Skip to content

Commit

Permalink
Support Docker secrets
Browse files Browse the repository at this point in the history
  • Loading branch information
@andyundso
andyundso committed Mar 26, 2024
1 parent 39723b7 commit c9a5a80
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 7 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,9 @@ jobs:
uses: ./action
with:
compose-file: action/docker-compose.test.yml
secrets: |
- name: secret
value: ${{ secrets.SECRET }}
stack-name: david
ssh-user-at-host: [email protected]
ssh-port: 2222
Expand Down
16 changes: 10 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,16 +37,20 @@ jobs:
compose-file: docker-compose.yml
stack-name: my-app
ssh-user-at-host: [email protected]
secrets: |
- name: secret
value: ${{ secrets.SECRET }}
```
## Inputs
| Name | Description |
|--------------------|----------------------------------------------------------------|
| `compose-file` | Path to your docker compose definition inside the repository. |
| `stack-name` | Name of the Docker Stack that shoud be created on your server. |
| `ssh-user-at-host` | User@host to connect to (e.g. `[email protected]`) |
| `ssh-port` | SSH port to connect to. Defaults to 22 if not defined. |
| Name | Description |
|--------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `compose-file` | Path to your docker compose definition inside the repository. |
| `secrets` | Allows to define a YAML array of Docker secrets which should be created (not required). You need to define it as a multiline YAML string, as this is technically not supported by Actions directly. |
| `stack-name` | Name of the Docker Stack that shoud be created on your server. |
| `ssh-user-at-host` | User@host to connect to (e.g. `[email protected]`) |
| `ssh-port` | SSH port to connect to. Defaults to 22 if not defined. |

## License

Expand Down
18 changes: 17 additions & 1 deletion action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,18 @@ inputs:
description: 'Path to the docker-compose file'
required: true

secrets:
description: "Docker secrets to create during the stack"
required: false

stack-name:
description: 'Name of the stack to deploy'
required: true

ssh-user-at-host:
description: 'User@host to connect to'
required: true

ssh-port:
description: "Port to connect to with SSH"
required: false
Expand All @@ -43,6 +47,18 @@ runs:
run: docker node ls || docker swarm init
shell: bash

- name: Create secrets
run: |
echo "${{ inputs.secrets }}" | yq e '.[]' - | while IFS= read -r line; do
secret_name=$(echo "$line" | yq e '.name' -)
secret_value=$(echo "$line" | yq e '.value' -)
# Execute the Docker secret command
docker secret inspect "$secret_name" > /dev/null 2>&1 || echo "$secret_value" | docker secret create "$secret_name" -
done
shell: bash
if: "${{ inputs.secrets != '' }}"

- name: Pull docker-stack-wait image
run: docker pull sudobmitch/docker-stack-wait:v0.2.5
shell: bash
Expand Down
6 changes: 6 additions & 0 deletions docker-compose.test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,11 @@ services:
web:
image: "hashicorp/http-echo"
command: ["-listen", ":8080", "-text", "Hello World"]
secrets:
- secret
ports:
- 8080:8080

secrets:
secret:
external: true

0 comments on commit c9a5a80

Please sign in to comment.