Add option to export secrets as environment variables. (#289)

<!--
Thank you for proposing a pull request! Please note that SOME TESTS WILL
LIKELY FAIL due to how GitHub exposes secrets in Pull Requests from
forks.
Someone from the team will review your Pull Request and respond.

Please describe your change and any implementation details below.
-->

**This adds an option to export the secrets as environment variables.**

We need this, because we are migrating from using our own custom action
for fetching secrets and our old action would directly export the
secrets as environment variables, so to be able to maintain API
compatibility, we need this action to be able to do the same. Otherwise
we would have to make significant changes to our workflows to enable the
migration.

For others, this will be convenient, as most secrets you fetch will end
up in an environment variable anyway. This removes the need for the
manual step of putting the output from this action as an environment
variable in the step where it is used.

As per my implementation, the feature is disabled by default and needs
to be enabled to be used, which means that it is fully backwards
compatible and will not affect users that don't want to use this
feature.

I've tested it in one of our pipelines and it is working fine. I've also
run linting and tests locally, without any errors or failures.

action.yml

@@ -34,6 +34,13 @@ inputs:
     required: false
     default: '4'
 
+  export_to_environment:
+    description: |-
+      This makes the fetched secrets available as environment variables. The
+      secrets will still be available as output, if you enable this.
+    required: false
+    default: false
+
 branding:
   icon: 'lock'
   color: 'blue'

src/main.ts

@@ -14,8 +14,8 @@
  * limitations under the License.
  */
 
-import { getInput, setFailed, setOutput, setSecret } from '@actions/core';
-import { errorMessage } from '@google-github-actions/actions-utils';
+import { exportVariable, getInput, setFailed, setOutput, setSecret } from '@actions/core';
+import { errorMessage, parseBoolean } from '@google-github-actions/actions-utils';
 
 import { Client } from './client';
 import { parseSecretsRefs } from './reference';
@@ -32,6 +32,9 @@ async function run(): Promise<void> {
     // Get the minimum mask length.
     const minMaskLength = parseInt(getInput('min_mask_length'));
 
+    // Get the setting for whether to export secrets as environment variables.
+    const exportEnvironment = parseBoolean(getInput('export_to_environment'));
+
     // Create an API client.
     const client = new Client();
 
@@ -54,6 +57,10 @@ async function run(): Promise<void> {
       });
 
       setOutput(ref.output, value);
+
+      if (exportEnvironment) {
+        exportVariable(ref.output, value);
+      }
     }
   } catch (err) {
     const msg = errorMessage(err);