actions/vault-action
3
0
Fork 0
mirror of https://github.com/hashicorp/vault-action.git synced 2026-04-16 08:45:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add option to retry Vault Token retrieval

Browse source 
Sometimes we might encounter errors when retrieving the Vault token
using a method like JWT. In those cases, the action does not retry the
request today because the got package does not try POST requests by default.

This change adds an option called retryVaultTokenRetrieval that will
add the POST method to the retriable methods got uses. The post method
is not used in any other place in this action, so having the POST method
added to the defaultOptions seems okay for now.
This commit is contained in:
Max Wagner 2023-03-22 15:34:31 -06:00 committed by Max Wagner
parent 3a9100e7d5
commit 05074af563
2 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/action.js
View file

@ -31,6 +31,7 @@ async function exportSecrets() {
headers: {},
https: {},
retry: {
methods: [...got.defaults.options.retry.methods],
statusCodes: [
...got.defaults.options.retry.statusCodes,
// Vault returns 412 when the token in use hasn't yet been replicated
@ -68,6 +69,11 @@ async function exportSecrets() {
defaultOptions.headers["X-Vault-Namespace"] = vaultNamespace;
}
const retryVaultTokenRetrieval = (core.getInput('retryVaultTokenRetrieval', { required: false }) || 'false').toLowerCase() != 'false';
if (retryVaultTokenRetrieval === true) {
defaultOptions.retry.methods.push('POST');
}
const vaultToken = await retrieveToken(vaultMethod, got.extend(defaultOptions));
defaultOptions.headers['X-Vault-Token'] = vaultToken;
const client = got.extend(defaultOptions);