actions/secretsmanager
4
0
Fork 0
Code Issues Pull requests 1 Projects Releases 10 Packages Wiki Activity Actions
No description
12 commits 2 branches 10 tags 313 KiB
Find a file
Marcel S. Henselin 3c562f3d63
All checks were successful
Release Secrets Manager Action / build (push) Successful in 1m16s
Details
feat: directly put values into pipeline
2026-05-13 11:38:42 +02:00
.forgejo/workflows feat: directly put values into pipeline 2026-05-13 11:38:42 +02:00
config feat: env file loading support 2026-05-13 09:51:04 +02:00
secretsmanager feat: directly put values into pipeline 2026-05-13 11:22:30 +02:00
.gitignore feat: env file loading support 2026-05-13 09:51:04 +02:00
action.yml feat: directly put values into pipeline 2026-05-13 11:22:30 +02:00
go.mod feat: directly put values into pipeline 2026-05-13 11:25:53 +02:00
go.sum feat: directly put values into pipeline 2026-05-13 11:25:53 +02:00
main.go feat: directly put values into pipeline 2026-05-13 11:22:30 +02:00
main_test.go feat: directly put values into pipeline 2026-05-13 11:22:30 +02:00
README.md fix: some errorhandling corrections 2026-05-13 08:37:55 +02:00

README.md

STACKIT Secrets Manager Action

parameters

parameter description default
vault_addr Secrets Manager Base URL https://prod.sm.eu01.stackit.cloud
vault_id Your Secrets Manager ID, looks something like this: 6d9060fd-59b4-4dda-9106-b2dbe88acf65 -
vault_username Your Secrets Manager Username, looks something like this: sms96o170771ttt6 -
vault_password Your Secrets Manager Password, a random generated password provided by the STACKIT Portal -
vault_path The Path to your Secret can be some like this: "test" or "folder/test" -
debug true or false, enable or disable Debug Logging false
version version of action, default says v0 but it should be the same as in the git ref. See releases. v0

usage

In this example we assume that there is a Secret on Path "${{ secrets.VAULT_PATH}}" and there is a KVSecret named "test". In the "Output secret" step we output KVSecret "test" mentioned above. We access the outputs of the secrets step.

Keep in mind to set an id on the actions step and use that to reference the outputted secrets.

name: Secrets Manager Action

on:
  push:
  workflow_dispatch:

jobs:
  get-vault-secrets:
    runs-on: docker
    # here we can also define outputs for use in other stages
    # keep in mind that other "stages" need to define a "needs" for this job
    outputs:
      # here i use our example secret "test"
      test: ${{ steps.fetch-secrets.outputs.test }}
    steps:
      - name: Fetch secrets from STACKIT Secrets Manager
        id: secrets
        uses: https://stackit-solutions.git.onstackit.cloud/actions/secretsmanager@v0
        with:
          # vault_addr: 'https://prod.sm.eu01.stackit.cloud'   # Optional - uses default STACKIT endpoint
          vault_id: ${{ secrets.VAULT_ID }}                    # Your Secrets Manager ID
          vault_username: ${{ secrets.VAULT_USERNAME }}        # Your STACKIT Secrets Manager username
          vault_password: ${{ secrets.VAULT_PASSWORD }}        # Your STACKIT Secrets Manager password
          vault_path: ${{ secrets.VAULT_PATH }}                # The secret key/path in your Secrets Manager
          debug: false                                         # Set to 'true' for debug logging
          version: v0                                          # Optional - here you can override the binary download version

      - name: Output secret
        run: |
          echo ${{ steps.secrets.outputs.test}}