Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] You must provide a name for the output key when using json selectors #363

Closed
mkania-cisco opened this issue Sep 8, 2022 · 2 comments
Labels
bug Something isn't working

Comments

@mkania-cisco
Copy link

mkania-cisco commented Sep 8, 2022

Describe the bug
You must provide a name for the output key when using json selectors. Input: "kv/data/gh-saas aws_external-s3-dt-v2_access_key_id"

To Reproduce

jobs:
  # This workflow contains a single job called "build"
  get-secrets:
    # The type of runner that the job will run on
    runs-on: self-hosted
    permissions:
      id-token: write
      contents: read
    steps:
      - name: Retrieve secret from Vault
        id: secrets
        uses: 'hashicorp/vault-action@v2.4.2'
        with:
          method: jwt
          url: ***
          namespace: ***
          role: gh-saas-production
          exportToken: true
          secrets: |
            kv/data/gh-saas aws_external-s3-dt-v2_access_key_id;

Expected behavior
Getting value of key even if key has: _, -, . inside.

Log Output

##[debug]Evaluating condition for step: 'Retrieve secret from Vault'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Retrieve secret from Vault
##[debug]Loading inputs
##[debug]Loading env
Run hashicorp/vault-action@v2.4.2
::group::Get Vault Secrets
Get Vault Secrets
  ::endgroup::
Error: You must provide a name for the output key when using json selectors. Input: "kv/data/gh-saas aws_external-s3-dt-v2_access_key_id"
##[debug]Node Action run completed with exit code 1
##[debug]Finishing: Retrieve secret from Vault

Additional context

  • what's the accepted naming of the keys?
  • I see similar issue when key has dot inside like, pass.word
  • escaping does not help
@mkania-cisco mkania-cisco added the bug Something isn't working label Sep 8, 2022
@mkania-cisco mkania-cisco changed the title [BUG] [BUG] You must provide a name for the output key when using json selectors Sep 8, 2022
@mkania-cisco
Copy link
Author

I suppose it's simply due to Github naming convention: https://docs.github.com/en/actions/security-guides/encrypted-secrets#naming-your-secrets

@fairclothjm
Copy link
Contributor

Hi @mkania-cisco! I am sorry you are having trouble here!

It seems the answer is in https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#naming-your-secrets as you pointed out. You could try a few options:

  1. rename the key to not include invalid characters for GitHub actions (in your case I believe this is dashes)

  2. explicitly set an output variable name that is supported by GH as per the above link

I am going to close this issue as this is the expected behavior for GH actions. If you continue to have issues please feel free to open another issue. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants