[FEAT] Add Option: `ignoreKeyNotFound`
Opened this issue · 3 comments
xsfa commented
The Problem
When programmatically passing in vault keys, if the key does not exist I would like the option for the resulting value to be a null or default value.
Proposed Solution
- name: Import Secrets
uses: actions/vault-action@v3.0.0
with:
url: ${{ env.url }}
method: approle
roleId: ${{ env.role_id }}
secretId: ${{ env.secret_id }}
caCertificate: ${{ secrets.vault_ca_cert }}
ignoreKeyNotFound: true # ***
defaultValue: null # *** or 'string', defaults to null
secrets: |
${{ env.secret_path }} credentials.${{ env.PREFIX }}.username | username ;
${{ env.secret_path }} credentials.${{ env.PREFIX }}.password | password ;
Explored Alternatives
- Setting a default value to all possible keys IN VAULT
- Conditionally calling
vault-action
Both approaches are messy/hacky and not scalable
xsfa commented
I looked through the code and have an idea on how to implement this, will try to open a PR in the coming days.
fairclothjm commented
@xsfa Are you aware of the ignoreNotFound option? Does this solve the issue for you?
xsfa commented
@xsfa Are you aware of the ignoreNotFound option? Does this solve the issue for you?
@fairclothjm I tried it, I believe this option only handles cases where the secret is not found, not when a key within the secret is not found.