Skip to content

Commit 43630f4

Browse files
committed
feat(apiSmokeTest): legacy-api-key fallback when TempApiKey is absent
Stacks that have migrated past `apiGateway.apiKeys` in their serverless config to a Lambda authorizer (which accepts x-api-key via env var) have no `TempApiKey-*` line in deploy.out. The action's key-extraction regex misses, `keyMatch` is null, and the action crashes with: Could not find key TypeError: Cannot read properties of null (reading '0') apiSmokeTest action ------------------- - New optional input `legacy-api-key` — used as the x-api-key value when the TempApiKey regex misses in deploy.out. - src/index.js: null-safety on keyMatch and urlMatch; falls back to legacy-api-key input when regex misses. - core.setSecret(key) regardless of source so the value is masked in subsequent log output. "Key: …" info line now prints "Key: <masked>". - dist/index.js + sourcemap rebuilt via yarn build (rollup). deploy-to-aws-uv.yml -------------------- - New optional secret `smoketest-legacy-api-key` — passed through to the action's `legacy-api-key` input. Callers that have moved past TempApiKey can pass their Lambda-authorizer x-api-key value. Backward-compatible ------------------- - legacy-api-key defaults to "". Stacks still emitting TempApiKey-* in deploy.out work unchanged. Downstream ---------- - GNS-Science/nshm-toshi-api/deploy-aws-lambda.yaml will pass smoketest-legacy-api-key after this lands.
1 parent c524657 commit 43630f4

5 files changed

Lines changed: 31846 additions & 18394 deletions

File tree

.github/actions/apiSmokeTest/action.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,14 @@ inputs:
1919
url:
2020
description: Overwrites URL in case the API cannot be reached through the internal URL (this is the case for our apigw APIs)
2121
required: false
22+
legacy-api-key:
23+
description: |
24+
Fallback API key value to use as `x-api-key` when serverless deploy output
25+
doesn't include a `TempApiKey-…` line (e.g. when the stack has moved past
26+
the legacy `apiGateway.apiKeys` config to a Lambda authorizer). Should be
27+
passed as a secret. Auto-masked via `::add-mask::` regardless.
28+
required: false
29+
default: ""
2230

2331
runs:
2432
using: node20

0 commit comments

Comments
 (0)