from attempting to fetch credentials with OIDC
required: false
http-proxy: http-proxy:
description: 'Proxy to use for the AWS SDK agent' description: 'Proxy to use for the AWS SDK agent'
required: false required: false
@ -61,6 +58,18 @@ inputs:
managed-session-policies: managed-session-policies:
description: 'List of managed session policies' description: 'List of managed session policies'
required: false required: false
output-credentials:
description: Whether to set credentials as step output
required: false
unset-current-credentials:
description: Whether to unset the existing credentials in your runner
required: false
disable-retry:
description: Whether to disable the retry and backoff mechanism when the assume role call fails
required: false
retry-max-attempts:
description: The maximum number of attempts it will attempt to retry the assume role call
required: false
outputs: outputs:
aws-account-id: aws-account-id:
description: The AWS account ID for the provided credentials description: The AWS account ID for the provided credentials

661
dist/cleanup/index.js generated vendored
View file

@ -16235,323 +16235,323 @@ module.exports = toNumber
/***/ 4351: /***/ 4351:
/***/ ((module) => { /***/ ((module) => {
/****************************************************************************** /******************************************************************************
Copyright (c) Microsoft Corporation. Copyright (c) Microsoft Corporation.
Permission to use, copy, modify, and/or distribute this software for any Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted. purpose with or without fee is hereby granted.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE. PERFORMANCE OF THIS SOFTWARE.
***************************************************************************** */ ***************************************************************************** */
/* global global, define, System, Reflect, Promise */ /* global global, define, System, Reflect, Promise */
var __extends; var __extends;
var __assign; var __assign;
var __rest; var __rest;
var __decorate; var __decorate;
var __param; var __param;
var __metadata; var __metadata;
var __awaiter; var __awaiter;
var __generator; var __generator;
var __exportStar; var __exportStar;
var __values; var __values;
var __read; var __read;
var __spread; var __spread;
var __spreadArrays; var __spreadArrays;
var __spreadArray; var __spreadArray;
var __await; var __await;
var __asyncGenerator; var __asyncGenerator;
var __asyncDelegator; var __asyncDelegator;
var __asyncValues; var __asyncValues;
var __makeTemplateObject; var __makeTemplateObject;
var __importStar; var __importStar;
var __importDefault; var __importDefault;
var __classPrivateFieldGet; var __classPrivateFieldGet;
var __classPrivateFieldSet; var __classPrivateFieldSet;
var __classPrivateFieldIn; var __classPrivateFieldIn;
var __createBinding; var __createBinding;
(function (factory) { (function (factory) {
var root = typeof global === "object" ? global : typeof self === "object" ? self : typeof this === "object" ? this : {}; var root = typeof global === "object" ? global : typeof self === "object" ? self : typeof this === "object" ? this : {};
if (typeof define === "function" && define.amd) { if (typeof define === "function" && define.amd) {
define("tslib", ["exports"], function (exports) { factory(createExporter(root, createExporter(exports))); }); define("tslib", ["exports"], function (exports) { factory(createExporter(root, createExporter(exports))); });
} }
else if ( true && typeof module.exports === "object") { else if ( true && typeof module.exports === "object") {
factory(createExporter(root, createExporter(module.exports))); factory(createExporter(root, createExporter(module.exports)));
} }
else { else {
factory(createExporter(root)); factory(createExporter(root));
} }
function createExporter(exports, previous) { function createExporter(exports, previous) {
if (exports !== root) { if (exports !== root) {
if (typeof Object.create === "function") { if (typeof Object.create === "function") {
Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "__esModule", { value: true });
} }
else { else {
exports.__esModule = true; exports.__esModule = true;
} }
} }
return function (id, v) { return exports[id] = previous ? previous(id, v) : v; }; return function (id, v) { return exports[id] = previous ? previous(id, v) : v; };
} }
}) })
(function (exporter) { (function (exporter) {
var extendStatics = Object.setPrototypeOf || var extendStatics = Object.setPrototypeOf ||
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) || ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; }; function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
__extends = function (d, b) { __extends = function (d, b) {
if (typeof b !== "function" && b !== null) if (typeof b !== "function" && b !== null)
throw new TypeError("Class extends value " + String(b) + " is not a constructor or null"); throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
extendStatics(d, b); extendStatics(d, b);
function __() { this.constructor = d; } function __() { this.constructor = d; }
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __()); d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
}; };
__assign = Object.assign || function (t) { __assign = Object.assign || function (t) {
for (var s, i = 1, n = arguments.length; i < n; i++) { for (var s, i = 1, n = arguments.length; i < n; i++) {
s = arguments[i]; s = arguments[i];
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p]; for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];
} }
return t; return t;
}; };
__rest = function (s, e) { __rest = function (s, e) {
var t = {}; var t = {};
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
t[p] = s[p]; t[p] = s[p];
if (s != null && typeof Object.getOwnPropertySymbols === "function") if (s != null && typeof Object.getOwnPropertySymbols === "function")
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) { for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i])) if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
t[p[i]] = s[p[i]]; t[p[i]] = s[p[i]];
} }
return t; return t;
}; };
__decorate = function (decorators, target, key, desc) { __decorate = function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r; return c > 3 && r && Object.defineProperty(target, key, r), r;
}; };
__param = function (paramIndex, decorator) { __param = function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); } return function (target, key) { decorator(target, key, paramIndex); }
}; };
__metadata = function (metadataKey, metadataValue) { __metadata = function (metadataKey, metadataValue) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue); if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue);
}; };
__awaiter = function (thisArg, _arguments, P, generator) { __awaiter = function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) { return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next()); step((generator = generator.apply(thisArg, _arguments || [])).next());
}); });
}; };
__generator = function (thisArg, body) { __generator = function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; } function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) { function step(op) {
if (f) throw new TypeError("Generator is already executing."); if (f) throw new TypeError("Generator is already executing.");
while (_) try { while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value]; if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) { switch (op[0]) {
case 0: case 1: t = op; break; case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false }; case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue; case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue; case 7: op = _.ops.pop(); _.trys.pop(); continue;
default: default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop(); if (t[2]) _.ops.pop();
_.trys.pop(); continue; _.trys.pop(); continue;
} }
op = body.call(thisArg, _); op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
} }
}; };
__exportStar = function(m, o) { __exportStar = function(m, o) {
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(o, p)) __createBinding(o, m, p); for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(o, p)) __createBinding(o, m, p);
}; };
__createBinding = Object.create ? (function(o, m, k, k2) { __createBinding = Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k; if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k); var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } }; desc = { enumerable: true, get: function() { return m[k]; } };
} }
Object.defineProperty(o, k2, desc); Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) { }) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k; if (k2 === undefined) k2 = k;
o[k2] = m[k]; o[k2] = m[k];
}); });
__values = function (o) { __values = function (o) {
var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0; var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
if (m) return m.call(o); if (m) return m.call(o);
if (o && typeof o.length === "number") return { if (o && typeof o.length === "number") return {
next: function () { next: function () {
if (o && i >= o.length) o = void 0; if (o && i >= o.length) o = void 0;
return { value: o && o[i++], done: !o }; return { value: o && o[i++], done: !o };
} }
}; };
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined."); throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
}; };
__read = function (o, n) { __read = function (o, n) {
var m = typeof Symbol === "function" && o[Symbol.iterator]; var m = typeof Symbol === "function" && o[Symbol.iterator];
if (!m) return o; if (!m) return o;
var i = m.call(o), r, ar = [], e; var i = m.call(o), r, ar = [], e;
try { try {
while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value); while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
} }
catch (error) { e = { error: error }; } catch (error) { e = { error: error }; }
finally { finally {
try { try {
if (r && !r.done && (m = i["return"])) m.call(i); if (r && !r.done && (m = i["return"])) m.call(i);
} }
finally { if (e) throw e.error; } finally { if (e) throw e.error; }
} }
return ar; return ar;
}; };
/** @deprecated */ /** @deprecated */
__spread = function () { __spread = function () {
for (var ar = [], i = 0; i < arguments.length; i++) for (var ar = [], i = 0; i < arguments.length; i++)
ar = ar.concat(__read(arguments[i])); ar = ar.concat(__read(arguments[i]));
return ar; return ar;
}; };
/** @deprecated */ /** @deprecated */
__spreadArrays = function () { __spreadArrays = function () {
for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length; for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;
for (var r = Array(s), k = 0, i = 0; i < il; i++) for (var r = Array(s), k = 0, i = 0; i < il; i++)
for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++) for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)
r[k] = a[j]; r[k] = a[j];
return r; return r;
}; };
__spreadArray = function (to, from, pack) { __spreadArray = function (to, from, pack) {
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) { if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
if (ar || !(i in from)) { if (ar || !(i in from)) {
if (!ar) ar = Array.prototype.slice.call(from, 0, i); if (!ar) ar = Array.prototype.slice.call(from, 0, i);
ar[i] = from[i]; ar[i] = from[i];
} }
} }
return to.concat(ar || Array.prototype.slice.call(from)); return to.concat(ar || Array.prototype.slice.call(from));
}; };
__await = function (v) { __await = function (v) {
return this instanceof __await ? (this.v = v, this) : new __await(v); return this instanceof __await ? (this.v = v, this) : new __await(v);
}; };
__asyncGenerator = function (thisArg, _arguments, generator) { __asyncGenerator = function (thisArg, _arguments, generator) {
if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined."); if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
var g = generator.apply(thisArg, _arguments || []), i, q = []; var g = generator.apply(thisArg, _arguments || []), i, q = [];
return i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i; return i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i;
function verb(n) { if (g[n]) i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; } function verb(n) { if (g[n]) i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; }
function resume(n, v) { try { step(g[n](v)); } catch (e) { settle(q[0][3], e); } } function resume(n, v) { try { step(g[n](v)); } catch (e) { settle(q[0][3], e); } }
function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); } function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); }
function fulfill(value) { resume("next", value); } function fulfill(value) { resume("next", value); }
function reject(value) { resume("throw", value); } function reject(value) { resume("throw", value); }
function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); } function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); }
}; };
__asyncDelegator = function (o) { __asyncDelegator = function (o) {
var i, p; var i, p;
return i = {}, verb("next"), verb("throw", function (e) { throw e; }), verb("return"), i[Symbol.iterator] = function () { return this; }, i; return i = {}, verb("next"), verb("throw", function (e) { throw e; }), verb("return"), i[Symbol.iterator] = function () { return this; }, i;
function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: n === "return" } : f ? f(v) : v; } : f; } function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: n === "return" } : f ? f(v) : v; } : f; }
}; };
__asyncValues = function (o) { __asyncValues = function (o) {
if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined."); if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
var m = o[Symbol.asyncIterator], i; var m = o[Symbol.asyncIterator], i;
return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i); return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; } function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); } function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
}; };
__makeTemplateObject = function (cooked, raw) { __makeTemplateObject = function (cooked, raw) {
if (Object.defineProperty) { Object.defineProperty(cooked, "raw", { value: raw }); } else { cooked.raw = raw; } if (Object.defineProperty) { Object.defineProperty(cooked, "raw", { value: raw }); } else { cooked.raw = raw; }
return cooked; return cooked;
}; };
var __setModuleDefault = Object.create ? (function(o, v) { var __setModuleDefault = Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v }); Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) { }) : function(o, v) {
o["default"] = v; o["default"] = v;
}; };
__importStar = function (mod) { __importStar = function (mod) {
if (mod && mod.__esModule) return mod; if (mod && mod.__esModule) return mod;
var result = {}; var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod); __setModuleDefault(result, mod);
return result; return result;
}; };
__importDefault = function (mod) { __importDefault = function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod }; return (mod && mod.__esModule) ? mod : { "default": mod };
}; };
__classPrivateFieldGet = function (receiver, state, kind, f) { __classPrivateFieldGet = function (receiver, state, kind, f) {
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter"); if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it"); if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver); return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
}; };
__classPrivateFieldSet = function (receiver, state, value, kind, f) { __classPrivateFieldSet = function (receiver, state, value, kind, f) {
if (kind === "m") throw new TypeError("Private method is not writable"); if (kind === "m") throw new TypeError("Private method is not writable");
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter"); if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it"); if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value; return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
}; };
__classPrivateFieldIn = function (state, receiver) { __classPrivateFieldIn = function (state, receiver) {
if (receiver === null || (typeof receiver !== "object" && typeof receiver !== "function")) throw new TypeError("Cannot use 'in' operator on non-object"); if (receiver === null || (typeof receiver !== "object" && typeof receiver !== "function")) throw new TypeError("Cannot use 'in' operator on non-object");
return typeof state === "function" ? receiver === state : state.has(receiver); return typeof state === "function" ? receiver === state : state.has(receiver);
}; };
exporter("__extends", __extends); exporter("__extends", __extends);
exporter("__assign", __assign); exporter("__assign", __assign);
exporter("__rest", __rest); exporter("__rest", __rest);
exporter("__decorate", __decorate); exporter("__decorate", __decorate);
exporter("__param", __param); exporter("__param", __param);
exporter("__metadata", __metadata); exporter("__metadata", __metadata);
exporter("__awaiter", __awaiter); exporter("__awaiter", __awaiter);
exporter("__generator", __generator); exporter("__generator", __generator);
exporter("__exportStar", __exportStar); exporter("__exportStar", __exportStar);
exporter("__createBinding", __createBinding); exporter("__createBinding", __createBinding);
exporter("__values", __values); exporter("__values", __values);
exporter("__read", __read); exporter("__read", __read);
exporter("__spread", __spread); exporter("__spread", __spread);
exporter("__spreadArrays", __spreadArrays); exporter("__spreadArrays", __spreadArrays);
exporter("__spreadArray", __spreadArray); exporter("__spreadArray", __spreadArray);
exporter("__await", __await); exporter("__await", __await);
exporter("__asyncGenerator", __asyncGenerator); exporter("__asyncGenerator", __asyncGenerator);
exporter("__asyncDelegator", __asyncDelegator); exporter("__asyncDelegator", __asyncDelegator);
exporter("__asyncValues", __asyncValues); exporter("__asyncValues", __asyncValues);
exporter("__makeTemplateObject", __makeTemplateObject); exporter("__makeTemplateObject", __makeTemplateObject);
exporter("__importStar", __importStar); exporter("__importStar", __importStar);
exporter("__importDefault", __importDefault); exporter("__importDefault", __importDefault);
exporter("__classPrivateFieldGet", __classPrivateFieldGet); exporter("__classPrivateFieldGet", __classPrivateFieldGet);
exporter("__classPrivateFieldSet", __classPrivateFieldSet); exporter("__classPrivateFieldSet", __classPrivateFieldSet);
exporter("__classPrivateFieldIn", __classPrivateFieldIn); exporter("__classPrivateFieldIn", __classPrivateFieldIn);
}); });
/***/ }), /***/ }),
@ -17583,14 +17583,14 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result; return result;
}; };
Object.defineProperty(exports, "__esModule", ({ value: true })); Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.isDefined = exports.errorMessage = exports.retryAndBackoff = exports.reset = exports.withsleep = exports.defaultSleep = exports.sanitizeGitHubVariables = exports.exportAccountId = exports.exportRegion = exports.exportCredentials = void 0; exports.isDefined = exports.errorMessage = exports.retryAndBackoff = exports.reset = exports.withsleep = exports.defaultSleep = exports.sanitizeGitHubVariables = exports.exportAccountId = exports.exportRegion = exports.unsetCredentials = exports.exportCredentials = void 0;
const core = __importStar(__nccwpck_require__(2186)); const core = __importStar(__nccwpck_require__(2186));
const client_sts_1 = __nccwpck_require__(2209); const client_sts_1 = __nccwpck_require__(2209);
const MAX_TAG_VALUE_LENGTH = 256; const MAX_TAG_VALUE_LENGTH = 256;
const SANITIZATION_CHARACTER = '_'; const SANITIZATION_CHARACTER = '_';
// Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets. // Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets.
// Setting the credentials as secrets masks them in Github Actions logs // Setting the credentials as secrets masks them in Github Actions logs
function exportCredentials(creds) { function exportCredentials(creds, outputCredentials) {
if (creds?.AccessKeyId) { if (creds?.AccessKeyId) {
core.setSecret(creds.AccessKeyId); core.setSecret(creds.AccessKeyId);
core.exportVariable('AWS_ACCESS_KEY_ID', creds.AccessKeyId); core.exportVariable('AWS_ACCESS_KEY_ID', creds.AccessKeyId);
@ -17607,8 +17607,27 @@ function exportCredentials(creds) {
// clear session token from previous credentials action // clear session token from previous credentials action
core.exportVariable('AWS_SESSION_TOKEN', ''); core.exportVariable('AWS_SESSION_TOKEN', '');
} }
if (outputCredentials) {
if (creds?.AccessKeyId) {
core.setOutput('aws-access-key-id', creds.AccessKeyId);
}
if (creds?.SecretAccessKey) {
core.setOutput('aws-secret-access-key', creds.SecretAccessKey);
}
if (creds?.SessionToken) {
core.setOutput('aws-session-token', creds.SessionToken);
}
}
} }
exports.exportCredentials = exportCredentials; exports.exportCredentials = exportCredentials;
function unsetCredentials() {
core.exportVariable('AWS_ACCESS_KEY_ID', '');
core.exportVariable('AWS_SECRET_ACCESS_KEY', '');
core.exportVariable('AWS_SESSION_TOKEN', '');
core.exportVariable('AWS_REGION', '');
core.exportVariable('AWS_DEFAULT_REGION', '');
}
exports.unsetCredentials = unsetCredentials;
function exportRegion(region) { function exportRegion(region) {
core.exportVariable('AWS_DEFAULT_REGION', region); core.exportVariable('AWS_DEFAULT_REGION', region);
core.exportVariable('AWS_REGION', region); core.exportVariable('AWS_REGION', region);
@ -17652,7 +17671,7 @@ function reset() {
} }
exports.reset = reset; exports.reset = reset;
// Retries the promise with exponential backoff if the error isRetryable up to maxRetries time. // Retries the promise with exponential backoff if the error isRetryable up to maxRetries time.
async function retryAndBackoff(fn, isRetryable, retries = 0, maxRetries = 12, base = 50) { async function retryAndBackoff(fn, isRetryable, maxRetries = 12, retries = 0, base = 50) {
try { try {
return await fn(); return await fn();
} }
@ -17666,7 +17685,7 @@ async function retryAndBackoff(fn, isRetryable, retries = 0, maxRetries = 12, ba
if (retries === maxRetries) { if (retries === maxRetries) {
throw err; throw err;
} }
return await retryAndBackoff(fn, isRetryable, retries, maxRetries, base); return await retryAndBackoff(fn, isRetryable, maxRetries, retries, base);
} }
} }
exports.retryAndBackoff = retryAndBackoff; exports.retryAndBackoff = retryAndBackoff;

5
dist/cleanup/src/helpers.d.ts generated vendored
View file

@ -1,6 +1,7 @@
import type { Credentials } from '@aws-sdk/client-sts'; import type { Credentials } from '@aws-sdk/client-sts';
import type { CredentialsClient } from './CredentialsClient'; import type { CredentialsClient } from './CredentialsClient';
export declare function exportCredentials(creds?: Partial<Credentials>): void; export declare function exportCredentials(creds?: Partial<Credentials>, outputCredentials?: boolean): void;
export declare function unsetCredentials(): void;
export declare function exportRegion(region: string): void; export declare function exportRegion(region: string): void;
export declare function exportAccountId(credentialsClient: CredentialsClient, maskAccountId?: boolean): Promise<string>; export declare function exportAccountId(credentialsClient: CredentialsClient, maskAccountId?: boolean): Promise<string>;
export declare function sanitizeGitHubVariables(name: string): string; export declare function sanitizeGitHubVariables(name: string): string;
@ -8,7 +9,7 @@ export declare function defaultSleep(ms: number): Promise<unknown>;
declare let sleep: typeof defaultSleep; declare let sleep: typeof defaultSleep;
export declare function withsleep(s: typeof sleep): void; export declare function withsleep(s: typeof sleep): void;
export declare function reset(): void; export declare function reset(): void;
export declare function retryAndBackoff<T>(fn: () => Promise<T>, isRetryable: boolean, retries?: number, maxRetries?: number, base?: number): Promise<T>; export declare function retryAndBackoff<T>(fn: () => Promise<T>, isRetryable: boolean, maxRetries?: number, retries?: number, base?: number): Promise<T>;
export declare function errorMessage(error: unknown): string; export declare function errorMessage(error: unknown): string;
export declare function isDefined<T>(i: T | undefined | null): i is T; export declare function isDefined<T>(i: T | undefined | null): i is T;
export {}; export {};

680
dist/index.js generated vendored
View file

@ -241,14 +241,14 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result; return result;
}; };
Object.defineProperty(exports, "__esModule", ({ value: true })); Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.isDefined = exports.errorMessage = exports.retryAndBackoff = exports.reset = exports.withsleep = exports.defaultSleep = exports.sanitizeGitHubVariables = exports.exportAccountId = exports.exportRegion = exports.exportCredentials = void 0; exports.isDefined = exports.errorMessage = exports.retryAndBackoff = exports.reset = exports.withsleep = exports.defaultSleep = exports.sanitizeGitHubVariables = exports.exportAccountId = exports.exportRegion = exports.unsetCredentials = exports.exportCredentials = void 0;
const core = __importStar(__nccwpck_require__(2186)); const core = __importStar(__nccwpck_require__(2186));
const client_sts_1 = __nccwpck_require__(2209); const client_sts_1 = __nccwpck_require__(2209);
const MAX_TAG_VALUE_LENGTH = 256; const MAX_TAG_VALUE_LENGTH = 256;
const SANITIZATION_CHARACTER = '_'; const SANITIZATION_CHARACTER = '_';
// Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets. // Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets.
// Setting the credentials as secrets masks them in Github Actions logs // Setting the credentials as secrets masks them in Github Actions logs
function exportCredentials(creds) { function exportCredentials(creds, outputCredentials) {
if (creds?.AccessKeyId) { if (creds?.AccessKeyId) {
core.setSecret(creds.AccessKeyId); core.setSecret(creds.AccessKeyId);
core.exportVariable('AWS_ACCESS_KEY_ID', creds.AccessKeyId); core.exportVariable('AWS_ACCESS_KEY_ID', creds.AccessKeyId);
@ -265,8 +265,27 @@ function exportCredentials(creds) {
// clear session token from previous credentials action // clear session token from previous credentials action
core.exportVariable('AWS_SESSION_TOKEN', ''); core.exportVariable('AWS_SESSION_TOKEN', '');
} }
if (outputCredentials) {
if (creds?.AccessKeyId) {
core.setOutput('aws-access-key-id', creds.AccessKeyId);
}
if (creds?.SecretAccessKey) {
core.setOutput('aws-secret-access-key', creds.SecretAccessKey);
}
if (creds?.SessionToken) {
core.setOutput('aws-session-token', creds.SessionToken);
}
}
} }
exports.exportCredentials = exportCredentials; exports.exportCredentials = exportCredentials;
function unsetCredentials() {
core.exportVariable('AWS_ACCESS_KEY_ID', '');
core.exportVariable('AWS_SECRET_ACCESS_KEY', '');
core.exportVariable('AWS_SESSION_TOKEN', '');
core.exportVariable('AWS_REGION', '');
core.exportVariable('AWS_DEFAULT_REGION', '');
}
exports.unsetCredentials = unsetCredentials;
function exportRegion(region) { function exportRegion(region) {
core.exportVariable('AWS_DEFAULT_REGION', region); core.exportVariable('AWS_DEFAULT_REGION', region);
core.exportVariable('AWS_REGION', region); core.exportVariable('AWS_REGION', region);
@ -310,7 +329,7 @@ function reset() {
} }
exports.reset = reset; exports.reset = reset;
// Retries the promise with exponential backoff if the error isRetryable up to maxRetries time. // Retries the promise with exponential backoff if the error isRetryable up to maxRetries time.
async function retryAndBackoff(fn, isRetryable, retries = 0, maxRetries = 12, base = 50) { async function retryAndBackoff(fn, isRetryable, maxRetries = 12, retries = 0, base = 50) {
try { try {
return await fn(); return await fn();
} }
@ -324,7 +343,7 @@ async function retryAndBackoff(fn, isRetryable, retries = 0, maxRetries = 12, ba
if (retries === maxRetries) { if (retries === maxRetries) {
throw err; throw err;
} }
return await retryAndBackoff(fn, isRetryable, retries, maxRetries, base); return await retryAndBackoff(fn, isRetryable, maxRetries, retries, base);
} }
} }
exports.retryAndBackoff = retryAndBackoff; exports.retryAndBackoff = retryAndBackoff;
@ -398,12 +417,18 @@ async function run() {
const roleSkipSessionTaggingInput = core.getInput('role-skip-session-tagging', { required: false }) || 'false'; const roleSkipSessionTaggingInput = core.getInput('role-skip-session-tagging', { required: false }) || 'false';
const roleSkipSessionTagging = roleSkipSessionTaggingInput.toLowerCase() === 'true'; const roleSkipSessionTagging = roleSkipSessionTaggingInput.toLowerCase() === 'true';
const proxyServer = core.getInput('http-proxy', { required: false }); const proxyServer = core.getInput('http-proxy', { required: false });
const disableOIDC = core.getInput('disable-oidc', { required: false });
const inlineSessionPolicy = core.getInput('inline-session-policy', { required: false }); const inlineSessionPolicy = core.getInput('inline-session-policy', { required: false });
const managedSessionPoliciesInput = core.getMultilineInput('managed-session-policies', { required: false }); const managedSessionPoliciesInput = core.getMultilineInput('managed-session-policies', { required: false });
const managedSessionPolicies = []; const managedSessionPolicies = [];
const roleChainingInput = core.getInput('role-chaining', { required: false }) || 'false'; const roleChainingInput = core.getInput('role-chaining', { required: false }) || 'false';
const roleChaining = roleChainingInput.toLowerCase() === 'true'; const roleChaining = roleChainingInput.toLowerCase() === 'true';
const outputCredentialsInput = core.getInput('output-credentials', { required: false }) || 'false';
const outputCredentials = outputCredentialsInput.toLowerCase() === 'true';
const unsetCurrentCredentialsInput = core.getInput('unset-current-credentials', { required: false }) || 'false';
const unsetCurrentCredentials = unsetCurrentCredentialsInput.toLowerCase() === 'true';
const disableRetryInput = core.getInput('disable-retry', { required: false }) || 'false';
const disableRetry = disableRetryInput.toLowerCase() === 'true';
const maxRetries = parseInt(core.getInput('retry-max-attempts', { required: false })) || 12;
for (const managedSessionPolicy of managedSessionPoliciesInput) { for (const managedSessionPolicy of managedSessionPoliciesInput) {
managedSessionPolicies.push({ arn: managedSessionPolicy }); managedSessionPolicies.push({ arn: managedSessionPolicy });
} }
@ -412,11 +437,10 @@ async function run() {
// The `ACTIONS_ID_TOKEN_REQUEST_TOKEN` environment variable is set when the `id-token` permission is granted. // The `ACTIONS_ID_TOKEN_REQUEST_TOKEN` environment variable is set when the `id-token` permission is granted.
// This is necessary to authenticate with OIDC, but not strictly set just for OIDC. If it is not set and all other // This is necessary to authenticate with OIDC, but not strictly set just for OIDC. If it is not set and all other
// checks pass, it is likely but not guaranteed that the user needs but lacks this permission in their workflow. // checks pass, it is likely but not guaranteed that the user needs but lacks this permission in their workflow.
// So, we will log a warning when it is the only piece absent, as well as add an opportunity to manually disable the entire check. // So, we will log a warning when it is the only piece absent
if (!!roleToAssume && if (!!roleToAssume &&
!webIdentityTokenFile && !webIdentityTokenFile &&
!AccessKeyId && !AccessKeyId &&
!disableOIDC &&
!process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] && !process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] &&
!roleChaining) { !roleChaining) {
core.info('It looks like you might be trying to authenticate with OIDC. Did you mean to set the `id-token` permission?'); core.info('It looks like you might be trying to authenticate with OIDC. Did you mean to set the `id-token` permission?');
@ -425,9 +449,11 @@ async function run() {
!!process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] && !!process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] &&
!AccessKeyId && !AccessKeyId &&
!webIdentityTokenFile && !webIdentityTokenFile &&
!disableOIDC &&
!roleChaining); !roleChaining);
}; };
if (unsetCurrentCredentials) {
(0, helpers_1.unsetCredentials)();
}
if (!region.match(REGION_REGEX)) { if (!region.match(REGION_REGEX)) {
throw new Error(`Region is not valid: ${region}`); throw new Error(`Region is not valid: ${region}`);
} }
@ -477,9 +503,9 @@ async function run() {
inlineSessionPolicy, inlineSessionPolicy,
managedSessionPolicies, managedSessionPolicies,
}); });
}, true); }, !disableRetry, maxRetries);
core.info(`Authenticated as assumedRoleId ${roleCredentials.AssumedRoleUser.AssumedRoleId}`); core.info(`Authenticated as assumedRoleId ${roleCredentials.AssumedRoleUser.AssumedRoleId}`);
(0, helpers_1.exportCredentials)(roleCredentials.Credentials); (0, helpers_1.exportCredentials)(roleCredentials.Credentials, outputCredentials);
// We need to validate the credentials in 2 of our use-cases // We need to validate the credentials in 2 of our use-cases
// First: self-hosted runners. If the GITHUB_ACTIONS environment variable // First: self-hosted runners. If the GITHUB_ACTIONS environment variable
// is set to `true` then we are NOT in a self-hosted runner. // is set to `true` then we are NOT in a self-hosted runner.
@ -18433,323 +18459,323 @@ module.exports = {
/***/ 4351: /***/ 4351:
/***/ ((module) => { /***/ ((module) => {
/****************************************************************************** /******************************************************************************
Copyright (c) Microsoft Corporation. Copyright (c) Microsoft Corporation.
Permission to use, copy, modify, and/or distribute this software for any Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted. purpose with or without fee is hereby granted.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE. PERFORMANCE OF THIS SOFTWARE.
***************************************************************************** */ ***************************************************************************** */
/* global global, define, System, Reflect, Promise */ /* global global, define, System, Reflect, Promise */
var __extends; var __extends;
var __assign; var __assign;
var __rest; var __rest;
var __decorate; var __decorate;
var __param; var __param;
var __metadata; var __metadata;
var __awaiter; var __awaiter;
var __generator; var __generator;
var __exportStar; var __exportStar;
var __values; var __values;
var __read; var __read;
var __spread; var __spread;
var __spreadArrays; var __spreadArrays;
var __spreadArray; var __spreadArray;
var __await; var __await;
var __asyncGenerator; var __asyncGenerator;
var __asyncDelegator; var __asyncDelegator;
var __asyncValues; var __asyncValues;
var __makeTemplateObject; var __makeTemplateObject;
var __importStar; var __importStar;
var __importDefault; var __importDefault;
var __classPrivateFieldGet; var __classPrivateFieldGet;
var __classPrivateFieldSet; var __classPrivateFieldSet;
var __classPrivateFieldIn; var __classPrivateFieldIn;
var __createBinding; var __createBinding;
(function (factory) { (function (factory) {
var root = typeof global === "object" ? global : typeof self === "object" ? self : typeof this === "object" ? this : {}; var root = typeof global === "object" ? global : typeof self === "object" ? self : typeof this === "object" ? this : {};
if (typeof define === "function" && define.amd) { if (typeof define === "function" && define.amd) {
define("tslib", ["exports"], function (exports) { factory(createExporter(root, createExporter(exports))); }); define("tslib", ["exports"], function (exports) { factory(createExporter(root, createExporter(exports))); });
} }
else if ( true && typeof module.exports === "object") { else if ( true && typeof module.exports === "object") {
factory(createExporter(root, createExporter(module.exports))); factory(createExporter(root, createExporter(module.exports)));
} }
else { else {
factory(createExporter(root)); factory(createExporter(root));
} }
function createExporter(exports, previous) { function createExporter(exports, previous) {
if (exports !== root) { if (exports !== root) {
if (typeof Object.create === "function") { if (typeof Object.create === "function") {
Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "__esModule", { value: true });
} }
else { else {
exports.__esModule = true; exports.__esModule = true;
} }
} }
return function (id, v) { return exports[id] = previous ? previous(id, v) : v; }; return function (id, v) { return exports[id] = previous ? previous(id, v) : v; };
} }
}) })
(function (exporter) { (function (exporter) {
var extendStatics = Object.setPrototypeOf || var extendStatics = Object.setPrototypeOf ||
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) || ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; }; function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
__extends = function (d, b) { __extends = function (d, b) {
if (typeof b !== "function" && b !== null) if (typeof b !== "function" && b !== null)
throw new TypeError("Class extends value " + String(b) + " is not a constructor or null"); throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
extendStatics(d, b); extendStatics(d, b);
function __() { this.constructor = d; } function __() { this.constructor = d; }
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __()); d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
}; };
__assign = Object.assign || function (t) { __assign = Object.assign || function (t) {
for (var s, i = 1, n = arguments.length; i < n; i++) { for (var s, i = 1, n = arguments.length; i < n; i++) {
s = arguments[i]; s = arguments[i];
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p]; for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];
} }
return t; return t;
}; };
__rest = function (s, e) { __rest = function (s, e) {
var t = {}; var t = {};
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
t[p] = s[p]; t[p] = s[p];
if (s != null && typeof Object.getOwnPropertySymbols === "function") if (s != null && typeof Object.getOwnPropertySymbols === "function")
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) { for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i])) if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
t[p[i]] = s[p[i]]; t[p[i]] = s[p[i]];
} }
return t; return t;
}; };
__decorate = function (decorators, target, key, desc) { __decorate = function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r; return c > 3 && r && Object.defineProperty(target, key, r), r;
}; };
__param = function (paramIndex, decorator) { __param = function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); } return function (target, key) { decorator(target, key, paramIndex); }
}; };
__metadata = function (metadataKey, metadataValue) { __metadata = function (metadataKey, metadataValue) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue); if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(metadataKey, metadataValue);
}; };
__awaiter = function (thisArg, _arguments, P, generator) { __awaiter = function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) { return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next()); step((generator = generator.apply(thisArg, _arguments || [])).next());
}); });
}; };
__generator = function (thisArg, body) { __generator = function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; } function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) { function step(op) {
if (f) throw new TypeError("Generator is already executing."); if (f) throw new TypeError("Generator is already executing.");
while (_) try { while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value]; if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) { switch (op[0]) {
case 0: case 1: t = op; break; case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false }; case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue; case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue; case 7: op = _.ops.pop(); _.trys.pop(); continue;
default: default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop(); if (t[2]) _.ops.pop();
_.trys.pop(); continue; _.trys.pop(); continue;
} }
op = body.call(thisArg, _); op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
} }
}; };
__exportStar = function(m, o) { __exportStar = function(m, o) {
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(o, p)) __createBinding(o, m, p); for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(o, p)) __createBinding(o, m, p);
}; };
__createBinding = Object.create ? (function(o, m, k, k2) { __createBinding = Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k; if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k); var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } }; desc = { enumerable: true, get: function() { return m[k]; } };
} }
Object.defineProperty(o, k2, desc); Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) { }) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k; if (k2 === undefined) k2 = k;
o[k2] = m[k]; o[k2] = m[k];
}); });
__values = function (o) { __values = function (o) {
var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0; var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
if (m) return m.call(o); if (m) return m.call(o);
if (o && typeof o.length === "number") return { if (o && typeof o.length === "number") return {
next: function () { next: function () {
if (o && i >= o.length) o = void 0; if (o && i >= o.length) o = void 0;
return { value: o && o[i++], done: !o }; return { value: o && o[i++], done: !o };
} }
}; };
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined."); throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
}; };
__read = function (o, n) { __read = function (o, n) {
var m = typeof Symbol === "function" && o[Symbol.iterator]; var m = typeof Symbol === "function" && o[Symbol.iterator];
if (!m) return o; if (!m) return o;
var i = m.call(o), r, ar = [], e; var i = m.call(o), r, ar = [], e;
try { try {
while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value); while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
} }
catch (error) { e = { error: error }; } catch (error) { e = { error: error }; }
finally { finally {
try { try {
if (r && !r.done && (m = i["return"])) m.call(i); if (r && !r.done && (m = i["return"])) m.call(i);
} }
finally { if (e) throw e.error; } finally { if (e) throw e.error; }
} }
return ar; return ar;
}; };
/** @deprecated */ /** @deprecated */
__spread = function () { __spread = function () {
for (var ar = [], i = 0; i < arguments.length; i++) for (var ar = [], i = 0; i < arguments.length; i++)
ar = ar.concat(__read(arguments[i])); ar = ar.concat(__read(arguments[i]));
return ar; return ar;
}; };
/** @deprecated */ /** @deprecated */
__spreadArrays = function () { __spreadArrays = function () {
for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length; for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;
for (var r = Array(s), k = 0, i = 0; i < il; i++) for (var r = Array(s), k = 0, i = 0; i < il; i++)
for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++) for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)
r[k] = a[j]; r[k] = a[j];
return r; return r;
}; };
__spreadArray = function (to, from, pack) { __spreadArray = function (to, from, pack) {
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) { if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
if (ar || !(i in from)) { if (ar || !(i in from)) {
if (!ar) ar = Array.prototype.slice.call(from, 0, i); if (!ar) ar = Array.prototype.slice.call(from, 0, i);
ar[i] = from[i]; ar[i] = from[i];
} }
} }
return to.concat(ar || Array.prototype.slice.call(from)); return to.concat(ar || Array.prototype.slice.call(from));
}; };
__await = function (v) { __await = function (v) {
return this instanceof __await ? (this.v = v, this) : new __await(v); return this instanceof __await ? (this.v = v, this) : new __await(v);
}; };
__asyncGenerator = function (thisArg, _arguments, generator) { __asyncGenerator = function (thisArg, _arguments, generator) {
if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined."); if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
var g = generator.apply(thisArg, _arguments || []), i, q = []; var g = generator.apply(thisArg, _arguments || []), i, q = [];
return i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i; return i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i;
function verb(n) { if (g[n]) i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; } function verb(n) { if (g[n]) i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; }
function resume(n, v) { try { step(g[n](v)); } catch (e) { settle(q[0][3], e); } } function resume(n, v) { try { step(g[n](v)); } catch (e) { settle(q[0][3], e); } }
function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); } function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); }
function fulfill(value) { resume("next", value); } function fulfill(value) { resume("next", value); }
function reject(value) { resume("throw", value); } function reject(value) { resume("throw", value); }
function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); } function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); }
}; };
__asyncDelegator = function (o) { __asyncDelegator = function (o) {
var i, p; var i, p;
return i = {}, verb("next"), verb("throw", function (e) { throw e; }), verb("return"), i[Symbol.iterator] = function () { return this; }, i; return i = {}, verb("next"), verb("throw", function (e) { throw e; }), verb("return"), i[Symbol.iterator] = function () { return this; }, i;
function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: n === "return" } : f ? f(v) : v; } : f; } function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: n === "return" } : f ? f(v) : v; } : f; }
}; };
__asyncValues = function (o) { __asyncValues = function (o) {
if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined."); if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
var m = o[Symbol.asyncIterator], i; var m = o[Symbol.asyncIterator], i;
return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i); return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; } function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); } function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
}; };
__makeTemplateObject = function (cooked, raw) { __makeTemplateObject = function (cooked, raw) {
if (Object.defineProperty) { Object.defineProperty(cooked, "raw", { value: raw }); } else { cooked.raw = raw; } if (Object.defineProperty) { Object.defineProperty(cooked, "raw", { value: raw }); } else { cooked.raw = raw; }
return cooked; return cooked;
}; };
var __setModuleDefault = Object.create ? (function(o, v) { var __setModuleDefault = Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v }); Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) { }) : function(o, v) {
o["default"] = v; o["default"] = v;
}; };
__importStar = function (mod) { __importStar = function (mod) {
if (mod && mod.__esModule) return mod; if (mod && mod.__esModule) return mod;
var result = {}; var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod); __setModuleDefault(result, mod);
return result; return result;
}; };
__importDefault = function (mod) { __importDefault = function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod }; return (mod && mod.__esModule) ? mod : { "default": mod };
}; };
__classPrivateFieldGet = function (receiver, state, kind, f) { __classPrivateFieldGet = function (receiver, state, kind, f) {
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter"); if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it"); if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver); return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
}; };
__classPrivateFieldSet = function (receiver, state, value, kind, f) { __classPrivateFieldSet = function (receiver, state, value, kind, f) {
if (kind === "m") throw new TypeError("Private method is not writable"); if (kind === "m") throw new TypeError("Private method is not writable");
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter"); if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it"); if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value; return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
}; };
__classPrivateFieldIn = function (state, receiver) { __classPrivateFieldIn = function (state, receiver) {
if (receiver === null || (typeof receiver !== "object" && typeof receiver !== "function")) throw new TypeError("Cannot use 'in' operator on non-object"); if (receiver === null || (typeof receiver !== "object" && typeof receiver !== "function")) throw new TypeError("Cannot use 'in' operator on non-object");
return typeof state === "function" ? receiver === state : state.has(receiver); return typeof state === "function" ? receiver === state : state.has(receiver);
}; };
exporter("__extends", __extends); exporter("__extends", __extends);
exporter("__assign", __assign); exporter("__assign", __assign);
exporter("__rest", __rest); exporter("__rest", __rest);
exporter("__decorate", __decorate); exporter("__decorate", __decorate);
exporter("__param", __param); exporter("__param", __param);
exporter("__metadata", __metadata); exporter("__metadata", __metadata);
exporter("__awaiter", __awaiter); exporter("__awaiter", __awaiter);
exporter("__generator", __generator); exporter("__generator", __generator);
exporter("__exportStar", __exportStar); exporter("__exportStar", __exportStar);
exporter("__createBinding", __createBinding); exporter("__createBinding", __createBinding);
exporter("__values", __values); exporter("__values", __values);
exporter("__read", __read); exporter("__read", __read);
exporter("__spread", __spread); exporter("__spread", __spread);
exporter("__spreadArrays", __spreadArrays); exporter("__spreadArrays", __spreadArrays);
exporter("__spreadArray", __spreadArray); exporter("__spreadArray", __spreadArray);
exporter("__await", __await); exporter("__await", __await);
exporter("__asyncGenerator", __asyncGenerator); exporter("__asyncGenerator", __asyncGenerator);
exporter("__asyncDelegator", __asyncDelegator); exporter("__asyncDelegator", __asyncDelegator);
exporter("__asyncValues", __asyncValues); exporter("__asyncValues", __asyncValues);
exporter("__makeTemplateObject", __makeTemplateObject); exporter("__makeTemplateObject", __makeTemplateObject);
exporter("__importStar", __importStar); exporter("__importStar", __importStar);
exporter("__importDefault", __importDefault); exporter("__importDefault", __importDefault);
exporter("__classPrivateFieldGet", __classPrivateFieldGet); exporter("__classPrivateFieldGet", __classPrivateFieldGet);
exporter("__classPrivateFieldSet", __classPrivateFieldSet); exporter("__classPrivateFieldSet", __classPrivateFieldSet);
exporter("__classPrivateFieldIn", __classPrivateFieldIn); exporter("__classPrivateFieldIn", __classPrivateFieldIn);
}); });
/***/ }), /***/ }),

26
src/helpers.ts
View file

@ -8,7 +8,7 @@ const SANITIZATION_CHARACTER = '_';
// Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets. // Configure the AWS CLI and AWS SDKs using environment variables and set them as secrets.
// Setting the credentials as secrets masks them in Github Actions logs // Setting the credentials as secrets masks them in Github Actions logs
export function exportCredentials(creds?: Partial<Credentials>) { export function exportCredentials(creds?: Partial<Credentials>, outputCredentials?: boolean) {
if (creds?.AccessKeyId) { if (creds?.AccessKeyId) {
core.setSecret(creds.AccessKeyId); core.setSecret(creds.AccessKeyId);
core.exportVariable('AWS_ACCESS_KEY_ID', creds.AccessKeyId); core.exportVariable('AWS_ACCESS_KEY_ID', creds.AccessKeyId);
@ -26,6 +26,26 @@ export function exportCredentials(creds?: Partial<Credentials>) {
// clear session token from previous credentials action // clear session token from previous credentials action
core.exportVariable('AWS_SESSION_TOKEN', ''); core.exportVariable('AWS_SESSION_TOKEN', '');
} }
if (outputCredentials) {
if (creds?.AccessKeyId) {
core.setOutput('aws-access-key-id', creds.AccessKeyId);
}
if (creds?.SecretAccessKey) {
core.setOutput('aws-secret-access-key', creds.SecretAccessKey);
}
if (creds?.SessionToken) {
core.setOutput('aws-session-token', creds.SessionToken);
}
}
}
export function unsetCredentials() {
core.exportVariable('AWS_ACCESS_KEY_ID', '');
core.exportVariable('AWS_SECRET_ACCESS_KEY', '');
core.exportVariable('AWS_SESSION_TOKEN', '');
core.exportVariable('AWS_REGION', '');
core.exportVariable('AWS_DEFAULT_REGION', '');
} }
export function exportRegion(region: string) { export function exportRegion(region: string) {
@ -74,8 +94,8 @@ export function reset() {
export async function retryAndBackoff<T>( export async function retryAndBackoff<T>(
fn: () => Promise<T>, fn: () => Promise<T>,
isRetryable: boolean, isRetryable: boolean,
retries = 0,
maxRetries = 12, maxRetries = 12,
retries = 0,
base = 50 base = 50
): Promise<T> { ): Promise<T> {
try { try {
@ -90,7 +110,7 @@ export async function retryAndBackoff<T>(
if (retries === maxRetries) { if (retries === maxRetries) {
throw err; throw err;
} }
return await retryAndBackoff(fn, isRetryable, retries, maxRetries, base); return await retryAndBackoff(fn, isRetryable, maxRetries, retries, base);
} }
} }

61
src/index.ts
View file

@ -1,7 +1,14 @@
import * as core from '@actions/core'; import * as core from '@actions/core';
import { assumeRole } from './assumeRole'; import { assumeRole } from './assumeRole';
import { CredentialsClient } from './CredentialsClient'; import { CredentialsClient } from './CredentialsClient';
import { errorMessage, retryAndBackoff, exportRegion, exportCredentials, exportAccountId } from './helpers'; import {
errorMessage,
retryAndBackoff,
exportRegion,
exportCredentials,
exportAccountId,
unsetCredentials,
} from './helpers';
const DEFAULT_ROLE_DURATION = 3600; // One hour (seconds) const DEFAULT_ROLE_DURATION = 3600; // One hour (seconds)
const ROLE_SESSION_NAME = 'GitHubActions'; const ROLE_SESSION_NAME = 'GitHubActions';
@ -26,12 +33,18 @@ export async function run() {
const roleSkipSessionTaggingInput = core.getInput('role-skip-session-tagging', { required: false }) || 'false'; const roleSkipSessionTaggingInput = core.getInput('role-skip-session-tagging', { required: false }) || 'false';
const roleSkipSessionTagging = roleSkipSessionTaggingInput.toLowerCase() === 'true'; const roleSkipSessionTagging = roleSkipSessionTaggingInput.toLowerCase() === 'true';
const proxyServer = core.getInput('http-proxy', { required: false }); const proxyServer = core.getInput('http-proxy', { required: false });
const disableOIDC = core.getInput('disable-oidc', { required: false });
const inlineSessionPolicy = core.getInput('inline-session-policy', { required: false }); const inlineSessionPolicy = core.getInput('inline-session-policy', { required: false });
const managedSessionPoliciesInput = core.getMultilineInput('managed-session-policies', { required: false }); const managedSessionPoliciesInput = core.getMultilineInput('managed-session-policies', { required: false });
const managedSessionPolicies: any[] = []; const managedSessionPolicies: any[] = [];
const roleChainingInput = core.getInput('role-chaining', { required: false }) || 'false'; const roleChainingInput = core.getInput('role-chaining', { required: false }) || 'false';
const roleChaining = roleChainingInput.toLowerCase() === 'true'; const roleChaining = roleChainingInput.toLowerCase() === 'true';
const outputCredentialsInput = core.getInput('output-credentials', { required: false }) || 'false';
const outputCredentials = outputCredentialsInput.toLowerCase() === 'true';
const unsetCurrentCredentialsInput = core.getInput('unset-current-credentials', { required: false }) || 'false';
const unsetCurrentCredentials = unsetCurrentCredentialsInput.toLowerCase() === 'true';
const disableRetryInput = core.getInput('disable-retry', { required: false }) || 'false';
const disableRetry = disableRetryInput.toLowerCase() === 'true';
const maxRetries = parseInt(core.getInput('retry-max-attempts', { required: false })) || 12;
for (const managedSessionPolicy of managedSessionPoliciesInput) { for (const managedSessionPolicy of managedSessionPoliciesInput) {
managedSessionPolicies.push({ arn: managedSessionPolicy }); managedSessionPolicies.push({ arn: managedSessionPolicy });
} }
@ -41,12 +54,11 @@ export async function run() {
// The `ACTIONS_ID_TOKEN_REQUEST_TOKEN` environment variable is set when the `id-token` permission is granted. // The `ACTIONS_ID_TOKEN_REQUEST_TOKEN` environment variable is set when the `id-token` permission is granted.
// This is necessary to authenticate with OIDC, but not strictly set just for OIDC. If it is not set and all other // This is necessary to authenticate with OIDC, but not strictly set just for OIDC. If it is not set and all other
// checks pass, it is likely but not guaranteed that the user needs but lacks this permission in their workflow. // checks pass, it is likely but not guaranteed that the user needs but lacks this permission in their workflow.
// So, we will log a warning when it is the only piece absent, as well as add an opportunity to manually disable the entire check. // So, we will log a warning when it is the only piece absent
if ( if (
!!roleToAssume && !!roleToAssume &&
!webIdentityTokenFile && !webIdentityTokenFile &&
!AccessKeyId && !AccessKeyId &&
!disableOIDC &&
!process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] && !process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] &&
!roleChaining !roleChaining
) { ) {
@ -59,11 +71,14 @@ export async function run() {
!!process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] && !!process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] &&
!AccessKeyId && !AccessKeyId &&
!webIdentityTokenFile && !webIdentityTokenFile &&
!disableOIDC &&
!roleChaining !roleChaining
); );
}; };
if (unsetCurrentCredentials) {
unsetCredentials();
}
if (!region.match(REGION_REGEX)) { if (!region.match(REGION_REGEX)) {
throw new Error(`Region is not valid: ${region}`); throw new Error(`Region is not valid: ${region}`);
} }
@ -101,23 +116,27 @@ export async function run() {
// Get role credentials if configured to do so // Get role credentials if configured to do so
if (roleToAssume) { if (roleToAssume) {
const roleCredentials = await retryAndBackoff(async () => { const roleCredentials = await retryAndBackoff(
return assumeRole({ async () => {
credentialsClient, return assumeRole({
sourceAccountId, credentialsClient,
roleToAssume, sourceAccountId,
roleExternalId, roleToAssume,
roleDuration, roleExternalId,
roleSessionName, roleDuration,
roleSkipSessionTagging, roleSessionName,
webIdentityTokenFile, roleSkipSessionTagging,
webIdentityToken, webIdentityTokenFile,
inlineSessionPolicy, webIdentityToken,
managedSessionPolicies, inlineSessionPolicy,
}); managedSessionPolicies,
}, true); });
},
!disableRetry,
maxRetries
);
core.info(`Authenticated as assumedRoleId ${roleCredentials.AssumedRoleUser!.AssumedRoleId!}`); core.info(`Authenticated as assumedRoleId ${roleCredentials.AssumedRoleUser!.AssumedRoleId!}`);
exportCredentials(roleCredentials.Credentials); exportCredentials(roleCredentials.Credentials, outputCredentials);
// We need to validate the credentials in 2 of our use-cases // We need to validate the credentials in 2 of our use-cases
// First: self-hosted runners. If the GITHUB_ACTIONS environment variable // First: self-hosted runners. If the GITHUB_ACTIONS environment variable
// is set to `true` then we are NOT in a self-hosted runner. // is set to `true` then we are NOT in a self-hosted runner.

86
test/index.test.ts
View file

@ -23,6 +23,10 @@ const FAKE_ACCOUNT_ID = '123456789012';
const FAKE_ROLE_ACCOUNT_ID = '111111111111'; const FAKE_ROLE_ACCOUNT_ID = '111111111111';
const ROLE_NAME = 'MY-ROLE'; const ROLE_NAME = 'MY-ROLE';
const ROLE_ARN = 'arn:aws:iam::111111111111:role/MY-ROLE'; const ROLE_ARN = 'arn:aws:iam::111111111111:role/MY-ROLE';
const MANAGED_SESSION_POLICY_INPUT = [
'arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess',
'arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess',
];
const ENVIRONMENT_VARIABLE_OVERRIDES = { const ENVIRONMENT_VARIABLE_OVERRIDES = {
SHOW_STACK_TRACE: 'false', SHOW_STACK_TRACE: 'false',
GITHUB_REPOSITORY: 'MY-REPOSITORY-NAME', GITHUB_REPOSITORY: 'MY-REPOSITORY-NAME',
@ -54,6 +58,12 @@ function mockGetInput(requestResponse: Record<string, string>) {
}; };
} }
function mockGetMultilineInput(requestResponse: Record<string, string[]>) {
return function (name: string, _options: unknown): string[] {
return requestResponse[name]!;
};
}
// eslint-disable-next-line @typescript-eslint/no-unsafe-return // eslint-disable-next-line @typescript-eslint/no-unsafe-return
jest.mock('fs', () => ({ jest.mock('fs', () => ({
...jest.requireActual('fs'), ...jest.requireActual('fs'),
@ -481,6 +491,40 @@ describe('Configure AWS Credentials', () => {
expect(mockedSTS.commandCalls(AssumeRoleWithWebIdentityCommand).length).toEqual(12); expect(mockedSTS.commandCalls(AssumeRoleWithWebIdentityCommand).length).toEqual(12);
}); });
test('role assumption fails after one trial when disabling retry', async () => {
process.env['GITHUB_ACTIONS'] = 'true';
process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] = 'test-token';
jest
.spyOn(core, 'getInput')
.mockImplementation(
mockGetInput({ 'role-to-assume': ROLE_ARN, 'aws-region': FAKE_REGION, 'disable-retry': 'true' })
);
mockedSTS.reset();
mockedSTS.on(AssumeRoleWithWebIdentityCommand).rejects();
await run();
expect(mockedSTS.commandCalls(AssumeRoleWithWebIdentityCommand).length).toEqual(1);
});
test('max retries is configurable', async () => {
process.env['GITHUB_ACTIONS'] = 'true';
process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'] = 'test-token';
jest.spyOn(core, 'getInput').mockImplementation(
mockGetInput({
'role-to-assume': ROLE_ARN,
'aws-region': FAKE_REGION,
'retry-max-attempts': '15',
})
);
mockedSTS.reset();
mockedSTS.on(AssumeRoleWithWebIdentityCommand).rejects();
await run();
expect(mockedSTS.commandCalls(AssumeRoleWithWebIdentityCommand).length).toEqual(15);
});
test('role external ID provided', async () => { test('role external ID provided', async () => {
jest jest
.spyOn(core, 'getInput') .spyOn(core, 'getInput')
@ -614,4 +658,46 @@ describe('Configure AWS Credentials', () => {
expect(core.exportVariable).toReturn(); expect(core.exportVariable).toReturn();
}); });
test('inline policy and managed session policies are provided in assume role calls', async () => {
jest
.spyOn(core, 'getInput')
.mockImplementation(mockGetInput({ ...ASSUME_ROLE_INPUTS, 'inline-session-policy': 'inline' }));
jest
.spyOn(core, 'getMultilineInput')
.mockImplementation(mockGetMultilineInput({ 'managed-session-policies': MANAGED_SESSION_POLICY_INPUT }));
await run();
expect(mockedSTS.commandCalls(AssumeRoleCommand)[0]?.args[0].input).toEqual({
RoleArn: ROLE_ARN,
RoleSessionName: 'GitHubActions',
DurationSeconds: 3600,
Tags: [
{ Key: 'GitHub', Value: 'Actions' },
{ Key: 'Repository', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REPOSITORY },
{ Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW },
{ Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION },
{ Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED },
{ Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA },
{ Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF },
],
Policy: 'inline',
PolicyArns: [
{ arn: 'arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess' },
{ arn: 'arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess' },
],
});
});
test('unsets credentials if enabled', async () => {
jest
.spyOn(core, 'getInput')
.mockImplementation(mockGetInput({ ...ASSUME_ROLE_INPUTS, 'unset-current-credentials': 'true' }));
await run();
expect(core.exportVariable).toHaveBeenCalledTimes(9);
});
}); });