open-vault/website/content/docs/platform/github-actions.mdx
Ashlee M Boyer f3df55ad58
docs: Migrate link formats (#18696)
* Adding check-legacy-links-format workflow

* Adding test-link-rewrites workflow

* Updating docs-content-check-legacy-links-format hash

* Migrating links to new format

Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com>
2023-01-25 16:12:15 -08:00

46 lines
1.7 KiB
Plaintext

---
layout: docs
page_title: GitHub Actions
description: >-
GitHub Actions
---
# GitHub Actions
Workflows in GitHub Actions can make use of secrets stored in Vault by using a
[`vault-action`](https://github.com/marketplace/actions/vault-secrets) step.
## Example
Here is an example `vault-action` step in a workflow:
```yaml
jobs:
build:
# ...
steps:
# ...
- name: Import Secrets
uses: hashicorp/vault-action@v2.4.0
with:
url: https://vault.example.com:8200
token: ${{ secrets.VAULT_TOKEN }}
caCertificate: ${{ secrets.VAULT_CA_CERT }}
secrets: |
secret/data/ci/aws accessKey | AWS_ACCESS_KEY_ID ;
secret/data/ci/aws secretKey | AWS_SECRET_ACCESS_KEY ;
secret/data/ci npm_token
```
This example will authenticate to Vault instance at `https://vault.example.com:8200` with the GitHub secrets defined in
`VAULT_TOKEN` and `VAULT_CA_CERT`, and will add environment variables available for next steps in the workflow:
- The secret at path `secret/data/ci/aws` with the key `accessKey` available in the environment variable `AWS_ACCESS_KEY_ID`
- The secret at path `secret/data/ci/aws` with the key `secretKey` available in the environment variable `AWS_SECRET_ACCESS_KEY`
- The secret at path `secret/data/ci` with the key `npm_token` available in the environment variable `NPM_TOKEN`
## Further Information
For more information on using the `vault-action` GitHub Action, visit:
- [`vault-secrets` GitHub action documentation](https://github.com/marketplace/actions/vault-secrets)
- [Vault GitHub actions tutorial](/vault/tutorials/app-integration/github-actions)