-
Notifications
You must be signed in to change notification settings - Fork 41
Handling dynamic key names #24
Comments
This would also be helpful in (or enable) cases getting different secrets in a matrix job |
I made a quick change locally that has been tested and solves this issue Gist changes (for copy+paste): https://gist.github.com/joseph-flinn/c940392463964b6139df4325b471c8ad Unfortunately, I don't have the bandwidth to follow through and really dig into how this action is setup with support for the AzureStack to put in a PR. During my testing, |
This issue is idle because it has been open for 14 days with no activity. |
Another workaround is that we can use square brackets to access the dynamic secrets Hope this helps someone! |
This issue is idle because it has been open for 14 days with no activity. |
I frequently use dynamically changing key names, for example from configuration files, to get secrets from KeyVault. While resolving the key itself works totally fine, the problem lies in the output and how the value is accessible.
The output key for the value equals the the input key. This is not a problem if you know the key name before by statically assigning it, but it causes a problem when using a dynamic value as a key since there is no way (I am aware of), to reference such a value directly.
See this minimal example
In the example shown above, the name of the environment variable or the step output is now based on the value of the evaluated ${{ steps.prepare.outputs.env_username }} expression, in order to access the value you'd need a nested syntax which is not possible as far as I understood.
Working around that is relatively easy using the az CLI and saving the output to a file or statically assigned variable name, but it hurts the readability and maintainability of the pipeline using an otherwise perfectly working action. I'm not sure if its common to encounter that issue, but I think it would be great to accommodate such use cases.
The best way I found to implement that in a non breaking way would be to let the user optionally pass a variable name for a given value that is used to override the automatically generated one, for example by separating the value by a char like
:
.Am I missing something with my approach or is this actually not possible with the current implementation?
The text was updated successfully, but these errors were encountered: