Skip to content
This repository has been archived by the owner on Jan 5, 2022. It is now read-only.

Latest commit

 

History

History
 
 

gcp-secret-manager

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
dist
dist
 
 
src
src
 
 
test
test
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

README.md

gcp-secret-manager

This GitHub Action can be used to access secrets in Google Cloud Secret Manager in your GitHub Actions Workflow.

The action takes a key-value pair of environment variables mapped to secret names. It will populate all the environment variables with the secret value and make them available in subsequent steps.

Usage

See action.yml.

Secrets

This action requires a GCP service account key with permission to access secret payloads. Once created, the JSON key should be base64 encoded and added as secret in the GitHub repository.

It is recommended that the service account only has permissions to access secrets. Do not allow modifications or access to any other resources in your project.

Available Secrets

Extenda Retail's pipeline secrets are documented on the GPC Pipeline Secrets Confluence page.

If you miss a secret, reach out to the platform team.

Examples

Basic Usage

on: push

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1

    - uses: extenda/actions/gcp-secret-manager@v0
      with:
        service-account-key: ${{ secrets.SECRET_AUTH }}
        secrets: |
          NEXUS_PASSWORD: nexus-password
          NEXUS_USERNAME: nexus-username