Enable using loaded secrets from step's output
This commit is contained in:
Eddy Filip
@@ -8,6 +8,9 @@ inputs:
|
|||||||
unset-previous:
|
unset-previous:
|
||||||
description: Whether to unset environment variables populated by 1Password in earlier job steps
|
description: Whether to unset environment variables populated by 1Password in earlier job steps
|
||||||
default: false
|
default: false
|
||||||
|
export-env:
|
||||||
|
description: Export the secrets as environment variables
|
||||||
|
default: false
|
||||||
runs:
|
runs:
|
||||||
using: 'node12'
|
using: 'node12'
|
||||||
main: 'dist/index.js'
|
main: 'dist/index.js'
|
||||||
|
|||||||
@@ -62,6 +62,7 @@ for env_var in $(op env ls); do
|
|||||||
done
|
done
|
||||||
unset IFS
|
unset IFS
|
||||||
|
|
||||||
|
if [ "$INPUT_EXPORT_ENV" == "true" ]; then
|
||||||
# To support multiline secrets, we'll use the heredoc syntax to populate the environment variables.
|
# To support multiline secrets, we'll use the heredoc syntax to populate the environment variables.
|
||||||
# As the heredoc identifier, we'll use a randomly generated 64-character string,
|
# As the heredoc identifier, we'll use a randomly generated 64-character string,
|
||||||
# so that collisions are practically impossible.
|
# so that collisions are practically impossible.
|
||||||
@@ -75,6 +76,14 @@ for env_var in $(op env ls); do
|
|||||||
} >> $GITHUB_ENV
|
} >> $GITHUB_ENV
|
||||||
|
|
||||||
managed_variables+=("$env_var")
|
managed_variables+=("$env_var")
|
||||||
|
|
||||||
|
else
|
||||||
|
# Prepare the secret_value to be outputed properly (especially multiline secrets)
|
||||||
|
secret_value=$(echo "$secret_value" | awk -v ORS='%0A' '1')
|
||||||
|
|
||||||
|
echo "::set-output name=$env_var::$secret_value"
|
||||||
|
fi
|
||||||
|
|
||||||
done
|
done
|
||||||
unset IFS
|
unset IFS
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user