Exposes JWT logging as an input parameter

emmanuelm41 · emmanuelm41 · commit c921b7cb81f0 · 2025-08-08T15:16:13.000-03:00
Allows users to control whether JWT token information is logged, providing flexibility for debugging and security considerations.

This change introduces a new input parameter `log_jwt_info` to the workflow, enabling users to enable or disable JWT logging based on their needs.
diff --git a/.github/workflows/_pulumi-wif.yaml b/.github/workflows/_pulumi-wif.yaml
@@ -57,6 +57,11 @@ on:
         required: false
         type: string
         default: "latest"
+      log_jwt_info:
+        description: 'Log JWT token information for debugging'
+        required: false
+        type: boolean
+        default: true
     secrets:
       app_id:
         description: "GitHub App ID"
@@ -101,7 +106,7 @@ jobs:
           workload_identity_provider: ${{ inputs.workload-identity-provider }}
           project_id: ${{ inputs.project-id }}
           gcloud_components: "beta"
-          log_jwt_info: true
+          log_jwt_info: ${{ inputs.log_jwt_info }}
 
       ## GCP access should be ready
 
