From 443ae925ab02f7c67aee0a3b6392247d0743c317 Mon Sep 17 00:00:00 2001
From: Seth Vargo <seth@sethvargo.com>
Date: Thu, 23 Dec 2021 11:39:54 -0500
Subject: [PATCH] bug: only cleanup credentials if credentials were created
 (#96)

---
 README.md          |  4 ++--
 action.yml         |  5 +++--
 dist/post/index.js | 11 +++++++++--
 src/post.ts        | 14 +++++++++++---
 4 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 0a3d9c0..31e4819 100644
--- a/README.md
+++ b/README.md
@@ -193,8 +193,8 @@ regardless of the authentication mechanism.
     delegates.
 
 -   `cleanup_credentials`: (Optional) If true, the action will remove any
-    generated credentials from the filesystem upon completion. The default is
-    true.
+    created credentials from the filesystem upon completion. This only applies
+    if "create_credentials_file" is true. The default is true.
 
 ## Outputs
 
diff --git a/action.yml b/action.yml
index 92b0f5f..7975fd4 100644
--- a/action.yml
+++ b/action.yml
@@ -73,8 +73,9 @@ inputs:
     required: false
   cleanup_credentials:
     description: |-
-      If true, the action will remove any generated credentials from the
-      filesystem upon completion.
+      If true, the action will remove any created credentials from the
+      filesystem upon completion. This only applies if "create_credentials_file"
+      is true.
     default: true
     required: false
 
diff --git a/dist/post/index.js b/dist/post/index.js
index 7b2536e..e30c749 100644
--- a/dist/post/index.js
+++ b/dist/post/index.js
@@ -1587,8 +1587,14 @@ const actions_utils_1 = __nccwpck_require__(308);
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
+            const createCredentials = (0, core_1.getBooleanInput)('create_credentials_file');
+            if (!createCredentials) {
+                (0, core_1.info)(`Skipping credential cleanup - "create_credentials_file" is false.`);
+                return;
+            }
             const cleanupCredentials = (0, core_1.getBooleanInput)('cleanup_credentials');
             if (!cleanupCredentials) {
+                (0, core_1.info)(`Skipping credential cleanup - "cleanup_credentials" is false.`);
                 return;
             }
             // Look up the credentials path, if one exists. Note that we only check the
@@ -1597,15 +1603,16 @@ function run() {
             // another environment variable manually.
             const credentialsPath = process.env['GOOGLE_GHA_CREDS_PATH'];
             if (!credentialsPath) {
+                (0, core_1.info)(`Skipping credential cleanup - $GOOGLE_GHA_CREDS_PATH is not set.`);
                 return;
             }
             // Remove the file.
             const removed = yield (0, actions_utils_1.removeFile)(credentialsPath);
             if (removed) {
-                (0, core_1.info)(`Removed exported credentials at ${credentialsPath}`);
+                (0, core_1.info)(`Removed exported credentials at "${credentialsPath}".`);
             }
             else {
-                (0, core_1.info)('No exported credentials found');
+                (0, core_1.info)(`No exported credentials were found at "${credentialsPath}".`);
             }
         }
         catch (err) {
diff --git a/src/post.ts b/src/post.ts
index f8efaff..8a29aa3 100644
--- a/src/post.ts
+++ b/src/post.ts
@@ -8,8 +8,15 @@ import { errorMessage, removeFile } from '@google-github-actions/actions-utils';
  */
 export async function run(): Promise<void> {
   try {
-    const cleanupCredentials: boolean = getBooleanInput('cleanup_credentials');
+    const createCredentials = getBooleanInput('create_credentials_file');
+    if (!createCredentials) {
+      logInfo(`Skipping credential cleanup - "create_credentials_file" is false.`);
+      return;
+    }
+
+    const cleanupCredentials = getBooleanInput('cleanup_credentials');
     if (!cleanupCredentials) {
+      logInfo(`Skipping credential cleanup - "cleanup_credentials" is false.`);
       return;
     }
 
@@ -19,15 +26,16 @@ export async function run(): Promise<void> {
     // another environment variable manually.
     const credentialsPath = process.env['GOOGLE_GHA_CREDS_PATH'];
     if (!credentialsPath) {
+      logInfo(`Skipping credential cleanup - $GOOGLE_GHA_CREDS_PATH is not set.`);
       return;
     }
 
     // Remove the file.
     const removed = await removeFile(credentialsPath);
     if (removed) {
-      logInfo(`Removed exported credentials at ${credentialsPath}`);
+      logInfo(`Removed exported credentials at "${credentialsPath}".`);
     } else {
-      logInfo('No exported credentials found');
+      logInfo(`No exported credentials were found at "${credentialsPath}".`);
     }
   } catch (err) {
     const msg = errorMessage(err);