mirror of
https://github.com/aws-actions/configure-aws-credentials.git
synced 2026-06-05 19:53:32 +00:00
3cc0e19239* Revert "chore: Update dist" This reverts commite8614cfbf0. * Revert "chore(deps): bump @aws-sdk/client-sts from 3.1045.0 to 3.1049.0 (#1782)" This reverts commit4684f47f89. * Revert "chore: Update dist" This reverts commit48b8685c96. * Revert "chore(deps-dev): bump @smithy/property-provider from 4.3.1 to 4.3.3 (#1783)" This reverts commitfe6ad3af19. * Revert "chore: Update dist" This reverts commit2520c5e921. * Revert "chore(deps-dev): bump @aws-sdk/credential-provider-env (#1784)" This reverts commitbc1093db1d. * Revert "chore(deps-dev): bump @types/node from 25.7.0 to 25.9.0 (#1785)" This reverts commitffde832a1d. * Revert "chore: Update dist" This reverts commit707acd96f6. * Revert "chore(deps): bump @smithy/node-http-handler from 4.7.1 to 4.7.3 (#1781)" This reverts commita7c33ae483. * Revert "chore: update README for additional claim support (#1779)" This reverts commit713aaabfec. * Revert "chore: Update dist" This reverts commite6e8eba750. * Revert "fix: skip credential check on output-env-credentials: false (#1778)" This reverts commit58e7c47adf. * Revert "chore: document forgejo compatibility (#1776)" This reverts commitf35a7d7d7e. * Revert "chore: Update dist" This reverts commit3884f59ecd. * Revert "feat: add additional session tags by default (#1775)" This reverts commite0ba768507. * Revert "chore: Update dist" This reverts commit6795889618. * Revert "feat: expose run id in STS client user-agent (#1774)" This reverts commit29d1be3027. * Revert "chore(deps-dev): bump @types/node from 25.6.0 to 25.7.0 (#1773)" This reverts commitef734cca81. * Revert "chore(deps-dev): bump @biomejs/biome from 2.4.14 to 2.4.15 (#1772)" This reverts commit7521c55910. * Revert "chore: Update dist" This reverts commitc0e2737f14. * Revert "chore(deps): bump @smithy/node-http-handler from 4.6.1 to 4.7.1 (#1770)" This reverts commitdbd503f368. * Revert "chore: Update dist" This reverts commit18a236fbd1. * Revert "chore(deps-dev): bump @smithy/property-provider from 4.2.14 to 4.3.1 (#1771)" This reverts commit1ab31502aa. * Revert "chore(deps-dev): bump @vitest/coverage-v8 from 4.1.5 to 4.1.6 (#1768)" This reverts commit1fb495c4b2. * Revert "chore: Update dist" This reverts commit1e8fec8ea1. * Revert "chore(deps): bump @aws-sdk/client-sts from 3.1044.0 to 3.1045.0 (#1767)" This reverts commita388f23f7d. * Revert "chore: update documentation for environment workflows (#1766)" This reverts commit3f7e1b63d7. * Revert "feat: add regex validation to role-session-name (#1765)" This reverts commite35449909c. * Revert "chore: Update dist" This reverts commit958a80fc34. * Revert "feat: add more retry logic and better logging (#1764)" This reverts commit540d0c13ae. * Revert "chore: automate README version bumping (#1763)" This reverts commit07ada0fe07. * Revert "chore: Update dist" This reverts commitf8d4eb68a9. * Revert "feat: support custom STS endpoints (#1762)" This reverts commit8d52d05d7a. * Revert "chore: Update dist" This reverts commit681892c11b. * Revert "chore: configure codeql to ignore generated code (#1760)" This reverts commitdc2353e57a. * Revert "feat: Allow custom session tags to be passed when assuming a role (#1759)" This reverts commit61f50f630f. * Revert "chore: automatic major version tagging (#1565)" This reverts commitc36525a567. * Revert "chore: bump unit test node version (#1758)" This reverts commit39d1702721. * Revert "chore(deps): bump @aws-sdk/client-sts from 3.1043.0 to 3.1044.0 (#1754)" This reverts commit4cfda40a13. * Revert "chore(deps-dev): bump @biomejs/biome from 2.4.13 to 2.4.14 (#1756)" This reverts commit8856e12f3a. * Revert "chore(deps): bump @actions/core from 2.0.3 to 3.0.1 (#1746)" This reverts commit64d8e82527. * Revert "chore(deps-dev): bump vitest from 3.2.4 to 4.1.5 (#1748)" This reverts commit78f374f6d1.
73 lines
3.1 KiB
TypeScript
73 lines
3.1 KiB
TypeScript
import * as core from '@actions/core';
|
|
import { STSClient } from '@aws-sdk/client-sts';
|
|
import { mockClient } from 'aws-sdk-client-mock';
|
|
import { beforeEach, describe, expect, it, vi } from 'vitest';
|
|
import { cleanup } from '../src/cleanup';
|
|
import mocks from './mockinputs.test';
|
|
|
|
const mockedSTSClient = mockClient(STSClient);
|
|
|
|
describe('Configure AWS Credentials cleanup', {}, () => {
|
|
beforeEach(() => {
|
|
// Reset mock state
|
|
vi.restoreAllMocks();
|
|
mockedSTSClient.reset();
|
|
// Mock GitHub Actions core functions
|
|
vi.spyOn(core, 'exportVariable').mockImplementation((_n, _v) => {});
|
|
vi.spyOn(core, 'setSecret').mockImplementation((_s) => {});
|
|
vi.spyOn(core, 'setFailed').mockImplementation((_m) => {});
|
|
vi.spyOn(core, 'setOutput').mockImplementation((_n, _v) => {});
|
|
vi.spyOn(core, 'debug').mockImplementation((_m) => {});
|
|
vi.spyOn(core, 'info').mockImplementation((_m) => {});
|
|
process.env = {
|
|
...mocks.envs,
|
|
AWS_ACCESS_KEY_ID: 'CLEANUPTEST',
|
|
AWS_SECRET_ACCESS_KEY: 'CLEANUPTEST',
|
|
AWS_SESSION_TOKEN: 'CLEANUPTEST',
|
|
AWS_REGION: 'CLEANUPTEST',
|
|
AWS_DEFAULT_REGION: 'CLEANUPTEST',
|
|
};
|
|
});
|
|
it('replaces AWS credential and region environment variables with empty strings', {}, () => {
|
|
cleanup();
|
|
expect(core.setFailed).toHaveBeenCalledTimes(0);
|
|
expect(core.exportVariable).toHaveBeenCalledTimes(5);
|
|
expect(core.exportVariable).toHaveBeenCalledWith('AWS_ACCESS_KEY_ID', '');
|
|
expect(core.exportVariable).toHaveBeenCalledWith('AWS_SECRET_ACCESS_KEY', '');
|
|
expect(core.exportVariable).toHaveBeenCalledWith('AWS_SESSION_TOKEN', '');
|
|
expect(core.exportVariable).toHaveBeenCalledWith('AWS_DEFAULT_REGION', '');
|
|
expect(core.exportVariable).toHaveBeenCalledWith('AWS_REGION', '');
|
|
});
|
|
it('also clears AWS_PROFILE when aws-profile was set', {}, () => {
|
|
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
|
|
if (name === 'aws-profile') return 'my-profile';
|
|
if (name === 'output-env-credentials') return 'true';
|
|
return '';
|
|
});
|
|
cleanup();
|
|
expect(core.setFailed).toHaveBeenCalledTimes(0);
|
|
expect(core.exportVariable).toHaveBeenCalledTimes(6);
|
|
expect(core.exportVariable).toHaveBeenCalledWith('AWS_PROFILE', '');
|
|
});
|
|
it('skips env cleanup when aws-profile is set without output-env-credentials', {}, () => {
|
|
vi.spyOn(core, 'getInput').mockImplementation((name: string) => {
|
|
if (name === 'aws-profile') return 'my-profile';
|
|
return '';
|
|
});
|
|
cleanup();
|
|
expect(core.setFailed).toHaveBeenCalledTimes(0);
|
|
expect(core.exportVariable).toHaveBeenCalledTimes(0);
|
|
});
|
|
it('handles errors', {}, () => {
|
|
vi.spyOn(core, 'exportVariable').mockImplementationOnce(() => {
|
|
throw new Error('Test error');
|
|
});
|
|
cleanup();
|
|
expect(core.setFailed).toHaveBeenCalled();
|
|
});
|
|
it(`doesn't export credentials as empty env variables if asked not to`, {}, () => {
|
|
vi.spyOn(core, 'getInput').mockImplementation(mocks.getInput(mocks.NO_ENV_CREDS_INPUTS));
|
|
cleanup();
|
|
expect(core.exportVariable).toHaveBeenCalledTimes(0);
|
|
});
|
|
});
|