wesley/load-secrets-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature: enable loading 1password secrets from file

Browse Source 
Signed-off-by: Willi Carlsen <carlsenwilli@gmail.com>
This commit is contained in:
Willi Carlsen
2025-09-01 17:05:11 +02:00
parent 2c12b97549
commit d11f2d1dac
3 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -39,6 +39,7 @@ jobs:
env: env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
SECRET: op://app-cicd/hello-world/secret SECRET: op://app-cicd/hello-world/secret
OP_ENV_FILE: "path/to/.env.tpl"
- name: Print masked secret - name: Print masked secret
run: 'echo "Secret: ${{ steps.load_secrets.outputs.SECRET }}"' run: 'echo "Secret: ${{ steps.load_secrets.outputs.SECRET }}"'
@@ -63,6 +64,7 @@ jobs:
env: env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
SECRET: op://app-cicd/hello-world/secret SECRET: op://app-cicd/hello-world/secret
OP_ENV_FILE: "path/to/.env.tpl"
- name: Print masked secret - name: Print masked secret
run: 'echo "Secret: $SECRET"' run: 'echo "Secret: $SECRET"'

1
src/constants.ts
View File

@@ -2,5 +2,6 @@ export const envConnectHost = "OP_CONNECT_HOST";
export const envConnectToken = "OP_CONNECT_TOKEN"; export const envConnectToken = "OP_CONNECT_TOKEN";
export const envServiceAccountToken = "OP_SERVICE_ACCOUNT_TOKEN"; export const envServiceAccountToken = "OP_SERVICE_ACCOUNT_TOKEN";
export const envManagedVariables = "OP_MANAGED_VARIABLES"; export const envManagedVariables = "OP_MANAGED_VARIABLES";
export const envFilePath = "OP_ENV_FILE";
export const authErr = `Authentication error with environment variables: you must set either 1) ${envServiceAccountToken}, or 2) both ${envConnectHost} and ${envConnectToken}.`; export const authErr = `Authentication error with environment variables: you must set either 1) ${envServiceAccountToken}, or 2) both ${envConnectHost} and ${envConnectToken}.`;

10
src/index.ts
View File

@@ -2,6 +2,9 @@ import * as core from "@actions/core";
import { validateCli } from "@1password/op-js"; import { validateCli } from "@1password/op-js";
import { installCliOnGithubActionRunner } from "op-cli-installer"; import { installCliOnGithubActionRunner } from "op-cli-installer";
import { loadSecrets, unsetPrevious, validateAuth } from "./utils"; import { loadSecrets, unsetPrevious, validateAuth } from "./utils";
import {
envFilePath,
} from "./constants";
const loadSecretsAction = async () => { const loadSecretsAction = async () => {
try { try {
@@ -20,6 +23,13 @@ const loadSecretsAction = async () => {
// Download and install the CLI // Download and install the CLI
await installCLI(); await installCLI();
// Set environment variables from OP_ENV_FILE
const file = process.env[envFilePath];
if (file) {
core.info(`Loading environment variables from file: ${file}`);
process.loadEnvFile(file)
}
// Load secrets // Load secrets
await loadSecrets(shouldExportEnv); await loadSecrets(shouldExportEnv);
} catch (error) { } catch (error) {