From 4086625813f70b5ecac6ba10fccc21351992c70e Mon Sep 17 00:00:00 2001 From: Szymon Draszkiewicz <27085934+Decard6@users.noreply.github.com> Date: Thu, 27 Jun 2024 12:38:58 +0200 Subject: [PATCH] DEVOPS-7881 add mask (#107) --- 1password/get-item-field/action.yaml | 32 --------------------------- 1password/get-kubeconfig/action.yaml | 18 +++++++++------ README.md | 33 ---------------------------- 3 files changed, 11 insertions(+), 72 deletions(-) delete mode 100644 1password/get-item-field/action.yaml diff --git a/1password/get-item-field/action.yaml b/1password/get-item-field/action.yaml deleted file mode 100644 index 9813361..0000000 --- a/1password/get-item-field/action.yaml +++ /dev/null @@ -1,32 +0,0 @@ -name: 'Get item field from 1Password' -description: "Gets a field from specified 1Password vault/item" -inputs: - op-sa-token: - required: true - description: "1Password Service Account Token" - op-vault: - required: true - description: "1Password Vault" - op-item: - required: true - description: "1Password Item" - op-field: - required: true - description: "1Password Item.Field" -outputs: - field: - description: Value from 1Password Item.Field - value: ${{ steps.get-item-field.outputs.field }} - -runs: - using: "composite" - steps: - - name: Install 1Password CLI - uses: 1password/install-cli-action@v1 - - - name: Get item field - id: get-item-field - shell: bash - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op-sa-token }} - run: echo "field<> "$GITHUB_OUTPUT" diff --git a/1password/get-kubeconfig/action.yaml b/1password/get-kubeconfig/action.yaml index ec30e40..b75440f 100644 --- a/1password/get-kubeconfig/action.yaml +++ b/1password/get-kubeconfig/action.yaml @@ -19,16 +19,20 @@ outputs: runs: using: "composite" steps: + - name: Install 1Password CLI + uses: 1password/install-cli-action@v1 + - name: Get Kubeconfig from 1Password id: get-kubeconfig - uses: PiwikPRO/actions/1password/get-item-field@master - with: - op-sa-token: ${{ inputs.op-sa-token }} - op-vault: ${{ inputs.op-vault }} - op-item: ${{ inputs.op-item }} - op-field: kubeconfig + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op-sa-token }} + shell: bash + run: | + encoded=$(op item get ${{ inputs.op-item }} --vault=${{ inputs.op-vault }} --fields label=kubeconfig| tr -d "\n" ) + echo "::add-mask::$encoded" + echo "encoded<> "$GITHUB_OUTPUT" - name: Decode kubeconfig id: decode-kubeconfig shell: bash - run: echo "kubeconfig<> "$GITHUB_OUTPUT" + run: echo "kubeconfig<> "$GITHUB_OUTPUT" diff --git a/README.md b/README.md index e3ec247..fb3fae9 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,6 @@ - [Benchmarking](#benchmarking) - [Platform outdated dependencies notifier](#platform-outdated-dependencies-notifier) - [1Password](#1Password) - - [Get item field](#get-item-field) - [Get kubeconfig](#get-kubeconfig) @@ -646,38 +645,6 @@ jobs: ``` ### 1Password -#### Get item field -`1password/get-item-field` action is a Github Action that fetches specified field from 1Password item. - -Example usage: -```yaml -on: - pull_request: - push: - branches: ["master"] -name: Test actions -jobs: - test-get-field: - runs-on: ubuntu-latest - timeout-minutes: 2 - steps: - - name: Check out repository code - uses: actions/checkout@v3 - - - name: Get field - id: get-field - uses: PiwikPRO/actions/1password/get-item-field@master - with: - op-sa-token: - op-vault: foo - op-item: bar - op-field: xyz - - - name: Echo get-field - shell: bash - run: echo ${{ steps.get-field.outputs.field }} -``` - #### Get kubeconfig `1password/get-kubeconfig` action is a Github Action that fetches `kubeconfig` field from 1Password item and base64 decodes it.