feat: support secrets in render task definition (#334)

* feat: support secrets in render task definition --------- Co-authored-by: Yehuda Cohen <[email protected]> Co-authored-by: Hector Grecco <[email protected]>
aws-actions · Oct 3, 2024 · bd39926 · bd39926
1 parent 2fe1cf6
commit bd39926
Show file tree

Hide file tree

Showing 6 changed files with 40,479 additions and 20,258 deletions.
diff --git a/README.md b/README.md
@@ -31,6 +31,7 @@ To insert the image URI `amazon/amazon-ecs-sample:latest` as the image for the `
         container-name: web
         image: amazon/amazon-ecs-sample:latest
         environment-variables: "LOG_LEVEL=info"
+        secrets: "SECRET_KEY=arn:aws:ssm:region:0123456789:parameter/secret"
 
     - name: Deploy to Amazon ECS service
       uses: aws-actions/amazon-ecs-deploy-task-definition@v2
@@ -59,6 +60,9 @@ input of the second:
         docker-labels: |
             SERVICE=service
             VERSION=version
+        secrets: |
+            SECRET_KEY=arn:aws:ssm:region:0123456789:parameter/secret
+            SECOND_SECRET_KEY=arn:aws:secretsmanager:us-east-1:0123456789:secret:secretName
 
     - name: Modify Amazon ECS task definition with second container
       id: render-app-container

diff --git a/action.yml b/action.yml
@@ -40,6 +40,9 @@ inputs:
   env-files:
     description: 'S3 object arns to set env variables onto the container. You can specify multiple files with multi-line YAML strings.'
     required: false
+  secrets:
+    description: 'Secrets to add to the container. Each secret is of the form KEY=valueFrom, where valueFrom is a secret arn. You can specify multiple secrets with multi-line YAML strings.'
+    required: false
 outputs:
   task-definition:
     description: 'The path to the rendered task definition file'