From a11a1af505bb85793091b45c71eea0af86ba5b45 Mon Sep 17 00:00:00 2001
From: seanlongcc <seanlongcc@gmail.com>
Date: Wed, 3 Jul 2024 12:12:49 -0400
Subject: [PATCH] update actions

---
 .github/workflows/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 7be3c09..0acb616 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -7,11 +7,14 @@ on:
 jobs:
   my_job:
     name: Harden MongoDB Container
+
     runs-on: ubuntu-latest
+
     env:
       REPORT_TO_HEIMDALL: "true"
       HEIMDALL_URL: "https://heimdall-demo.mitre.org/evaluations"
       HEIMDALL_API_KEY: ${{ secrets.SAF_HEIMDALL_UPLOAD_KEY }}
+
     steps:
       - name: Add Dependencies
         run: |
@@ -28,6 +31,17 @@ jobs:
       - name: Clone Repository
         uses: actions/checkout@v4
 
+      - name: Move Certificates
+        env:
+          CA_FILE_BASE64_AA: ${{ secrets.CA_FILE_BASE64_AA }}
+          CA_FILE_BASE64_AB: ${{ secrets.CA_FILE_BASE64_AB }}
+          CERTIFICATE_KEY_FILE_BASE64: ${{secrets.CERTIFICATE_KEY_FILE_BASE64}}
+        run: |
+          echo $CA_FILE_BASE64_AA > CA_FILE_BASE64
+          echo $CA_FILE_BASE64_AB >> CA_FILE_BASE64
+          base64 --decode CA_FILE_BASE64 > certificates/dod_CAs.pem
+          base64 --decode CERTIFICATE_KEY_FILE_BASE64 > certificates/mongodb.pem
+
       - name: Run Packer
         run: |
           packer init mongo-hardening.pkr.hcl