CI Credentials Validation: correct condition for non-string type and add tests

tools/ci_credentials/ci_credentials/secrets_loader.py

@@ -145,7 +145,7 @@ def mask_secrets_from_action_log(self, key, value):
                 for pattern in MASK_KEY_PATTERNS:
                     if re.search(pattern, key):
                         self.logger.info(f"Add mask for key: {key}")
-                        for line in value.splitlines():
+                        for line in str(value).splitlines():
                             line = str(line).strip()
                             # don't output } and such
                             if len(line) > 1 and not os.getenv("VERSION") == "dev":

tools/ci_credentials/tests/test_secrets.py

@@ -3,6 +3,7 @@
 import re
 import shutil
 import tempfile
+import sys
 from pathlib import Path
 from unittest.mock import patch
 
@@ -166,3 +167,17 @@ def test_write(connector_name, secrets, expected_files):
                 has = True
                 break
         assert has, f"incorrect file data: {target_file}"
+
+
+@pytest.mark.parametrize(
+    "connector_name,dict_json_value,expected_secret",
+    (
+            ("source-default", "{\"org_id\": 111}", "::add-mask::111"),
+            ("source-default", "{\"org\": 111}", ""),
+    )
+)
+def test_validate_mask_values(connector_name, dict_json_value, expected_secret, capsys):
+    loader = SecretsLoader(connector_name=connector_name, gsm_credentials={})
+    json_value = json.loads(dict_json_value)
+    loader.mask_secrets_from_action_log(None, json_value)
+    assert expected_secret in capsys.readouterr().out