Update CODEOWNERS

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.0.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/CODEOWNERS

@@ -1 +1 @@
-* @Azure/aks-atlanta
+* @Azure/cloud-native-github-action-owners

.github/ISSUE_TEMPLATE/bugReportForm.yml

@@ -0,0 +1,36 @@
+name: Bug Report
+description: File a bug report specifying all inputs you provided for the action, we will respond to this thread with any questions.
+title: 'Bug: '
+labels: ['bug', 'triage']
+assignees: '@Azure/aks-atlanta'
+body:
+   - type: textarea
+     id: What-happened
+     attributes:
+        label: What happened?
+        description: Tell us what happened and how is it different from the expected?
+        placeholder: Tell us what you see!
+     validations:
+        required: true
+   - type: checkboxes
+     id: Version
+     attributes:
+        label: Version
+        options:
+           - label: I am using the latest version
+             required: true
+   - type: input
+     id: Runner
+     attributes:
+        label: Runner
+        description: What runner are you using?
+        placeholder: Mention the runner info (self-hosted, operating system)
+     validations:
+        required: true
+   - type: textarea
+     id: Logs
+     attributes:
+        label: Relevant log output
+        description: Run in debug mode for the most verbose logs. Please feel free to attach a screenshot of the logs
+     validations:
+        required: true

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,6 @@
+blank_issues_enabled: false
+contact_links:
+   - name: GitHub Action "k8s-set-context" Support
+     url: https://github.com/Azure/k8s-set-context
+     security: https://github.com/Azure/k8s-set-context/blob/main/SECURITY.md
+     about: Please ask and answer questions here.

.github/ISSUE_TEMPLATE/featureRequestForm.yml

@@ -0,0 +1,13 @@
+name: Feature Request
+description: File a Feature Request form, we will respond to this thread with any questions.
+title: 'Feature Request: '
+labels: ['Feature']
+assignees: '@Azure/aks-atlanta'
+body:
+   - type: textarea
+     id: Feature_request
+     attributes:
+        label: Feature request
+        description: Provide example functionality and links to relevant docs
+     validations:
+        required: true

.github/ISSUE_TEMPLATE/issue--bug-report---feature-request.md

@@ -1,7 +1,7 @@
 ---
-name: "Issue: Bug Report / Feature Request"
+name: 'Issue: Bug Report / Feature Request'
 about: Create a report to help us improve
-title: ""
+title: ''
 labels: need-to-triage
-assignees: "@Azure/aks-atlanta"
+assignees: '@Azure/aks-atlanta'
 ---

.github/dependabot.yml

@@ -0,0 +1,18 @@
+version: 2
+updates:
+   - package-ecosystem: npm
+     directory: /
+     schedule:
+        interval: weekly
+     groups:
+        actions:
+           patterns:
+              - '*'
+   - package-ecosystem: github-actions
+     directory: .github/workflows
+     schedule:
+        interval: weekly
+     groups:
+        actions:
+           patterns:
+              - '*'

.github/workflows/codeql.yml

@@ -0,0 +1,91 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: 'CodeQL Advanced'
+
+on:
+   push:
+      branches: ['main']
+   pull_request:
+      branches: ['main']
+   schedule:
+      - cron: '15 9 * * 0'
+
+jobs:
+   analyze:
+      name: Analyze (${{ matrix.language }})
+      # Runner size impacts CodeQL analysis time. To learn more, please see:
+      #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+      #   - https://gh.io/supported-runners-and-hardware-resources
+      #   - https://gh.io/using-larger-runners (GitHub.com only)
+      # Consider using larger runners or machines with greater resources for possible analysis time improvements.
+      runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+      permissions:
+         # required for all workflows
+         security-events: write
+
+         # required to fetch internal or private CodeQL packs
+         packages: read
+
+         # only required for workflows in private repositories
+         actions: read
+         contents: read
+
+      strategy:
+         fail-fast: false
+         matrix:
+            include:
+               - language: javascript-typescript
+                 build-mode: none
+            # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
+            # Use `c-cpp` to analyze code written in C, C++ or both
+            # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
+            # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+            # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
+            # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
+            # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
+            # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+      steps:
+         - name: Checkout repository
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+         # Initializes the CodeQL tools for scanning.
+         - name: Initialize CodeQL
+           uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
+           with:
+              languages: ${{ matrix.language }}
+              build-mode: ${{ matrix.build-mode }}
+              # If you wish to specify custom queries, you can do so here or in a config file.
+              # By default, queries listed here will override any specified in a config file.
+              # Prefix the list here with "+" to use these queries and those in the config file.
+
+              # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+              # queries: security-extended,security-and-quality
+
+         # If the analyze step fails for one of the languages you are analyzing with
+         # "We were unable to automatically build your code", modify the matrix above
+         # to set the build mode to "manual" for that language. Then modify this step
+         # to build your code.
+         # ℹ️ Command-line programs to run using the OS shell.
+         # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+         - if: matrix.build-mode == 'manual'
+           shell: bash
+           run: |
+              echo 'If you are using a "manual" build mode for one or more of the' \
+                'languages you are analyzing, replace this with the commands to build' \
+                'your code, for example:'
+              echo '  make bootstrap'
+              echo '  make release'
+              exit 1
+         - name: Perform CodeQL Analysis
+           uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
+           with:
+              category: '/language:${{matrix.language}}'

.github/workflows/default-labels.yml

@@ -2,34 +2,34 @@ name: Setting Default Labels
 
 # Controls when the action will run.
 on:
-  schedule:
-    - cron: "0 0/3 * * *"
+   schedule:
+      - cron: '0 0/3 * * *'
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
-  build:
-    # The type of runner that the job will run on
-    runs-on: ubuntu-latest
+   build:
+      # The type of runner that the job will run on
+      runs-on: ubuntu-latest
 
-    # Steps represent a sequence of tasks that will be executed as part of the job
-    steps:
-      - uses: actions/stale@v3
-        name: Setting Issue as Idle
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          stale-issue-message: "This issue is idle because it has been open for 14 days with no activity."
-          stale-issue-label: "idle"
-          days-before-stale: 14
-          days-before-close: -1
-          operations-per-run: 100
-          exempt-issue-labels: "backlog"
+      # Steps represent a sequence of tasks that will be executed as part of the job
+      steps:
+         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
+           name: Setting Issue as Idle
+           with:
+              repo-token: ${{ secrets.GITHUB_TOKEN }}
+              stale-issue-message: 'This issue is idle because it has been open for 14 days with no activity.'
+              stale-issue-label: 'idle'
+              days-before-stale: 14
+              days-before-close: -1
+              operations-per-run: 100
+              exempt-issue-labels: 'backlog'
 
-      - uses: actions/stale@v3
-        name: Setting PR as Idle
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          stale-pr-message: "This PR is idle because it has been open for 14 days with no activity."
-          stale-pr-label: "idle"
-          days-before-stale: 14
-          days-before-close: -1
-          operations-per-run: 100
+         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
+           name: Setting PR as Idle
+           with:
+              repo-token: ${{ secrets.GITHUB_TOKEN }}
+              stale-pr-message: 'This PR is idle because it has been open for 14 days with no activity.'
+              stale-pr-label: 'idle'
+              days-before-stale: 14
+              days-before-close: -1
+              operations-per-run: 100

.github/workflows/integration-tests.yml

@@ -1,143 +1,144 @@
 name: Run Integration Tests
 on:
-  pull_request:
-    branches:
-      - master
-      - "releases/*"
-  push:
-    branches:
-      - master
-      - "releases/*"
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
 
 jobs:
-  kubeconfig-method-integration-test:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Source Code
-        id: checkout-code
-        uses: actions/checkout@v2
-      - name: Npm Install and Build
-        id: npm-build
-        run: |
-          npm install
-          npm run build
-      - name: Set Context
-        uses: ./
-        with:
-          method: kubeconfig
-          context: exp-scratch
-          kubeconfig: |
-            apiVersion: v1
-            clusters:
-              - cluster:
-                  certificate-authority: fake-ca-file
-                  server: https://1.2.3.4
-                name: development
-              - cluster:
-                  insecure-skip-tls-verify: true
-                  server: https://5.6.7.8
-                name: scratch
-            contexts:
-              - context:
-                  cluster: development
-                  namespace: frontend
-                  user: developer
-                name: dev-frontend
-              - context:
-                  cluster: development
-                  namespace: storage
-                  user: developer
-                name: dev-storage
-              - context:
-                  cluster: scratch
-                  namespace: default
-                  user: experimenter
-                name: exp-scratch
-            current-context: ""
-            kind: Config
-            preferences: {}
-            users:
-              - name: developer
-                user:
-                  client-certificate: fake-cert-file
-                  client-key: fake-key-file
-              - name: experimenter
-                user:
-                  password: some-password
-                  username: exp
-      - name: Vertify Results
-        run: |
-          echo "$EXPECTED_KC" > /tmp/expected_kc.json
-          DIFF=$(diff <(jq -S -c . $KUBECONFIG) <(jq -S -c . /tmp/expected_kc.json))
-          if [ "$DIFF" != "" ]; then exit 1; else echo -e "Kubeconfig matches expected"; fi
-        env:
-          EXPECTED_KC: |
-            {
-                "apiVersion": "v1",
-                "clusters": [
-                    {
-                        "cluster": {
-                            "certificate-authority": "fake-ca-file",
-                            "insecure-skip-tls-verify": false,
-                            "server": "https://1.2.3.4"
-                        },
-                        "name": "development"
-                    },
-                    {
-                        "cluster": {
-                            "insecure-skip-tls-verify": true,
-                            "server": "https://5.6.7.8"
-                        },
-                        "name": "scratch"
-                    }
-                ],
-                "contexts": [
-                    {
-                        "context": {
-                            "cluster": "development",
-                            "name": "dev-frontend",
-                            "namespace": "frontend",
-                            "user": "developer"
-                        },
-                        "name": "dev-frontend"
-                    },
-                    {
-                        "context": {
-                            "cluster": "development",
-                            "name": "dev-storage",
-                            "namespace": "storage",
-                            "user": "developer"
-                        },
-                        "name": "dev-storage"
-                    },
-                    {
-                        "context": {
-                            "cluster": "scratch",
-                            "name": "exp-scratch",
-                            "namespace": "default",
-                            "user": "experimenter"
-                        },
-                        "name": "exp-scratch"
-                    }
-                ],
-                "current-context": "exp-scratch",
-                "kind": "Config",
-                "preferences": {
-                },
-                "users": [
-                    {
-                        "name": "developer",
-                        "user": {
-                            "client-certificate": "fake-cert-file",
-                            "client-key": "fake-key-file"
-                        }
-                    },
-                    {
-                        "name": "experimenter",
-                        "user": {
-                            "password": "some-password",
-                            "username": "exp"
-                        }
-                    }
-                ]
-            }
+   kubeconfig-method-integration-test:
+      runs-on: ubuntu-latest
+      steps:
+         - name: Checkout Source Code
+           id: checkout-code
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+         - name: Npm Install and Build
+           id: npm-build
+           run: |
+              npm install
+         - name: Build
+           run: npm run build
+         - name: Set Context
+           uses: ./
+           with:
+              method: kubeconfig
+              context: exp-scratch
+              kubeconfig: |
+                 apiVersion: v1
+                 clusters:
+                   - cluster:
+                       certificate-authority: fake-ca-file
+                       server: https://1.2.3.4
+                     name: development
+                   - cluster:
+                       insecure-skip-tls-verify: true
+                       server: https://5.6.7.8
+                     name: scratch
+                 contexts:
+                   - context:
+                       cluster: development
+                       namespace: frontend
+                       user: developer
+                     name: dev-frontend
+                   - context:
+                       cluster: development
+                       namespace: storage
+                       user: developer
+                     name: dev-storage
+                   - context:
+                       cluster: scratch
+                       namespace: default
+                       user: experimenter
+                     name: exp-scratch
+                 current-context: ""
+                 kind: Config
+                 preferences: {}
+                 users:
+                   - name: developer
+                     user:
+                       client-certificate: fake-cert-file
+                       client-key: fake-key-file
+                   - name: experimenter
+                     user:
+                       password: some-password
+                       username: exp
+         - name: Vertify Results
+           run: |
+              echo "$EXPECTED_KC" > /tmp/expected_kc.json
+              DIFF=$(diff <(jq -S -c . $KUBECONFIG) <(jq -S -c . /tmp/expected_kc.json))
+              if [ "$DIFF" != "" ]; then exit 1; else echo -e "Kubeconfig matches expected"; fi
+           env:
+              EXPECTED_KC: |
+                 {
+                     "apiVersion": "v1",
+                     "clusters": [
+                         {
+                             "cluster": {
+                                 "certificate-authority": "fake-ca-file",
+                                 "insecure-skip-tls-verify": false,
+                                 "server": "https://1.2.3.4"
+                             },
+                             "name": "development"
+                         },
+                         {
+                             "cluster": {
+                                 "insecure-skip-tls-verify": true,
+                                 "server": "https://5.6.7.8"
+                             },
+                             "name": "scratch"
+                         }
+                     ],
+                     "contexts": [
+                         {
+                             "context": {
+                                 "cluster": "development",
+                                 "name": "dev-frontend",
+                                 "namespace": "frontend",
+                                 "user": "developer"
+                             },
+                             "name": "dev-frontend"
+                         },
+                         {
+                             "context": {
+                                 "cluster": "development",
+                                 "name": "dev-storage",
+                                 "namespace": "storage",
+                                 "user": "developer"
+                             },
+                             "name": "dev-storage"
+                         },
+                         {
+                             "context": {
+                                 "cluster": "scratch",
+                                 "name": "exp-scratch",
+                                 "namespace": "default",
+                                 "user": "experimenter"
+                             },
+                             "name": "exp-scratch"
+                         }
+                     ],
+                     "current-context": "exp-scratch",
+                     "kind": "Config",
+                     "preferences": {
+                     },
+                     "users": [
+                         {
+                             "name": "developer",
+                             "user": {
+                                 "client-certificate": "fake-cert-file",
+                                 "client-key": "fake-key-file"
+                             }
+                         },
+                         {
+                             "name": "experimenter",
+                             "user": {
+                                 "password": "some-password",
+                                 "username": "exp"
+                             }
+                         }
+                     ]
+                 }

.github/workflows/prettify-code.yml

@@ -0,0 +1,25 @@
+name: 'Run Prettify'
+on:
+   pull_request:
+   push:
+      branches: [main]
+
+jobs:
+   prettier:
+      name: Prettier Check
+      runs-on: ubuntu-latest
+      steps:
+         - name: Checkout Repository
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+         - name: Setup Node.js
+           uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+           with:
+              node-version: 'lts/*'
+              cache: 'npm'
+
+         - name: Install Dependencies
+           run: npm ci
+
+         - name: Run Prettier Check
+           run: npx prettier --check .

.github/workflows/release-pr.yml

@@ -0,0 +1,18 @@
+name: Release Project
+
+on:
+   push:
+      branches:
+         - main
+      paths:
+         - CHANGELOG.md
+   workflow_dispatch:
+
+jobs:
+   release:
+      permissions:
+         actions: read
+         contents: write
+      uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@v1
+      with:
+         changelogPath: ./CHANGELOG.md

.github/workflows/tag-and-draft.yml

@@ -0,0 +1,10 @@
+name: Tag and create release draft
+
+on:
+   push:
+      branches:
+         - releases/*
+
+jobs:
+   tag-and-release:
+      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@main

.github/workflows/ts-build-check.yml

@@ -1,41 +0,0 @@
-name: TypeScript Build Check
-
-on: pull_request
-
-jobs:
-  ts-build-check:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Pull Request
-        uses: actions/checkout@v2
-        with:
-          ref: ${{github.event.pull_request.head.ref}}
-          repository: ${{github.event.pull_request.head.repo.full_name}}
-          path: original-pr
-      - name: Setup Node
-        uses: actions/setup-node@v1
-        with:
-          node-version: 12.x
-      - name: Clone and Build Pull Request
-        run: |
-          cp $GITHUB_WORKSPACE/original-pr/ $GITHUB_WORKSPACE/built-pr -r
-          cd $GITHUB_WORKSPACE/built-pr/
-          npm i
-          npm run build
-      - name: Compare Built Directories
-        id: diff
-        run: |
-          DIFF=$(diff $GITHUB_WORKSPACE/original-pr/lib $GITHUB_WORKSPACE/built-pr/lib -rqiEZbwBd)
-          if [ "$DIFF" != "" ]; then exit 1; else echo -e "PR contains up-to-date compiled JavaScript."; fi
-      - name: Comment Unbuilt TypeScript
-        if: failure() && steps.diff.outcome == 'failure'
-        uses: actions/github-script@v2
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            github.issues.createComment({
-              issue_number: ${{ github.event.number }},
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: 'Please compile the TypeScript code with `npm run build`. The compiled JavaScript is not up-to-date.'
-            })

.github/workflows/unit-tests.yml

@@ -1,20 +1,20 @@
 name: Run Unit Tests
 on:
-  pull_request:
-    branches:
-      - master
-      - "releases/*"
-  push:
-    branches:
-      - master
-      - "releases/*"
+   pull_request:
+      branches:
+         - main
+         - 'releases/*'
+   push:
+      branches:
+         - main
+         - 'releases/*'
 
 jobs:
-  unit-test:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v1
-      - name: Run Unit Tests
-        run: |
-          npm install
-          npm test
+   unit-test:
+      runs-on: ubuntu-latest
+      steps:
+         - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+         - name: Run Unit Tests
+           run: |
+              npm install
+              npm test

.gitignore

@@ -329,3 +329,6 @@ ASALocalRun/
 .mfractor/
 node_modules
 coverage
+
+# Transpiled JS
+lib/

.husky/pre-commit

@@ -0,0 +1,7 @@
+npm test
+npm run format-check || {
+  echo ""
+  echo "❌ Formatting check failed."
+  echo "💡 Run 'npm run format' or 'prettier --write .' to fix formatting issues."
+  exit 1
+}

.prettierignore

@@ -0,0 +1,4 @@
+# dependencies
+/node_modules
+coverage
+/lib

.prettierrc.json

@@ -0,0 +1,8 @@
+{
+   "trailingComma": "none",
+   "bracketSpacing": false,
+   "semi": false,
+   "tabWidth": 3,
+   "singleQuote": true,
+   "printWidth": 80
+}

CHANGELOG.md

@@ -0,0 +1,10 @@
+# Change Log
+
+## [4.0.1] - 2024-09-06
+
+- #90 update dev dependencies with Typescript to 5
+- #89 Adding dependabot
+
+## [4.0.0] - 2024-02-13
+
+- #83 update to node20 as node16 is deprecated

CODE_OF_CONDUCT.md

@@ -1,9 +1,9 @@
-# Microsoft Open Source Code of Conduct
-
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-
-Resources:
-
-- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
-- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
-- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

README.md

@@ -1,109 +1,109 @@
-# Kubernetes set context
-
-This action can be used to set cluster context before other actions like [`azure/k8s-deploy`](https://github.com/Azure/k8s-deploy/tree/master) and [`azure/k8s-create-secret`](https://github.com/Azure/k8s-create-secret/tree/master). It should also be used before `kubectl` commands (in script) are run subsequently in the workflow.
-
-It is a requirement to use [`azure/login`](https://github.com/Azure/login/tree/master) in your workflow before using this action when using the `service-account` or `service-principal` methods.
-
-There are three approaches for specifying the deployment target:
-
-- Kubeconfig file provided as input to the action
-- Service account approach where the secret associated with the service account is provided as input to the action
-- Service principal approach (only applicable for arc cluster) where service principal provided with 'creds' is used as input to action
-
-In all these approaches it is recommended to store these contents (kubeconfig file content or secret content) in a [secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets/).
-
-Refer to the [action metadata file](./action.yml) for details about inputs. Note that different inputs are required for different method and cluster types. Use the below examples as a reference.
-
-## Example usage
-
-### Kubeconfig approach
-
-```yaml
-- uses: azure/k8s-set-context@v2
-  with:
-    method: kubeconfig
-    kubeconfig: <your kubeconfig>
-    context: <context name> # current-context from kubeconfig is used as default
-```
-
-**Please note** that the input requires the _contents_ of the kubeconfig file, and not its path.
-
-Following are the ways to fetch kubeconfig file onto your local development machine so that the same can be used in the action input shown above.
-
-#### Azure Kubernetes Service cluster
-
-```bash
-az aks get-credentials --name
-                       --resource-group
-                       [--admin]
-                       [--file]
-                       [--overwrite-existing]
-                       [--subscription]
-```
-
-Further details can be found in [az aks get-credentials documentation](https://docs.microsoft.com/en-us/cli/azure/aks?view=azure-cli-latest#az-aks-get-credentials).
-
-#### Generic Kubernetes cluster
-
-Please refer to documentation on fetching [kubeconfig for any generic K8s cluster](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/)
-
-### Service account approach
-
-```yaml
-- uses: azure/k8s-set-context@v2
-  with:
-    method: service-account
-    k8s-url: <URL of the cluster's API server>
-    k8s-secret: <secret associated with the service account>
-```
-
-For fetching Server URL, execute the following command on your shell:
-
-```bash
-kubectl config view --minify -o 'jsonpath={.clusters[0].cluster.server}'
-```
-
-For fetching Secret object required to connect and authenticate with the cluster, the following sequence of commands need to be run:
-
-```bash
-kubectl get serviceAccounts <service-account-name> -n <namespace> -o 'jsonpath={.secrets[*].name}'
-
-kubectl get secret <service-account-secret-name> -n <namespace> -o yaml
-```
-
-### Service account approach for arc cluster
-
-```yaml
-- uses: azure/k8s-set-context@v2
-  with:
-    method: service-account
-    cluster-type: arc
-    cluster-name: <cluster-name>
-    resource-group: <resource-group>
-    token: "${{ secrets.SA_TOKEN }}"
-```
-
-### Service principal approach for arc cluster
-
-```yaml
-- uses: azure/k8s-set-context@v2
-  with:
-    method: service-principal
-    cluster-type: arc
-    cluster-name: <cluster-name>
-    resource-group: <resource-group>
-```
-
-## Contributing
-
-This project welcomes contributions and suggestions. Most contributions require you to agree to a
-Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
-
-When you submit a pull request, a CLA bot will automatically determine whether you need to provide
-a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
-provided by the bot. You will only need to do this once across all repos using our CLA.
-
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
-contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+# Kubernetes set context
+
+This action can be used to set cluster context before other actions like [`azure/k8s-deploy`](https://github.com/Azure/k8s-deploy/tree/master) and [`azure/k8s-create-secret`](https://github.com/Azure/k8s-create-secret/tree/master). It should also be used before `kubectl` commands (in script) are run subsequently in the workflow.
+
+It is a requirement to use [`azure/login`](https://github.com/Azure/login/tree/master) in your workflow before using this action when using the `service-account` or `service-principal` methods.
+
+There are three approaches for specifying the deployment target:
+
+- Kubeconfig file provided as input to the action
+- Service account approach where the secret associated with the service account is provided as input to the action
+- Service principal approach (only applicable for arc cluster) where service principal provided with 'creds' is used as input to action
+
+In all these approaches it is recommended to store these contents (kubeconfig file content or secret content) in a [secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets/).
+
+Refer to the [action metadata file](./action.yml) for details about inputs. Note that different inputs are required for different method and cluster types. Use the below examples as a reference.
+
+## Example usage
+
+### Kubeconfig approach
+
+```yaml
+- uses: azure/k8s-set-context@v4
+  with:
+     method: kubeconfig
+     kubeconfig: <your kubeconfig>
+     context: <context name> # current-context from kubeconfig is used as default
+```
+
+**Please note** that the input requires the _contents_ of the kubeconfig file, and not its path.
+
+Following are the ways to fetch kubeconfig file onto your local development machine so that the same can be used in the action input shown above.
+
+#### Azure Kubernetes Service cluster
+
+```bash
+az aks get-credentials --name
+                       --resource-group
+                       [--admin]
+                       [--file]
+                       [--overwrite-existing]
+                       [--subscription]
+```
+
+Further details can be found in [az aks get-credentials documentation](https://docs.microsoft.com/en-us/cli/azure/aks?view=azure-cli-latest#az-aks-get-credentials).
+
+#### Generic Kubernetes cluster
+
+Please refer to documentation on fetching [kubeconfig for any generic K8s cluster](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/)
+
+### Service account approach
+
+```yaml
+- uses: azure/k8s-set-context@v4
+  with:
+     method: service-account
+     k8s-url: <URL of the cluster's API server>
+     k8s-secret: <secret associated with the service account>
+```
+
+For fetching Server URL, execute the following command on your shell:
+
+```bash
+kubectl config view --minify -o 'jsonpath={.clusters[0].cluster.server}'
+```
+
+For fetching Secret object required to connect and authenticate with the cluster, the following sequence of commands need to be run:
+
+```bash
+kubectl get serviceAccounts <service-account-name> -n <namespace> -o 'jsonpath={.secrets[*].name}'
+
+kubectl get secret <service-account-secret-name> -n <namespace> -o yaml
+```
+
+### Service account approach for arc cluster
+
+```yaml
+- uses: azure/k8s-set-context@v4
+  with:
+     method: service-account
+     cluster-type: arc
+     cluster-name: <cluster-name>
+     resource-group: <resource-group>
+     token: '${{ secrets.SA_TOKEN }}'
+```
+
+### Service principal approach for arc cluster
+
+```yaml
+- uses: azure/k8s-set-context@v4
+  with:
+     method: service-principal
+     cluster-type: arc
+     cluster-name: <cluster-name>
+     resource-group: <resource-group>
+```
+
+## Contributing
+
+This project welcomes contributions and suggestions. Most contributions require you to agree to a
+Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
+the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
+
+When you submit a pull request, a CLA bot will automatically determine whether you need to provide
+a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
+provided by the bot. You will only need to do this once across all repos using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
+contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.

SECURITY.md

@@ -1,35 +1,35 @@
-<!-- BEGIN MICROSOFT SECURITY.MD V0.0.1 BLOCK -->
-
-## Security
-
-Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [many more](https://opensource.microsoft.com/).
-
-If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [definition](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
-
-## Reporting Security Issues
-
-**Please do not report security vulnerabilities through public GitHub issues.** Instead, please report them to the Microsoft Security Response Center at [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://technet.microsoft.com/en-us/security/dn606155).
-
-You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
-
-Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
-
-  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
-  * Full paths of source file(s) related to the manifestation of the issue
-  * The location of the affected source code (tag/branch/commit or direct URL)
-  * Any special configuration required to reproduce the issue
-  * Step-by-step instructions to reproduce the issue
-  * Proof-of-concept or exploit code (if possible)
-  * Impact of the issue, including how an attacker might exploit the issue
-
-This information will help us triage your report more quickly.
-
-## Preferred Languages
-
-We prefer all communications to be in English.
-
-## Policy
-
-Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
-
-<!-- END MICROSOFT SECURITY.MD BLOCK -->
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.1 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [many more](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [definition](<https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)>) of a security vulnerability, please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.** Instead, please report them to the Microsoft Security Response Center at [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://technet.microsoft.com/en-us/security/dn606155).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

action.yml

@@ -1,39 +1,43 @@
-name: "Kubernetes Set Context"
-description: "Set the context of a target Kubernetes cluster and export the kubeconfig which will be used by other actions like azure/k8s-deploy"
-inputs:
-  # Please ensure you have used azure/login in the workflow before this action
-  cluster-type:
-    description: "Acceptable values: generic or arc"
-    required: true
-    default: "generic"
-  method:
-    description: "Acceptable values: kubeconfig or service-account or service-principal"
-    required: true
-    default: "kubeconfig"
-  kubeconfig:
-    description: "Contents of kubeconfig file"
-    required: false
-  context:
-    description: "If your kubeconfig has multiple contexts, use this field to use a specific context, otherwise the default one would be chosen"
-    required: false
-  k8s-url:
-    description: "Cluster Url"
-    required: false
-  k8s-secret:
-    description: "Service account secret (run kubectl get serviceaccounts <service-account-name> -o yaml and copy the service-account-secret-name)"
-    required: false
-  token:
-    description: "Token extracted from the secret of service account (should be base 64 decoded)"
-    required: false
-  resource-group:
-    description: "Azure resource group name"
-    required: false
-  cluster-name:
-    description: "Azure connected cluster name"
-    required: false
-
-branding:
-  color: "blue"
-runs:
-  using: "node12"
-  main: "lib/run.js"
+name: 'Kubernetes Set Context'
+description: 'Set the context of a target Kubernetes cluster and export the kubeconfig which is used by subsequent actions'
+inputs:
+   # Please ensure you have used azure/login in the workflow before this action
+   cluster-type:
+      description: 'Acceptable values: generic or arc'
+      required: true
+      default: 'generic'
+   method:
+      description: 'Acceptable values: kubeconfig or service-account or service-principal'
+      required: true
+      default: 'kubeconfig'
+   kubeconfig:
+      description: 'Contents of kubeconfig file'
+      required: false
+   kubeconfig-encoding:
+      description: 'Encoding of the kubeconfig input. Accepts "plaintext" (default) or "base64".'
+      required: false
+      default: 'plaintext'
+   context:
+      description: 'If your kubeconfig has multiple contexts, use this field to use a specific context, otherwise the default one would be chosen'
+      required: false
+   k8s-url:
+      description: 'Cluster Url'
+      required: false
+   k8s-secret:
+      description: 'Service account secret (run kubectl get serviceaccounts <service-account-name> -o yaml and copy the service-account-secret-name)'
+      required: false
+   token:
+      description: 'Token extracted from the secret of service account (should be base 64 decoded)'
+      required: false
+   resource-group:
+      description: 'Azure resource group name'
+      required: false
+   cluster-name:
+      description: 'Azure connected cluster name'
+      required: false
+
+branding:
+   color: 'blue'
+runs:
+   using: 'node20'
+   main: 'lib/index.js'

babel.config.js

@@ -0,0 +1,7 @@
+// babel.config.js
+export default {
+   presets: [
+      '@babel/preset-env', // For handling ES modules
+      '@babel/preset-typescript' // For handling TypeScript
+   ]
+}

jest.config.js

@@ -1,20 +1,28 @@
-module.exports = {
-  restoreMocks: true,
-  clearMocks: true,
-  resetMocks: true,
-  moduleFileExtensions: ["js", "ts"],
-  testEnvironment: "node",
-  testMatch: ["**/*.test.ts"],
-  transform: {
-    "^.+\\.ts$": "ts-jest",
-  },
-  verbose: true,
-  coverageThreshold: {
-    global: {
-      branches: 0,
-      functions: 40,
-      lines: 22,
-      statements: 22,
-    },
-  },
-};
+export default {
+   restoreMocks: true,
+   clearMocks: true,
+   resetMocks: true,
+   moduleFileExtensions: ['js', 'ts'],
+   testEnvironment: 'node',
+   testMatch: ['**/*.test.ts'],
+   transform: {
+      '^.+\\.ts$': 'ts-jest', // Use ts-jest for TypeScript files
+      '^.+\\.js$': 'babel-jest' // Transform TypeScript files
+   },
+   transformIgnorePatterns: [
+      '/node_modules/(?!@kubernetes/client-node)/' // Make sure to transform the Kubernetes client module
+   ],
+   moduleNameMapper: {
+      '^.+\\.css$': 'jest-transform-stub' // Handle CSS imports (if any)
+   },
+   extensionsToTreatAsEsm: ['.ts', '.tsx'], // Treat TypeScript files as ESM
+   verbose: true,
+   coverageThreshold: {
+      global: {
+         branches: 0,
+         functions: 40,
+         lines: 22,
+         statements: 22
+      }
+   }
+}

lib/kubeconfigs/arc.js

@@ -1,84 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getArcKubeconfig = exports.KUBECONFIG_LOCATION = void 0;
-const core = __importStar(require("@actions/core"));
-const io = __importStar(require("@actions/io"));
-const method_1 = require("../types/method");
-const path = __importStar(require("path"));
-const azCommands_1 = require("./azCommands");
-const RUNNER_TEMP = process.env["RUNNER_TEMP"] || "";
-exports.KUBECONFIG_LOCATION = path.join(RUNNER_TEMP, `arc_kubeconfig_${Date.now()}`);
-/**
- * Gets the kubeconfig based on provided method for an Arc Kubernetes cluster
- * @returns The kubeconfig wrapped in a Promise
- */
-function getArcKubeconfig() {
-    return __awaiter(this, void 0, void 0, function* () {
-        const resourceGroupName = core.getInput("resource-group", { required: true });
-        const clusterName = core.getInput("cluster-name", { required: true });
-        const azPath = yield io.which("az", true);
-        const method = method_1.parseMethod(core.getInput("method", { required: true }));
-        yield azCommands_1.runAzCliCommand(azPath, ["extension", "add", "-n", "connectedk8s"]);
-        switch (method) {
-            case method_1.Method.SERVICE_ACCOUNT:
-                const saToken = core.getInput("token", { required: true });
-                return yield azCommands_1.runAzKubeconfigCommandBlocking(azPath, [
-                    "connectedk8s",
-                    "proxy",
-                    "-n",
-                    clusterName,
-                    "-g",
-                    resourceGroupName,
-                    "--token",
-                    saToken,
-                    "-f",
-                    exports.KUBECONFIG_LOCATION,
-                ], exports.KUBECONFIG_LOCATION);
-            case method_1.Method.SERVICE_PRINCIPAL:
-                return yield azCommands_1.runAzKubeconfigCommandBlocking(azPath, [
-                    "connectedk8s",
-                    "proxy",
-                    "-n",
-                    clusterName,
-                    "-g",
-                    resourceGroupName,
-                    "-f",
-                    exports.KUBECONFIG_LOCATION,
-                ], exports.KUBECONFIG_LOCATION);
-            case undefined:
-                core.warning("Defaulting to kubeconfig method");
-            case method_1.Method.KUBECONFIG:
-            default:
-                throw Error("Kubeconfig method not supported for Arc cluster");
-        }
-    });
-}
-exports.getArcKubeconfig = getArcKubeconfig;

lib/kubeconfigs/azCommands.js

@@ -1,67 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.runAzKubeconfigCommandBlocking = exports.runAzCliCommand = void 0;
-const fs = __importStar(require("fs"));
-const exec_1 = require("@actions/exec");
-const child_process_1 = require("child_process");
-const AZ_TIMEOUT_SECONDS = 120;
-/**
- * Executes an az cli command
- * @param azPath The path to the az tool
- * @param args The arguments to be invoked
- * @param options Optional options for the command execution
- */
-function runAzCliCommand(azPath, args, options = {}) {
-    return __awaiter(this, void 0, void 0, function* () {
-        yield exec_1.exec(azPath, args, options);
-    });
-}
-exports.runAzCliCommand = runAzCliCommand;
-/**
- * Executes an az cli command that will set the kubeconfig
- * @param azPath The path to the az tool
- * @param args The arguments to be be invoked
- * @param kubeconfigPath The path to the kubeconfig that is updated by the command
- * @returns The contents of the kubeconfig
- */
-function runAzKubeconfigCommandBlocking(azPath, args, kubeconfigPath) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const proc = child_process_1.spawn(azPath, args, {
-            detached: true,
-            stdio: "ignore",
-        });
-        proc.unref();
-        yield sleep(AZ_TIMEOUT_SECONDS);
-        return fs.readFileSync(kubeconfigPath).toString();
-    });
-}
-exports.runAzKubeconfigCommandBlocking = runAzKubeconfigCommandBlocking;
-const sleep = (seconds) => new Promise((resolve) => setTimeout(resolve, seconds * 1000));

lib/kubeconfigs/default.js

@@ -1,87 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createKubeconfig = exports.getDefaultKubeconfig = void 0;
-const core = __importStar(require("@actions/core"));
-const jsyaml = __importStar(require("js-yaml"));
-const k8sSecret_1 = require("../types/k8sSecret");
-const method_1 = require("../types/method");
-/**
- * Gets the kubeconfig based on provided method for a default Kubernetes cluster
- * @returns The kubeconfig
- */
-function getDefaultKubeconfig() {
-    const method = method_1.parseMethod(core.getInput("method", { required: true }));
-    switch (method) {
-        case method_1.Method.SERVICE_ACCOUNT: {
-            const clusterUrl = core.getInput("k8s-url", { required: true });
-            core.debug("Found clusterUrl. Creating kubeconfig using certificate and token");
-            const k8sSecret = core.getInput("k8s-secret", {
-                required: true,
-            });
-            const parsedK8sSecret = k8sSecret_1.parseK8sSecret(jsyaml.load(k8sSecret));
-            const certAuth = parsedK8sSecret.data["ca.crt"];
-            const token = Buffer.from(parsedK8sSecret.data.token, "base64").toString();
-            return createKubeconfig(certAuth, token, clusterUrl);
-        }
-        case method_1.Method.SERVICE_PRINCIPAL: {
-            core.warning("Service Principal method not supported for default cluster type");
-        }
-        case undefined: {
-            core.warning("Defaulting to kubeconfig method");
-        }
-        default: {
-            core.debug("Setting context using kubeconfig");
-            return core.getInput("kubeconfig", { required: true });
-        }
-    }
-}
-exports.getDefaultKubeconfig = getDefaultKubeconfig;
-/**
- * Creates a kubeconfig and returns the string representation
- * @param certAuth The certificate authentication of the cluster
- * @param token The user token
- * @param clusterUrl The server url of the cluster
- * @returns The kubeconfig as a string
- */
-function createKubeconfig(certAuth, token, clusterUrl) {
-    const kubeconfig = {
-        apiVersion: "v1",
-        kind: "Config",
-        clusters: [
-            {
-                cluster: {
-                    "certificate-authority-data": certAuth,
-                    server: clusterUrl,
-                },
-            },
-        ],
-        users: [
-            {
-                user: {
-                    token: token,
-                },
-            },
-        ],
-    };
-    return JSON.stringify(kubeconfig);
-}
-exports.createKubeconfig = createKubeconfig;

lib/run.js

@@ -1,61 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.run = void 0;
-const core = __importStar(require("@actions/core"));
-const path = __importStar(require("path"));
-const fs = __importStar(require("fs"));
-const cluster_1 = require("./types/cluster");
-const utils_1 = require("./utils");
-/**
- * Sets the Kubernetes context based on supplied action inputs
- */
-function run() {
-    return __awaiter(this, void 0, void 0, function* () {
-        // get inputs
-        const clusterType = cluster_1.parseCluster(core.getInput("cluster-type", {
-            required: true,
-        }));
-        const runnerTempDirectory = process.env["RUNNER_TEMP"];
-        const kubeconfigPath = path.join(runnerTempDirectory, `kubeconfig_${Date.now()}`);
-        // get kubeconfig and update context
-        const kubeconfig = yield utils_1.getKubeconfig(clusterType);
-        const kubeconfigWithContext = utils_1.setContext(kubeconfig);
-        // output kubeconfig
-        core.debug(`Writing kubeconfig contents to ${kubeconfigPath}`);
-        fs.writeFileSync(kubeconfigPath, kubeconfigWithContext);
-        fs.chmodSync(kubeconfigPath, "600");
-        core.debug("Setting KUBECONFIG environment variable");
-        core.exportVariable("KUBECONFIG", kubeconfigPath);
-    });
-}
-exports.run = run;
-// Run the application
-run().catch(core.setFailed);

lib/types/cluster.js

@@ -1,14 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseCluster = exports.Cluster = void 0;
-var Cluster;
-(function (Cluster) {
-    Cluster["ARC"] = "arc";
-    Cluster["GENERIC"] = "generic";
-})(Cluster = exports.Cluster || (exports.Cluster = {}));
-/**
- * Converts a string to the Cluster enum
- * @param str The cluster type (case insensitive)
- * @returns The Cluster enum or undefined if it can't be parsed
- */
-exports.parseCluster = (str) => Cluster[Object.keys(Cluster).filter((k) => Cluster[k].toString().toLowerCase() === str.toLowerCase())[0]];

lib/types/k8sSecret.js

@@ -1,41 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseK8sSecret = void 0;
-const util = __importStar(require("util"));
-/**
- * Throws an error if an object does not have all required fields to be a K8sSecret
- * @param secret
- * @returns A type guarded K8sSecret
- */
-function parseK8sSecret(secret) {
-    if (!secret)
-        throw Error("K8s secret yaml is invalid");
-    if (!secret.data)
-        throw k8sSecretMissingFieldError("data");
-    if (!secret.data.token)
-        throw k8sSecretMissingFieldError("token");
-    if (!secret.data["ca.crt"])
-        throw k8sSecretMissingFieldError("ca.crt");
-    return secret;
-}
-exports.parseK8sSecret = parseK8sSecret;
-const k8sSecretMissingFieldError = (field) => Error(util.format("K8s secret yaml does not contain %s field", field));

lib/types/method.js

@@ -1,15 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseMethod = exports.Method = void 0;
-var Method;
-(function (Method) {
-    Method["KUBECONFIG"] = "kubeconfig";
-    Method["SERVICE_ACCOUNT"] = "service-account";
-    Method["SERVICE_PRINCIPAL"] = "service-principal";
-})(Method = exports.Method || (exports.Method = {}));
-/**
- * Converts a string to the Method enum
- * @param str The method (case insensitive)
- * @returns The Method enum or undefined if it can't be parsed
- */
-exports.parseMethod = (str) => Method[Object.keys(Method).filter((k) => Method[k].toString().toLowerCase() === str.toLowerCase())[0]];

lib/utils.js

@@ -1,76 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.setContext = exports.getKubeconfig = void 0;
-const core = __importStar(require("@actions/core"));
-const client_node_1 = require("@kubernetes/client-node");
-const default_1 = require("./kubeconfigs/default");
-const arc_1 = require("./kubeconfigs/arc");
-const cluster_1 = require("./types/cluster");
-/**
- * Gets the kubeconfig based on Kubernetes cluster type
- * @param type The cluster type for the kubeconfig (defaults to generic)
- * @returns A promise of the kubeconfig
- */
-function getKubeconfig(type) {
-    return __awaiter(this, void 0, void 0, function* () {
-        switch (type) {
-            case cluster_1.Cluster.ARC: {
-                return yield arc_1.getArcKubeconfig();
-            }
-            case undefined: {
-                core.warning("Cluster type not recognized. Defaulting to generic.");
-            }
-            default: {
-                return default_1.getDefaultKubeconfig();
-            }
-        }
-    });
-}
-exports.getKubeconfig = getKubeconfig;
-/**
- * Sets the context by updating the kubeconfig
- * @param kubeconfig The kubeconfig
- * @returns Updated kubeconfig with the context
- */
-function setContext(kubeconfig) {
-    const context = core.getInput("context");
-    if (!context) {
-        core.debug("Can't set context because context is unspecified.");
-        return kubeconfig;
-    }
-    // load current kubeconfig
-    const kc = new client_node_1.KubeConfig();
-    kc.loadFromString(kubeconfig);
-    // update kubeconfig
-    kc.setCurrentContext(context);
-    return kc.exportConfig();
-}
-exports.setContext = setContext;

package.json

@@ -1,33 +1,44 @@
-{
-  "name": "k8s-set-context-action",
-  "version": "1.0.0",
-  "private": true,
-  "main": "lib/run.js",
-  "scripts": {
-    "build": "tsc --outDir ./lib --rootDir ./src",
-    "test": "jest",
-    "test-coverage": "jest --coverage"
-  },
-  "keywords": [
-    "actions",
-    "node",
-    "setup"
-  ],
-  "author": "GitHub",
-  "license": "MIT",
-  "dependencies": {
-    "@actions/core": "^1.2.6",
-    "@actions/exec": "^1.0.0",
-    "@actions/tool-cache": "^1.0.0",
-    "@kubernetes/client-node": "^0.16.0",
-    "js-yaml": "^3.13.1"
-  },
-  "devDependencies": {
-    "@types/jest": "^25.2.2",
-    "@types/js-yaml": "^4.0.4",
-    "@types/node": "^12.0.4",
-    "jest": "^26.6.3",
-    "ts-jest": "^25.5.1",
-    "typescript": "3.9.2"
-  }
-}
+{
+   "name": "k8s-set-context-action",
+   "version": "4.0.0",
+   "private": true,
+   "main": "lib/index.js",
+   "type": "module",
+   "scripts": {
+      "prebuild": "npm i @vercel/ncc",
+      "build": "ncc build src/run.ts -o lib",
+      "test": "jest",
+      "test-coverage": "jest --coverage",
+      "format": "prettier --write .",
+      "format-check": "prettier --check .",
+      "prepare": "husky"
+   },
+   "keywords": [
+      "actions",
+      "node",
+      "setup"
+   ],
+   "author": "GitHub",
+   "license": "MIT",
+   "dependencies": {
+      "@actions/core": "^1.11.1",
+      "@actions/exec": "^1.1.1",
+      "@actions/io": "^1.1.3",
+      "@kubernetes/client-node": "^1.3.0",
+      "husky": "^9.1.7",
+      "js-yaml": "^4.1.0"
+   },
+   "devDependencies": {
+      "@babel/preset-env": "^7.28.0",
+      "@babel/preset-typescript": "^7.27.1",
+      "@types/jest": "^30.0.0",
+      "@types/js-yaml": "^4.0.9",
+      "@types/node": "^24.0.15",
+      "@vercel/ncc": "^0.38.3",
+      "babel-jest": "^30.0.4",
+      "jest": "^30.0.4",
+      "prettier": "^3.6.2",
+      "ts-jest": "^29.4.0",
+      "typescript": "^5.8.3"
+   }
+}

src/action.test.ts

@@ -0,0 +1,30 @@
+import {getRequiredInputError} from '../tests/util'
+import {run} from './action'
+import fs from 'fs'
+import * as utils from './utils'
+
+describe('Run', () => {
+   it('throws error without cluster type', async () => {
+      await expect(run()).rejects.toThrow(getRequiredInputError('cluster-type'))
+   })
+
+   it('writes kubeconfig and sets context', async () => {
+      const kubeconfig = 'kubeconfig'
+
+      process.env['INPUT_CLUSTER-TYPE'] = 'default'
+      process.env['RUNNER_TEMP'] = '/sample/path'
+
+      jest
+         .spyOn(utils, 'getKubeconfig')
+         .mockImplementation(async () => kubeconfig)
+      jest.spyOn(fs, 'writeFileSync').mockImplementation(() => {})
+      jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
+      jest.spyOn(utils, 'setContext').mockImplementation(() => kubeconfig)
+
+      expect(await run())
+      expect(utils.getKubeconfig).toHaveBeenCalled()
+      expect(fs.writeFileSync).toHaveBeenCalled()
+      expect(fs.chmodSync).toHaveBeenCalled()
+      expect(utils.setContext).toHaveBeenCalled()
+   })
+})

src/action.ts

@@ -0,0 +1,33 @@
+import * as core from '@actions/core'
+import * as path from 'path'
+import * as fs from 'fs'
+import {Cluster, parseCluster} from './types/cluster'
+import {setContext, getKubeconfig} from './utils'
+
+/**
+ * Sets the Kubernetes context based on supplied action inputs
+ */
+export async function run() {
+   // get inputs
+   const clusterType: Cluster | undefined = parseCluster(
+      core.getInput('cluster-type', {
+         required: true
+      })
+   )
+   const runnerTempDirectory: string = process.env['RUNNER_TEMP']
+   const kubeconfigPath: string = path.join(
+      runnerTempDirectory,
+      `kubeconfig_${Date.now()}`
+   )
+
+   // get kubeconfig and update context
+   const kubeconfig: string = await getKubeconfig(clusterType)
+   const kubeconfigWithContext: string = setContext(kubeconfig)
+
+   // output kubeconfig
+   core.debug(`Writing kubeconfig contents to ${kubeconfigPath}`)
+   fs.writeFileSync(kubeconfigPath, kubeconfigWithContext)
+   fs.chmodSync(kubeconfigPath, '600')
+   core.debug('Setting KUBECONFIG environment variable')
+   core.exportVariable('KUBECONFIG', kubeconfigPath)
+}

src/kubeconfigs/arc.test.ts

@@ -1,103 +1,103 @@
-import * as actions from "@actions/exec";
-import * as io from "@actions/io";
-import { getRequiredInputError } from "../../tests/util";
-import { getArcKubeconfig, KUBECONFIG_LOCATION } from "./arc";
-import * as az from "./azCommands";
+import * as actions from '@actions/exec'
+import * as io from '@actions/io'
+import {getRequiredInputError} from '../../tests/util'
+import {getArcKubeconfig, KUBECONFIG_LOCATION} from './arc'
+import * as az from './azCommands'
 
-describe("Arc kubeconfig", () => {
-  test("it throws error without resource group", async () => {
-    await expect(getArcKubeconfig()).rejects.toThrow(
-      getRequiredInputError("resource-group")
-    );
-  });
-
-  test("it throws error without cluster name", async () => {
-    process.env["INPUT_RESOURCE-GROUP"] = "group";
-    await expect(getArcKubeconfig()).rejects.toThrow(
-      getRequiredInputError("cluster-name")
-    );
-  });
-
-  describe("runs az cli commands", () => {
-    const group = "group";
-    const name = "name";
-    const path = "path";
-    const kubeconfig = "kubeconfig";
-
-    beforeEach(() => {
-      process.env["INPUT_RESOURCE-GROUP"] = group;
-      process.env["INPUT_CLUSTER-NAME"] = name;
-
-      jest.spyOn(io, "which").mockImplementation(async () => path);
-      jest.spyOn(az, "runAzCliCommand").mockImplementation(async () => {});
-      jest
-        .spyOn(az, "runAzKubeconfigCommandBlocking")
-        .mockImplementation(async () => kubeconfig);
-    });
-
-    it("throws an error without method", async () => {
+describe('Arc kubeconfig', () => {
+   test('it throws error without resource group', async () => {
       await expect(getArcKubeconfig()).rejects.toThrow(
-        getRequiredInputError("method")
-      );
-    });
+         getRequiredInputError('resource-group')
+      )
+   })
+
+   test('it throws error without cluster name', async () => {
+      process.env['INPUT_RESOURCE-GROUP'] = 'group'
+      await expect(getArcKubeconfig()).rejects.toThrow(
+         getRequiredInputError('cluster-name')
+      )
+   })
+
+   describe('runs az cli commands', () => {
+      const group = 'group'
+      const name = 'name'
+      const path = 'path'
+      const kubeconfig = 'kubeconfig'
 
-    describe("service account method", () => {
       beforeEach(() => {
-        process.env["INPUT_METHOD"] = "service-account";
-      });
+         process.env['INPUT_RESOURCE-GROUP'] = group
+         process.env['INPUT_CLUSTER-NAME'] = name
 
-      it("throws an error without token", async () => {
-        await expect(getArcKubeconfig()).rejects.toThrow(
-          getRequiredInputError("token")
-        );
-      });
+         jest.spyOn(io, 'which').mockImplementation(async () => path)
+         jest.spyOn(az, 'runAzCliCommand').mockImplementation(async () => {})
+         jest
+            .spyOn(az, 'runAzKubeconfigCommandBlocking')
+            .mockImplementation(async () => kubeconfig)
+      })
 
-      it("gets the kubeconfig", async () => {
-        const token = "token";
-        process.env["INPUT_TOKEN"] = token;
+      it('throws an error without method', async () => {
+         await expect(getArcKubeconfig()).rejects.toThrow(
+            getRequiredInputError('method')
+         )
+      })
 
-        expect(await getArcKubeconfig()).toBe(kubeconfig);
-        expect(az.runAzKubeconfigCommandBlocking).toHaveBeenCalledWith(
-          path,
-          [
-            "connectedk8s",
-            "proxy",
-            "-n",
-            name,
-            "-g",
-            group,
-            "--token",
-            token,
-            "-f",
-            KUBECONFIG_LOCATION,
-          ],
-          KUBECONFIG_LOCATION
-        );
-      });
-    });
+      describe('service account method', () => {
+         beforeEach(() => {
+            process.env['INPUT_METHOD'] = 'service-account'
+         })
 
-    describe("service principal method", () => {
-      beforeEach(() => {
-        process.env["INPUT_METHOD"] = "service-principal";
-      });
+         it('throws an error without token', async () => {
+            await expect(getArcKubeconfig()).rejects.toThrow(
+               getRequiredInputError('token')
+            )
+         })
 
-      it("gets the kubeconfig", async () => {
-        expect(await getArcKubeconfig()).toBe(kubeconfig);
-        expect(az.runAzKubeconfigCommandBlocking).toHaveBeenCalledWith(
-          path,
-          [
-            "connectedk8s",
-            "proxy",
-            "-n",
-            name,
-            "-g",
-            group,
-            "-f",
-            KUBECONFIG_LOCATION,
-          ],
-          KUBECONFIG_LOCATION
-        );
-      });
-    });
-  });
-});
+         it('gets the kubeconfig', async () => {
+            const token = 'token'
+            process.env['INPUT_TOKEN'] = token
+
+            expect(await getArcKubeconfig()).toBe(kubeconfig)
+            expect(az.runAzKubeconfigCommandBlocking).toHaveBeenCalledWith(
+               path,
+               [
+                  'connectedk8s',
+                  'proxy',
+                  '-n',
+                  name,
+                  '-g',
+                  group,
+                  '--token',
+                  token,
+                  '-f',
+                  KUBECONFIG_LOCATION
+               ],
+               KUBECONFIG_LOCATION
+            )
+         })
+      })
+
+      describe('service principal method', () => {
+         beforeEach(() => {
+            process.env['INPUT_METHOD'] = 'service-principal'
+         })
+
+         it('gets the kubeconfig', async () => {
+            expect(await getArcKubeconfig()).toBe(kubeconfig)
+            expect(az.runAzKubeconfigCommandBlocking).toHaveBeenCalledWith(
+               path,
+               [
+                  'connectedk8s',
+                  'proxy',
+                  '-n',
+                  name,
+                  '-g',
+                  group,
+                  '-f',
+                  KUBECONFIG_LOCATION
+               ],
+               KUBECONFIG_LOCATION
+            )
+         })
+      })
+   })
+})

src/kubeconfigs/arc.ts

@@ -1,68 +1,68 @@
-import * as core from "@actions/core";
-import * as io from "@actions/io";
-import { Method, parseMethod } from "../types/method";
-import * as path from "path";
-import { runAzCliCommand, runAzKubeconfigCommandBlocking } from "./azCommands";
+import * as core from '@actions/core'
+import * as io from '@actions/io'
+import {Method, parseMethod} from '../types/method'
+import * as path from 'path'
+import {runAzCliCommand, runAzKubeconfigCommandBlocking} from './azCommands'
 
-const RUNNER_TEMP: string = process.env["RUNNER_TEMP"] || "";
+const RUNNER_TEMP: string = process.env['RUNNER_TEMP'] || ''
 export const KUBECONFIG_LOCATION: string = path.join(
-  RUNNER_TEMP,
-  `arc_kubeconfig_${Date.now()}`
-);
+   RUNNER_TEMP,
+   `arc_kubeconfig_${Date.now()}`
+)
 
 /**
  * Gets the kubeconfig based on provided method for an Arc Kubernetes cluster
  * @returns The kubeconfig wrapped in a Promise
  */
 export async function getArcKubeconfig(): Promise<string> {
-  const resourceGroupName = core.getInput("resource-group", { required: true });
-  const clusterName = core.getInput("cluster-name", { required: true });
-  const azPath = await io.which("az", true);
+   const resourceGroupName = core.getInput('resource-group', {required: true})
+   const clusterName = core.getInput('cluster-name', {required: true})
+   const azPath = await io.which('az', true)
 
-  const method: Method | undefined = parseMethod(
-    core.getInput("method", { required: true })
-  );
+   const method: Method | undefined = parseMethod(
+      core.getInput('method', {required: true})
+   )
 
-  await runAzCliCommand(azPath, ["extension", "add", "-n", "connectedk8s"]);
+   await runAzCliCommand(azPath, ['extension', 'add', '-n', 'connectedk8s'])
 
-  switch (method) {
-    case Method.SERVICE_ACCOUNT:
-      const saToken = core.getInput("token", { required: true });
-      return await runAzKubeconfigCommandBlocking(
-        azPath,
-        [
-          "connectedk8s",
-          "proxy",
-          "-n",
-          clusterName,
-          "-g",
-          resourceGroupName,
-          "--token",
-          saToken,
-          "-f",
-          KUBECONFIG_LOCATION,
-        ],
-        KUBECONFIG_LOCATION
-      );
-    case Method.SERVICE_PRINCIPAL:
-      return await runAzKubeconfigCommandBlocking(
-        azPath,
-        [
-          "connectedk8s",
-          "proxy",
-          "-n",
-          clusterName,
-          "-g",
-          resourceGroupName,
-          "-f",
-          KUBECONFIG_LOCATION,
-        ],
-        KUBECONFIG_LOCATION
-      );
-    case undefined:
-      core.warning("Defaulting to kubeconfig method");
-    case Method.KUBECONFIG:
-    default:
-      throw Error("Kubeconfig method not supported for Arc cluster");
-  }
+   switch (method) {
+      case Method.SERVICE_ACCOUNT:
+         const saToken = core.getInput('token', {required: true})
+         return await runAzKubeconfigCommandBlocking(
+            azPath,
+            [
+               'connectedk8s',
+               'proxy',
+               '-n',
+               clusterName,
+               '-g',
+               resourceGroupName,
+               '--token',
+               saToken,
+               '-f',
+               KUBECONFIG_LOCATION
+            ],
+            KUBECONFIG_LOCATION
+         )
+      case Method.SERVICE_PRINCIPAL:
+         return await runAzKubeconfigCommandBlocking(
+            azPath,
+            [
+               'connectedk8s',
+               'proxy',
+               '-n',
+               clusterName,
+               '-g',
+               resourceGroupName,
+               '-f',
+               KUBECONFIG_LOCATION
+            ],
+            KUBECONFIG_LOCATION
+         )
+      case undefined:
+         core.warning('Defaulting to kubeconfig method')
+      case Method.KUBECONFIG:
+      default:
+         throw Error('Kubeconfig method not supported for Arc cluster')
+   }
 }

src/kubeconfigs/azCommands.test.ts

@@ -1,14 +1,14 @@
-import * as actions from "@actions/exec";
-import { runAzCliCommand } from "./azCommands";
+import * as actions from '@actions/exec'
+import {runAzCliCommand} from './azCommands'
 
-describe("Az commands", () => {
-  test("it runs an az cli command", async () => {
-    const path = "path";
-    const args = ["args"];
+describe('Az commands', () => {
+   test('it runs an az cli command', async () => {
+      const path = 'path'
+      const args = ['args']
 
-    jest.spyOn(actions, "exec").mockImplementation(async () => 0);
+      jest.spyOn(actions, 'exec').mockImplementation(async () => 0)
 
-    expect(await runAzCliCommand(path, args));
-    expect(actions.exec).toBeCalledWith(path, args, {});
-  });
-});
+      expect(await runAzCliCommand(path, args))
+      expect(actions.exec).toHaveBeenCalledWith(path, args, {})
+   })
+})

src/kubeconfigs/azCommands.ts

@@ -1,9 +1,9 @@
-import * as fs from "fs";
-import { ExecOptions } from "@actions/exec/lib/interfaces";
-import { exec } from "@actions/exec";
-import { spawn } from "child_process";
+import * as fs from 'fs'
+import {ExecOptions} from '@actions/exec/lib/interfaces'
+import {exec} from '@actions/exec'
+import {spawn} from 'child_process'
 
-const AZ_TIMEOUT_SECONDS: number = 120;
+const AZ_TIMEOUT_SECONDS: number = 120
 
 /**
  * Executes an az cli command
@@ -12,11 +12,11 @@ const AZ_TIMEOUT_SECONDS: number = 120;
  * @param options Optional options for the command execution
  */
 export async function runAzCliCommand(
-  azPath: string,
-  args: string[],
-  options: ExecOptions = {}
+   azPath: string,
+   args: string[],
+   options: ExecOptions = {}
 ) {
-  await exec(azPath, args, options);
+   await exec(azPath, args, options)
 }
 /**
  * Executes an az cli command that will set the kubeconfig
@@ -26,19 +26,19 @@ export async function runAzCliCommand(
  * @returns The contents of the kubeconfig
  */
 export async function runAzKubeconfigCommandBlocking(
-  azPath: string,
-  args: string[],
-  kubeconfigPath: string
+   azPath: string,
+   args: string[],
+   kubeconfigPath: string
 ): Promise<string> {
-  const proc = spawn(azPath, args, {
-    detached: true,
-    stdio: "ignore",
-  });
-  proc.unref();
+   const proc = spawn(azPath, args, {
+      detached: true,
+      stdio: 'ignore'
+   })
+   proc.unref()
 
-  await sleep(AZ_TIMEOUT_SECONDS);
-  return fs.readFileSync(kubeconfigPath).toString();
+   await sleep(AZ_TIMEOUT_SECONDS)
+   return fs.readFileSync(kubeconfigPath).toString()
 }
 
 const sleep = (seconds: number) =>
-  new Promise((resolve) => setTimeout(resolve, seconds * 1000));
+   new Promise((resolve) => setTimeout(resolve, seconds * 1000))

src/kubeconfigs/default.test.ts

@@ -1,128 +1,191 @@
-import * as fs from "fs";
-import { getRequiredInputError } from "../../tests/util";
-import { createKubeconfig, getDefaultKubeconfig } from "./default";
+import * as fs from 'fs'
+import * as core from '@actions/core'
+import {getRequiredInputError} from '../../tests/util'
+import {createKubeconfig, getDefaultKubeconfig} from './default'
 
-describe("Default kubeconfig", () => {
-  test("it creates a kubeconfig with proper format", () => {
-    const certAuth = "certAuth";
-    const token = "token";
-    const clusterUrl = "clusterUrl";
+describe('Default kubeconfig', () => {
+   test('it creates a kubeconfig with proper format', () => {
+      const certAuth = 'certAuth'
+      const token = 'token'
+      const clusterUrl = 'clusterUrl'
 
-    const kc = createKubeconfig(certAuth, token, clusterUrl);
-    const expected = JSON.stringify({
-      apiVersion: "v1",
-      kind: "Config",
-      clusters: [
-        {
-          cluster: {
-            "certificate-authority-data": certAuth,
-            server: clusterUrl,
-          },
-        },
-      ],
-      users: [
-        {
-          user: {
-            token: token,
-          },
-        },
-      ],
-    });
+      const kc = createKubeconfig(certAuth, token, clusterUrl)
+      const expected = JSON.stringify({
+         apiVersion: 'v1',
+         kind: 'Config',
+         clusters: [
+            {
+               name: 'default',
+               cluster: {
+                  server: clusterUrl,
+                  'certificate-authority-data': certAuth,
+                  'insecure-skip-tls-verify': false
+               }
+            }
+         ],
+         users: [{name: 'default-user', user: {token}}],
+         contexts: [
+            {
+               name: 'loaded-context',
+               context: {
+                  cluster: 'default',
+                  user: 'default-user',
+                  name: 'loaded-context'
+               }
+            }
+         ],
+         preferences: {},
+         'current-context': 'loaded-context'
+      })
+      expect(kc).toBe(expected)
+   })
 
-    expect(kc).toBe(expected);
-  });
-
-  test("it throws error without method", () => {
-    expect(() => getDefaultKubeconfig()).toThrow(
-      getRequiredInputError("method")
-    );
-  });
-
-  describe("default method", () => {
-    beforeEach(() => {
-      process.env["INPUT_METHOD"] = "default";
-    });
-
-    test("it throws error without kubeconfig", () => {
+   test('it throws error without method', () => {
       expect(() => getDefaultKubeconfig()).toThrow(
-        getRequiredInputError("kubeconfig")
-      );
-    });
+         getRequiredInputError('method')
+      )
+   })
 
-    test("it gets default config through kubeconfig input", () => {
-      const kc = "example kc";
-      process.env["INPUT_KUBECONFIG"] = kc;
+   describe('default method', () => {
+      beforeEach(() => {
+         process.env['INPUT_METHOD'] = 'default'
+      })
 
-      expect(getDefaultKubeconfig()).toBe(kc);
-    });
-  });
+      test('it throws error without kubeconfig', () => {
+         expect(() => getDefaultKubeconfig()).toThrow(
+            getRequiredInputError('kubeconfig')
+         )
+      })
 
-  test("it defaults to default method", () => {
-    process.env["INPUT_METHOD"] = "unknown";
+      test('it gets default config through kubeconfig input', () => {
+         const kc = 'example kc'
+         process.env['INPUT_KUBECONFIG'] = kc
 
-    const kc = "example kc";
-    process.env["INPUT_KUBECONFIG"] = kc;
+         expect(getDefaultKubeconfig()).toBe(kc)
+      })
 
-    expect(getDefaultKubeconfig()).toBe(kc);
-  });
+      test('returns kubeconfig as plaintext when encoding is plaintext', () => {
+         const kc = 'example kc'
+         jest.spyOn(core, 'getInput').mockImplementation((name: string) => {
+            if (name === 'method') return 'default'
+            if (name === 'kubeconfig-encoding') return 'plaintext'
+            if (name === 'kubeconfig') return kc
+            return ''
+         })
+         expect(getDefaultKubeconfig()).toBe(kc)
+      })
 
-  test("it defaults to default method from service-principal", () => {
-    process.env["INPUT_METHOD"] = "service-principal";
+      test('it gets default config through base64 kubeconfig input', () => {
+         const kc = 'example kc'
+         const base64Kc = Buffer.from(kc, 'utf-8').toString('base64')
 
-    const kc = "example kc";
-    process.env["INPUT_KUBECONFIG"] = kc;
+         jest.spyOn(core, 'getInput').mockImplementation((name: string) => {
+            if (name === 'method') return 'default'
+            if (name === 'kubeconfig-encoding') return 'base64'
+            if (name === 'kubeconfig') return base64Kc
+            return ''
+         })
 
-    expect(getDefaultKubeconfig()).toBe(kc);
-  });
+         expect(getDefaultKubeconfig()).toBe(kc)
+      })
 
-  describe("service-account method", () => {
-    beforeEach(() => {
-      process.env["INPUT_METHOD"] = "service-account";
-    });
+      test('it throws error for unknown kubeconfig-encoding', () => {
+         const kc = 'example kc'
+         const unknownEncoding = 'foobar'
 
-    test("it throws error without cluster url", () => {
-      expect(() => getDefaultKubeconfig()).toThrow(
-        getRequiredInputError("k8s-url")
-      );
-    });
+         jest.spyOn(core, 'getInput').mockImplementation((name: string) => {
+            if (name === 'method') return 'default'
+            if (name === 'kubeconfig-encoding') return unknownEncoding
+            if (name === 'kubeconfig') return kc
+            return ''
+         })
 
-    test("it throws error without k8s secret", () => {
-      process.env["INPUT_K8S-URL"] = "url";
+         expect(() => getDefaultKubeconfig()).toThrow(
+            "Invalid kubeconfig-encoding: 'foobar'. Must be 'plaintext' or 'base64'."
+         )
+      })
+   })
 
-      expect(() => getDefaultKubeconfig()).toThrow(
-        getRequiredInputError("k8s-secret")
-      );
-    });
+   test('it defaults to default method', () => {
+      process.env['INPUT_METHOD'] = 'unknown'
 
-    test("it gets kubeconfig through service-account", () => {
-      const k8sUrl = "https://testing-dns-4za.hfp.earth.azmk8s.io:443";
-      const token = "ZXlKaGJHY2lPcUpTVXpJMU5pSX=";
-      const cert = "LS0tLS1CRUdJTiBDRWyUSUZJQ";
-      const k8sSecret = fs.readFileSync("tests/sample-secret.yml").toString();
+      const kc = 'example kc'
+      process.env['INPUT_KUBECONFIG'] = kc
 
-      process.env["INPUT_K8S-URL"] = k8sUrl;
-      process.env["INPUT_K8S-SECRET"] = k8sSecret;
+      expect(getDefaultKubeconfig()).toBe(kc)
+   })
 
-      const expectedConfig = JSON.stringify({
-        apiVersion: "v1",
-        kind: "Config",
-        clusters: [
-          {
-            cluster: {
-              "certificate-authority-data": cert,
-              server: k8sUrl,
-            },
-          },
-        ],
-        users: [
-          {
-            user: {
-              token: Buffer.from(token, "base64").toString(),
-            },
-          },
-        ],
-      });
-      expect(getDefaultKubeconfig()).toBe(expectedConfig);
-    });
-  });
-});
+   test('it defaults to default method from service-principal', () => {
+      process.env['INPUT_METHOD'] = 'service-principal'
+
+      const kc = 'example kc'
+      process.env['INPUT_KUBECONFIG'] = kc
+
+      expect(getDefaultKubeconfig()).toBe(kc)
+   })
+
+   describe('service-account method', () => {
+      beforeEach(() => {
+         process.env['INPUT_METHOD'] = 'service-account'
+      })
+
+      test('it throws error without cluster url', () => {
+         expect(() => getDefaultKubeconfig()).toThrow(
+            getRequiredInputError('k8s-url')
+         )
+      })
+
+      test('it throws error without k8s secret', () => {
+         process.env['INPUT_K8S-URL'] = 'url'
+
+         expect(() => getDefaultKubeconfig()).toThrow(
+            getRequiredInputError('k8s-secret')
+         )
+      })
+
+      test('it gets kubeconfig through service-account', () => {
+         const k8sUrl = 'https://testing-dns-4za.hfp.earth.azmk8s.io:443'
+         const token = 'ZXlKaGJHY2lPcUpTVXpJMU5pSX='
+         const cert = 'LS0tLS1CRUdJTiBDRWyUSUZJQ'
+         const k8sSecret = fs.readFileSync('tests/sample-secret.yml').toString()
+
+         process.env['INPUT_K8S-URL'] = k8sUrl
+         process.env['INPUT_K8S-SECRET'] = k8sSecret
+
+         const expectedConfig = JSON.stringify({
+            apiVersion: 'v1',
+            kind: 'Config',
+            clusters: [
+               {
+                  name: 'default',
+                  cluster: {
+                     server: k8sUrl,
+                     'certificate-authority-data': cert,
+                     'insecure-skip-tls-verify': false
+                  }
+               }
+            ],
+            users: [
+               {
+                  name: 'default-user',
+                  user: {token: Buffer.from(token, 'base64').toString()}
+               }
+            ],
+            contexts: [
+               {
+                  name: 'loaded-context',
+                  context: {
+                     cluster: 'default',
+                     user: 'default-user',
+                     name: 'loaded-context'
+                  }
+               }
+            ],
+            preferences: {},
+            'current-context': 'loaded-context'
+         })
+
+         expect(getDefaultKubeconfig()).toBe(expectedConfig)
+      })
+   })
+})

src/kubeconfigs/default.ts

@@ -1,49 +1,72 @@
-import * as core from "@actions/core";
-import * as jsyaml from "js-yaml";
-import { K8sSecret, parseK8sSecret } from "../types/k8sSecret";
-import { Method, parseMethod } from "../types/method";
+import * as core from '@actions/core'
+import * as jsyaml from 'js-yaml'
+import {KubeConfig} from '@kubernetes/client-node'
+import {K8sSecret, parseK8sSecret} from '../types/k8sSecret'
+import {Method, parseMethod} from '../types/method'
 
 /**
  * Gets the kubeconfig based on provided method for a default Kubernetes cluster
  * @returns The kubeconfig
  */
 export function getDefaultKubeconfig(): string {
-  const method: Method | undefined = parseMethod(
-    core.getInput("method", { required: true })
-  );
+   const method: Method | undefined = parseMethod(
+      core.getInput('method', {required: true})
+   )
 
-  switch (method) {
-    case Method.SERVICE_ACCOUNT: {
-      const clusterUrl = core.getInput("k8s-url", { required: true });
-      core.debug(
-        "Found clusterUrl. Creating kubeconfig using certificate and token"
-      );
+   switch (method) {
+      case Method.SERVICE_ACCOUNT: {
+         const clusterUrl = core.getInput('k8s-url', {required: true})
+         core.debug(
+            'Found clusterUrl. Creating kubeconfig using certificate and token'
+         )
 
-      const k8sSecret: string = core.getInput("k8s-secret", {
-        required: true,
-      });
-      const parsedK8sSecret: K8sSecret = parseK8sSecret(jsyaml.load(k8sSecret));
-      const certAuth: string = parsedK8sSecret.data["ca.crt"];
-      const token: string = Buffer.from(
-        parsedK8sSecret.data.token,
-        "base64"
-      ).toString();
+         const k8sSecret: string = core.getInput('k8s-secret', {
+            required: true
+         })
+         const parsedK8sSecret: K8sSecret = parseK8sSecret(
+            jsyaml.load(k8sSecret)
+         )
+         const certAuth: string = parsedK8sSecret.data['ca.crt']
+         const token: string = Buffer.from(
+            parsedK8sSecret.data.token,
+            'base64'
+         ).toString()
 
-      return createKubeconfig(certAuth, token, clusterUrl);
-    }
-    case Method.SERVICE_PRINCIPAL: {
-      core.warning(
-        "Service Principal method not supported for default cluster type"
-      );
-    }
-    case undefined: {
-      core.warning("Defaulting to kubeconfig method");
-    }
-    default: {
-      core.debug("Setting context using kubeconfig");
-      return core.getInput("kubeconfig", { required: true });
-    }
-  }
+         return createKubeconfig(certAuth, token, clusterUrl)
+      }
+      case Method.SERVICE_PRINCIPAL: {
+         core.warning(
+            'Service Principal method not supported for default cluster type'
+         )
+      }
+      case undefined: {
+         core.warning('Defaulting to kubeconfig method')
+      }
+      default: {
+         core.debug('Setting context using kubeconfig')
+         enum Encoding {
+            Base64 = 'base64',
+            Plaintext = 'plaintext'
+         }
+
+         const rawKubeconfig = core.getInput('kubeconfig', {required: true})
+         const encoding =
+            core.getInput('kubeconfig-encoding')?.toLowerCase() ||
+            Encoding.Plaintext
+
+         if (encoding !== Encoding.Base64 && encoding !== Encoding.Plaintext) {
+            throw new Error(
+               `Invalid kubeconfig-encoding: '${encoding}'. Must be 'plaintext' or 'base64'.`
+            )
+         }
+         const kubeconfig =
+            encoding === Encoding.Base64
+               ? Buffer.from(rawKubeconfig, 'base64').toString('utf-8')
+               : rawKubeconfig
+
+         return kubeconfig
+      }
+   }
 }
 
 /**
@@ -54,29 +77,22 @@ export function getDefaultKubeconfig(): string {
  * @returns The kubeconfig as a string
  */
 export function createKubeconfig(
-  certAuth: string,
-  token: string,
-  clusterUrl: string
+   certAuth: string,
+   token: string,
+   clusterUrl: string
 ): string {
-  const kubeconfig = {
-    apiVersion: "v1",
-    kind: "Config",
-    clusters: [
+   const kc = new KubeConfig()
+   kc.loadFromClusterAndUser(
       {
-        cluster: {
-          "certificate-authority-data": certAuth,
-          server: clusterUrl,
-        },
+         name: 'default',
+         server: clusterUrl,
+         caData: certAuth,
+         skipTLSVerify: false
       },
-    ],
-    users: [
       {
-        user: {
-          token: token,
-        },
-      },
-    ],
-  };
-
-  return JSON.stringify(kubeconfig);
+         name: 'default-user',
+         token
+      }
+   )
+   return kc.exportConfig()
 }

src/run.test.ts

@@ -1,30 +0,0 @@
-import { getRequiredInputError } from "../tests/util";
-import { run } from "./run";
-import fs from "fs";
-import * as utils from "./utils";
-
-describe("Run", () => {
-  it("throws error without cluster type", async () => {
-    await expect(run()).rejects.toThrow(getRequiredInputError("cluster-type"));
-  });
-
-  it("writes kubeconfig and sets context", async () => {
-    const kubeconfig = "kubeconfig";
-
-    process.env["INPUT_CLUSTER-TYPE"] = "default";
-    process.env["RUNNER_TEMP"] = "/sample/path";
-
-    jest
-      .spyOn(utils, "getKubeconfig")
-      .mockImplementation(async () => kubeconfig);
-    jest.spyOn(fs, "writeFileSync").mockImplementation(() => {});
-    jest.spyOn(fs, "chmodSync").mockImplementation(() => {});
-    jest.spyOn(utils, "setContext").mockImplementation(() => kubeconfig);
-
-    expect(await run());
-    expect(utils.getKubeconfig).toHaveBeenCalled();
-    expect(fs.writeFileSync).toHaveBeenCalled();
-    expect(fs.chmodSync).toHaveBeenCalled();
-    expect(utils.setContext).toHaveBeenCalled();
-  });
-});

src/run.ts

@@ -1,36 +1,5 @@
-import * as core from "@actions/core";
-import * as path from "path";
-import * as fs from "fs";
-import { Cluster, parseCluster } from "./types/cluster";
-import { setContext, getKubeconfig } from "./utils";
-
-/**
- * Sets the Kubernetes context based on supplied action inputs
- */
-export async function run() {
-  // get inputs
-  const clusterType: Cluster | undefined = parseCluster(
-    core.getInput("cluster-type", {
-      required: true,
-    })
-  );
-  const runnerTempDirectory: string = process.env["RUNNER_TEMP"];
-  const kubeconfigPath: string = path.join(
-    runnerTempDirectory,
-    `kubeconfig_${Date.now()}`
-  );
-
-  // get kubeconfig and update context
-  const kubeconfig: string = await getKubeconfig(clusterType);
-  const kubeconfigWithContext: string = setContext(kubeconfig);
-
-  // output kubeconfig
-  core.debug(`Writing kubeconfig contents to ${kubeconfigPath}`);
-  fs.writeFileSync(kubeconfigPath, kubeconfigWithContext);
-  fs.chmodSync(kubeconfigPath, "600");
-  core.debug("Setting KUBECONFIG environment variable");
-  core.exportVariable("KUBECONFIG", kubeconfigPath);
-}
+import {run} from './action'
+import * as core from '@actions/core'
 
 // Run the application
-run().catch(core.setFailed);
+run().catch(core.setFailed)

src/types/cluster.test.ts

@@ -1,24 +1,24 @@
-import { Cluster, parseCluster } from "./cluster";
+import {Cluster, parseCluster} from './cluster'
 
-describe("Cluster type", () => {
-  test("it has required values", () => {
-    const vals = <any>Object.values(Cluster);
-    expect(vals.includes("arc")).toBe(true);
-    expect(vals.includes("generic")).toBe(true);
-  });
+describe('Cluster type', () => {
+   test('it has required values', () => {
+      const vals = <any>Object.values(Cluster)
+      expect(vals.includes('arc')).toBe(true)
+      expect(vals.includes('generic')).toBe(true)
+   })
 
-  test("it can parse valid values from a string", () => {
-    expect(parseCluster("arc")).toBe(Cluster.ARC);
-    expect(parseCluster("Arc")).toBe(Cluster.ARC);
-    expect(parseCluster("ARC")).toBe(Cluster.ARC);
+   test('it can parse valid values from a string', () => {
+      expect(parseCluster('arc')).toBe(Cluster.ARC)
+      expect(parseCluster('Arc')).toBe(Cluster.ARC)
+      expect(parseCluster('ARC')).toBe(Cluster.ARC)
 
-    expect(parseCluster("generic")).toBe(Cluster.GENERIC);
-    expect(parseCluster("Generic")).toBe(Cluster.GENERIC);
-    expect(parseCluster("GENERIC")).toBe(Cluster.GENERIC);
-  });
+      expect(parseCluster('generic')).toBe(Cluster.GENERIC)
+      expect(parseCluster('Generic')).toBe(Cluster.GENERIC)
+      expect(parseCluster('GENERIC')).toBe(Cluster.GENERIC)
+   })
 
-  test("it will return undefined if it can't parse values from a string", () => {
-    expect(parseCluster("invalid")).toBe(undefined);
-    expect(parseCluster("unsupportedType")).toBe(undefined);
-  });
-});
+   test("it will return undefined if it can't parse values from a string", () => {
+      expect(parseCluster('invalid')).toBe(undefined)
+      expect(parseCluster('unsupportedType')).toBe(undefined)
+   })
+})

src/types/cluster.ts

@@ -1,6 +1,6 @@
 export enum Cluster {
-  ARC = "arc",
-  GENERIC = "generic",
+   ARC = 'arc',
+   GENERIC = 'generic'
 }
 
 /**
@@ -9,8 +9,8 @@ export enum Cluster {
  * @returns The Cluster enum or undefined if it can't be parsed
  */
 export const parseCluster = (str: string): Cluster | undefined =>
-  Cluster[
-    Object.keys(Cluster).filter(
-      (k) => Cluster[k].toString().toLowerCase() === str.toLowerCase()
-    )[0] as keyof typeof Cluster
-  ];
+   Cluster[
+      Object.keys(Cluster).filter(
+         (k) => Cluster[k].toString().toLowerCase() === str.toLowerCase()
+      )[0] as keyof typeof Cluster
+   ]

src/types/k8sSecret.test.ts

@@ -1,33 +1,33 @@
-import { parseK8sSecret, K8sSecret } from "./k8sSecret";
+import {parseK8sSecret, K8sSecret} from './k8sSecret'
 
-describe("K8sSecret type", () => {
-  describe("Parsing from any", () => {
-    test("it returns a type guarded secret", () => {
-      const secret = { data: { token: "token", "ca.crt": "cert" } };
-      expect(() => parseK8sSecret(secret)).not.toThrow();
-    });
+describe('K8sSecret type', () => {
+   describe('Parsing from any', () => {
+      test('it returns a type guarded secret', () => {
+         const secret = {data: {token: 'token', 'ca.crt': 'cert'}}
+         expect(() => parseK8sSecret(secret)).not.toThrow()
+      })
 
-    test("it throws an error when secret not provided", () => {
-      expect(() => parseK8sSecret(undefined)).toThrow();
-    });
+      test('it throws an error when secret not provided', () => {
+         expect(() => parseK8sSecret(undefined)).toThrow()
+      })
 
-    test("it throws an error when there is no data field", () => {
-      const secret = {};
-      expect(() => parseK8sSecret(secret)).toThrow();
-    });
+      test('it throws an error when there is no data field', () => {
+         const secret = {}
+         expect(() => parseK8sSecret(secret)).toThrow()
+      })
 
-    test("it throws an error when there is no token", () => {
-      const secret = {
-        data: {
-          "ca.crt": "cert",
-        },
-      };
-      expect(() => parseK8sSecret(secret)).toThrow();
-    });
+      test('it throws an error when there is no token', () => {
+         const secret = {
+            data: {
+               'ca.crt': 'cert'
+            }
+         }
+         expect(() => parseK8sSecret(secret)).toThrow()
+      })
 
-    test("it throws an error when there is no ca.crt field", () => {
-      const secret = { data: { token: "token" } };
-      expect(() => parseK8sSecret(secret)).toThrow();
-    });
-  });
-});
+      test('it throws an error when there is no ca.crt field', () => {
+         const secret = {data: {token: 'token'}}
+         expect(() => parseK8sSecret(secret)).toThrow()
+      })
+   })
+})

src/types/k8sSecret.ts

@@ -1,10 +1,10 @@
-import * as util from "util";
+import * as util from 'util'
 
 export interface K8sSecret {
-  data: {
-    token: string;
-    "ca.crt": string;
-  };
+   data: {
+      token: string
+      'ca.crt': string
+   }
 }
 
 /**
@@ -13,13 +13,13 @@ export interface K8sSecret {
  * @returns A type guarded K8sSecret
  */
 export function parseK8sSecret(secret: any): K8sSecret {
-  if (!secret) throw Error("K8s secret yaml is invalid");
-  if (!secret.data) throw k8sSecretMissingFieldError("data");
-  if (!secret.data.token) throw k8sSecretMissingFieldError("token");
-  if (!secret.data["ca.crt"]) throw k8sSecretMissingFieldError("ca.crt");
+   if (!secret) throw Error('K8s secret yaml is invalid')
+   if (!secret.data) throw k8sSecretMissingFieldError('data')
+   if (!secret.data.token) throw k8sSecretMissingFieldError('token')
+   if (!secret.data['ca.crt']) throw k8sSecretMissingFieldError('ca.crt')
 
-  return secret as K8sSecret;
+   return secret as K8sSecret
 }
 
 const k8sSecretMissingFieldError = (field: string): Error =>
-  Error(util.format("K8s secret yaml does not contain %s field", field));
+   Error(util.format('K8s secret yaml does not contain %s field', field))

src/types/method.test.ts

@@ -1,29 +1,29 @@
-import { Method, parseMethod } from "./method";
+import {Method, parseMethod} from './method'
 
-describe("Method type", () => {
-  test("it has required values", () => {
-    const vals = <any>Object.values(Method);
-    expect(vals.includes("kubeconfig")).toBe(true);
-    expect(vals.includes("service-account")).toBe(true);
-    expect(vals.includes("service-principal")).toBe(true);
-  });
+describe('Method type', () => {
+   test('it has required values', () => {
+      const vals = <any>Object.values(Method)
+      expect(vals.includes('kubeconfig')).toBe(true)
+      expect(vals.includes('service-account')).toBe(true)
+      expect(vals.includes('service-principal')).toBe(true)
+   })
 
-  test("it can parse valid values from a string", () => {
-    expect(parseMethod("kubeconfig")).toBe(Method.KUBECONFIG);
-    expect(parseMethod("Kubeconfig")).toBe(Method.KUBECONFIG);
-    expect(parseMethod("KUBECONFIG")).toBe(Method.KUBECONFIG);
+   test('it can parse valid values from a string', () => {
+      expect(parseMethod('kubeconfig')).toBe(Method.KUBECONFIG)
+      expect(parseMethod('Kubeconfig')).toBe(Method.KUBECONFIG)
+      expect(parseMethod('KUBECONFIG')).toBe(Method.KUBECONFIG)
 
-    expect(parseMethod("service-account")).toBe(Method.SERVICE_ACCOUNT);
-    expect(parseMethod("Service-Account")).toBe(Method.SERVICE_ACCOUNT);
-    expect(parseMethod("SERVICE-ACCOUNT")).toBe(Method.SERVICE_ACCOUNT);
+      expect(parseMethod('service-account')).toBe(Method.SERVICE_ACCOUNT)
+      expect(parseMethod('Service-Account')).toBe(Method.SERVICE_ACCOUNT)
+      expect(parseMethod('SERVICE-ACCOUNT')).toBe(Method.SERVICE_ACCOUNT)
 
-    expect(parseMethod("service-principal")).toBe(Method.SERVICE_PRINCIPAL);
-    expect(parseMethod("Service-Principal")).toBe(Method.SERVICE_PRINCIPAL);
-    expect(parseMethod("SERVICE-PRINCIPAL")).toBe(Method.SERVICE_PRINCIPAL);
-  });
+      expect(parseMethod('service-principal')).toBe(Method.SERVICE_PRINCIPAL)
+      expect(parseMethod('Service-Principal')).toBe(Method.SERVICE_PRINCIPAL)
+      expect(parseMethod('SERVICE-PRINCIPAL')).toBe(Method.SERVICE_PRINCIPAL)
+   })
 
-  test("it will return undefined if it can't parse values from a string", () => {
-    expect(parseMethod("invalid")).toBe(undefined);
-    expect(parseMethod("unsupportedType")).toBe(undefined);
-  });
-});
+   test("it will return undefined if it can't parse values from a string", () => {
+      expect(parseMethod('invalid')).toBe(undefined)
+      expect(parseMethod('unsupportedType')).toBe(undefined)
+   })
+})

src/types/method.ts

@@ -1,7 +1,7 @@
 export enum Method {
-  KUBECONFIG = "kubeconfig",
-  SERVICE_ACCOUNT = "service-account",
-  SERVICE_PRINCIPAL = "service-principal",
+   KUBECONFIG = 'kubeconfig',
+   SERVICE_ACCOUNT = 'service-account',
+   SERVICE_PRINCIPAL = 'service-principal'
 }
 
 /**
@@ -10,8 +10,8 @@ export enum Method {
  * @returns The Method enum or undefined if it can't be parsed
  */
 export const parseMethod = (str: string): Method | undefined =>
-  Method[
-    Object.keys(Method).filter(
-      (k) => Method[k].toString().toLowerCase() === str.toLowerCase()
-    )[0] as keyof typeof Method
-  ];
+   Method[
+      Object.keys(Method).filter(
+         (k) => Method[k].toString().toLowerCase() === str.toLowerCase()
+      )[0] as keyof typeof Method
+   ]

src/utils.test.ts

@@ -1,47 +1,47 @@
-import fs from "fs";
-import * as arc from "./kubeconfigs/arc";
-import * as def from "./kubeconfigs/default";
-import { Cluster } from "./types/cluster";
-import { getKubeconfig, setContext } from "./utils";
+import fs from 'fs'
+import * as arc from './kubeconfigs/arc'
+import * as def from './kubeconfigs/default'
+import {Cluster} from './types/cluster'
+import {getKubeconfig, setContext} from './utils'
 
-describe("Utils", () => {
-  describe("get kubeconfig", () => {
-    test("it gets arc kubeconfig when type is arc", async () => {
-      const arcKubeconfig = "arckubeconfig";
-      jest
-        .spyOn(arc, "getArcKubeconfig")
-        .mockImplementation(async () => arcKubeconfig);
+describe('Utils', () => {
+   describe('get kubeconfig', () => {
+      test('it gets arc kubeconfig when type is arc', async () => {
+         const arcKubeconfig = 'arckubeconfig'
+         jest
+            .spyOn(arc, 'getArcKubeconfig')
+            .mockImplementation(async () => arcKubeconfig)
 
-      expect(await getKubeconfig(Cluster.ARC)).toBe(arcKubeconfig);
-    });
+         expect(await getKubeconfig(Cluster.ARC)).toBe(arcKubeconfig)
+      })
 
-    test("it defaults to default kubeconfig", async () => {
-      const defaultKubeconfig = "arckubeconfig";
-      jest
-        .spyOn(def, "getDefaultKubeconfig")
-        .mockImplementation(() => defaultKubeconfig);
+      test('it defaults to default kubeconfig', async () => {
+         const defaultKubeconfig = 'arckubeconfig'
+         jest
+            .spyOn(def, 'getDefaultKubeconfig')
+            .mockImplementation(() => defaultKubeconfig)
 
-      expect(await getKubeconfig(undefined)).toBe(defaultKubeconfig);
-      expect(await getKubeconfig(Cluster.GENERIC)).toBe(defaultKubeconfig);
-    });
-  });
+         expect(await getKubeconfig(undefined)).toBe(defaultKubeconfig)
+         expect(await getKubeconfig(Cluster.GENERIC)).toBe(defaultKubeconfig)
+      })
+   })
 
-  describe("set context", () => {
-    const kc = fs.readFileSync("tests/sample-kubeconfig.yml").toString();
+   describe('set context', () => {
+      const kc = fs.readFileSync('tests/sample-kubeconfig.yml').toString()
 
-    test("it doesn't change kubeconfig without context", () => {
-      expect(setContext(kc)).toBe(kc);
-    });
+      test("it doesn't change kubeconfig without context", () => {
+         expect(setContext(kc)).toBe(kc)
+      })
 
-    test("it writes the context to the kubeconfig", () => {
-      process.env["INPUT_CONTEXT"] = "example";
+      test('it writes the context to the kubeconfig', () => {
+         process.env['INPUT_CONTEXT'] = 'example'
 
-      const received = JSON.parse(setContext(kc));
-      const expectedKc = JSON.parse(
-        fs.readFileSync("tests/expected-kubeconfig.json").toString()
-      );
+         const received = JSON.parse(setContext(kc))
+         const expectedKc = JSON.parse(
+            fs.readFileSync('tests/expected-kubeconfig.json').toString()
+         )
 
-      expect(received).toMatchObject(expectedKc);
-    });
-  });
-});
+         expect(received).toMatchObject(expectedKc)
+      })
+   })
+})

src/utils.ts

@@ -1,9 +1,9 @@
-import * as core from "@actions/core";
-import * as fs from "fs";
-import { KubeConfig } from "@kubernetes/client-node";
-import { getDefaultKubeconfig } from "./kubeconfigs/default";
-import { getArcKubeconfig } from "./kubeconfigs/arc";
-import { Cluster } from "./types/cluster";
+import * as core from '@actions/core'
+import * as fs from 'fs'
+import {KubeConfig} from '@kubernetes/client-node'
+import {getDefaultKubeconfig} from './kubeconfigs/default'
+import {getArcKubeconfig} from './kubeconfigs/arc'
+import {Cluster} from './types/cluster'
 
 /**
  * Gets the kubeconfig based on Kubernetes cluster type
@@ -11,19 +11,19 @@ import { Cluster } from "./types/cluster";
  * @returns A promise of the kubeconfig
  */
 export async function getKubeconfig(
-  type: Cluster | undefined
+   type: Cluster | undefined
 ): Promise<string> {
-  switch (type) {
-    case Cluster.ARC: {
-      return await getArcKubeconfig();
-    }
-    case undefined: {
-      core.warning("Cluster type not recognized. Defaulting to generic.");
-    }
-    default: {
-      return getDefaultKubeconfig();
-    }
-  }
+   switch (type) {
+      case Cluster.ARC: {
+         return await getArcKubeconfig()
+      }
+      case undefined: {
+         core.warning('Cluster type not recognized. Defaulting to generic.')
+      }
+      default: {
+         return getDefaultKubeconfig()
+      }
+   }
 }
 
 /**
@@ -32,17 +32,17 @@ export async function getKubeconfig(
  * @returns Updated kubeconfig with the context
  */
 export function setContext(kubeconfig: string): string {
-  const context: string = core.getInput("context");
-  if (!context) {
-    core.debug("Can't set context because context is unspecified.");
-    return kubeconfig;
-  }
+   const context: string = core.getInput('context')
+   if (!context) {
+      core.debug("Can't set context because context is unspecified.")
+      return kubeconfig
+   }
 
-  // load current kubeconfig
-  const kc = new KubeConfig();
-  kc.loadFromString(kubeconfig);
+   // load current kubeconfig
+   const kc = new KubeConfig()
+   kc.loadFromString(kubeconfig)
 
-  // update kubeconfig
-  kc.setCurrentContext(context);
-  return kc.exportConfig();
+   // update kubeconfig
+   kc.setCurrentContext(context)
+   return kc.exportConfig()
 }

tests/expected-kubeconfig.json

@@ -1,27 +1,27 @@
 {
-  "apiVersion": "v1",
-  "kind": "Config",
-  "clusters": [
-    {
-      "name": "example",
-      "cluster": {
-        "server": "http://example.com:8080",
-        "insecure-skip-tls-verify": false
+   "apiVersion": "v1",
+   "kind": "Config",
+   "clusters": [
+      {
+         "name": "example",
+         "cluster": {
+            "server": "http://example.com:8080",
+            "insecure-skip-tls-verify": false
+         }
       }
-    }
-  ],
-  "users": [],
-  "contexts": [
-    {
-      "name": "example",
-      "context": {
-        "cluster": "example",
-        "name": "example",
-        "user": "example",
-        "namespace": "example"
+   ],
+   "users": [],
+   "contexts": [
+      {
+         "name": "example",
+         "context": {
+            "cluster": "example",
+            "name": "example",
+            "user": "example",
+            "namespace": "example"
+         }
       }
-    }
-  ],
-  "preferences": {},
-  "current-context": "example"
+   ],
+   "preferences": {},
+   "current-context": "example"
 }

tests/sample-kubeconfig.yml

@@ -1,12 +1,12 @@
 apiVersion: v1
 kind: Config
 clusters:
-  - cluster:
-      server: http://example.com:8080
-    name: example
+   - cluster:
+        server: http://example.com:8080
+     name: example
 contexts:
-  - context:
-      cluster: example
-      namespace: example
-      user: example
-    name: example
+   - context:
+        cluster: example
+        namespace: example
+        user: example
+     name: example

tests/sample-secret.yml

@@ -1,35 +1,35 @@
 apiVersion: v1
 data:
-  ca.crt: LS0tLS1CRUdJTiBDRWyUSUZJQ
-  namespace: ZGVmBXUsLdA==
-  token: ZXlKaGJHY2lPcUpTVXpJMU5pSX=
+   ca.crt: LS0tLS1CRUdJTiBDRWyUSUZJQ
+   namespace: ZGVmBXUsLdA==
+   token: ZXlKaGJHY2lPcUpTVXpJMU5pSX=
 kind: Secret
 metadata:
-  annotations:
-    kubernetes.io/service-account.name: default
-    kubernetes.io/service-account.uid: e1414a3z-22fe-48d1-ab9e-18e4a5b91c
-  creationTimestamp: "2020-03-02T06:40:31Z"
-  managedFields:
-  - apiVersion: v1
-    fieldsType: FieldsV1
-    fieldsV1:
-      f:data:
-        .: {}
-        f:ca.crt: {}
-        f:namespace: {}
-        f:token: {}
-      f:metadata:
-        f:annotations:
-          .: {}
-          f:kubernetes.io/service-account.name: {}
-          f:kubernetes.io/service-account.uid: {}
-      f:type: {}
-    manager: kube-controller-manager
-    operation: Update
-    time: "2020-03-02T06:40:31Z"
-  name: default-token-bl8ra
-  namespace: default
-  resourceVersion: "278"
-  selfLink: /api/v1/namespaces/default/secrets/default-token-bl8ra
-  uid: e6d8b21b-2e3a-4606-98za-54fb44fdc
+   annotations:
+      kubernetes.io/service-account.name: default
+      kubernetes.io/service-account.uid: e1414a3z-22fe-48d1-ab9e-18e4a5b91c
+   creationTimestamp: '2020-03-02T06:40:31Z'
+   managedFields:
+      - apiVersion: v1
+        fieldsType: FieldsV1
+        fieldsV1:
+           f:data:
+              .: {}
+              f:ca.crt: {}
+              f:namespace: {}
+              f:token: {}
+           f:metadata:
+              f:annotations:
+                 .: {}
+                 f:kubernetes.io/service-account.name: {}
+                 f:kubernetes.io/service-account.uid: {}
+           f:type: {}
+        manager: kube-controller-manager
+        operation: Update
+        time: '2020-03-02T06:40:31Z'
+   name: default-token-bl8ra
+   namespace: default
+   resourceVersion: '278'
+   selfLink: /api/v1/namespaces/default/secrets/default-token-bl8ra
+   uid: e6d8b21b-2e3a-4606-98za-54fb44fdc
 type: kubernetes.io/service-account-token

tests/util.ts

@@ -4,4 +4,4 @@
  * @returns Error with explanation message
  */
 export const getRequiredInputError = (inputName) =>
-  Error(`Input required and not supplied: ${inputName}`);
+   Error(`Input required and not supplied: ${inputName}`)

tsconfig.json

@@ -1,8 +1,15 @@
-{
-  "compilerOptions": {
-    "target": "ES6",
-    "module": "commonjs",
-    "esModuleInterop": true
-  },
-  "exclude": ["node_modules", "tests", "src/**/*.test.ts"]
-}
+{
+   "compilerOptions": {
+      "baseUrl": ".",
+      "module": "ESNext", // or "NodeNext" depending on your setup
+      "moduleResolution": "node",
+      "esModuleInterop": true,
+      "allowSyntheticDefaultImports": true,
+      "skipLibCheck": true,
+      "paths": {
+         "@actions/core": ["node_modules/@actions/core"],
+         "@kubernetes/client-node": ["node_modules/@kubernetes/client-node"]
+      }
+   },
+   "exclude": ["node_modules", "tests", "src/**/*.test.ts"]
+}