Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/unfor19/configmap-action
Exports configmap.json as a job-output according to a given key, such as `GIT_BRANCH` or `DEPLOYMENT_ENVIRONMENT`, which is later consumed by other jobs with "needs".
https://github.com/unfor19/configmap-action
actions configmap configuration deployment github matrix
Last synced: 21 days ago
JSON representation
Exports configmap.json as a job-output according to a given key, such as `GIT_BRANCH` or `DEPLOYMENT_ENVIRONMENT`, which is later consumed by other jobs with "needs".
- Host: GitHub
- URL: https://github.com/unfor19/configmap-action
- Owner: unfor19
- License: mit
- Created: 2022-02-04T11:39:43.000Z (about 3 years ago)
- Default Branch: development
- Last Pushed: 2022-11-06T11:29:02.000Z (over 2 years ago)
- Last Synced: 2024-11-21T11:32:14.213Z (3 months ago)
- Topics: actions, configmap, configuration, deployment, github, matrix
- Language: Shell
- Homepage: https://meirg.co.il
- Size: 53.7 KB
- Stars: 2
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# configmap-action
[](https://github.com/unfor19/configmap-action/actions?query=workflow%3Atesting)
[](https://github.com/unfor19/configmap-action-test/actions?query=workflow%3Atest-action)
Exports [configmap.json](./configmap.json) as a [job-output]([output](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs)) according to a given key, such as `GIT_BRANCH` or `DEPLOYMENT_ENVIRONMENT`, which is later consumed by other jobs with "[needs](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds)".
For GitHub Enterprise customers, the same idea is implemented by [Using environments for deployment
](https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment). Bear in mind that:
> Environments, environment protection rules, and environment secrets are available in public repositories for all products. For access to environments in private repositories, you must use GitHub Enterprise. For more information, see "GitHub's products."
This action is an alternative implemenation of GitHub Environments, for using environment specific configurations according to a given key; such as `GIT_BRANCH`, see [Usage](#Usage) section.
Tested in [unfor19/configmap-action-test](https://github.com/unfor19/configmap-action-test/actions?query=workflow%3Atest-action)
## Requirements
GitHub's Linux [ubuntu-20.04](https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-Readme.md) runners include the below requirements.
1. [Bash v4.4+](https://www.gnu.org/software/bash/)
2. [jq v1.6+](https://stedolan.github.io/jq/)
> **NOTE**: If you're using [Self-Hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners), make sure you have the above requirements installed on the runner.
> **TODO**: Create a new repo that builds a new version of the Docker image [summerwind/actions-runner:latest](https://github.com/actions-runner-controller/actions-runner-controller#software-installed-in-the-runner-image). That will ease the process of implementing this action when using [actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller#software-installed-in-the-runner-image).
## Usage
1. Create a [configmap.json](./configmap.json) in your git repository
2. Add the following job to the top of an existing workflow; I'm using [github.ref_name](https://docs.github.com/en/actions/learn-github-actions/contexts#:~:text=github.ref_name) to dynamically select the relevant configmap per environment.
```yaml
prepare:
runs-on: ubuntu-20.04
name: Prepare ${{ github.event.inputs.src_repository }}
steps:
- uses: actions/checkout@v2
# Assuming `configmap.json` exists in the git repo
- name: Set Configmap
env:
CONFIGMAP_FILE_PATH: configmap.json
id: set-configmap
run: |
echo "configmap=$(jq -c . ${{ env.CONFIGMAP_FILE_PATH }})" >> $GITHUB_OUTPUT
- name: Export Configmap
uses: unfor19/configmap-action@development
with:
configmap_map: ${{ steps.set-configmap.outputs.configmap }}
configmap_key: ${{ github.ref_name }} # The branch or tag name that triggered the workflow run
configmap_default_key_name: "default" # The default configuration to fetch when configmap_key is not found
configmap_skip_env: "false" # By default, all outputs are exported as env var in $GITHUB_ENV Set to true if you wish to disable this behavior
id: export-configmap
### Required outputs - feel free to add more outputs
### -----------------------------------------------------
outputs:
CONFIGMAP: ${{ steps.export-configmap.outputs.CONFIGMAP_MAP }}
CONFIGMAP_SELECTED_KEY: ${{ steps.export-configmap.outputs.CONFIGMAP_SELECTED_KEY }}
### -----------------------------------------------------
```
3. Consume `prepare`'s output `CONFIGMAP` as a [matrix](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix) in existing jobs, such as `build`
```yaml
build:
runs-on: ubuntu-20.04
name: Build ${{ matrix.configmap.NODE_VERSION }}
### Add the following block to each job
### -----------------------------------------------------
needs:
- prepare
strategy:
matrix:
configmap: ${{ fromJSON(needs.prepare.outputs.CONFIGMAP) }}
### -----------------------------------------------------
steps:
- uses: actions/checkout@v2
# Inject relevant variables per step
- name: Get env vars
env:
NODE_ENV: ${{ matrix.configmap.NODE_ENV }}
NODE_VERSION: ${{ matrix.configmap.NODE_VERSION }}
run: |
echo "$NODE_ENV"
echo "$NODE_VERSION"
```
### Consuming GitHub Actions Secrets
Secrets **names** are exposed to all steps in a job, though values of secrets can be selectively injected to relevant steps, see example below.
1. Assuming `configmap.json` contains the following secrets names
```json
{
"production": [
{
...
"AWS_ACCESS_KEY_ID_NAME": "AWS_ACCESS_KEY_ID_PRODUCTION",
"AWS_SECRET_ACCESS_KEY_NAME": "AWS_SECRET_ACCESS_KEY_PRODUCTION"
}
],
"development": [
{
...
"AWS_ACCESS_KEY_ID_NAME": "AWS_ACCESS_KEY_ID_DEVELOPMENT",
"AWS_SECRET_ACCESS_KEY_NAME": "AWS_SECRET_ACCESS_KEY_DEVELOPMENT"
}
]
}
```
2. Create secrets per environment (development, staging, production, etc.) in GitHub Actions
- AWS_ACCESS_KEY_ID_DEVELOPMENT
- AWS_SECRET_ACCESS_KEY_DEVELOPMENT
- AWS_ACCESS_KEY_ID_PRODUCTION
- AWS_SECRET_ACCESS_KEY_PRODUCTION
3. Consume secrets as environment variables with `secrets[matrix.configmap.SECRET_NAME]`.
```yaml
deploy:
runs-on: ubuntu-20.04
name: Deploy to ${{ needs.prepare.outputs.CONFIGMAP_SELECTED_KEY }}
needs:
- prepare
- build
strategy:
matrix:
configmap: ${{ fromJSON(needs.prepare.outputs.CONFIGMAP) }}
env:
DEPLOYMENT_ENVIRONMENT: ${{ needs.prepare.outputs.CONFIGMAP_SELECTED_KEY }}
### -----------------------------------------------------
steps:
- uses: actions/checkout@v2
# Inject relevant variables per step
- name: Get env vars
env:
AWS_ACCESS_KEY_ID: ${{ secrets[matrix.configmap.AWS_ACCESS_KEY_ID_NAME] }}
AWS_SECRET_ACCESS_KEY: ${{ secrets[matrix.configmap.AWS_SECRET_ACCESS_KEY_NAME] }}
run: |
echo "Deploying to $DEPLOYMENT_ENVIRONMENT"
echo "AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID"
echo "AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY"
```
## Authors
Created and maintained by [Meir Gabay](https://github.com/unfor19)
## License
This project is licensed under the MIT License - see the [LICENSE](https://github.com/unfor19/configmap-action/blob/master/LICENSE) file for details