diff --git a/.github/workflows/testing.yml b/.github/workflows/testing-linux.yml similarity index 55% rename from .github/workflows/testing.yml rename to .github/workflows/testing-linux.yml index 9721f6b..a47321b 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing-linux.yml @@ -1,4 +1,4 @@ -name: Read secrets from vault +name: Linux - Read secrets from vault on: push: branches: [ main, mac ] @@ -55,56 +55,3 @@ jobs: echo "password should be \"test_password\" but was $CHECKVAR" exit 1 fi - mac: - runs-on: macos-13 - steps: - - uses: actions/checkout@v4.1.7 - - - uses: douglascamata/setup-docker-macos-action@v1-alpha - timeout-minutes: 12 - - - run: | - docker version - - name: run Docker hello-world - run: docker run hello-world - - - name: brew vault - run: brew install hashicorp/tap/vault - - - name: Run docker-compose - run: docker-compose -f ./vault-docker/docker-compose.yml up -d - - - name: verifying vault - run: | - echo "Waiting for Vault to start..." - sleep 30 - docker ps - echo "docker images" - export VAULT_ADDR=http://127.0.0.1:8200 - echo "vault status" - vault status - echo "login to vault" - vault login token=vault-plaintext-root-token - echo "Passwort is: (next line)" - echo $(vault kv get -field=password "/my-secrets/dev") - mkdir $HOME/.superexport - touch $HOME/.superexport/.exported.sh - chmod +x $HOME/.superexport/.exported.sh - chmod +x superexport.sh - ./superexport.sh MYKEY password /my-secrets/dev foo - - echo "reading secrets from from secret tools" - source $HOME/.superexport/.secretreader.sh - echo "mykey is $MYKEY" - echo "GH_ENV=$MYKEY" >> $GITHUB_ENV - - name: check if the password is correct - run: | - CHECKVAR="${{ env.GH_ENV }}" - if [ "$CHECKVAR" = "test_password" ]; then - echo "password is correct" - exit 0 - else - echo "password is wrong" - echo "password should be \"test_password\" but was $CHECKVAR" - exit 1 - fi \ No newline at end of file diff --git a/.github/workflows/testing-mac.yml b/.github/workflows/testing-mac.yml new file mode 100644 index 0000000..15f0bb3 --- /dev/null +++ b/.github/workflows/testing-mac.yml @@ -0,0 +1,62 @@ +name: MAC - Read secrets from vault +on: + push: + branches: [ main, mac ] + workflow_dispatch: {} + +jobs: + mac: + runs-on: macos-13 + steps: + - uses: actions/checkout@v4.1.7 + + - uses: douglascamata/setup-docker-macos-action@v1-alpha + timeout-minutes: 12 + + - run: | + docker version + - name: run Docker hello-world + run: docker run hello-world + + - name: brew vault + run: brew install hashicorp/tap/vault + + - name: Run docker-compose + run: docker-compose -f ./vault-docker/docker-compose.yml up -d + + - name: verifying vault + run: | + echo "Waiting for Vault to start..." + sleep 30 + docker ps + echo "docker images" + export VAULT_ADDR=http://127.0.0.1:8200 + echo "vault status" + echo $VAULT_ADDR + vault status + echo "login to vault" + vault login token=vault-plaintext-root-token + vault token lookup + echo "Passwort is: (next line)" + echo $(vault kv get -field=password "/my-secrets/dev") + mkdir $HOME/.superexport + touch $HOME/.superexport/.exported.sh + chmod +x $HOME/.superexport/.exported.sh + chmod +x superexport.sh + ./superexport.sh MYKEY password /my-secrets/dev foo + + echo "reading secrets from from secret tools" + source $HOME/.superexport/.secretreader.sh + echo "mykey is $MYKEY" + echo "GH_ENV=$MYKEY" >> $GITHUB_ENV + - name: check if the password is correct + run: | + CHECKVAR="${{ env.GH_ENV }}" + if [ "$CHECKVAR" = "test_password" ]; then + echo "password is correct" + exit 0 + else + echo "password is wrong" + echo "password should be \"test_password\" but was $CHECKVAR" + exit 1 + fi \ No newline at end of file