From 5fbd22a5295245f14ab7ec5f320a5effc53c3736 Mon Sep 17 00:00:00 2001
From: Szymon Draszkiewicz <s.draszkiewicz@piwik.pro>
Date: Tue, 25 Jun 2024 07:55:02 +0200
Subject: [PATCH] DEVOPS-7881 add mask

---
 1password/get-item-field/action.yaml | 32 ----------------------------
 1password/get-kubeconfig/action.yaml | 18 ++++++++++------
 2 files changed, 11 insertions(+), 39 deletions(-)
 delete mode 100644 1password/get-item-field/action.yaml

diff --git a/1password/get-item-field/action.yaml b/1password/get-item-field/action.yaml
deleted file mode 100644
index 9813361..0000000
--- a/1password/get-item-field/action.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-name: 'Get item field from 1Password'
-description: "Gets a field from specified 1Password vault/item"
-inputs:
-  op-sa-token:
-    required: true
-    description: "1Password Service Account Token"
-  op-vault:
-    required: true
-    description: "1Password Vault"
-  op-item:
-    required: true
-    description: "1Password Item"
-  op-field:
-    required: true
-    description: "1Password Item.Field"
-outputs:
-  field:
-    description: Value from 1Password Item.Field
-    value: ${{ steps.get-item-field.outputs.field }}
-
-runs:
-  using: "composite"
-  steps:
-  - name: Install 1Password CLI
-    uses: 1password/install-cli-action@v1
-  
-  - name: Get item field
-    id: get-item-field
-    shell: bash
-    env:
-      OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op-sa-token }}
-    run: echo "field<<EOF"$'\n'"$(op item get ${{ inputs.op-item }} --vault=${{ inputs.op-vault }} --fields label=${{ inputs.op-field }})"$'\n'EOF >> "$GITHUB_OUTPUT"
diff --git a/1password/get-kubeconfig/action.yaml b/1password/get-kubeconfig/action.yaml
index ec30e40..b75440f 100644
--- a/1password/get-kubeconfig/action.yaml
+++ b/1password/get-kubeconfig/action.yaml
@@ -19,16 +19,20 @@ outputs:
 runs:
   using: "composite"
   steps:
+  - name: Install 1Password CLI
+    uses: 1password/install-cli-action@v1
+
   - name: Get Kubeconfig from 1Password
     id: get-kubeconfig
-    uses: PiwikPRO/actions/1password/get-item-field@master
-    with:
-      op-sa-token: ${{ inputs.op-sa-token }}
-      op-vault: ${{ inputs.op-vault }}
-      op-item: ${{ inputs.op-item }}
-      op-field: kubeconfig
+    env:
+      OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op-sa-token }}
+    shell: bash
+    run: | 
+      encoded=$(op item get ${{ inputs.op-item }} --vault=${{ inputs.op-vault }} --fields label=kubeconfig| tr -d "\n" )
+      echo "::add-mask::$encoded"
+      echo "encoded<<EOF"$'\n'"$encoded"$'\n'EOF >> "$GITHUB_OUTPUT"
   
   - name: Decode kubeconfig
     id: decode-kubeconfig
     shell: bash
-    run: echo "kubeconfig<<EOF"$'\n'"$(echo '${{ steps.get-kubeconfig.outputs.field }}' | tr -d "\"" | base64 --decode)"$'\n'EOF >> "$GITHUB_OUTPUT"
+    run: echo "kubeconfig<<EOF"$'\n'"$(echo '${{ steps.get-kubeconfig.outputs.encoded }}' | tr -d "\"" | base64 --decode)"$'\n'EOF >> "$GITHUB_OUTPUT"