Skip to content
/ k8s-yaml-action Public

Generates a valid k8s secret or configmap yaml from a list of inputs

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

and-fm/k8s-yaml-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

154 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 

Repository files navigation

k8s YAML Action

A simple and extendable action that can take in any number of secrets, basic auth, or plain text env vars, and generate a valid secret or configmap containing your input data.

Inputs

The following inputs can be used as step.with keys:

Name Type Default Required Description
name String true The name of the resource
namespace List true The k8s namespace the resource will be in
secrets List false List of secrets to pass in to generate a secret
basic_auth String false A username and password to generate a basic auth secret. E.g. bobby:iLikeTrains123
configmap_env List false List of vars to pass in to generate a configmap (same format as secrets)

Outputs

The following outputs can be accessed with steps.<step-id>.outputs.out_yaml :

Name Type Description
out_yaml K8s Yaml The resulting k8s yaml

Workflows

Branch protection rules require a PR before code can be merged into main. There are two PR workflows:

  • Dependency review will check upstream base Apline Linux image or Github Actions for updates. If there are High or Critical vulnerabilities found in feature branch, the workflow will fail.
  • Trivy scanner will check the built Docker image for vulnerabilities. If there's a High or Critical CVEs found in the image, the workflow will fail.

A successful merge into main will update the latest release and update the latest tagged container image uploaded to GitHub Packages.

Contributions

Any help keeping this repo healthy and secure would be appreciated!
Remaining in the to-do is automating semantic version releases in case users need to rollback to older, stable versions.

Usage

Here is an example deploy.yaml file to generate a generic secret from some secrets.
For generating a plain text insecure configmap, just pass your name value pairs into configmap_env instead of secrets

name: Create a secret
on: workflow_dispatch
jobs:
  create_secret:
    name: Create secret
    runs-on: ubuntu-latest
    steps:
      - name: Generate secret via kubectl
        uses: and-fm/k8s-yaml-action@main
        id: gen
        with:
          name: test-secrets
          namespace: test-dev
          secrets: |-
            SECRET_1:${{ secrets.SECRET_1 }}
            SECRET_2:${{ secrets.SECRET_2 }}
      - name: get secrets
        run: |
          echo "${{ steps.gen.outputs.out_yaml }}"

Here's an example for generating a basic auth secret:

name: Create a basic auth secret
on: workflow_dispatch
jobs:
  create_secret:
    name: Create secret
    runs-on: ubuntu-latest
    steps:
      - name: Generate secret via kubectl
        uses: and-fm/k8s-yaml-action@main
        id: gen
        with:
          name: test-secrets
          namespace: test-dev
          basic_auth: admin:${{ secrets.ADMIN_PASSWORD }}
      - name: get secrets
        run: |
          echo "${{ steps.gen.outputs.out_yaml }}"

About

Generates a valid k8s secret or configmap yaml from a list of inputs

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 11

v0.4.0 Latest
May 10, 2024
+ 10 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages