mirror of
https://github.com/docker/login-action.git
synced 2026-07-03 17:32:51 +00:00
skip empty registry-auth secret mask
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
@@ -1,4 +1,4 @@
|
|||||||
import {afterEach, expect, test} from 'vitest';
|
import {afterEach, expect, test, vi} from 'vitest';
|
||||||
import * as path from 'path';
|
import * as path from 'path';
|
||||||
|
|
||||||
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
|
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
|
||||||
@@ -6,6 +6,7 @@ import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
|
|||||||
import {getAuthList, getInputs} from '../src/context.js';
|
import {getAuthList, getInputs} from '../src/context.js';
|
||||||
|
|
||||||
afterEach(() => {
|
afterEach(() => {
|
||||||
|
vi.restoreAllMocks();
|
||||||
for (const key of Object.keys(process.env)) {
|
for (const key of Object.keys(process.env)) {
|
||||||
if (key.startsWith('INPUT_')) {
|
if (key.startsWith('INPUT_')) {
|
||||||
delete process.env[key];
|
delete process.env[key];
|
||||||
@@ -33,3 +34,37 @@ test('getAuthList uses the default Docker Hub registry when computing scoped con
|
|||||||
configDir: path.join(Buildx.configDir, 'config', 'registry-1.docker.io', 'myscope')
|
configDir: path.join(Buildx.configDir, 'config', 'registry-1.docker.io', 'myscope')
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test('getAuthList skips secret masking when registry-auth password is absent', async () => {
|
||||||
|
const stdoutWriteSpy = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
|
||||||
|
const [auth] = getAuthList({
|
||||||
|
registry: '',
|
||||||
|
username: '',
|
||||||
|
password: '',
|
||||||
|
scope: '',
|
||||||
|
ecr: '',
|
||||||
|
logout: true,
|
||||||
|
registryAuth: '- registry: public.ecr.aws\n'
|
||||||
|
});
|
||||||
|
|
||||||
|
expect(stdoutWriteSpy.mock.calls.map(call => call[0]).join('')).not.toContain('::add-mask::');
|
||||||
|
expect(auth).toMatchObject({
|
||||||
|
registry: 'public.ecr.aws',
|
||||||
|
ecr: 'auto'
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
test('getAuthList masks registry-auth password when present', async () => {
|
||||||
|
const stdoutWriteSpy = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
|
||||||
|
getAuthList({
|
||||||
|
registry: '',
|
||||||
|
username: '',
|
||||||
|
password: '',
|
||||||
|
scope: '',
|
||||||
|
ecr: '',
|
||||||
|
logout: true,
|
||||||
|
registryAuth: '- registry: ghcr.io\n username: dbowie\n password: groundcontrol\n'
|
||||||
|
});
|
||||||
|
|
||||||
|
expect(stdoutWriteSpy.mock.calls.map(call => call[0]).join('')).toContain('::add-mask::groundcontrol');
|
||||||
|
});
|
||||||
|
|||||||
@@ -53,7 +53,9 @@ export function getAuthList(inputs: Inputs): Array<Auth> {
|
|||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
auths = (yaml.load(inputs.registryAuth) as Array<Auth>).map(auth => {
|
auths = (yaml.load(inputs.registryAuth) as Array<Auth>).map(auth => {
|
||||||
core.setSecret(auth.password); // redacted in workflow logs
|
if (auth.password) {
|
||||||
|
core.setSecret(auth.password); // redacted in workflow logs
|
||||||
|
}
|
||||||
const registry = auth.registry || 'docker.io';
|
const registry = auth.registry || 'docker.io';
|
||||||
return {
|
return {
|
||||||
registry,
|
registry,
|
||||||
|
|||||||
Reference in New Issue
Block a user