Set custom Environment Variable names for secrets

operatorequals commented 2 years ago

Coming from Vault as a SecretsManager engine, I miss the Github Action feature that Vault implements as below:

<path> <key-irrelevant-in-AWS> | <ENV-VAR-name>

https://github.com/hashicorp/vault-action#key-syntax

This way, the action does not try to create a POSIX compatible EnvVar name, but takes what the user provides for the specific secret, and loads the value directly in ENV-VAR-name.

I would suggest a similar syntax where:

if no | is provided - the current behavior still happens (backward compatible)
if there is a | - the described behavior happens.

Example

- name: Read secrets from AWS Secrets Manager into environment variables
  uses: abhilash1in/aws-secrets-manager-action@v2.1.0
  with:
    secrets: |
      my_secret_1 | A_SECRET
      dev/secrets/* | B_SECRETS

jacobweberbowery commented 2 years ago

Does this work with the parse-json feature? That would be very useful to me.

operatorequals commented 2 years ago

Does this work with the parse-json feature? That would be very useful to me.

Added such support in this PR: https://github.com/abhilash1in/aws-secrets-manager-action/pull/44#issuecomment-1250784413

Cheers!

jacobweberbowery commented 2 years ago

Does this work with the parse-json feature? That would be very useful to me.

Added such support in this PR: #44 (comment)

Cheers!

That's great -- thanks!

abhilash1in / aws-secrets-manager-action

Set custom Environment Variable names for secrets #42

Example