feat: support for KV version 1 and custom-named engines (#12)

* feat: kv v1 and engine path * doc: add custom version and engine path usage docs Co-authored-by: Richard Simpson <richardsimpson@outlook.com>
2020-02-04 12:40:55 -03:00
parent 3b9239de79
commit f229481670
9 changed files with 465 additions and 139 deletions
--- a/action.test.js
+++ b/action.test.js
@@ -7,6 +7,7 @@ const got = require('got');
 const {
    exportSecrets,
    parseSecretsInput,
+    parseResponse
 } = require('./action');

 const { when } = require('jest-when');
@@ -82,6 +83,38 @@ describe('parseSecretsInput', () => {
    })
 });

+describe('parseResponse', () => {
+    // https://www.vaultproject.io/api/secret/kv/kv-v1.html#sample-response
+    it('parses K/V version 1 response', () => {
+        const response = JSON.stringify({
+            data: {
+                foo: 'bar'
+            }
+        })
+        const output = parseResponse(response, 1);
+
+        expect(output).toEqual({
+            foo: 'bar'
+        });
+    });
+
+    // https://www.vaultproject.io/api/secret/kv/kv-v2.html#read-secret-version
+    it('parses K/V version 2 response', () => {
+        const response = JSON.stringify({
+            data: {
+                data: {
+                    foo: 'bar'
+                }
+            }
+        })
+        const output = parseResponse(response, 2);
+
+        expect(output).toEqual({
+            foo: 'bar'
+        });
+    });
+});
+

 describe('exportSecrets', () => {
    beforeEach(() => {
@@ -89,27 +122,44 @@ describe('exportSecrets', () => {

        when(core.getInput)
            .calledWith('url')
-            .mockReturnValue('http://vault:8200');
+            .mockReturnValueOnce('http://vault:8200');

        when(core.getInput)
            .calledWith('token')
-            .mockReturnValue('EXAMPLE');
+            .mockReturnValueOnce('EXAMPLE');
    });

    function mockInput(key) {
        when(core.getInput)
            .calledWith('secrets')
-            .mockReturnValue(key);
+            .mockReturnValueOnce(key);
    }

-    function mockVaultData(data) {
-        got.mockResolvedValue({
-            body: JSON.stringify({
-                data: {
-                    data
-                }
-            })
-        });
+    function mockVersion(version) {
+        when(core.getInput)
+            .calledWith('kv-version')
+            .mockReturnValueOnce(version);
+    }
+
+    function mockVaultData(data, version='2') {
+        switch(version) {
+            case '1':
+                got.mockResolvedValue({
+                    body: JSON.stringify({
+                        data
+                    })
+                });
+            break;
+            case '2':
+                got.mockResolvedValue({
+                    body: JSON.stringify({
+                        data: {
+                            data
+                        }
+                    })
+                });
+            break;
+        }
    }

    it('simple secret retrieval', async () => {
@@ -133,4 +183,18 @@ describe('exportSecrets', () => {

        expect(core.exportVariable).toBeCalledWith('TEST_NAME', '1');
    });
-});
+
+    it('simple secret retrieval from K/V v1', async () => {
+        const version = '1';
+
+        mockInput('test key');
+        mockVersion(version);
+        mockVaultData({
+            key: 1
+        }, version);
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('KEY', '1');
+    });
+});