Extend cleanup list if list already contains items (#236)

rmennes · web-flow · commit c8be316347c0 · 2025-04-15T09:18:18.000-07:00
* Extend cleanup list if list already contains items

* Fix merge conflict
diff --git a/__tests__/index.test.ts b/__tests__/index.test.ts
@@ -258,6 +258,93 @@ describe('Test main action', () => {
         nameTransformationSpy.mockClear();
     });
 
+
+    test('Keep existing cleanup list', async() => {
+        // Set existing cleanup list
+        process.env = {...process.env, SECRETS_LIST_CLEAN_UP: JSON.stringify(["EXISTING_TEST_SECRET", "EXISTING_TEST_SECRET_DB_HOST"])};
+
+        const getInputSpy = jest.spyOn(core, 'getInput');
+        getInputSpy.mockImplementation((name) => {
+            switch(name) {
+                case 'auto-select-family-attempt-timeout':
+                    return DEFAULT_TIMEOUT;
+                case 'name-transformation':
+                    return 'uppercase';
+                default:
+                    return '';
+            }
+        });
+
+        const booleanSpy = jest.spyOn(core, "getBooleanInput").mockReturnValue(true);
+        const multilineInputSpy = jest.spyOn(core, "getMultilineInput").mockReturnValue(
+            [TEST_NAME, TEST_INPUT_3, TEST_ARN_INPUT, BLANK_ALIAS_INPUT]
+        );
+
+
+        // Mock all Secrets Manager calls
+        smMockClient
+            .on(GetSecretValueCommand, { SecretId: TEST_NAME_1})
+            .resolves({ Name: TEST_NAME_1, SecretString: SECRET_1 })
+            .on(GetSecretValueCommand, {SecretId: TEST_NAME_2 })
+            .resolves({  Name: TEST_NAME_2, SecretString: SECRET_2 })
+            .on(GetSecretValueCommand, { SecretId: TEST_NAME_3 })
+            .resolves({ Name: TEST_NAME_3, SecretString: SECRET_3 })
+            .on(GetSecretValueCommand, { // Retrieve arn secret
+                SecretId: TEST_ARN_1,
+            })
+            .resolves({
+                Name: TEST_NAME_4,
+                SecretString: SECRET_4
+            })
+            .on(ListSecretsCommand)
+            .resolves({
+                SecretList: [
+                    {
+                        Name: TEST_NAME_1
+                    },
+                    {
+                        Name: TEST_NAME_2
+                    }
+                ]
+            })
+            .on(GetSecretValueCommand, { SecretId: BLANK_NAME })
+            .resolves({ Name: BLANK_NAME, SecretString: SECRET_FOR_BLANK });
+
+        await run();
+        expect(core.setFailed).not.toHaveBeenCalled();
+        expect(core.exportVariable).toHaveBeenCalledTimes(10);
+
+        // JSON secrets should be parsed
+        expect(core.exportVariable).toHaveBeenCalledWith('TEST_ONE_USER', 'admin');
+        expect(core.exportVariable).toHaveBeenCalledWith('TEST_ONE_PASSWORD', 'adminpw');
+        expect(core.exportVariable).toHaveBeenCalledWith('TEST_TWO_USER', 'integ');
+        expect(core.exportVariable).toHaveBeenCalledWith('TEST_TWO_PASSWORD', 'integpw');
+
+        expect(core.exportVariable).toHaveBeenCalledWith(ENV_NAME_3, SECRET_3);
+        expect(core.exportVariable).toHaveBeenCalledWith(ENV_NAME_4, SECRET_4);
+
+        // Case when alias is blank, but still comma delimited in workflow and json is parsed
+        // ex: ,test5/secret
+        expect(core.exportVariable).toHaveBeenCalledWith("USERNAME", "integ");
+        expect(core.exportVariable).toHaveBeenCalledWith("PASSWORD", "integpw");
+        expect(core.exportVariable).toHaveBeenCalledWith("CONFIG_ID1", "example1");
+
+        expect(core.exportVariable).toHaveBeenCalledWith(
+            CLEANUP_NAME,
+            JSON.stringify([
+                'EXISTING_TEST_SECRET', 'EXISTING_TEST_SECRET_DB_HOST',
+                'TEST_ONE_USER', 'TEST_ONE_PASSWORD',
+                'TEST_TWO_USER', 'TEST_TWO_PASSWORD',
+                ENV_NAME_3,
+                ENV_NAME_4,
+                "USERNAME", "PASSWORD", "CONFIG_ID1"
+            ])
+        );
+
+        booleanSpy.mockClear();
+        multilineInputSpy.mockClear();
+        getInputSpy.mockClear();
+    })
     
     test('handles invalid timeout string', async () => {
         const timeoutSpy = jest.spyOn(core, 'getInput').mockReturnValue(INVALID_TIMEOUT_STRING);
diff --git a/src/index.ts b/src/index.ts
@@ -76,6 +76,12 @@ export async function run(): Promise<void> {
             } 
         }
 
+        // Get existing clean up list
+        const existingCleanupSecrets = process.env[CLEANUP_NAME];
+        if (existingCleanupSecrets) {
+            secretsToCleanup = [...JSON.parse(existingCleanupSecrets), ...secretsToCleanup];
+        }
+
         // Export the names of variables to clean up after completion
         core.exportVariable(CLEANUP_NAME, JSON.stringify(secretsToCleanup));
 

Original file line number	Diff line number	Diff line change
`@@ -76,6 +76,12 @@ export async function run(): Promise<void> {`
`76`	`76`	`}`
`77`	`77`	`}`
`78`	`78`
	`79`	`+ // Get existing clean up list`
	`80`	`+ const existingCleanupSecrets = process.env[CLEANUP_NAME];`
	`81`	`+ if (existingCleanupSecrets) {`
	`82`	`+ secretsToCleanup = [...JSON.parse(existingCleanupSecrets), ...secretsToCleanup];`
	`83`	`+ }`
	`84`	`+`
`79`	`85`	`// Export the names of variables to clean up after completion`
`80`	`86`	`core.exportVariable(CLEANUP_NAME, JSON.stringify(secretsToCleanup));`
`81`	`87`