https://github.com/simbo/git-secret-action
A GitHub action to setup git-secret and reveal secrets in a repository.
https://github.com/simbo/git-secret-action
action git-secret github-actions secrets secrets-management
Last synced: 3 months ago
JSON representation
A GitHub action to setup git-secret and reveal secrets in a repository.
- Host: GitHub
- URL: https://github.com/simbo/git-secret-action
- Owner: simbo
- License: mit
- Created: 2023-07-14T08:02:51.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-07-14T11:18:30.000Z (almost 3 years ago)
- Last Synced: 2026-03-15T17:26:18.494Z (4 months ago)
- Topics: action, git-secret, github-actions, secrets, secrets-management
- Language: Shell
- Homepage:
- Size: 3.91 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# git-secret GitHub Action
A GitHub action to setup [git-secret](https://sobolevn.me/git-secret/) and
reveal secrets in a repository.
## Usage
Use `simbo/git-secret-action@v1` in your GitHub action workflow.
### Example
```yml
jobs:
ci:
runs-on: ubuntu-latest
steps:
- name: 🛎 Checkout
uses: actions/checkout@v3
- name: 🔓 Reveal Secrets
uses: simbo/git-secret-action@v1
with:
private-key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
```
## Inputs
| Input | Required | Default | Description |
| ---------------- | -------- | -------- | ---------------------------------------------------------------------------------------------------------------------------- |
| `version` | no | (latest) | git-secret version to use |
| `private-key` | yes | – | base64-encoded single-line gpg private key to decrypt secrets |
| `passphrase` | yes | – | gpg passphrase to decrypt secrets |
| `github-com-pat` | no | – | GitHub.com PAT to retrieve latest git-secret version number from GitHub API (recommended for GitHub Enterprise environments) |
### Providing a GPG Private Key
A GPG private key is a large multi-line string. To enable GitHub Actions to work
with this, it should be converted to a **_base64-encoded single-line string_**.
The following command will…
- export the private key for ``
- encode it with base64
- convert it to a single-line string
- save it as `private_key.txt`
```sh
gpg --armour --export-secret-keys | base64 | tr -d '\n' > private_key.txt
```
Store the generated string as GitHub Actions secret.
## Outputs
This action has no outputs. 🤷♂️
## Development
### Creating a new Version
Use `./release.sh ` which will create a git tag for the
respective version.
A release workflow will pick up the tag when pushed to GitHub, create a release
and move major, minor and latest tags accordingly.
To publish the release into the GitHub marketplace open
[releases](https://github.com/simbo/vale-action/releases) and
update the release for marketplace publishing.
## License
[MIT © Simon Lepel](http://simbo.mit-license.org/)