From 6a9d5f684b0a7da37bfaa0adbffa9e70c880fc8c Mon Sep 17 00:00:00 2001 From: Szymon Draszkiewicz Date: Fri, 7 Jun 2024 13:40:55 +0200 Subject: [PATCH] DEVOPS-7868 1password get field and get kubeconfig actions --- 1password/get-item-field/action.yaml | 32 ++++++++++++++++++++++++++ 1password/get-kubeconfig/action.yaml | 34 ++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 1password/get-item-field/action.yaml create mode 100644 1password/get-kubeconfig/action.yaml diff --git a/1password/get-item-field/action.yaml b/1password/get-item-field/action.yaml new file mode 100644 index 0000000..7341cab --- /dev/null +++ b/1password/get-item-field/action.yaml @@ -0,0 +1,32 @@ +name: 'Get item field from 1Password' +description: "Gets a field from specified 1Password vault/item" +inputs: + op-sa-token: + required: true + description: "1Password Service Account Token" + op-vault: + required: true + description: "1Password Vault" + op-item: + required: true + description: "1Password Item" + op-field: + required: true + description: "1Password Item.Field" +outputs: + field: + description: Value from 1Password Item.Field + value: ${{ steps.get-item-field.outputs.field }} + +runs: + using: "composite" + steps: + - name: Install 1Password CLI + uses: 1password/install-cli-action@v1 + + - name: Get item field + id: get-item-field + shell: bash + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.op-sa-token }} + run: echo "field=$(op item get ${{ inputs.op-item }} --vault=${{ inputs.op-vault }} --fields label=${{ inputs.op-field }})" >> $GITHUB_OUTPUT \ No newline at end of file diff --git a/1password/get-kubeconfig/action.yaml b/1password/get-kubeconfig/action.yaml new file mode 100644 index 0000000..951586e --- /dev/null +++ b/1password/get-kubeconfig/action.yaml @@ -0,0 +1,34 @@ +name: 'Get Kubeconfig from 1Password' +description: "Gets a kubeconfig from specified 1Password vault/item" +inputs: + op-sa-token: + required: true + description: "1Password Service Account Token" + op-vault: + required: true + description: "1Password Vault" + default: "Promil-preprod-gha-kubeconfigs" + op-item: + required: true + description: "1Password Item" +outputs: + field: + description: Value from 1Password Item.Field + value: ${{ steps.decode-kubeconfig.outputs.kubeconfig }} + +runs: + using: "composite" + steps: + - name: Get Kubeconfig from 1Password + id: get-kubeconfig + uses: PiwikPRO/actions/1password/get-item-field@DEVOPS-7869 + with: + op-sa-token: ${{ inputs.op-sa-token }} + op-vault: ${{ inputs.op-vault }} + op-item: ${{ inputs.op-item }} + op-field: kubeconfig + + - name: Decode kubeconfig + id: decode-kubeconfig + shell: bash + run: echo "kubeconfig=$(echo '${{ steps.get-kubeconfig.outputs.field }}' | base64 --decode)" >> $GITHUB_OUTPUT \ No newline at end of file