This is a GitHub Action to replace placeholders in files with values from secrets or key vaults.
This action uses go text file templating and replace values in files with secrets taken from other step or repo secrets.
name: My Workflow
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Run action
uses: CezaryTarnowski-TomTom/gha-inject-secrets-into-file@v1
with:
secrets: ${{ toJson(secrets) }}
- run: |
echo .env| Input | Description |
|---|---|
secrets |
A JSON with secrets to use as replacement |
file (optional) |
Name of the input file a go text template to have secrets replaced with values form secrets JSON (default .env) |
output (optional) |
The file name of the output by default it would be the same as input file - it would get overwritten |
The file to be processed is using the go text template
No direct output apart from file with replaced placeholders
This is how to use the action with Azure Key Vault.
steps:
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: Azure/get-keyvault-secrets@v1
with:
keyvault: "MyKeyVault"
secrets: '*'
id: kv
- uses: CezaryTarnowski-TomTom/gha-inject-secrets-into-file@v1
with:
secrets: ${{ toJson(steps.kv.outputs) }}SOME_VALUE={{ index . "my-secret" }}
OTHER_VALUE={{ .otherSecret }}
NOTE: for variable names that contains dash/hyphen you need to use special syntax with index function. It is not possible to use {{ .name-with-hyphen }} as hyphen has a special meaning in the go template syntax.