Timo Bergen
96232d6de3
All checks were successful
Release Secrets Manager Action / build (push) Successful in 42s
53 lines
No EOL
1.7 KiB
YAML
53 lines
No EOL
1.7 KiB
YAML
name: STACKIT Secrets Manager Secret Fetcher
|
|
description: Connects to Secrets Manager using a Go app, gets all secrets under a path, and outputs them.
|
|
|
|
inputs:
|
|
go_version:
|
|
description: The version of Go to use for building the application.
|
|
required: false
|
|
default: 1.24.x
|
|
vault_addr:
|
|
description: You could optionally override the address.
|
|
required: false
|
|
vault_id:
|
|
description: The ID of your Secrets Manager Instance.
|
|
required: true
|
|
vault_username:
|
|
description: The Vault username to use for authentication.
|
|
required: true
|
|
vault_password:
|
|
description: The Vault password to use for authentication.
|
|
vault_path:
|
|
description: The path in Vault where the secrets are stored (e.g., secret/data/my-app).
|
|
required: true
|
|
debug:
|
|
description: Turn on debugging logs.
|
|
required: false
|
|
default: false
|
|
version:
|
|
description: The version of the action.
|
|
required: false
|
|
default: 'v0'
|
|
|
|
outputs:
|
|
secrets:
|
|
description: A JSON object string containing all the fetched secrets.
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Run SecretsManager Action
|
|
id: secrets
|
|
run: |
|
|
wget ${{ env.ACTION_URL }}/releases/download/${{ inputs.version }}/action-secretsmanager
|
|
chmod +x action-secretsmanager
|
|
./action-secretsmanager >> $GITHUB_OUTPUT
|
|
shell: bash
|
|
env:
|
|
VAULT_ADDR: ${{ inputs.vault_addr }}
|
|
VAULT_ID: ${{ inputs.vault_id }}
|
|
VAULT_USERNAME: ${{ inputs.vault_username }}
|
|
VAULT_PASSWORD: ${{ inputs.vault_password }}
|
|
VAULT_PATH: ${{ inputs.vault_path }}
|
|
DEBUG: ${{ inputs.debug }}
|
|
ACTION_URL: https://stackit-solutions.git.onstackit.cloud/actions/secretsmanager |