-
Notifications
You must be signed in to change notification settings - Fork 0
58 lines (53 loc) · 2.05 KB
/
testing.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
name: Read secrets from vault
on:
push:
branches: [ main ]
workflow_dispatch: {}
jobs:
bash-linux:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: install vault-cli
run: |
sudo apt-get update && sudo apt-get install gpg wget gnome-keyring dbus-x11
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "wget done"
gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
echo "gpg done"
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
echo "echo is done"
sudo apt-get update && sudo apt-get install vault && sudo apt-get install libsecret-tools
- name: Run docker-compose
run: docker compose -f ./vault-docker/docker-compose.yml up -d
- name: verifying vault
run: |
echo "Waiting for Vault to start..."
sleep 60
docker ps
echo "docker images"
export $(dbus-launch)
eval "$(echo '\n' | gnome-keyring-daemon --unlock)"
docker images
echo "export vault addr"
export VAULT_ADDR=http://127.0.0.1:8200
echo "vault status"
vault status
echo "login to vault"
vault login token=vault-plaintext-root-token
vault status
echo "after vault status"
mkdir $HOME/.superexport
touch $HOME/.superexport/.exported.sh
chmod +x $HOME/.superexport/.exported.sh
chmod +x superexport.sh
./superexport.sh MYKEY password /my-secrets/dev foo
echo "after export"
source $HOME/.superexport/.secretreader.sh
env
echo "after printing vault"
echo "MKEY" + $MYKEY
ls -lah
cd ..
ls -lah
pwd