'How to parameterize secrets on GitHub Action
We have two branches in repository (dev/prd), each representing a deployment environment. Also we have GitHub action secrets for each branch, in dev branch it should be dev_react_api, in prd branch it should be prd_react_api.
Now we are working on a GitHub action workflow using these secrets secrets.dev_react_api and secrets.prd_react_api
Is there a solution to parameterize GitHub action secrets like the following ?
# only pseudo-code
env:
branch_name: github.ref
secrets["${env.branch_name}_react_api"]
githubSolution 1:[1]
You can use Environment Secrets for that.
First Goto: Settings -> Environments -> New Environment
Create a new environment and MAKE SURE your environment name matches your branch name
Now you can create any environment secrets that you want, now the trick is, you need two files to use Environment Secrets. First is the main.yml and the second is your (for example) deploy.yml
on:
push:
branches:
- main
- staging
- development
permissions: write-all
jobs:
deploy:
uses: ./.github/workflows/deploy.yml
with:
environment: ${{ github.ref_name }}
secrets:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
The second files that USES the environment:
name: Deployment
on:
workflow_call:
inputs:
environment:
required: true
type: string
secrets:
AWS_S3_BUCKET:
required: true
jobs:
deploy:
name: Deploy
environment: ${{ github.ref_name }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: jakejarvis/s3-sync-action@master
name: Deploy to S3
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
with:
args: --acl public-read --follow-symlinks --delete
Now you can create any number of environments with different parameters!
For more details see: https://github.com/olivatooo/github-actions-build-deploy-with-staging-production-environment/
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Jeremy Caney |