Add readme

README.md

@@ -6,12 +6,21 @@ A Gitea Action for authenticating with Bitwarden and retrieving dynamic secrets
 
 Auth Warden provides a secure way to authenticate with a Bitwarden server and dynamically retrieve secrets stored as secure notes, making them available as environment variables in your Gitea Actions workflow.
 
+## Features
+
+- 🔐 Secure authentication with Bitwarden using API keys
+- 🌐 Support for custom Bitwarden servers
+- 📝 Retrieve secrets from Bitwarden secure notes
+- 🔄 Dynamic mapping of secrets to environment variables
+- 🛡️ Secure handling of sensitive data
+
 ## Usage
 
 ```yaml
 - name: Retrieve secrets from Bitwarden
-  uses: https://git.qlic.nl/actions/warden@v1
+  uses: ./path/to/auth-warden
   with:
+    email: ${{ secrets.BITWARDEN_EMAIL }}
     password: ${{ secrets.BITWARDEN_PASSWORD }}
     server: https://your-bitwarden-server.com
     client-id: ${{ secrets.BITWARDEN_CLIENT_ID }}
@@ -24,13 +33,14 @@ Auth Warden provides a secure way to authenticate with a Bitwarden server and dy
 
 ## Inputs
 
-| Input           | Description                                             | Required | Default                  |
+| Input | Description | Required | Default |
-|-----------------|---------------------------------------------------------|----------|--------------------------|
+|-------|-------------|----------|---------|
-| `password`      | Bitwarden account password                              | Yes      | -                        |
+| `email` | Bitwarden account email | Yes | - |
-| `server`        | Bitwarden server URL                                    | No       | `${{ vars.WARDEN_URL }}` |
+| `password` | Bitwarden account password | Yes | - |
-| `client-id`     | Bitwarden API client ID                                 | Yes      | -                        |
+| `server` | Bitwarden server URL | No | `${{ vars.WARDEN_URL }}` |
-| `client-secret` | Bitwarden API client secret                             | Yes      | -                        |
+| `client-id` | Bitwarden API client ID | Yes | - |
-| `secrets`       | List of secret mappings (format: `SECRET_ID > ENV_VAR`) | Yes      | -                        |
+| `client-secret` | Bitwarden API client secret | Yes | - |
+| `secrets` | List of secret mappings (format: `SECRET_ID > ENV_VAR`) | Yes | - |
 
 ## Secret Mapping Format
 
@@ -59,7 +69,10 @@ secrets: |
 
 ## Security Considerations
 
-- Store all sensitive inputs (password, client-id, client-secret) as Gitea repository secrets
+- Store all sensitive inputs (email, password, client-id, client-secret) as Gitea repository secrets
+- Use organization or repository variables for the server URL if it's not sensitive
+- The action automatically handles session management and cleanup
+- Retrieved secrets are securely added to the Gitea Actions environment
 
 ## Example Workflow
 
@@ -74,8 +87,9 @@ jobs:
       - uses: actions/checkout@v4
       
       - name: Retrieve secrets
-        uses: https://git.qlic.nl/actions/warden@v1
+        uses: ./path/to/auth-warden
         with:
+          email: ${{ secrets.BITWARDEN_EMAIL }}
           password: ${{ secrets.BITWARDEN_PASSWORD }}
           client-id: ${{ secrets.BITWARDEN_CLIENT_ID }}
           client-secret: ${{ secrets.BITWARDEN_CLIENT_SECRET }}
@@ -89,3 +103,19 @@ jobs:
           echo "API Key is available as: $API_KEY"
           # Your deployment commands here
 ```
+
+## Error Handling
+
+The action will:
+- Continue processing other secrets if one fails to retrieve
+- Log which secrets were successfully retrieved
+- Log errors for failed secret retrievals
+- Not fail the entire workflow if individual secrets cannot be retrieved
+
+## Author
+
+Jamie Schouten
+
+## License
+
+See repository license for details.

action.yml

@@ -3,6 +3,9 @@ description: Authenticate with Bitwarden and retrieve dynamic secrets
 author: Jamie Schouten
 
 inputs:
+  email:
+    description: "Bitwarden email"
+    required: true
   password:
     description: "Bitwarden password"
     required: true