r-freeman/workflow-with-secrets
1
0
Fork 0
mirror of https://github.com/r-freeman/workflow-with-secrets.git synced 2024-09-22 11:16:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
14 Commits 1 Branch 0 Tags 39 KiB
Shell 100%
973e2f37bb
Go to file
Ryan Freeman 973e2f37bb
All checks were successful
Decrypt Secrets / DecryptSecrets (push) Successful in 3s
Details
update README
2024-08-20 22:46:52 +01:00
.gitea/workflows update workflow 2024-08-20 22:23:34 +01:00
.env.gpg update workflow 2024-08-20 22:23:34 +01:00
.gitignore update workflow 2024-08-20 22:13:15 +01:00
decrypt_secrets.sh update workflow 2024-08-20 22:23:34 +01:00
README.md update README 2024-08-20 22:46:52 +01:00

README.md

Workflow with secrets

Useful Gitea workflow for safe decryption of secrets in a .env which might contain sensitive data such usernames, passwords, API keys, database connection strings and so on. A good use case for this workflow is to use it to provide decrypted environment variables at runtime to a docker container. For example, docker run --env-file ./.env ubuntu bash.

How to use

Clone or fork the repo and create a .env file containing key/value pairs of environment variables. For example, SUPER_SECRET_PASSWORD=bzdBkRzh4F7UYWx5KXjw3TBm. Then encrypt the .env with gpg --symmetric --cipher-algo AES256 .env choose a passphrase and keep note of it. Make sure to commit and push the encrypted .env.gpg file.

On the Gitea side, go to Settings > Actions > Secrets and create a new secret called SECRET_PASSPHRASE and set it to your passphrase.