fix to make action still run

2026-03-12 18:07:10 -04:00 · 2025-06-04 15:45:40 -07:00
parent 7a01614d60
commit aeb75711d0
6 changed files with 7 additions and 15 deletions
--- a/README.md
+++ b/README.md
@@ -112,7 +112,7 @@ See [action.yml](./action.yml) for more detail.
 | inline-session-policy     | You may further restrict the assumed role policy by defining an inline policy here.               |    No    |
 | managed-session-policies  | You may further restrict the assumed role policy by specifying a managed policy here.             |    No    |
 | output-credentials        | When set, outputs fetched credentials as action step output. (Outputs access-key-id, secret-access-key, session-token, and expiration). Defaults to false.                  |    No    |
-| output-env-credentials       | When set, exports fetched credentials as environment variables (AWS_REGION, AWS_DEFAULT_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN). Defaults to true. Set to false if you need to avoid setting/changing env variables. (You'd probably want to use output-credentials if you disable this). |    No    |
+| output-env-credentials       | When set, outputs fetched credentials as environment variables (AWS_REGION, AWS_DEFAULT_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN). Defaults to true. Set to false if you need to avoid setting/changing env variables. You'd probably want to use output-credentials if you disable this. (NOTE: Setting to false will prevent the aws-account-id from being exported as a step output). |    No    |
 | unset-current-credentials | When set, attempts to unset any existing credentials in your action runner.                       |    No    |
 | disable-retry             | Disabled retry/backoff logic for assume role calls. By default, retries are enabled.              |    No    |
 | retry-max-attempts        | Limits the number of retry attempts before giving up. Defaults to 12.                             |    No    |
--- a/dist/cleanup/index.js
+++ b/dist/cleanup/index.js
@@ -46372,9 +46372,7 @@ function exportRegion(region, outputEnvCredentials) {
 // Obtains account ID from STS Client and sets it as output
 async function exportAccountId(credentialsClient, maskAccountId) {
    const client = credentialsClient.stsClient;
-    core.info('trying to get account id');
    const identity = await client.send(new client_sts_1.GetCallerIdentityCommand({}));
-    core.info('got account id');
    const accountId = identity.Account;
    if (!accountId) {
        throw new Error('Could not get Account ID from STS. Did you set credentials?');
--- a/dist/index.js
+++ b/dist/index.js
@@ -55,7 +55,6 @@ class CredentialsClient {
        }
    }
    async loadCredentials() {
-        (0, core_1.info)('trying to load credentials');
        const client = new client_sts_1.STSClient({
            requestHandler: this.requestHandler ? this.requestHandler : undefined,
        });
@@ -366,9 +365,7 @@ function exportRegion(region, outputEnvCredentials) {
 // Obtains account ID from STS Client and sets it as output
 async function exportAccountId(credentialsClient, maskAccountId) {
    const client = credentialsClient.stsClient;
-    core.info('trying to get account id');
    const identity = await client.send(new client_sts_1.GetCallerIdentityCommand({}));
-    core.info('got account id');
    const accountId = identity.Account;
    if (!accountId) {
        throw new Error('Could not get Account ID from STS. Did you set credentials?');
@@ -670,9 +667,9 @@ async function run() {
            if (!process.env.GITHUB_ACTIONS || AccessKeyId) {
                await credentialsClient.validateCredentials(roleCredentials.Credentials?.AccessKeyId);
            }
-            core.info(`validated credentials`);
-            await (0, helpers_1.exportAccountId)(credentialsClient, maskAccountId);
-            core.info(`exported account id`);
+            if (outputEnvCredentials) {
+                await (0, helpers_1.exportAccountId)(credentialsClient, maskAccountId);
+            }
        }
        else {
            core.info('Proceeding with IAM user credentials');
--- a/src/CredentialsClient.ts
+++ b/src/CredentialsClient.ts
@@ -63,7 +63,6 @@ export class CredentialsClient {
  }

  private async loadCredentials() {
-    info('trying to load credentials');
    const client = new STSClient({
      requestHandler: this.requestHandler ? this.requestHandler : undefined,
    });
--- a/src/helpers.ts
+++ b/src/helpers.ts
@@ -96,9 +96,7 @@ export function exportRegion(region: string, outputEnvCredentials?: boolean) {
 // Obtains account ID from STS Client and sets it as output
 export async function exportAccountId(credentialsClient: CredentialsClient, maskAccountId?: boolean) {
  const client = credentialsClient.stsClient;
-  core.info('trying to get account id');
  const identity = await client.send(new GetCallerIdentityCommand({}));
-  core.info('got account id');
  const accountId = identity.Account;
  if (!accountId) {
    throw new Error('Could not get Account ID from STS. Did you set credentials?');
--- a/src/index.ts
+++ b/src/index.ts
@@ -203,9 +203,9 @@ export async function run() {
      if (!process.env.GITHUB_ACTIONS || AccessKeyId) {
        await credentialsClient.validateCredentials(roleCredentials.Credentials?.AccessKeyId);
      }
-      core.info(`validated credentials`);
-      await exportAccountId(credentialsClient, maskAccountId);
-      core.info(`exported account id`);
+      if (outputEnvCredentials) {
+        await exportAccountId(credentialsClient, maskAccountId);
+      }
    } else {
      core.info('Proceeding with IAM user credentials');
    }