From 1e3728861ad53b7274d9f2e4410de21b6106ab25 Mon Sep 17 00:00:00 2001 From: Edward Vella Date: Thu, 4 Feb 2021 13:43:03 +0000 Subject: [PATCH] fix: Check if KeyId is populated if ssm-value-type is SecureString --- .github/workflows/pull_request.yml | 12 ++++++++++-- index.js | 5 ++++- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 024cda80..ac0a8808 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -16,10 +16,18 @@ jobs: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: eu-west-1 - - name: Add to SSM Step - id: add_to_ssm + - name: Add SecureString to SSM + id: add_to_ssm_secure_string uses: ./ with: ssm-path: "/dwardu89/hello" ssm-value: ${{ secrets.SSM_VALUE_EXAMPLE }} aws-region: eu-west-1 + - name: Add String to SSM Step + id: add_to_ssm_string + uses: ./ + with: + ssm-path: "/dwardu89/hello" + ssm-value: ${{ secrets.SSM_VALUE_EXAMPLE }} + ssm-value-type: "String" + aws-region: eu-west-1 diff --git a/index.js b/index.js index 1d691294..758ac649 100644 --- a/index.js +++ b/index.js @@ -15,9 +15,12 @@ try { Value: core.getInput('ssm-value', { required: true }), Type: core.getInput('ssm-value-type', { required: true }), Overwrite: core.getInput('ssm-value-overwrite', { required: true }), - KeyId: core.getInput('ssm-kms-key-id'), Description: core.getInput('ssm-value-description') } + const keyId = core.getInput('ssm-kms-key-id') + if (params['Type'] === "SecureString" && keyId !== '') { + params['KeyId'] = keyId + } ssm.putParameter(params).then(value => { console.log(`Successfully Stored parameter in path [${value}]`); }).catch(reason => {