mirror of
https://github.com/docker/login-action.git
synced 2026-07-03 20:59:57 +03:00
skip empty registry-auth secret mask
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
import {afterEach, expect, test} from 'vitest';
|
||||
import {afterEach, expect, test, vi} from 'vitest';
|
||||
import * as path from 'path';
|
||||
|
||||
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
|
||||
@@ -6,6 +6,7 @@ import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
|
||||
import {getAuthList, getInputs} from '../src/context.js';
|
||||
|
||||
afterEach(() => {
|
||||
vi.restoreAllMocks();
|
||||
for (const key of Object.keys(process.env)) {
|
||||
if (key.startsWith('INPUT_')) {
|
||||
delete process.env[key];
|
||||
@@ -33,3 +34,37 @@ test('getAuthList uses the default Docker Hub registry when computing scoped con
|
||||
configDir: path.join(Buildx.configDir, 'config', 'registry-1.docker.io', 'myscope')
|
||||
});
|
||||
});
|
||||
|
||||
test('getAuthList skips secret masking when registry-auth password is absent', async () => {
|
||||
const stdoutWriteSpy = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
|
||||
const [auth] = getAuthList({
|
||||
registry: '',
|
||||
username: '',
|
||||
password: '',
|
||||
scope: '',
|
||||
ecr: '',
|
||||
logout: true,
|
||||
registryAuth: '- registry: public.ecr.aws\n'
|
||||
});
|
||||
|
||||
expect(stdoutWriteSpy.mock.calls.map(call => call[0]).join('')).not.toContain('::add-mask::');
|
||||
expect(auth).toMatchObject({
|
||||
registry: 'public.ecr.aws',
|
||||
ecr: 'auto'
|
||||
});
|
||||
});
|
||||
|
||||
test('getAuthList masks registry-auth password when present', async () => {
|
||||
const stdoutWriteSpy = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
|
||||
getAuthList({
|
||||
registry: '',
|
||||
username: '',
|
||||
password: '',
|
||||
scope: '',
|
||||
ecr: '',
|
||||
logout: true,
|
||||
registryAuth: '- registry: ghcr.io\n username: dbowie\n password: groundcontrol\n'
|
||||
});
|
||||
|
||||
expect(stdoutWriteSpy.mock.calls.map(call => call[0]).join('')).toContain('::add-mask::groundcontrol');
|
||||
});
|
||||
|
||||
+3
-1
@@ -53,7 +53,9 @@ export function getAuthList(inputs: Inputs): Array<Auth> {
|
||||
});
|
||||
} else {
|
||||
auths = (yaml.load(inputs.registryAuth) as Array<Auth>).map(auth => {
|
||||
core.setSecret(auth.password); // redacted in workflow logs
|
||||
if (auth.password) {
|
||||
core.setSecret(auth.password); // redacted in workflow logs
|
||||
}
|
||||
const registry = auth.registry || 'docker.io';
|
||||
return {
|
||||
registry,
|
||||
|
||||
Reference in New Issue
Block a user