search

1Password / load-secrets-action

Load secrets from 1Password into your GitHub Actions jobs
https://developer.1password.com
MIT License
190 stars 25 forks source link

Authentication error with environment variables #71

Closed tomas-kulhanek closed 2 months ago

tomas-kulhanek commented 5 months ago

Whats wrong with this? 

      - uses: 1password/load-secrets-action@v2
        with:
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}

But all actions fall on this message Authentication error with environment variables: you must set either 1) OP_SERVICE_ACCOUNT_TOKEN, or 2) both OP_CONNECT_HOST and OP_CONNECT_TOKEN.

lukehinds commented 3 months ago

The problem seems to be this...

The consts are set here:

https://github.com/1Password/load-secrets-action/blob/a51c02d593af1939941d22c3506b1416ca6be3ec/src/constants.ts#L1-L4

populated below into isConnect1 and isServiceAccount

https://github.com/1Password/load-secrets-action/blob/a51c02d593af1939941d22c3506b1416ca6be3ec/src/utils.ts#L14-L15

Which means the following validation fails as it wants both OP_CONNECT_HOST and OP_SERVICE_ACCOUNT_TOKEN which is the opposite of the documentation?

https://github.com/1Password/load-secrets-action/blob/a51c02d593af1939941d22c3506b1416ca6be3ec/src/utils.ts#L23-L25

I figure this should be an or operator instead?

if (!isConnect || !isServiceAccount) {
    throw new Error(authErr);
}
tomas-kulhanek commented 2 months ago

Its working now