Merge pull request #12 from IP-Sentinel/main

Merge updates from fork
Bardavon-Health · Jul 10, 2023 · 376bf87 · 376bf87
2 parents d5da63d + 4e4b22e
commit 376bf87
Show file tree

Hide file tree

Showing 3,160 changed files with 784,996 additions and 175,352 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,15 @@
+# Basic set up for three package managers
+
+version: 2
+updates:
+
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 100
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -2,14 +2,16 @@ name: Local-Action-Test
 
 on:
   push:
-    branches: [ develop ]
+    branches: [ develop, main ]
+  pull_request:
+    types: [opened, reopened, synchronize, edited]
 
 jobs:
   test:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3.1.0
 
     - name: Configure AWS credentials
       uses: aws-actions/configure-aws-credentials@v1

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,5 @@
+# Contributing
+
+Like the documentation says, `node_modules` directory needs to be committed in the repo.
+
+Source: [here](https://docs.github.com/en/actions/creating-actions/creating-a-javascript-action#commit-tag-and-push-your-action-to-github)
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Bardavon Health Innovations
+Copyright (c) 2021 Denny Biasiolli at IP Sentinel
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -1,22 +1,27 @@
 # actions-aws-ssm-params-to-env
+
 This is a github action to convert SSM parameters to environment variables. It will handle
 simple JSON structures, or literal values. If you utilize the AWS action for setting
 your credentials or assume a role, you will not need to explicitly include the AWS environment
 variables in this action's step.
 
+**Note**: this is a fork of this unmaintained repository: https://github.com/Bardavon-Health/actions-aws-ssm-params-to-env
+
 
 ## Usage:
 
 ```yaml
-- uses: Bardavon-Health/[email protected]
+- uses: IP-Sentinel/[email protected].1
   env:
     AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # required
     AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # required
     AWS_DEFAULT_REGION: ap-northeast-2 # required
   with:
     ssm-path: /path/to/parameter # required
+    get-children: true # optional, default false
     prefix: SSM_ # optional
     decryption: true # optional, default false
+    mask-values: true # optional, default false
 ```
 ---
 ## Options:
@@ -25,13 +30,20 @@ variables in this action's step.
 AWS Systems Manager Parameter Store path to the parameter
 (e.g. `/path/to/parameter`)
 
+### get-children(optional)
+Boolean wich imposes to get parameters by path, retrieving all children values
+
 ### prefix(optional)
 Add prefix in front of environment variable name
 (e.g. `prefix: SSM_VAR_` will export `SSM_VAR_ENV_VAR="value"`)
 
 ### decryption(optional)
 Boolean which indicates whether the parameter should be decrypted or not
 
+### mask-values(optional)
+Boolean which indicates if extracted values should be masked in
+GitHub action logs
+
 ### **Note on decryption:**
 You should take care in utilizing encrypted values, as GitHub actions will not automatically redact
 the value of such parameters from your logs.

diff --git a/action.yml b/action.yml
@@ -1,19 +1,25 @@
 name: 'AWS SSM parameters to environment variables'
 description: 'load AWS SSM Parameters into environment variables'
-author: 'Bardavon Health Innovations'
+author: 'Denny Biasiolli at IP Sentinel'
 branding:
   icon: 'cloud'
   color: 'orange'
 inputs:
   ssm-path:
     description: 'AWS SSM path for parameter (eg. `/ssm/parameter`)'
     required: true
+  get-children:
+    description: 'Define to get parameters by path, retrieving all children values'
+    required: false
   prefix:
     description: 'Set a prefix on the environment variable'
     required: false
   decryption:
     description: 'Whether the parameter must be decrypted or not'
     required: false
+  mask-values:
+    description: 'Indicates if extracted values should be masked in GitHub action logs'
+    required: false
 runs:
-  using: 'node12'
+  using: 'node16'
   main: 'index.js'
diff --git a/index.js b/index.js
@@ -1,4 +1,3 @@
-const execSync = require('child_process').execSync;
 const core = require('@actions/core');
 const ssm = require('./ssm-helper');
 
@@ -7,29 +6,34 @@ async function run_action()
     try
     {
         const ssmPath = core.getInput('ssm-path', { required: true });
+        const getChildren = core.getInput('get-children') === 'true';
         const prefix = core.getInput('prefix');
         const region = process.env.AWS_DEFAULT_REGION;
         const decryption = core.getInput('decryption') === 'true';
+        const maskValues = core.getInput('mask-values') === 'true';
 
-        paramValue = await ssm.getParameter(ssmPath, decryption, region);
-        parsedValue = parseValue(paramValue);
-        if (typeof(parsedValue) === 'object') // Assume JSON object
+        const params = await ssm.getParameters(ssmPath, getChildren, decryption, region);
+        for (let param of params)
         {
-            core.debug(`parsedValue: ${JSON.stringify(parsedValue)}`);
-            // Assume basic JSON structure
-            for (var key in parsedValue)
+            const parsedValue = parseValue(param.Value);
+            if (typeof(parsedValue) === 'object') // Assume JSON object
             {
-                setEnvironmentVar(prefix + key, parsedValue[key])
+                core.debug(`parsedValue: ${JSON.stringify(parsedValue)}`);
+                // Assume basic JSON structure
+                for (var key in parsedValue)
+                {
+                    setEnvironmentVar(prefix + key, parsedValue[key], maskValues);
+                }
+            }
+            else
+            {
+                core.debug(`parsedValue: ${parsedValue}`);
+                // Set environment variable with ssmPath name as the env variable
+                var split = param.Name.split('/');
+                var envVarName = prefix + split[split.length - 1];
+                core.debug(`Using prefix + end of ssmPath for env var name: ${envVarName}`);
+                setEnvironmentVar(envVarName, parsedValue, maskValues);
             }
-        }
-        else
-        {
-            core.debug(`parsedValue: ${parsedValue}`);
-            // Set environment variable with ssmPath name as the env variable
-            var split = ssmPath.split('/');
-            var envVarName = prefix + split[split.length - 1];
-            core.debug(`Using prefix + end of ssmPath for env var name: ${envVarName}`);
-            setEnvironmentVar(envVarName, parsedValue);
         }
     }
     catch (e)
@@ -52,11 +56,12 @@ function parseValue(val)
     }
 }
 
-function setEnvironmentVar(key, value)
+function setEnvironmentVar(key, value, maskValue)
 {
-    cmdString = `echo "${key}=${value}" >> $GITHUB_ENV`;
-    core.debug(`Running cmd: ${cmdString}`);
-    execSync(cmdString, {stdio: 'inherit'});
+    if (maskValue) {
+        core.setSecret(value);
+    }
+    core.exportVariable(key, value);
 }
 
 run_action();
diff --git a/node_modules/.bin/uuid b/node_modules/.bin/uuid