[BUG] v2.1.2 breaks secrets in JSON format

[dlavrenuek]

Describe the bug
vault-action v2.1.2 breaks the secrets that are stored as json, for example json web token keys, because the values are now parsed as json instead of a string REF.

To Reproduce
Example secret that is stored as json:

{ "kty": "RSA", "n": ...

Was in v2.1.1 passed to the application in the correct JSON format as

{ "kty": "RSA", "n": ...

In v2.1.2 it is passed to the application as JavaScript object representation, which is not valid JSON:

{ kty: RSA, n: ...

This results in a fatal error in the application due to invalid formatting.

Expected behavior
The secrets in JSON format should not be modified and passed to the application in valid JSON format.

[jasonodonnell]

His @dlavrenuek, this is unfortunate due to the change made on parsing secrets from Vault. We're taking a look at this.

[dlavrenuek]

Hi @jasonodonnell, do you know what the use case for this PR was #173 and how this was tested? From what I can see in the code is that even tho the secret is parsed with JSON.parse it is returned as a string in the end anyway, and I can't find any interaction with the parsed secret in between.

[dlavrenuek]

@jasonodonnell this issue is open for quite some time now, is it planned to fix it?

[MattPumphrey]

Any updates on this, I am unable to use this functionality, and would very much like to.

[fairclothjm]

Hi @dlavrenuek or @MattPumphrey I have been unable to capture this in the e2e tests. See my PR here: #466

If you can help me recreate this issue then I can try to get it fixed. Manual repro steps would be fine too if you can't provide pointers on my tests. Thanks!

[markoojleski-factoryww]

@fairclothjm I think the case (as mentioned above) is if you use 'unquoted' json secret stored in vault such as:
{ "kty": "RSA", "n": "xxx" }

In your tests you are wrapping the json in single quotes, which is not the exact case here
expect(process.env.SECRET_JSON).toBe('{"x":1,"y":2}')

Try to store the unquoted json in Vault/env and run the test
{ "kty": "RSA", "n": "xxx" }

btw, yes I can also confirm that when storing the unquoted json, you will get env variable with double quotes being removed from the secret.

[fairclothjm]

Released Vault GitHub Action v2.7.0 which should fix this regression!

[fairclothjm]

Reopening as we had to revert #466 in #471