{"id":20398477,"url":"https://github.com/keeper-security/ksm-demos","last_synced_at":"2026-01-07T18:04:53.019Z","repository":{"id":250195364,"uuid":"832917428","full_name":"Keeper-Security/ksm-demos","owner":"Keeper-Security","description":null,"archived":false,"fork":false,"pushed_at":"2024-07-25T16:12:20.000Z","size":40,"stargazers_count":0,"open_issues_count":0,"forks_count":2,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-02-04T23:29:10.697Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Keeper-Security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-24T02:00:31.000Z","updated_at":"2024-07-31T13:28:44.000Z","dependencies_parsed_at":"2024-07-25T20:53:50.735Z","dependency_job_id":null,"html_url":"https://github.com/Keeper-Security/ksm-demos","commit_stats":null,"previous_names":["keeper-security/ksm-demos"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keeper-Security%2Fksm-demos","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keeper-Security%2Fksm-demos/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keeper-Security%2Fksm-demos/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keeper-Security%2Fksm-demos/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Keeper-Security","download_url":"https://codeload.github.com/Keeper-Security/ksm-demos/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246249218,"owners_count":20747168,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-15T04:21:58.287Z","updated_at":"2026-01-07T18:04:47.974Z","avatar_url":"https://github.com/Keeper-Security.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Action with Keeper Secrets Manager Integration\n\nThis GitHub repository demonstrates the integration of Keeper Secrets Manager (KSM) with GitHub Actions. This integration facilitates the secure retrieval of secrets from Keeper Vaults directly into GitHub Actions, supporting dynamic secrets management in CI/CD workflows.\n\n## Features\n\n- **Retrieve Secrets**: Securely pull secrets from Keeper Vaults into GitHub Actions.\n- **Environment and Build Arguments**: Set secret credentials directly as build arguments or environment variables.\n- **Secure File Handling**: Copy secure files from Keeper Vaults to the GitHub runner.\n\n## Prerequisites\n\nBefore using this GitHub Action, ensure the following prerequisites are met:\n\n- Access to Keeper Secrets Manager. [Quick Start Guide](https://docs.keeper.io/en/v/secrets-manager/secrets-manager/quick-start-guide)\n- Secrets Manager addon enabled for your Keeper account.\n- Membership in a Role with Secrets Manager enforcement policy enabled.\n- A Keeper Secrets Manager Application with secrets shared to it. Instructions for creating an application are in the Quick Start Guide.\n- An initialized Keeper Secrets Manager Configuration in Base64 format.\n\n## Configuration\n\n1. **GitHub Secrets**: Configure the `KSM_CONFIG` as a secret in GitHub repository settings.\n2. **Keeper Secrets Manager Configuration**: Ensure your Keeper configuration is set up and accessible as described in the [Keeper documentation](https://docs.keeper.io/en/v/secrets-manager/secrets-manager/integrations/github-actions).\n\n## Usage\n\nTo execute this action:\n\n**Manual Trigger**: This action is configured to trigger manually through the GitHub UI under the *Actions* tab using `workflow_dispatch`.\n\n## Explanation of Demo\n\nUpon execution, the following takes place:\n- A Github Action ubuntu runner is launched\n- A GPG public/private key pair and password is pulled from the Keeper vault\n- The GPG key from Keeper is imported\n- A sample \"Hello World\" Go application is built\n- The binary is signed with the GPG key\n- The signature is displayed\n- The application is run\n\n## Documentation and Resources\n\nFor more detailed documentation on the Keeper Secrets Manager and its integration with GitHub Actions, visit the official [documentation](https://docs.keeper.io/en/v/secrets-manager/secrets-manager/integrations/github-actions).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeeper-security%2Fksm-demos","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkeeper-security%2Fksm-demos","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeeper-security%2Fksm-demos/lists"}