This action will unseal your HashiCorp Vault Server.
This example unseals your Vault server periodically every hour.
name: Unseal Vault Server Every Hour
on:
schedule:
- cron: '0 * * * *'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Unseal Vault Server
uses: omegion/vault-unseal-action@v1
with:
address: "vault.example.com"
shard1: ${{ secrets.VAULT_SHARD_1 }}
shard2: ${{ secrets.VAULT_SHARD_2 }}
shard3: ${{ secrets.VAULT_SHARD_3 }}
image: latest
Input | Description |
---|---|
address |
Vault server address. |
shard1 |
Vault shard. |
shard2 |
Vault shard. |
shard3 |
Vault shard. |
image |
vault-unseal image (default: latest). |
You can run a periodic GitHub action to be sure your Vault server is always unsealed.
name: Unseal Vault Server Every Hour
on:
schedule:
- cron: '0 * * * *'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Unseal Vault Server
uses: omegion/vault-unseal-action@v1
with:
address: ${{ secrets.VAULT_ADDR }}
shard1: ${{ secrets.VAULT_SHARD_1 }}
shard2: ${{ secrets.VAULT_SHARD_2 }}
shard3: ${{ secrets.VAULT_SHARD_3 }}
image: latest
To publish a new version of this Action you need to change the image
input according to vault-unseal
releases