GitHub Action
CloudTruth Configure
CloudTruth centralizes your configuration and secrets information to make it easier to manage.
This action allows you to extract the configuration and secrets from a project, scoped
to an environment, into your GitHub Actions workflow. This is done securely by ensuring
that the GitHub workflow engine is told which of your configuration values are considered
secrets, so it can ensure they are properly redacted. This is analogous to the behavior
you would see if you added your secrets directly to your GitHub organization or repository
and then accessed those secrets through the secrets
object in your action.
This action will modify your env
object to have values for all the parameters that
you have stored in your project for the given environment.
The @v2
tag is for customers who are using app.cloudtruth.io
, starting in July 2021.
The @v1
tag is for customers who have been using app.cloudtruth.com
.
You must have an api key established in your CloudTruth account.
name | required | description |
---|---|---|
apikey |
yes |
(@v2 only) The CloudTruth Service Account API Key to use. |
project |
yes |
The CloudTruth project (name or id) within the organization. |
environment |
yes |
The CloudTruth environment (name or id) view to use. |
overwrite |
no |
(default: false) Allow existing environment variables to be overwritten. |
server |
no |
(default: https://api.cloudtruth.io ) The CloudTruth server to execute the query against. |
token |
yes |
(@v1 only) The CloudTruth Access Token to use. |
Add a step to your workflow, ensuring that your CloudTruth service account api key is stored in GitHub as a secret:
- uses: cloudtruth/configure-action@v2
with:
apikey: "${{ secrets.CLOUDTRUTH_API_KEY }}"
project: "<project name or id>"
environment: "<environment name or id>"
See our GitHub Actions workflow for a working example.