Skip to content

hfaulds/varys

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
node_modules
node_modules
 
 
test
test
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Varys

Share your secrets publicly and securely. Use Varys to GPG encrypt a secret for multiple users, just check in their public key.

Usage

Set a repo up with a secret you want to share (in this case test_secret) and add this workflow file:

name: Varys
on:
  push:
    paths:
    - "test/publickeys/*"

jobs:
  varys:
    name: Varys
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - name: Run Varys
        uses: hfaulds/varys@master
        with:
          publicKeyDir: test/publickeys
          secret: ${{ secrets.test_secret }}
          output: test/secret
          githubToken: ${{ secrets.GITHUB_TOKEN }}

Create a key (for a further guide see https://help.github.com/en/github/authenticating-to-github/generating-a-new-gpg-key):

gpg --full-generate-key

Commit your key:

gpg --armor --export [email protected] > test/publickeys/example.gpg

The Action will now run (it may be advisable to only run this on master depending who has access to your repository).

Once the Action has finished it will commit an output file (in this case test/secret) which can be decrypted using your private key:

gpg --decrypt test/secret

Improvements

This should probably only run after a PR is merged (i.e. there is a change to a protected branch) and may want/need to create a PR instead of just pushing to master.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

5 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages