actions/warden
4
1
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

Add readme #2

Open
jamie wants to merge 1 commits from readme into main
pull from: readme
merge into: actions:main
Conversation 0 Commits 1 Files Changed 2 +91 -4
2 changed files with 91 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit eb48951d7f - Show all commits

92
README.md
View File

@@ -1 +1,91 @@
# Warden # Auth Warden
A Gitea Action for authenticating with Bitwarden and retrieving dynamic secrets for use in CI/CD workflows.
## Overview
Auth Warden provides a secure way to authenticate with a Bitwarden server and dynamically retrieve secrets stored as secure notes, making them available as environment variables in your Gitea Actions workflow.
## Usage
```yaml
- name: Retrieve secrets from Bitwarden
uses: https://git.qlic.nl/actions/warden@v1
with:
password: ${{ secrets.BITWARDEN_PASSWORD }}
server: https://your-bitwarden-server.com
client-id: ${{ secrets.BITWARDEN_CLIENT_ID }}
client-secret: ${{ secrets.BITWARDEN_CLIENT_SECRET }}
secrets: |
secret-id-1 > DATABASE_URL
secret-id-2 > API_KEY
secret-id-3 > WEBHOOK_SECRET
```
## Inputs
| Input | Description | Required | Default |
|-----------------|---------------------------------------------------------|----------|--------------------------|
| `password` | Bitwarden account password | Yes | - |
| `server` | Bitwarden server URL | No | `${{ vars.WARDEN_URL }}` |
| `client-id` | Bitwarden API client ID | Yes | - |
| `client-secret` | Bitwarden API client secret | Yes | - |
| `secrets` | List of secret mappings (format: `SECRET_ID > ENV_VAR`) | Yes | - |
## Secret Mapping Format
The `secrets` input expects a multiline string where each line contains a mapping in the format:
```
SECRET_ID > ENVIRONMENT_VARIABLE_NAME
```
- `SECRET_ID`: The ID of the secure note in Bitwarden
- `ENVIRONMENT_VARIABLE_NAME`: The name of the environment variable to create
Example:
```yaml
secrets: |
db-connection-string > DATABASE_URL
stripe-api-key > STRIPE_API_KEY
jwt-secret > JWT_SECRET
```
## Prerequisites
- Bitwarden CLI must be available in the runner environment
- Valid Bitwarden account with API access configured
- Secrets must be stored as secure notes in Bitwarden
## Security Considerations
- Store all sensitive inputs (password, client-id, client-secret) as Gitea repository secrets
## Example Workflow
```yaml
name: Deploy Application
on: [push]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Retrieve secrets
uses: https://git.qlic.nl/actions/warden@v1
with:
password: ${{ secrets.BITWARDEN_PASSWORD }}
client-id: ${{ secrets.BITWARDEN_CLIENT_ID }}
client-secret: ${{ secrets.BITWARDEN_CLIENT_SECRET }}
secrets: |
database-url > DATABASE_URL
api-key > API_KEY
- name: Deploy
run: |
echo "Database URL is available as: $DATABASE_URL"
echo "API Key is available as: $API_KEY"
# Your deployment commands here
```

3
action.yml
View File

@@ -3,9 +3,6 @@ description: Authenticate with Bitwarden and retrieve dynamic secrets
author: Jamie Schouten author: Jamie Schouten
inputs: inputs:
email:
description: "Bitwarden email"
required: true
password: password:
description: "Bitwarden password" description: "Bitwarden password"
required: true required: true