{"id":24263922,"url":"https://github.com/andreijiroh-dev/dotenvx-action","last_synced_at":"2026-04-16T22:32:05.020Z","repository":{"id":247392989,"uuid":"825670104","full_name":"andreijiroh-dev/dotenvx-action","owner":"andreijiroh-dev","description":"Securely inject your dotenvx secrets without the leaks","archived":false,"fork":false,"pushed_at":"2025-09-29T08:19:24.000Z","size":5397,"stargazers_count":3,"open_issues_count":3,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-29T10:15:22.387Z","etag":null,"topics":["dotenv","github-actions","hackclub-arcade","hacktoberfest"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/andreijiroh-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["ajhalili2006"],"patreon":"ajhalili2006","ko_fi":"ajhalili2006","liberapay":"ajhalili2006","buy_me_a_coffee":"ajhalili2006","thanks_dev":"gh/ajhalili2006","custom":["https://sponsors.andreijiroh.dev"]}},"created_at":"2024-07-08T09:28:44.000Z","updated_at":"2025-09-14T15:18:36.000Z","dependencies_parsed_at":"2024-07-08T14:35:25.188Z","dependency_job_id":"689ad249-42f9-48cd-86f9-2398c00d4697","html_url":"https://github.com/andreijiroh-dev/dotenvx-action","commit_stats":null,"previous_names":["ajhalili2006-experiments/dotenvx-action"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/andreijiroh-dev/dotenvx-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreijiroh-dev%2Fdotenvx-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreijiroh-dev%2Fdotenvx-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreijiroh-dev%2Fdotenvx-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreijiroh-dev%2Fdotenvx-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/andreijiroh-dev","download_url":"https://codeload.github.com/andreijiroh-dev/dotenvx-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreijiroh-dev%2Fdotenvx-action/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31907498,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"ssl_error","status_checked_at":"2026-04-16T18:21:47.142Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dotenv","github-actions","hackclub-arcade","hacktoberfest"],"created_at":"2025-01-15T08:53:44.932Z","updated_at":"2026-04-16T22:32:04.986Z","avatar_url":"https://github.com/andreijiroh-dev.png","language":"JavaScript","funding_links":["https://github.com/sponsors/ajhalili2006","https://patreon.com/ajhalili2006","https://ko-fi.com/ajhalili2006","https://liberapay.com/ajhalili2006","https://buymeacoffee.com/ajhalili2006","https://thanks.dev/gh/ajhalili2006","https://sponsors.andreijiroh.dev"],"categories":[],"sub_categories":[],"readme":"# `@andreijiroh-dev/dotenvx-action` - dotenvx GitHub Actions integration\n\nSecurely inject your dotenvx secrets without the leaks on GitHub Actions job\nlogs, powered by [`@dotenvx/dotenvx`][dotenvx] Node.js library.\n\n[dotenvx]: https://github.com/dotenvx/dotenvx\n\n## Requirements\n\nIn order for this to work, you need to commit your `.env.ci` file, but you must\nencrypt secrets using [`dotenvx`][dotenvx] CLI first to avoid leakage.\n\n```bash\n# For example, encrypt your API tokens (you may need --encrypt flag if CLI version \u003c 1.0.0 )\ndotenvx set -f .env.ci -- RHQCR_BOT_PASSWORD patops_1234abcd...\n\n# If it is harmless to commit, add --plain flag (otherwise do not add any flags if CLI version \u003c 1.0.0)\ndotenvx set -f .env.ci --plain -- RHQCR_BOT_USERNAME andreijiroh-dev+buildops\n```\n\n\u003e [!WARNING]\n\u003e Remember to add `.env.keys` to your `.gitignore` file to avoid potential leakage of private keys.\n\n## Usage\n\n```yaml\n- uses: andreijiroh-dev/dotenvx-action@v0.4.0 # change main to a tagged version or use commit hashes\n  id: dotenvx\n  with:\n    path: path/to/dotenv-file # defaults to .env.ci unles specified\n    # either one of those are required\n    key: ${{ secrets.DOTENV_PRIVATE_KEY_CI }} # for .env.ci\n    # optional if you need them in scripts involve requiring access to secrets via env vars\n    inject-env-vars: \"true\"\n\n- run: gh auth status\n  env:\n    GITHUB_TOKEN: ${{ steps.dotenvx.outputs.GITHUB_TOKEN }}\n```\n\n### Inputs\n\n\u003e [!NOTE]\n\u003e If your dotenvx-encrypted dotenv file is on a different repository, use the [remote loader action](./remote-loader/README.md) instead.\n\n\u003e [!WARNING]\n\u003e If you set `inject-env-vars` to `true`, all decrypted secrets will be injected as environment variables\n\u003e for subsequent jobs. If you do not want that, set it to `false` and access secrets via `${{ steps.dotenvx.outputs.\u003cSECRET_NAME\u003e }}`.\n\n| Name              | Default       | Description                                                                |\n| ----------------- | ------------- | -------------------------------------------------------------------------- |\n| `path`            | `.env.ci`     | Path to dotenv file to decrypt its encrypted secrets |\n| `key`             |               | Value of `DOTENV_PRIVATE_KEY_CI` from your `.env.keys` file (or another).  |\n| `inject-env-vars` | `false`       | Injects decrypted secrets as env vars if set to `true` for subsequent jobs |\n\n### Outputs\n\nAlongside any parsed secrets (whether decrypted or not), the following outputs/variables are adapted from\nthe [`dotenv-keys`][dotenv-keys] bash shell hook and function developed by Andrei Jiroh:\n\n[dotenv-keys]: \u003chttps://github.com/andreijiroh-dev/dotenvx-secretstore/blob/main/contrib/shell-hooks/dotenv-keys.bashrc\u003e\n\n| Name                 | Description                                                                                         | Default Value             |\n| -------------------- | --------------------------------------------------------------------------------------------------- | ------------------------- |\n| `DOTENV_KEYS_LOADER` | The method used by dotenv keys loader to load private key into the current GitHub Actions job.      | `github-actions`          |\n| `DOTENV_KEYS_LOADED` | Operates similarly to `CI` and friends, signals other programs that `DOTENV_PRIVATE_KEY` are loaded | `true`                    |\n| `LAST_DOTENV_DIR`    | The last directory where `env.keys` are loaded into the workflow (or in this case, the secrets)     | Based off `process.cwd()` |\n| `DOTENV_DECRYPTION_FAILURE` | Whether there are failed secret decryptions or not | false |\n| `DOTENV_DECRYPTION_FAIL_COUNT` | Number of secrets failed to decrypt | Defaults to 0 if everything is decrypted, otherwise a number of decryption failures |\n\n## Sub-actions within this action\n\n* [**Remote loader**](./remote-loader/README.md) - loads dotenvx-encrypted secrets from a remote URL and decrypts them using a provided private key by combining both steps into one composite action.\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandreijiroh-dev%2Fdotenvx-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fandreijiroh-dev%2Fdotenvx-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandreijiroh-dev%2Fdotenvx-action/lists"}