action.yml

@@ -33,8 +33,23 @@ runs:
     - name: Unlock Vault
       shell: sh
       run: |
+        # Ensure Bitwarden is logged in
+        if ! bw login --check; then
           bw login --apikey
-        echo "BW_SESSION=$(bw unlock '${{ inputs.password }}' --raw)" >> $GITHUB_ENV
+        fi
+
+        # Unlock the vault and store the session key
+        BW_SESSION=$(bw unlock "${{ inputs.password }}" --raw)
+        
+        # Verify if BW_SESSION is set correctly
+        if [ -n "$BW_SESSION" ]; then
+          echo "BW_SESSION=$BW_SESSION" >> "$GITHUB_ENV"
+          export BW_SESSION
+          echo "✅ Vault unlocked successfully!"
+        else
+          echo "❌ Failed to unlock Bitwarden vault"
+          exit 1
+        fi
       env:
         BW_CLIENTID: ${{ inputs.client-id }}
         BW_CLIENTSECRET: ${{ inputs.client-secret }}
@@ -42,7 +57,6 @@ runs:
     - name: Retrieve Requested Secrets
       shell: sh
       run: |
-        # Convert comma-separated secrets into a list
         OLDIFS=$IFS
         IFS=','
         set -- ${{ inputs.secrets }}