Skip to content

Commit ba5041f

Browse files
billputermergify[bot]
billputer
and
mergify[bot]
authored
fix: make GITHUB_REF env var optional (#82)
* fix: make GITHUB_REF env var optional * Fix conflicts from #92 Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
1 parent cb8fb66 commit ba5041f

File tree

2 files changed

+35
-12
lines changed

2 files changed

+35
-12
lines changed

index.js

+6-3
Original file line numberDiff line numberDiff line change
@@ -29,9 +29,9 @@ async function assumeRole(params) {
2929
"Missing required input when assuming a Role."
3030
);
3131

32-
const {GITHUB_REPOSITORY, GITHUB_WORKFLOW, GITHUB_ACTION, GITHUB_ACTOR, GITHUB_REF, GITHUB_SHA} = process.env;
32+
const {GITHUB_REPOSITORY, GITHUB_WORKFLOW, GITHUB_ACTION, GITHUB_ACTOR, GITHUB_SHA} = process.env;
3333
assert(
34-
[GITHUB_REPOSITORY, GITHUB_WORKFLOW, GITHUB_ACTION, GITHUB_ACTOR, GITHUB_REF, GITHUB_SHA].every(isDefined),
34+
[GITHUB_REPOSITORY, GITHUB_WORKFLOW, GITHUB_ACTION, GITHUB_ACTOR, GITHUB_SHA].every(isDefined),
3535
'Missing required environment value. Are you running in GitHub Actions?'
3636
);
3737

@@ -48,10 +48,13 @@ async function assumeRole(params) {
4848
{Key: 'Workflow', Value: sanitizeGithubWorkflowName(GITHUB_WORKFLOW)},
4949
{Key: 'Action', Value: GITHUB_ACTION},
5050
{Key: 'Actor', Value: sanitizeGithubActor(GITHUB_ACTOR)},
51-
{Key: 'Branch', Value: GITHUB_REF},
5251
{Key: 'Commit', Value: GITHUB_SHA},
5352
];
5453

54+
if (isDefined(process.env.GITHUB_REF)) {
55+
tagArray.push({Key: 'Branch', Value: process.env.GITHUB_REF});
56+
}
57+
5558
const roleSessionTags = roleSkipSessionTagging ? undefined : tagArray;
5659

5760
const assumeRoleRequest = {

index.test.js

+29-9
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,8 @@ const ENVIRONMENT_VARIABLE_OVERRIDES = {
2222
GITHUB_WORKFLOW: 'MY-WORKFLOW-ID',
2323
GITHUB_ACTION: 'MY-ACTION-NAME',
2424
GITHUB_ACTOR: 'MY-USERNAME[bot]',
25-
GITHUB_REF: 'MY-BRANCH',
2625
GITHUB_SHA: 'MY-COMMIT-ID',
26+
GITHUB_REF: 'MY-BRANCH',
2727
};
2828
const GITHUB_ACTOR_SANITIZED = 'MY-USERNAME_bot_'
2929

@@ -142,6 +142,26 @@ describe('Configure AWS Credentials', () => {
142142
expect(core.setSecret).toHaveBeenCalledWith(FAKE_ACCOUNT_ID);
143143
});
144144

145+
test('action fails when github env vars are not set', async () => {
146+
process.env.SHOW_STACK_TRACE = 'false';
147+
core.getInput = jest
148+
.fn()
149+
.mockImplementation(mockGetInput(ASSUME_ROLE_INPUTS));
150+
delete process.env.GITHUB_SHA;
151+
152+
await run();
153+
expect(core.setFailed).toHaveBeenCalledWith('Missing required environment value. Are you running in GitHub Actions?');
154+
});
155+
156+
test('action does not require GITHUB_REF env var', async () => {
157+
core.getInput = jest
158+
.fn()
159+
.mockImplementation(mockGetInput(ASSUME_ROLE_INPUTS));
160+
delete process.env.GITHUB_REF;
161+
162+
await run();
163+
});
164+
145165
test('hosted runners can pull creds from a self-hosted environment', async () => {
146166
const mockInputs = {'aws-region': FAKE_REGION};
147167
core.getInput = jest
@@ -415,8 +435,8 @@ describe('Configure AWS Credentials', () => {
415435
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
416436
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
417437
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
418-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
419438
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
439+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
420440
]
421441
})
422442
});
@@ -437,8 +457,8 @@ describe('Configure AWS Credentials', () => {
437457
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
438458
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
439459
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
440-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
441460
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
461+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
442462
]
443463
})
444464
});
@@ -459,8 +479,8 @@ describe('Configure AWS Credentials', () => {
459479
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
460480
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
461481
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
462-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
463482
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
483+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
464484
]
465485
})
466486
});
@@ -481,8 +501,8 @@ describe('Configure AWS Credentials', () => {
481501
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
482502
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
483503
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
484-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
485504
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
505+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
486506
]
487507
})
488508
});
@@ -503,8 +523,8 @@ describe('Configure AWS Credentials', () => {
503523
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
504524
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
505525
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
506-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
507526
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
527+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
508528
],
509529
ExternalId: 'abcdef'
510530
})
@@ -530,8 +550,8 @@ describe('Configure AWS Credentials', () => {
530550
{Key: 'Workflow', Value: sanitizedWorkflowName},
531551
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
532552
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
533-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
534553
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
554+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
535555
]
536556
})
537557
});
@@ -566,8 +586,8 @@ describe('Configure AWS Credentials', () => {
566586
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
567587
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
568588
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
569-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
570589
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
590+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
571591
]
572592
})
573593
});
@@ -588,8 +608,8 @@ describe('Configure AWS Credentials', () => {
588608
{Key: 'Workflow', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_WORKFLOW},
589609
{Key: 'Action', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_ACTION},
590610
{Key: 'Actor', Value: GITHUB_ACTOR_SANITIZED},
591-
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
592611
{Key: 'Commit', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_SHA},
612+
{Key: 'Branch', Value: ENVIRONMENT_VARIABLE_OVERRIDES.GITHUB_REF},
593613
]
594614
})
595615
});

0 commit comments

Comments
 (0)