Skip to content
/ mask-sops-values-action Public

A simple GitHub Composite Action that adds every value found in a SOPS file as masked values to the current job.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mmichaelb/mask-sops-values-action

BranchesTags

Repository files navigation

Mask SOPS Values Action

A simple GitHub Composite Action that adds every value found in a SOPS file as masked values to the current job. Useful if you manage secrets inside a SOPS file and not inside GitHub Action Secrets variables.

Inputs

sops-file

Required The path to the SOPS file that should be used for masking.

sops-age-key

Required The age key that should be used for decrypting the SOPS file.

Example usage

- name: Add masks for sops values
  uses: mmichaelb/mask-sops-values-action@v1
  with:
    sops-file: ./secrets.json
    sops-age-key: ${{ secrets.SOPS_AGE_KEY }}

Limitations

  • only tested with strings inside json sops files

  • at the moment, only SOPS files using age encryption/decryption are supported

Warning
 Event though this GitHub action seems to mask all values there is no guarantee that sensitive values will still be printed in the GitHub Actions log. Please use this action with caution and test it thoroughly before using it with production secrets.

About

A simple GitHub Composite Action that adds every value found in a SOPS file as masked values to the current job.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 Latest
Sep 19, 2023
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •