Implemented wildcard selector (based on #238) (#488)

* Initial check-in of wildcard to get all secrets in path (Issue#234) * Fix wildcard for K/V v2 and Cubbyhole. Add more tests * Refactored out selectAndAppendResults * Use selectAndAppendResults for wildcard * Use normalizeOutputKey in action.js * Refactored wildcard --------- Co-authored-by: Scott Lemme <68233981+slemme1@users.noreply.github.com> Co-authored-by: Lemme <slemme@massmutual.com>
2026-04-07 12:39:26 +00:00 · 2023-09-15 22:56:07 +10:00 · 2023-09-15 22:56:07 +10:00 · d9197ec2d2
commit d9197ec2d2
parent cb841f2c86
8 changed files with 343 additions and 68 deletions
--- a/integrationTests/basic/integration.test.js
+++ b/integrationTests/basic/integration.test.js
@ -171,6 +171,26 @@ describe('integration', () => {
        expect(core.exportVariable).toBeCalledWith('OTHERSECRETDASH', 'OTHERSUPERSECRET');
    });

+    it('get wildcard secrets', async () => {
+        mockInput(`secret/data/test * ;`);
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledTimes(1);
+
+        expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
+    });
+
+    it('get wildcard secrets with name prefix', async () => {
+        mockInput(`secret/data/test * | GROUP_ ;`);
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledTimes(1);
+
+        expect(core.exportVariable).toBeCalledWith('GROUP_SECRET', 'SUPERSECRET');
+    });
+
    it('leading slash kvv2', async () => {
        mockInput('/secret/data/foobar fookv2');

@ -195,6 +215,34 @@ describe('integration', () => {
        expect(core.exportVariable).toBeCalledWith('OTHERSECRETDASH', 'OTHERCUSTOMSECRET');
    });

+    it('get K/V v1 wildcard secrets', async () => {
+        mockInput(`secret-kv1/test * ;`);
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledTimes(1);
+
+        expect(core.exportVariable).toBeCalledWith('SECRET', 'CUSTOMSECRET');
+    });
+
+    it('get K/V v1 wildcard secrets with name prefix', async () => {
+        mockInput(`secret-kv1/test * | GROUP_ ;`);
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledTimes(1);
+
+        expect(core.exportVariable).toBeCalledWith('GROUP_SECRET', 'CUSTOMSECRET');
+    });
+
+    it('get wildcard nested secret from K/V v1', async () => {
+        mockInput('secret-kv1/nested/test *');
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('OTHERSECRETDASH', 'OTHERCUSTOMSECRET');
+    });
+
    it('leading slash kvv1', async () => {
        mockInput('/secret-kv1/foobar fookv1');

@ -225,6 +273,17 @@ describe('integration', () => {
            expect(core.exportVariable).toBeCalledWith('FOO', 'bar');
        });

+        it('wildcard supports cubbyhole', async () => {            
+            mockInput('/cubbyhole/test *');
+
+            await exportSecrets();
+            
+            expect(core.exportVariable).toBeCalledTimes(2);
+
+            expect(core.exportVariable).toBeCalledWith('FOO', 'bar');
+            expect(core.exportVariable).toBeCalledWith('ZIP', 'zap');
+        });
+        
        it('caches responses', async () => {            
            mockInput(`
            /cubbyhole/test foo ;
--- a/integrationTests/enterprise/enterprise.test.js
+++ b/integrationTests/enterprise/enterprise.test.js
@ -72,6 +72,22 @@ describe('integration', () => {
        expect(core.exportVariable).toBeCalledWith('TEST_KEY', 'SUPERSECRET_IN_NAMESPACE');
    });

+    it('get wildcard secrets', async () => {
+        mockInput('secret/data/test *');
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET_IN_NAMESPACE');
+    });
+
+    it('get wildcard secrets with name prefix', async () => {
+        mockInput('secret/data/test * | GROUP_');
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('GROUP_SECRET', 'SUPERSECRET_IN_NAMESPACE');
+    });
+
    it('get nested secret', async () => {
        mockInput('secret/data/nested/test otherSecret');

@ -103,6 +119,22 @@ describe('integration', () => {
        expect(core.exportVariable).toBeCalledWith('SECRET', 'CUSTOMSECRET_IN_NAMESPACE');
    });

+    it('get wildcard secrets from K/V v1', async () => {
+        mockInput('my-secret/test *');
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('SECRET', 'CUSTOMSECRET_IN_NAMESPACE');
+    });
+
+    it('get wildcard secrets from K/V v1 with name prefix', async () => {
+        mockInput('my-secret/test * | GROUP_');
+
+        await exportSecrets();
+
+        expect(core.exportVariable).toBeCalledWith('GROUP_SECRET', 'CUSTOMSECRET_IN_NAMESPACE');
+    });
+
    it('get nested secret from K/V v1', async () => {
        mockInput('my-secret/nested/test otherSecret');