actions/warden
4
1
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

Compare commits

base: actions:340763a47810e52c96abf82e3e23756d5a86f3e9
Branches Tags
actions:main actions:readme
actions:v1
..
compare: actions:readme
Branches Tags
actions:readme actions:main
actions:v1

1 Commits
340763a478 ... readme

Author SHA1 Message Date
Jamie Schouten
eb48951d7f Add readme 2025-08-05 15:28:32 +02:00
2 changed files with 10 additions and 43 deletions
Expand all files Collapse all files

50
README.md
View File

@@ -6,21 +6,12 @@ A Gitea Action for authenticating with Bitwarden and retrieving dynamic secrets
Auth Warden provides a secure way to authenticate with a Bitwarden server and dynamically retrieve secrets stored as secure notes, making them available as environment variables in your Gitea Actions workflow.
## Features
- 🔐 Secure authentication with Bitwarden using API keys
- 🌐 Support for custom Bitwarden servers
- 📝 Retrieve secrets from Bitwarden secure notes
- 🔄 Dynamic mapping of secrets to environment variables
- 🛡️ Secure handling of sensitive data
## Usage
```yaml
- name: Retrieve secrets from Bitwarden
uses: ./path/to/auth-warden
uses: https://git.qlic.nl/actions/warden@v1
with:
email: ${{ secrets.BITWARDEN_EMAIL }}
password: ${{ secrets.BITWARDEN_PASSWORD }}
server: https://your-bitwarden-server.com
client-id: ${{ secrets.BITWARDEN_CLIENT_ID }}
@@ -33,14 +24,13 @@ Auth Warden provides a secure way to authenticate with a Bitwarden server and dy
## Inputs
| Input | Description | Required | Default |
|-------|-------------|----------|---------|
| `email` | Bitwarden account email | Yes | - |
| `password` | Bitwarden account password | Yes | - |
| `server` | Bitwarden server URL | No | `${{ vars.WARDEN_URL }}` |
| `client-id` | Bitwarden API client ID | Yes | - |
| `client-secret` | Bitwarden API client secret | Yes | - |
| `secrets` | List of secret mappings (format: `SECRET_ID > ENV_VAR`) | Yes | - |
| Input | Description | Required | Default |
|-----------------|---------------------------------------------------------|----------|--------------------------|
| `password` | Bitwarden account password | Yes | - |
| `server` | Bitwarden server URL | No | `${{ vars.WARDEN_URL }}` |
| `client-id` | Bitwarden API client ID | Yes | - |
| `client-secret` | Bitwarden API client secret | Yes | - |
| `secrets` | List of secret mappings (format: `SECRET_ID > ENV_VAR`) | Yes | - |
## Secret Mapping Format
@@ -69,10 +59,7 @@ secrets: |
## Security Considerations
- Store all sensitive inputs (email, password, client-id, client-secret) as Gitea repository secrets
- Use organization or repository variables for the server URL if it's not sensitive
- The action automatically handles session management and cleanup
- Retrieved secrets are securely added to the Gitea Actions environment
- Store all sensitive inputs (password, client-id, client-secret) as Gitea repository secrets
## Example Workflow
@@ -87,9 +74,8 @@ jobs:
- uses: actions/checkout@v4
- name: Retrieve secrets
uses: ./path/to/auth-warden
uses: https://git.qlic.nl/actions/warden@v1
with:
email: ${{ secrets.BITWARDEN_EMAIL }}
password: ${{ secrets.BITWARDEN_PASSWORD }}
client-id: ${{ secrets.BITWARDEN_CLIENT_ID }}
client-secret: ${{ secrets.BITWARDEN_CLIENT_SECRET }}
@@ -103,19 +89,3 @@ jobs:
echo "API Key is available as: $API_KEY"
# Your deployment commands here
```
## Error Handling
The action will:
- Continue processing other secrets if one fails to retrieve
- Log which secrets were successfully retrieved
- Log errors for failed secret retrievals
- Not fail the entire workflow if individual secrets cannot be retrieved
## Author
Jamie Schouten
## License
See repository license for details.

3
action.yml
View File

@@ -3,9 +3,6 @@ description: Authenticate with Bitwarden and retrieve dynamic secrets
author: Jamie Schouten
inputs:
email:
description: "Bitwarden email"
required: true
password:
description: "Bitwarden password"
required: true