Merge pull request #62 from jitsecurity-controls/sc-23590-jit-github-…

…action-retry-every-error-when

Update retry-curl.sh

action.yml

@@ -36,22 +36,31 @@ runs:
         ref: main
         path: ./.github/actions/jit-github-action
 
+    - name: Install OIDC Client from Core Package
+      shell: bash
+      run: npm install @actions/core@1.6.0 @actions/http-client
+
+    - name: Get OIDC Token
+      uses: actions/github-script@v6
+      id: get-oidc-token-from-github
+      with:
+        script: |
+          const actionCore = require('@actions/core')
+          const { execSync } = require('child_process');
+          try {
+            const OIDC_TOKEN = await actionCore.getIDToken()
+            actionCore.setOutput('OIDC_TOKEN', OIDC_TOKEN)
+          } catch (error) {
+            actionCore.error('Failed to get OIDC Token from github servers: ' + error)
+            execSync('exit 100');
+          }
+
     - id: oidc-auth
       shell: bash
+      env:
+        OIDC_TOKEN: ${{ steps.get-oidc-token-from-github.outputs.OIDC_TOKEN }}
       run: |
-        source ./.github/actions/jit-github-action/retry-curl.sh
-        OIDC_TOKEN_RESPONSE=$(retry_curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL")
-        OIDC_TOKEN_RESPONSE_CODE=${OIDC_TOKEN_RESPONSE: -3}
-        echo "Calling Github OIDC Auth endpoint returned with response_code=$OIDC_TOKEN_RESPONSE_CODE"
-        
-        if [ $OIDC_TOKEN_RESPONSE_CODE = 200 ]; then
-          OIDC_TOKEN_RESPONSE_BODY=${OIDC_TOKEN_RESPONSE:0:${#OIDC_TOKEN_RESPONSE}-3}
-          OIDC_TOKEN=$(echo $OIDC_TOKEN_RESPONSE_BODY | jq -r '.value')
-        else
-          echo "Got fatal error when calling github oidc"
-          exit 100
-        fi
-        
+        source ./.github/actions/jit-github-action/retry-curl.sh      
         AUTH_RESPONSE=$(retry_curl \
             -X POST \
             -H "Authorization: Bearer $OIDC_TOKEN" \