From b42c5f4f0f352913da82e2da55370e71f5ad7ac5 Mon Sep 17 00:00:00 2001 From: Ryan Freeman Date: Tue, 20 Aug 2024 21:45:11 +0100 Subject: [PATCH] first commit --- .env.gpg | 1 + .gitea/workflows/decrypt_secrets.yml | 18 ++++++++++++++++++ .gitignore | 2 ++ decrypt_secrets.sh | 6 ++++++ 4 files changed, 27 insertions(+) create mode 100644 .env.gpg create mode 100644 .gitea/workflows/decrypt_secrets.yml create mode 100644 .gitignore create mode 100644 decrypt_secrets.sh diff --git a/.env.gpg b/.env.gpg new file mode 100644 index 0000000..6b0cd9a --- /dev/null +++ b/.env.gpg @@ -0,0 +1 @@ +Œ  ‡-î)y—ÉþÒgÁ‡UlçHÂßšs(*}¼Ä Òϵ9H©tRÔwCßÐK¿5Ìõ½pÿ³ÔH4§0ÉÇΉiVÁ {?×3& ¦jó|ñ(&L2ËŸÕ˜àµöP„¶T:I2hÿ·q{ â› \ No newline at end of file diff --git a/.gitea/workflows/decrypt_secrets.yml b/.gitea/workflows/decrypt_secrets.yml new file mode 100644 index 0000000..edefe5c --- /dev/null +++ b/.gitea/workflows/decrypt_secrets.yml @@ -0,0 +1,18 @@ +name: Decrypt Secrets +run-name: Workflow for decrypting secrets +on: [ push ] + +jobs: + DecryptSecrets: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Decrypt secrets + run: ./decrypt_secret.sh + env: + SECRET_PASSPHRASE: ${{ secrets.SECRET_PASSPHRASE }} + # This command is just an example to show your secret being printed + # Ensure you remove any print statements of your secrets. GitHub does + # not hide secrets that use this workaround. + - name: Test printing your secret (Remove this step in production) + run: cat ./.env \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..13d4ac5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.env +.idea/ \ No newline at end of file diff --git a/decrypt_secrets.sh b/decrypt_secrets.sh new file mode 100644 index 0000000..fb1efa1 --- /dev/null +++ b/decrypt_secrets.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +# --batch to prevent interactive command +# --yes to assume "yes" for questions +gpg --quiet --batch --yes --decrypt --passphrase="$SECRET_PASSPHRASE" \ +--output ./.env ./.env.gpg