From 8709f591b323696d83bf4c0cb6f810623891dfd8 Mon Sep 17 00:00:00 2001
From: "Trez.One" <charish.patel@trez.wtf>
Date: Sat, 18 Oct 2025 07:30:39 -0400
Subject: [PATCH] Token auth.

---
 action.yml | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/action.yml b/action.yml
index b78bcec..6dafca9 100644
--- a/action.yml
+++ b/action.yml
@@ -14,13 +14,21 @@ inputs:
     description: "Vault url"
     required: true
 
+  HC_VAULT_AUTH:
+    description: "Specify preferred login method, e.g. token, userpass, etc."
+    required: true
+
   HC_VAULT_USERNAME:
     description: "Vault login username"
-    required: true
+    required: false
 
   HC_VAULT_PASSWORD:
     description: "Vault login password"
-    required: true
+    required: false
+
+  HC_VAULT_TOKEN:
+    description: "Token for logging into and reading from Hashicorp Vault."
+    required: false
 
   HC_VAULT_SECRETS_PATH:
     description: "Vault secrets path"
@@ -44,6 +52,7 @@ runs:
 
     - name: Login to Hashicorp Vault with userpass
       shell: bash
+      if: contains(inputs.HC_VAULT_AUTH,'userpass')
       env:
         VAULT_ADDR: ${{ inputs.HC_VAULT_ADDR }}
         VAULT_SKIP_VERIFY: "true"
@@ -54,6 +63,17 @@ runs:
           username=${{ inputs.HC_VAULT_USERNAME }} \
           password=${{ inputs.HC_VAULT_PASSWORD }}
 
+    - name: Login to Hashicorp Vault with token
+      shell: bash
+      if: contains(inputs.HC_VAULT_AUTH,'token') || 
+      env:
+        VAULT_ADDR: ${{ inputs.HC_VAULT_ADDR }}
+        VAULT_SKIP_VERIFY: "true"
+      run: |
+        vault login \
+          -no-print \
+          -method=token
+
     - name: Create env-file from Hashicorp Vault config
       shell: bash
       env: