r-freeman/workflow-with-secrets
1
0
Fork 0
mirror of https://github.com/r-freeman/workflow-with-secrets.git synced 2024-11-11 11:55:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

update README
All checks were successful
Decrypt Secrets / DecryptSecrets (push) Successful in 3s
Details

Browse Source
This commit is contained in:
Ryan Freeman 2024-08-20 22:46:52 +01:00
parent ed014c671f
commit 973e2f37bb
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -1,5 +1,14 @@
## Workflow with secrets ## Workflow with secrets
Useful Gitea workflow for safe decryption of secrets in a .env which might contain sensitive data such usernames, Useful Gitea workflow for safe decryption of secrets in a .env which might contain sensitive data such usernames,
passwords, API keys and so on. A good use case for this workflow is to use it to provide decrypted environment variables at passwords, API keys, database connection strings and so on. A good use case for this workflow is to use it to provide decrypted
runtime to a docker container. For example, `docker run --env-file ./.env ubuntu bash`. environment variables at runtime to a docker container. For example, `docker run --env-file ./.env ubuntu bash`.
### How to use
Clone or fork the repo and create a .env file containing key/value pairs of environment variables. For
example, `SUPER_SECRET_PASSWORD=bzdBkRzh4F7UYWx5KXjw3TBm`. Then encrypt the .env with `gpg --symmetric --cipher-algo AES256 .env`
choose a passphrase and keep note of it. Make sure to commit and push the encrypted .env.gpg file.
On the Gitea side, go to Settings > Actions > Secrets and create a new secret called SECRET_PASSPHRASE and set it to your
passphrase.