Last active
July 4, 2024 09:41
-
-
Save math280h/49115bd9d7754b5b89512996fa611d82 to your computer and use it in GitHub Desktop.
Dynamic Secrets in Github Workflows
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| prepare: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get branch name | |
| id: branch | |
| run: | | |
| if [[ "${GITHUB_EVENT_NAME}" == "push" ]]; then | |
| echo "::set-output name=BRANCH_NAME::$(echo ${GITHUB_REF##*/})" | |
| elif [[ "${GITHUB_EVENT_NAME}" == "repository_dispatch" ]]; then | |
| echo "::set-output name=BRANCH_NAME::${{ github.event.client_payload.ref }}" | |
| else | |
| echo "::set-output name=BRANCH_NAME::INVALID_EVENT_BRANCH_UNKNOWN" | |
| fi | |
| - name: Output branch name | |
| run: echo ${{ steps.branch.outputs.BRANCH_NAME }} | |
| - name: SET API_SECRET_NAME | |
| id: api | |
| run: | | |
| echo "::set-output name=API_SECRET_NAME::API_${{ steps.branch.outputs.BRANCH_NAME }}"; | |
| outputs: | |
| BRANCH_NAME: ${{ steps.branch.outputs.BRANCH_NAME }} | |
| API_SECRET_NAME: ${{ steps.api.outputs.API_SECRET_NAME }} | |
| build: | |
| needs: [ prepare ] | |
| runs-on: ubuntu-latest | |
| env: | |
| BRANCH_NAME: ${{ needs.prepare.outputs.BRANCH_NAME }} | |
| API_SECRET_NAME: ${{ needs.prepare.outputs.API_SECRET_NAME }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ github.event.client_payload.ref }} | |
| - name: Build docker image | |
| run: | | |
| docker build --build-arg=API_URL="${{ secrets[env.API_SECRET_NAME] }}" \ | |
| -t user/project:${{env.BRANCH_NAME}}-${{ github.sha }} \ | |
| . |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment