Skip to content
Read secrets from vault

Adds another test #36

Sign in to view logs

Adds another test

Adds another test #36

Workflow file for this run

.github/workflows/testing.yml at 73f1dcf
name: Read secrets from vault
on:
push:
branches: [ main ]
workflow_dispatch: {}
jobs:
bash-linux:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: install vault-cli
run: |
sudo apt-get update && sudo apt-get install gpg wget gnome-keyring dbus-x11
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "wget done"
gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
echo "gpg done"
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
echo "echo is done"
sudo apt-get update && sudo apt-get install vault && sudo apt-get install libsecret-tools
- name: Run docker-compose
run: docker compose -f ./vault-docker/docker-compose.yml up -d
- name: verifying vault
run: |
echo "Waiting for Vault to start..."
sleep 60
docker ps
echo "docker images"
export $(dbus-launch)
eval "$(echo '\n' | gnome-keyring-daemon --unlock)"
docker images
echo "export vault addr"
export VAULT_ADDR=http://127.0.0.1:8200
echo "vault status"
vault status
echo "login to vault"
vault login token=vault-plaintext-root-token
vault status
echo "after vault status"
mkdir $HOME/.superexport
touch $HOME/.superexport/.exported.sh
chmod +x $HOME/.superexport/.exported.sh
chmod +x superexport.sh
./superexport.sh MYKEY password /my-secrets/dev foo
echo "after export"
source $HOME/.superexport/.secretreader.sh
env
echo "after printing vault"
echo "MKEY" + $MYKEY
ls -lah
cd ..
ls -lah
pwd
- name: test again
run: |
echo "MKEY" + $MYKEY