[FEAT] The `secrets` input should be optional.
juicemia opened this issue · 3 comments
Is your feature request related to a problem? Please describe.
Some workflows need only to get a token from Vault so that some program may use them. An example of this
is when using Terraform to spin up infrastructure in GCP with the Google Cloud Secrets Engine. In this case,
when running Terraform, VAULT_TOKEN
is set after being retrieved with something like Approle auth, and
a GCP service account token is generated by the backend after reading a certain path in Terraform. So the
use case here is only getting a token from Vault via Approle auth, not actually reading a secret.
Describe the solution you'd like
For the secret
input to be optional.
Describe alternatives you've considered
- Using
curl
to get the token and then passing that along by setting the environment variable.curl
isn't ideal
because it's not easy to handle different types of failures when using it. - Just fetching a secret and never actually using it.
Additional context
I found this Github issue but in this case the person
who opened it was just confused so they reported a bug.
Hmm, "secrets" is already optional: https://github.com/hashicorp/vault-action#reference ...
Ah that's good I'll double check my version. Sorry for the duplicate feature request. I could swear I searched up and down for something related to this but I didn't find it.