diff --git a/__fixtures__/core.ts b/__fixtures__/core.ts index efe7ebe..becbebd 100644 --- a/__fixtures__/core.ts +++ b/__fixtures__/core.ts @@ -9,3 +9,4 @@ export const getBooleanInput = vi.fn() export const setOutput = vi.fn() export const setFailed = vi.fn() export const warning = vi.fn() +export const setSecret = vi.fn() diff --git a/__tests__/helpers.test.ts b/__tests__/helpers.test.ts index fe22b76..59ab77f 100644 --- a/__tests__/helpers.test.ts +++ b/__tests__/helpers.test.ts @@ -150,9 +150,9 @@ X-Custom-Header: custom-value` header2: 'value2', 'X-Custom-Header': 'custom-value', }) - expect(core.info).toHaveBeenCalledWith('Custom header added: header1: value1') - expect(core.info).toHaveBeenCalledWith('Custom header added: header2: value2') - expect(core.info).toHaveBeenCalledWith('Custom header added: X-Custom-Header: custom-value') + expect(core.debug).toHaveBeenCalledWith('Custom header added: header1: value1') + expect(core.debug).toHaveBeenCalledWith('Custom header added: header2: value2') + expect(core.debug).toHaveBeenCalledWith('Custom header added: X-Custom-Header: custom-value') }) it('parses JSON format headers correctly', () => { @@ -165,9 +165,9 @@ X-Custom-Header: custom-value` header2: 'value2', 'X-Team': 'engineering', }) - expect(core.info).toHaveBeenCalledWith('Custom header added: header1: value1') - expect(core.info).toHaveBeenCalledWith('Custom header added: header2: value2') - expect(core.info).toHaveBeenCalledWith('Custom header added: X-Team: engineering') + expect(core.debug).toHaveBeenCalledWith('Custom header added: header1: value1') + expect(core.debug).toHaveBeenCalledWith('Custom header added: header2: value2') + expect(core.debug).toHaveBeenCalledWith('Custom header added: X-Team: engineering') }) it('returns empty object for empty input', () => { @@ -194,13 +194,13 @@ password: pass123` }) // Sensitive headers should be masked - expect(core.info).toHaveBeenCalledWith('Custom header added: Ocp-Apim-Subscription-Key: ***MASKED***') - expect(core.info).toHaveBeenCalledWith('Custom header added: X-Api-Token: ***MASKED***') - expect(core.info).toHaveBeenCalledWith('Custom header added: Authorization: ***MASKED***') - expect(core.info).toHaveBeenCalledWith('Custom header added: password: ***MASKED***') + expect(core.debug).toHaveBeenCalledWith('Custom header added: Ocp-Apim-Subscription-Key: ***MASKED***') + expect(core.debug).toHaveBeenCalledWith('Custom header added: X-Api-Token: ***MASKED***') + expect(core.debug).toHaveBeenCalledWith('Custom header added: Authorization: ***MASKED***') + expect(core.debug).toHaveBeenCalledWith('Custom header added: password: ***MASKED***') // Non-sensitive headers should not be masked - expect(core.info).toHaveBeenCalledWith('Custom header added: serviceName: my-service') + expect(core.debug).toHaveBeenCalledWith('Custom header added: serviceName: my-service') }) it('validates header names and skips invalid ones', () => { @@ -214,13 +214,11 @@ valid123: value5` expect(result).toEqual({ 'valid-header': 'value1', + invalid_underscore: 'value3', valid123: 'value5', }) expect(core.warning).toHaveBeenCalledWith(expect.stringContaining('Skipping invalid header name: invalid header')) - expect(core.warning).toHaveBeenCalledWith( - expect.stringContaining('Skipping invalid header name: invalid_underscore'), - ) expect(core.warning).toHaveBeenCalledWith(expect.stringContaining('Skipping invalid header name: invalid@header')) }) @@ -367,8 +365,8 @@ systemID: terraform-ci` }) // Only the subscription key should be masked - expect(core.info).toHaveBeenCalledWith('Custom header added: Ocp-Apim-Subscription-Key: ***MASKED***') - expect(core.info).toHaveBeenCalledWith('Custom header added: serviceName: terraform-plan-workflow') + expect(core.debug).toHaveBeenCalledWith('Custom header added: Ocp-Apim-Subscription-Key: ***MASKED***') + expect(core.debug).toHaveBeenCalledWith('Custom header added: serviceName: terraform-plan-workflow') }) }) }) diff --git a/__tests__/inference.test.ts b/__tests__/inference.test.ts index 3f78e12..0f2f6ff 100644 --- a/__tests__/inference.test.ts +++ b/__tests__/inference.test.ts @@ -58,7 +58,7 @@ describe('inference.ts', () => { expect(result).toBe('Hello, user!') expect(core.info).toHaveBeenCalledWith('Running simple inference without tools') - expect(core.info).toHaveBeenCalledWith('Model response: Hello, user!') + expect(core.debug).toHaveBeenCalledWith('Model response: Hello, user!') // Verify the request structure expect(mockCreate).toHaveBeenCalledWith({ @@ -136,7 +136,7 @@ describe('inference.ts', () => { const result = await simpleInference(mockRequest) expect(result).toBeNull() - expect(core.info).toHaveBeenCalledWith('Model response: No response content') + expect(core.debug).toHaveBeenCalledWith('Model response: No response content') }) it('includes response format when specified', async () => { diff --git a/__tests__/main.test.ts b/__tests__/main.test.ts index 578bf98..387e064 100644 --- a/__tests__/main.test.ts +++ b/__tests__/main.test.ts @@ -136,6 +136,7 @@ describe('main.ts', () => { await run() expect(core.setOutput).toHaveBeenCalled() + expect(core.setSecret).toHaveBeenCalledWith('fake-token') verifyStandardResponse() expect(mockProcessExit).toHaveBeenCalledWith(0) }) @@ -199,6 +200,7 @@ describe('main.ts', () => { await run() + expect(core.setSecret).toHaveBeenCalledWith('fake-token') expect(mockConnectToGitHubMCP).toHaveBeenCalledWith('fake-token', '') expect(mockMcpInference).toHaveBeenCalledWith( expect.objectContaining({ diff --git a/__tests__/mcp.test.ts b/__tests__/mcp.test.ts index f8a37bf..fea06cb 100644 --- a/__tests__/mcp.test.ts +++ b/__tests__/mcp.test.ts @@ -177,8 +177,8 @@ describe('mcp.ts', () => { name: 'test-tool', content: JSON.stringify(toolResult.content), }) - expect(core.info).toHaveBeenCalledWith('Executing GitHub MCP tool: test-tool with args: {"param": "value"}') - expect(core.info).toHaveBeenCalledWith('GitHub MCP tool test-tool executed successfully') + expect(core.debug).toHaveBeenCalledWith('Executing GitHub MCP tool: test-tool with args: {"param": "value"}') + expect(core.debug).toHaveBeenCalledWith('GitHub MCP tool test-tool executed successfully') }) it('handles tool execution errors gracefully', async () => { diff --git a/__tests__/prompt.test.ts b/__tests__/prompt.test.ts index 2eba81d..686eacd 100644 --- a/__tests__/prompt.test.ts +++ b/__tests__/prompt.test.ts @@ -135,5 +135,17 @@ describe('prompt.ts', () => { it('errors on missing files', () => { expect(() => parseFileTemplateVariables('x: ./does-not-exist.txt')).toThrow('was not found') }) + + it('errors on non-string file paths', () => { + expect(() => parseFileTemplateVariables('x: 123')).toThrow( + "File template variable 'x' must be a string file path", + ) + expect(() => parseFileTemplateVariables('x: true')).toThrow( + "File template variable 'x' must be a string file path", + ) + expect(() => parseFileTemplateVariables('x: { nested: "object" }')).toThrow( + "File template variable 'x' must be a string file path", + ) + }) }) }) diff --git a/src/helpers.ts b/src/helpers.ts index 33bd10b..c68c370 100644 --- a/src/helpers.ts +++ b/src/helpers.ts @@ -121,9 +121,10 @@ function validateAndMaskHeaders(headers: Record): Record): Record lowerName.includes(pattern)) if (isSensitive) { - core.info(`Custom header added: ${name}: ***MASKED***`) + core.debug(`Custom header added: ${name}: ***MASKED***`) } else { - core.info(`Custom header added: ${name}: ${stringValue}`) + core.debug(`Custom header added: ${name}: ${stringValue}`) } } diff --git a/src/inference.ts b/src/inference.ts index 85cb835..0f3cc7c 100644 --- a/src/inference.ts +++ b/src/inference.ts @@ -76,7 +76,7 @@ export async function simpleInference(request: InferenceRequest): Promise { if (token === undefined) { throw new Error('GITHUB_TOKEN is not set') } + core.setSecret(token) // Get GitHub MCP token (use dedicated token if provided, otherwise fall back to main token) const githubMcpToken = core.getInput('github-mcp-token') || token + core.setSecret(githubMcpToken) + const githubMcpToolsets = core.getInput('github-mcp-toolsets') const endpoint = core.getInput('endpoint') diff --git a/src/mcp.ts b/src/mcp.ts index 616c8fd..4c9a921 100644 --- a/src/mcp.ts +++ b/src/mcp.ts @@ -96,7 +96,7 @@ export async function connectToGitHubMCP(token: string, toolsets?: string): Prom * Execute a single tool call via GitHub MCP */ export async function executeToolCall(githubMcpClient: Client, toolCall: ToolCall): Promise { - core.info(`Executing GitHub MCP tool: ${toolCall.function.name} with args: ${toolCall.function.arguments}`) + core.debug(`Executing GitHub MCP tool: ${toolCall.function.name} with args: ${toolCall.function.arguments}`) try { const args = JSON.parse(toolCall.function.arguments) @@ -106,7 +106,7 @@ export async function executeToolCall(githubMcpClient: Client, toolCall: ToolCal arguments: args, }) - core.info(`GitHub MCP tool ${toolCall.function.name} executed successfully`) + core.debug(`GitHub MCP tool ${toolCall.function.name} executed successfully`) return { tool_call_id: toolCall.id,