akeyless-github-action/action.yml at main · akeyless-community/akeyless-github-action · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
name: 'Akeyless Authentication and fetching secrets'
description: 'Akeyless Authentication and fetching secrets'
branding:
  icon: 'lock'
  color: 'blue'
inputs:
  # Authentication input
  access-id:
    description: 'Akeyless Access ID, Unless token is provided, it is required.'
    required: false
  access-type:
    description: 'The method to use to authenticate with Akeyless Vault, Unless token is provided, it is required.'
    default: 'jwt'
    required: false
  token:
    description: 'Akeyless authentication token.'
    required: false
  api-url:
    description: 'The API endpoint to use, defaults to https://api.akeyless.io.'
    default: 'https://api.akeyless.io'
    required: false
  access-key:
    description: 'Akeyless Access Key'
    required: false
  gcp-audience:
    description: 'GCP audience to use in signed JWT (relevant only for access-type=gcp)'
    default: 'akeyless.io'
    required: false
  gateway-url:
    description: 'Gateway URL for the K8S authenticated (relevant only for access-type=k8s)'
    required: false
  k8s-auth-config-name:
    description: 'The K8S Auth config name (relevant only for access-type=k8s)'
    required: false
  ca-certificate:
    description: 'The CA certificate for the authentication to gateway'
    required: false

  # secrets input
  static-secrets:
    description: 'A YAML list representing static secrets to fetch'
    required: false
  dynamic-secrets:
    description: 'A YAML list representing dynamic secrets to fetch.'
    required: false
  rotated-secrets:
    description: 'A YAML list representing rotated secrets to fetch.'
    required: false
  ssh-certificates:
    description: 'A YAML list representing ssh certificates to fetch.'
    required: false
  pki-certificates:
    description: 'A YAML list representing pki certificates to fetch.'
    required: false
  export-secrets-to-outputs:
    description: 'True/False to denote if static/dynamic secrets should be exported as action outputs.'
    required: false
    default: true
  export-secrets-to-environment:
    description: 'True/False to denote if static/dynamic secrets should be exported as environment variables.'
    required: false
    default: true
  parse-json-secrets:
    required: false
    default: false
    description: 'True/False to denote if environment variables should be created for each key/value pair in the JSON of the secret.'


  create-secret-name:
    description: "Name of the new secret to create"
    required: false
  create-secret-value:
    description: "Value of the new secret to create"
    required: false


  update-secret-name:
    description: "Name of the existing secret to update"
    required: false
  update-secret-value:
    description: "New value to update the secret with"
    required: false


outputs:
  token:
    description: 'Akeyless Token'
runs:
  using: 'node20'
  main: 'dist/index.js'