conjur-demo-api-key.yml

name: Test get secrets from conjur
on:
  push:
    branches: [ "master" ]
  pull_request:
    branches: [ "master" ]
jobs:
  get_secrets:
    runs-on: ubuntu-latest
    steps:
      - env:
          CONJUR_URL: https://ec2-54-77-71-101.eu-west-1.compute.amazonaws.com
          CONJUR_API_KEY: 2x9n1s33pex8hm1429nsh3gvzrvs2sqmxjx1mw9je8150d0dj116sb0k
          CONJUR_ACCOUNT: cybrlab
          CONJUR_HOST: host%2Fgithub%2Fapps%2Fconjur-demo
          SECRET_ID: github%2Fapps%2Fsafe%2Fsecret2%20windows
        run: |
          conjur_url=${{ env.CONJUR_URL }}
          conjur_pass=${{ env.CONJUR_API_KEY }}
          conjur_account=${{ env.CONJUR_ACCOUNT }}
          conjur_host=${{ env.CONJUR_HOST }}
          secret_id=${{ env.SECRET_ID }}
          if [ -n "$DEBUG" ] ; then
            echo "Value: $conjur_url" | sed 's/./& /g'
            echo "Value: $conjur_pass" | sed 's/./& /g'
            echo "Value: $conjur_account" | sed 's/./& /g'
            echo "Value: $conjur_host" | sed 's/./& /g'
            echo "Value: $secret_id" | sed 's/./& /g'
          fi

          # Authenticate against conjur, get a temporary token
          token=$(curl -k -s --header "Accept-Encoding: base64" --data "$conjur_pass" "$conjur_url"/authn/"$conjur_account"/"$conjur_host"/authenticate)
          # Connect to the Conjur/Conjur REST API to retrieve secret value"
          secret_value=$(curl -k -s --header "Authorization: Token token=\"$token\"" "$conjur_url/secrets/$conjur_account/variable/$secret_id")

          echo " "
          echo "---- Retrieving Secret Value -----------"
          echo "ID: $secret_id"
          echo "Value: $secret_value"
          echo "----------------------------------------"
          echo " "