Add option to export secrets as environment variables. #289
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
sethvargo
reviewed
May 20, 2024
There was a problem hiding this comment.
Hi @codiophile are you able to sign the Google CLA please? Also, we need to update the documentation with this new input. I would also prefer if the documentation clarified that the environment variable key is exactly the same as the output key.
This change seems mostly fine, but I am worried about feature sprawl. For example, I can see someone wanting to "uppercase" the secret names before exporting them, but I think we can handle those when they arise.
|
Thank you for your review. I signed the CLA and addressed the review comments, except the one about |
sethvargo
approved these changes
May 21, 2024
Merged
sethvargo
pushed a commit
that referenced
this pull request
May 21, 2024
## What's Changed * Add option to export secrets as environment variables. by @codiophile in #289 ## New Contributors * @codiophile made their first contribution in #289 **Full Changelog**: v2.1.1...7bc4830
renovate bot
referenced
this pull request
in valora-inc/dapp-list
May 24, 2024
…ction to v2.1.2 (#626) [](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [google-github-actions/get-secretmanager-secrets](https://togithub.com/google-github-actions/get-secretmanager-secrets) | action | patch | `v2.1.1` -> `v2.1.2` | --- ### Release Notes <details> <summary>google-github-actions/get-secretmanager-secrets (google-github-actions/get-secretmanager-secrets)</summary> ### [`v2.1.2`](https://togithub.com/google-github-actions/get-secretmanager-secrets/releases/tag/v2.1.2) [Compare Source](https://togithub.com/google-github-actions/get-secretmanager-secrets/compare/v2.1.1...v2.1.2) ##### What's Changed - Add option to export secrets as environment variables. by [@​codiophile](https://togithub.com/codiophile) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/289](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/289) - Release: v2.1.2 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/291](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/291) ##### New Contributors - [@​codiophile](https://togithub.com/codiophile) made their first contribution in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/289](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/289) **Full Changelog**: google-github-actions/get-secretmanager-secrets@v2.1.1...v2.1.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - "after 8:00 before 23:00 every weekday except on Friday" in timezone UTC. 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/valora-inc/dapp-list). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImdpdGh1Yi1hY3Rpb25zIiwicmVub3ZhdGUiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
github-merge-queue bot
referenced
this pull request
in valora-inc/wallet
Jun 1, 2024
…ction to v2 (#5509) [](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [google-github-actions/get-secretmanager-secrets](https://togithub.com/google-github-actions/get-secretmanager-secrets) | action | major | `v1.0.1` -> `v2.1.2` | `v2.1.3` | --- ### Release Notes <details> <summary>google-github-actions/get-secretmanager-secrets (google-github-actions/get-secretmanager-secrets)</summary> ### [`v2.1.2`](https://togithub.com/google-github-actions/get-secretmanager-secrets/releases/tag/v2.1.2) [Compare Source](https://togithub.com/google-github-actions/get-secretmanager-secrets/compare/v2.1.1...v2.1.2) ##### What's Changed - Add option to export secrets as environment variables. by [@​codiophile](https://togithub.com/codiophile) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/289](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/289) - Release: v2.1.2 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/291](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/291) ##### New Contributors - [@​codiophile](https://togithub.com/codiophile) made their first contribution in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/289](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/289) **Full Changelog**: google-github-actions/get-secretmanager-secrets@v2.1.1...v2.1.2 ### [`v2.1.1`](https://togithub.com/google-github-actions/get-secretmanager-secrets/releases/tag/v2.1.1) [Compare Source](https://togithub.com/google-github-actions/get-secretmanager-secrets/compare/v2.1.0...v2.1.1) ##### What's Changed - security: bump undici from 5.28.2 to 5.28.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/282](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/282) - security: bump undici from 5.28.3 to 5.28.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/284](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/284) - Retry GETs on error by [@​glasser](https://togithub.com/glasser) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/285](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/285) - Update deps by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/286](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/286) - Release: v2.1.1 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/287](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/287) ##### New Contributors - [@​glasser](https://togithub.com/glasser) made their first contribution in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/285](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/285) **Full Changelog**: google-github-actions/get-secretmanager-secrets@v2.1.0...v2.1.1 ### [`v2.1.0`](https://togithub.com/google-github-actions/get-secretmanager-secrets/releases/tag/v2.1.0) [Compare Source](https://togithub.com/google-github-actions/get-secretmanager-secrets/compare/v2.0.0...v2.1.0) ##### What's Changed - Update README and CI to use latest version by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/279](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/279) - Update deps by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/280](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/280) - Release: v2.1.0 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/281](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/281) **Full Changelog**: google-github-actions/get-secretmanager-secrets@v2...v2.1.0 ### [`v2.0.0`](https://togithub.com/google-github-actions/get-secretmanager-secrets/releases/tag/v2.0.0) [Compare Source](https://togithub.com/google-github-actions/get-secretmanager-secrets/compare/v1.0.1...v2.0.0) **:warning: This version requires Node 20 or later!** ##### What's Changed - dependabot: only do security updates by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/266](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/266) - update all deps by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/267](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/267) - Update deps to Node 20 by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/273](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/273) - Drop mocha and chai by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/274](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/274) - Add CI for release branches by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/275](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/275) - Update deps by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/276](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/276) - Release: v2.0.0 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/get-secretmanager-secrets/pull/278](https://togithub.com/google-github-actions/get-secretmanager-secrets/pull/278) **Full Changelog**: google-github-actions/get-secretmanager-secrets@v1...v2.0.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 5pm,every weekend" in timezone America/Los_Angeles, Automerge - "after 5pm,every weekend" in timezone America/Los_Angeles. 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/valora-inc/wallet). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNzcuOCIsInVwZGF0ZWRJblZlciI6IjM3LjM3Ny44IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJnaXRodWItYWN0aW9ucyIsInJlbm92YXRlIl19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds an option to export the secrets as environment variables.
We need this, because we are migrating from using our own custom action for fetching secrets and our old action would directly export the secrets as environment variables, so to be able to maintain API compatibility, we need this action to be able to do the same. Otherwise we would have to make significant changes to our workflows to enable the migration.
For others, this will be convenient, as most secrets you fetch will end up in an environment variable anyway. This removes the need for the manual step of putting the output from this action as an environment variable in the step where it is used.
As per my implementation, the feature is disabled by default and needs to be enabled to be used, which means that it is fully backwards compatible and will not affect users that don't want to use this feature.
I've tested it in one of our pipelines and it is working fine. I've also run linting and tests locally, without any errors or failures.