Skip to content
/ github-actions-aws-s3-env Public

Fetch an env-formatted file from AWS S3, and populate your Github Workflow with its contents.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

someimportantcompany/github-actions-aws-s3-env

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

AWS S3 ENV

GitHub CICD Coverage

Fetch an .env-formatted file from AWS S3, and populate your Github Workflow with its contents. You can optionally prefix all variable names, or enable variable masking (for secrets).

Usage

# Required, to set AWS credentials for S3
- uses: aws-actions/configure-aws-credentials@v1

- uses: someimportantcompany/github-actions-aws-s3-env@v1
  with:
    from: s3://mybucket/path/to/prod.env
# env.HELLO=world
# env.HTTP_HOST=0.0.0.0
# env.SECRET_KEY=some-important-secret

- uses: someimportantcompany/github-actions-aws-s3-env@v1
  with:
    from: s3://mybucket/path/to/secret.env
    # prefix: MY_SECRETS_
    # masked: true

You must configure the AWS environment with aws-actions/configure-aws-credentials or equivalent, as you cannot fetch files from S3 without credentials (even public files).

Prefixing env vars

Prefix all env var keys, to avoid clashing with existing/other environment variables.

# Required, to set AWS credentials for S3
- uses: aws-actions/configure-aws-credentials@v1

- uses: someimportantcompany/github-actions-aws-s3-env@v1
  with:
    from: s3://mybucket/path/to/prod.env
    prefix: MYPROJECT_
# env.MYPROJECT_HELLO=world
# env.MYPROJECT_HTTP_HOST=0.0.0.0
# env.MYPROJECT_SECRET_KEY=some-important-secret

Masking env vars

Mask all env var values in the Github Workflow console, useful if this contains secrets.

# Required, to set AWS credentials for S3
- uses: aws-actions/configure-aws-credentials@v1

- uses: someimportantcompany/github-actions-aws-s3-env@v1
  with:
    from: s3://mybucket/path/to/secrets.env
    masked: true
# env.HELLO=*****
# env.HTTP_HOST=*******
# env.SECRET_KEY=*********************

Output as list

Instead of writing the env vars to the workflow environment, you can write the values to outputs instead. Useful if passing directly into other List arguments, such as docker/build-push-action's build-arg input.

# Required, to set AWS credentials for S3
- uses: aws-actions/configure-aws-credentials@v1

- uses: someimportantcompany/github-actions-aws-s3-env@v1
  id: env-vars
  with:
    from: s3://mybucket/path/to/build-args.env
    export-env: false
    export-outputs: true
# steps.env-vars.outputs.list: |
#   HELLO=world
#   HTTP_HOST=0.0.0.0
#   SECRET_KEY=some-important-secret

- uses: docker/build-push-action@v4
  with:
    tags: myproject/app:latest
    push: true
    build-args: ${{ steps.env-vars.outputs.list }}

Inputs

Key Description
from Required. An S3 url starting with s3://.
prefix Optionally prefix all injected environment keys to avoid clashing with existing env vars.
masked Optionally set to true to mask all values from output.
export-env Optionally set to false to not write the env vars to the current environment.
export-outputs Optionally set to true to write the env vars to outputs.list.

Notes

About

Fetch an env-formatted file from AWS S3, and populate your Github Workflow with its contents.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

Updated Release Latest
Mar 5, 2023

Languages