Compare commits

..

6 Commits

Author SHA1 Message Date
Francesco Renzi c44e73f0a5 Catch multiple instances 2023-05-23 15:03:32 +01:00
Francesco Renzi 0e36a96ee5 Apply linting 2023-05-23 14:11:05 +01:00
Francesco Renzi 38e6785d19 Apply linting 2023-05-23 13:45:22 +01:00
Francesco Renzi 9fccf58073 Simplify regex 2023-05-23 13:29:06 +01:00
Francesco Renzi 63ffaaf25e Update docs/commands.md
Co-authored-by: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
2023-05-23 13:28:09 +01:00
Francesco Renzi 5ccbd5f448 Add support for multi-line secrets in setSecret 2023-05-23 13:28:09 +01:00
5 changed files with 17 additions and 28 deletions
+3 -12
View File
@@ -50,18 +50,9 @@ function setSecret(secret: string): void {}
Now, future logs containing BAR will be masked. E.g. running `echo "Hello FOO BAR World"` will now print `Hello FOO **** World`.
**WARNING** The add-mask and setSecret commands only support single-line
secrets or multi-line secrets that have been escaped. `@actions/core`
`setSecret` will escape the string you provide by default. When an escaped
multi-line string is provided the whole string and each of its lines
individually will be masked. For example you can mask `first\nsecond\r\nthird`
using:
```sh
echo "::add-mask::first%0Asecond%0D%0Athird"
```
This will mask `first%0Asecond%0D%0Athird`, `first`, `second` and `third`.
**WARNING** The add-mask command only supports single-line secrets. To register
a multi-line secret, the recommended practice is to register each line individually. Otherwise, it will
not be masked. `@actions/core >= 1.11.0` `setSecret` will perform this automatically.
**WARNING** Do **not** mask short values if you can avoid it, it could render your output unreadable (and future steps' output as well).
For example, if you mask the letter `l`, running `echo "Hello FOO BAR World"` will now print `He*********o FOO BAR Wor****d`
+8 -3
View File
@@ -161,10 +161,15 @@ describe('@actions/core', () => {
it('setSecret produces the correct command', () => {
core.setSecret('secret val')
core.setSecret('multi\nline\r\nsecret')
assertWriteCalls([`::add-mask::secret val${os.EOL}`])
})
it('setSecret splits multi line secrets into multiple commands', () => {
core.setSecret('first\nsecond\r\nthird')
assertWriteCalls([
`::add-mask::secret val${os.EOL}`,
`::add-mask::multi%0Aline%0D%0Asecret${os.EOL}`
`::add-mask::first${os.EOL}`,
`::add-mask::second${os.EOL}`,
`::add-mask::third${os.EOL}`
])
})
+5 -1
View File
@@ -97,7 +97,11 @@ export function exportVariable(name: string, val: any): void {
* @param secret value of the secret
*/
export function setSecret(secret: string): void {
issueCommand('add-mask', {}, secret)
for (const part of secret.split(/[\r\n]+/)) {
if (part) {
issueCommand('add-mask', {}, part)
}
}
}
/**
@@ -91,12 +91,6 @@ describe('proxy', () => {
expect(proxyUrl).toBeDefined()
})
it('getProxyUrl returns proxyUrl if http_proxy has no protocol', () => {
process.env['http_proxy'] = 'myproxysvr'
const proxyUrl = pm.getProxyUrl(new URL('http://github.com'))
expect(proxyUrl?.toString()).toBe('http://myproxysvr/')
})
it('checkBypass returns true if host as no_proxy list', () => {
process.env['no_proxy'] = 'myserver'
const bypass = pm.checkBypass(new URL('https://myserver'))
+1 -6
View File
@@ -14,12 +14,7 @@ export function getProxyUrl(reqUrl: URL): URL | undefined {
})()
if (proxyVar) {
try {
return new URL(proxyVar)
} catch {
if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://'))
return new URL(`http://${proxyVar}`)
}
return new URL(proxyVar)
} else {
return undefined
}