Timo Bergen
cc0c27a4e9
Some checks failed
Release Secrets Manager Action / build (push) Has been cancelled
59 lines
No EOL
1.7 KiB
YAML
59 lines
No EOL
1.7 KiB
YAML
name: STACKIT Secrets Manager Secret Fetcher
|
|
description: Connects to Secrets Manager using a Go app, gets all secrets under a path, and outputs them.
|
|
|
|
inputs:
|
|
go_version:
|
|
description: The version of Go to use for building the application.
|
|
required: false
|
|
default: 1.24.x
|
|
vault_addr:
|
|
description: You could optionally override the address.
|
|
required: false
|
|
vault_id:
|
|
description: The ID of your Secrets Manager Instance.
|
|
required: true
|
|
vault_username:
|
|
description: The Vault username to use for authentication.
|
|
required: true
|
|
vault_password:
|
|
description: The Vault password to use for authentication.
|
|
vault_path:
|
|
description: The path in Vault where the secrets are stored (e.g., secret/data/my-app).
|
|
required: true
|
|
debug:
|
|
description: Turn on debugging logs.
|
|
required: false
|
|
default: false
|
|
|
|
outputs:
|
|
secrets:
|
|
description: A JSON object string containing all the fetched secrets.
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ${{ inputs.go_version }}
|
|
|
|
- name: Check out action code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
repository: actions/secretsmanager
|
|
ref: main
|
|
github-server-url: https://stackit-solutions.git.onstackit.cloud
|
|
|
|
- name: Run Vault Fetcher and set output
|
|
id: secrets
|
|
run: |
|
|
go mod tidy
|
|
go run main.go >> $GITHUB_OUTPUT
|
|
shell: bash
|
|
env:
|
|
VAULT_ADDR: ${{ inputs.vault_addr }}
|
|
VAULT_ID: ${{ inputs.vault_id }}
|
|
VAULT_USERNAME: ${{ inputs.vault_username }}
|
|
VAULT_PASSWORD: ${{ inputs.vault_password }}
|
|
VAULT_PATH: ${{ inputs.vault_path }}
|
|
DEBUG: ${{ inputs.debug }} |